last executing test programs:

3.975612631s ago: executing program 2 (id=5964):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000052c8aa797d219e530000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b7000000000000009500000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000040)='fib6_table_lookup\x00', r1}, 0x18)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0900000004000000e27f00000100000002000000", @ANYRES32, @ANYBLOB="00000000000000000000deff0000020000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000180), &(0x7f0000000340)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x800000000000002, 0x0)
sendto$inet6(r4, 0x0, 0x5c4, 0x404c844, &(0x7f0000000540)={0xa, 0x4e24, 0x0, @local}, 0x1c)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x89f1, &(0x7f0000000080))

3.959187543s ago: executing program 2 (id=5965):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x1a00404, &(0x7f0000000080)={[{@grpquota}, {@noblock_validity}]}, 0x1, 0xbb6, &(0x7f0000000c00)="$eJzs3M1rXOUaAPDnnEy+c5v0crn3tggGpCqK07QpFbpqXYsKunDZmExKyPTDJIIJXaR1ry5EXBSkf4Lg3m5cCS7qQutfUMQiRTdtFyNnPtIxk5nEZDLHpr8fvDnve96TeZ4nJ5nzHpiTAJ5ak9mXNOJIRJxPIsbr+9OIGKj2hiLWa8c9vH91NmtJVCpv/5ZEEhEP7l+dbbxWUt+O1gdDEXH7tST+/VFr3OXVtcWZcrm0VB8fX7l45fjy6torCxdnLpQulC6dmn711PTp6eku1nr3yntfPPPDG89fv/nx1JufH/ouibMxVp9rrqNbJmNy42fSrBARM90OlpO+ej3NdSaFHBMCAKCjtGkN998Yj754vHgbj29/zDU5AAAAoCsqfREVAAAA4IBL3P8DAADAAdf4HMCD+1dnGy3fTyT01r1zETFRq7/xfHNtphDr1e1Q9EfEyO9JND/WmtS+bc8ms0hff1/KWmz3HPJwFwJusn4tIv6/1flPqvVPVJ/ibq0/jYipLsSf3DTu9e/fXuo/24X4edcPwNPp1rnahaz1+pfW1j+DtdHm619hi2vXbuR9/Wus/x62rP/SjfVfX5v131s7jHH00Uu32801r//e/eTnuSx+tt1TUX/DvWsRRwtb1Z9s1J+0qf/8DmOMzt690W4uqz+rt9F6XX/lZsSx6mqutf6GpNP/Jzo+v1AuTdW+bvH6q6c7x28+/1nL4jfuBXohO/8jsbvzf2WHMSb+9+uRdnPb15/+MpC8U+0N1Pd8OLOysnQiYiB5vXX/yc65NI5pvEZW/4vPdf7736r+7D1hvf5zyH57rtW32fj6ppijx05+tfv691dW/9wuz/+nO4zx5Tc33m83l3f9AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwZ0ogYiyQtbvTTtFiMGI2I/8RIWr68vPLy/OUPLs1lcxET0Z/OL5RLUxExXhsn2fhEtf94fHLTeDoiDkfEZ+PD1XFx9nJ5Lu/iAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2DAaEWORpMWISCPij/E0LRbzzgoAAADouom8EwAAAAD2nft/AAAAOPha7v8LfxkN9TIXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADqTDz966k0TE+pnhassM1Of6c80M2G/pzg4b2e88gN7ryzsBIDeFpn6lUqnkmArQY+7xgWSb+aG2M4NdzwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf64Xjty6k0TE+pnhassM1Of6c80M2G9p3gkAuenrNJlsuwN4ghXyTgDIjXt8oLayf1SpaZ0favudg3uOCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCTY6zakrQYEWm1n6bFYsS/ImIi+pP5hXJpKiIORcRP4/2D2fhE3kkDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQdcura4sz5XJpSUdHp4ud4ehZrOH6H3ObYwbbT3Xo5PzGBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABALpZX1xZnyuXS0nLemQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5W15dW5wpl0tL+9jJu0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLzZwAAAP//0L4Jug==")
r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
unshare(0x400)
r1 = timerfd_create(0x0, 0x80800)
timerfd_settime(r1, 0x3, &(0x7f0000000180)={{0x77359400}, {0x0, 0x3938700}}, &(0x7f0000000200))
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'bridge0\x00'})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00'}, 0x10)
socket$inet6(0xa, 0x3, 0xff)
unshare(0x30000000)
creat(0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x4}, {}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x18)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x800000009)

3.660813132s ago: executing program 2 (id=5966):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x3800480, &(0x7f0000002200), 0x45, 0x786, &(0x7f00000007c0)="$eJzs3d9rW2UfAPDvSX93e9/2hRd0XhUELYyldtZNwYuJFyI4GOi1W0mzMps2o0nHWgpuiOCNoOKFoDe79se889Yft/pfeCEbU7vhxAupnDRZszXpkq1J5vb5wGme5zwnfZ5vnnOe8yTnkATwyJpI/2QiDkTEB0nEWHV9EhEDlVR/xLGt7W5urOfSJYnNzdd/Syrb3NhYz0Xdc1L7qpnHI+L7dyMOZnbWW1pdW5gtFPLL1fxUefHsVGl17dCZxdn5/Hx+6cj0zMzho88dPbJ3sf7x09r+qx++8vRXx/5657HL7/+QxLHYXy2rj2OvTMRE9TUZSF/C27y815X1WLJ7cYM9gAdB2jF9W0d5HIix6KukmhjpZssAgE55OyI2m+lrWgIA/Kslzc//AMBDqfY5wI2N9Vxt6e0nEt117aWIGN6Kv3Z9c6ukv3rNbrhyHXT0RnLblZEkIsb3oP6JiPjsmze/SJfo0HVIgEYuXIyIU+MTO8f/ZMc9C+16poVtJu7IG/+ge75N5z/PN5r/ZW7Nf6LB/GeowbF7L+5+/Geu7EE1TaXzvxfr7m27WRd/1XhfNfefypxvIDl9ppBPx7b/RsRkDAyl+eld6pi8/vf1ZmX187/fP3rr87T+9HF7i8yV/qHbnzM3W569n5jrXbsY8UR/o/iTW/2fNJn/nmixjldfeO/TZmVp/Gm8tWVn/J21eSniqYb9v31HW7Lr/YlTld1hqrZTNPD1z5+MNqu/vv/TJa2/9l6gG9L+H909/vGk/n7NUvt1/Hhp7LtmZXePv/H+P5i8UUkPVtedny2Xl6cjBpPXdq4/vP3cWr62fRr/5JONj//d9v/0PeGpFuPvv/rrl/cef2el8c+11f/tJy7fXOhrVn9r/T9TSU1W17Qy/rXawPt57QAAAAAAAAAAAAAAAAAAAAAAAACgVZmI2B9JJnsrnclks1u/4f3/GM0UiqXywdPFlaW5qPxW9ngMZGpfdTlW932o09Xvw6/lD9+RfzYi/hcRHw+NVPLZXLEw1+vgAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBqX5Pf/0/9MtTr1gEAHTPc1+sWAADdNtzf6xYAAN023NbWIx1rBwDQPe2d/wGAh4HzPwA8epz/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6LATx4+ny+afG+u5ND93bnVloXju0Fy+tJBdXMllc8Xls9n5YnG+kM/miotN/9GFrYdCsXh2JpZWzk+V86XyVGl17eRicWWpfPLM4ux8/mR+oGuRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDrSqtrC7OFQn5ZQkKi7URc2DqOHpT27F0iBrdHiZGejU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD7p/AgAA//+mAybn")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
creat(&(0x7f0000000100)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f0000000540)='./bus\x00', 0x4000, 0x100)
preadv2(r1, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x100000}], 0x2, 0x0, 0x0, 0x0)

3.560300832s ago: executing program 2 (id=5968):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0xb5)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[], 0x48)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
symlink(&(0x7f0000000000)='.\x00', &(0x7f0000000100)='./file0\x00')
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r2}, 0x38)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xfe, 0x0, 0x7ffc9ffe}]})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000000400000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
set_mempolicy(0x8006, 0x0, 0x5)
syz_genetlink_get_family_id$fou(&(0x7f0000000280), 0xffffffffffffffff)
r4 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r4, 0x11b, 0x3, &(0x7f0000000380)=0x20000, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = epoll_create1(0x0)
r6 = timerfd_create(0x0, 0x0)
timerfd_settime(r6, 0x0, &(0x7f0000000200)={{}, {0x0, 0x989680}}, 0x0)
epoll_pwait(r5, &(0x7f0000000240)=[{}], 0x1, 0x7fffffff, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r6, &(0x7f00000001c0)={0x1})
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1018e58, &(0x7f00000001c0), 0x6, 0x642, &(0x7f0000000b40)="$eJzs3U1oG1ceAPD/SLZjO951sizLJrCsIYcEljh2Nmx299I0PTSHHgLNoZRSYmI7NVE+iB1o3EBt6KGFFkrptZRQKPTce8m9t1Joe+u5kJaS0kJbojKjUSLLkr9iSbbn94OR3rwZ6b2/Rk/zZsbPE0BhjaUPpYhDEQ8vJhGjDctGorZwLF/vwY93LqVTEtXq8z8kkeR59fWT/Hl/PjMYEV+cjfhLeXW587cXr0xVqjWvR5xYuHrjxPztxeNzV6cuz1yeuTZ58r+nTk/8b/LU5LbEuT9/3hcR77zxyn9mv6wcT+JMXOh/bTqa4tguYzEWD/MQG/P7IuJ0mmjxuew2eyCEQivn38f+iPhbjEY5m6sZjbm3e1o5oKOq5YgqUFDJZtt/2kGopz9Z9PMBu1a9H1A/tt/YcfCFDvdKuuf+07UDoNXx99XOjcRgdmw0/CBpODKqnds4sA3lp2X8fufwB+kUK85D/PJo6/RtQzntLC1HxN9bxZ9kdTuQRZrGX1pRjyQiJiJiIK/fM09Qh6Qh3YnzMGvZavyliDiTP6f5Z7dY/ljTfLfjB6CYsn1vuiNfShOP939p36Pe/4kW/Z+RFvuurej1/q99/6++vx/MzpGXmvph6ed2vvVb9jdnfPvWuffald/Y/0untPx6X7Ab7i9HHG6K/8002Lz/k8aftNj+6SoXz2ysjGe/+v5cu2W9jr96N+Joy+Ofx73SNLXG9ckTs3OVmYnaY8syPvv8pY/bld/r+NPtP9wm/obtX2p+XfqZ3NhgGZ+ev3u13bKReHmd+EvfDSS1482B7PGj4VenFhZuTkYMJM/lq9SesvyTa9elvk79PdL4jx1p3f5XfP+XV77PUP0ncwNuvHDlQbtljds/SWr1WG/7N1xMfljdYB3aSeOfXn/7r2r/ad67Gyzj5xdv/aPdsrW+/0NPEhgAAAAAAAAUUCm7BpuUxh+lS6Xx8dp42b/GcKlyfX7hX7PXb12bjjiW/T1kf6l+pXu0Np+k85P538PW5082zf87Ig5GxPvloWx+/NL1ynSvgwcAAAAAAAAAAAAAAAAAAIAdYn8+/r9+n+qfyrXx/0BBdPIGc8DOpv1DcWXtf9UtnoAiaLf/n+9yPYDu0/+H4tL+obi0fygu7R+KS/uH4tL+obi0fwAAAADYkw7+8943SUQs/X8om1ID+TIjgmBv619vhYHu1APovnKvKwD0zKNL/zr7UDjr9v9Tv+b/HLDz1QF6IGmVmXUOqms3/nsrXulwAgAAAAAAAAAAAAA66OihhvH/wyvH/29obACwa21i2N9yJ+sBdN8TDNgx1gd2Of/6H4pry8f4g9tbD6B3Wo7/b9C2ud9b75WbLQkAAAAAAAAAAAAAaGckm5LSeD4WeCRKpfHxiD9FxIHoT2bnKjMTEfHniPi63L8vnZ/sdaUBAAAAAAAAAAAAAAAAAABgj5m/vXhlqlKZudmY+G1Vzt5O1O+C2oWynopNviqS7n8sQxHR843SsURfQ04SsZRu+R1RsZvzsTOqkSV6/MMEAAAAAAAAAAAAAAAAAAAF1DD2uLXDH3a5RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQfY/v/78ykazKaU4cab+oKdHrGAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA3emPAAAA//+y+jZu")
umount2(&(0x7f00000002c0)='./file0\x00', 0x2)

1.811050943s ago: executing program 0 (id=5978):
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x20000000000002a5, &(0x7f0000000440)=ANY=[], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18)
r1 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r1, &(0x7f0000001240)=""/102400, 0x200000, 0x0)

1.707077443s ago: executing program 0 (id=5979):
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="00e27f000001000000e8bbd68edd6f7e00"/27, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
close(0x3)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000c0000000000008001000000", @ANYRES32, @ANYBLOB='\x00\x00\v'], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000080), 0x5, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000002300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001240)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d19f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981179186e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2a434b9048ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d6356e4450d043ed20d313cd56a56d2e4cdf26f19af9a41695a58a9b6b45af1ca939b18d7b57791b99cfc6ec2a0848c29fea4eb8b82395a38e8aca5ab4bfc2ad8acf2e51b766f8ecd16194ad41ec097082f7fa32179ef99dafa6c2aa206a25ddc33e6f0a09169eeff428c71f54e1dfcfcd7cfc8f6e169f11c47d504"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
socket$packet(0x11, 0x3, 0x300)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000002c0)=ANY=[@ANYRESHEX=r3, @ANYRES64=r1, @ANYRESHEX=0x0], 0x50)
eventfd(0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
socket$can_j1939(0x1d, 0x2, 0x7)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
bpf$MAP_CREATE(0x0, &(0x7f0000001640)=ANY=[@ANYBLOB="120000000a0000000800"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000300)={0xffffffffffffffff, &(0x7f0000001440), 0x0}, 0x20)
getsockopt$inet6_IPV6_IPSEC_POLICY(r3, 0x29, 0x22, &(0x7f0000000580)={{{@in=@dev, @in=@broadcast}}, {{@in=@loopback}, 0x0, @in6=@mcast1}}, &(0x7f0000000480)=0xe8)
connect$inet(0xffffffffffffffff, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc)=<r4=>0x0)
timer_settime(r4, 0x0, &(0x7f0000000240)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r5 = mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x0, 0x0)
mq_timedreceive(r5, &(0x7f000001d600)=""/102378, 0x2000, 0x3, 0x0)

1.685798766s ago: executing program 2 (id=5981):
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="00e27f000001000000e8bbd68edd6f7e00"/27, @ANYRES32, @ANYBLOB='\x00'/19, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/27], 0x50)
close(0x3)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000c0000000000008001000000", @ANYRES32, @ANYBLOB], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000080), 0x5, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000002300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001240)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d19f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981179186e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2a434b9048ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d6356e4450d043ed20d313cd56a56d2e4cdf26f19af9a41695a58a9b6b45af1ca939b18d7b57791b99cfc6ec2a0848c29fea4eb8b82395a38e8aca5ab4bfc2ad8acf2e51b766f8ecd16194ad41ec097082f7fa32179ef99dafa6c2aa206a25ddc33e6f0a09169eeff428c71f54e1dfcfcd7cfc8f6e169f11c47d504"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
socket$packet(0x11, 0x3, 0x300)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000002c0)=ANY=[@ANYRESHEX=r3, @ANYRES64=r1, @ANYRESHEX=0x0], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
socket$can_j1939(0x1d, 0x2, 0x7)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001640)=ANY=[@ANYBLOB="120000000a0000000800000002"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r4}, &(0x7f0000000200), &(0x7f0000000100)}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0xd, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000611218003f8ca8b8de54dacf00000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
connect$inet(0xffffffffffffffff, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = gettid()
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc)=<r6=>0x0)
timer_settime(r6, 0x0, &(0x7f0000000240)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r7 = mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f000001d600)=""/102378, 0x2000, 0x3, 0x0)

1.666006807s ago: executing program 1 (id=5982):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x27}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@newlink={0x48, 0x10, 0x1, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x48978, 0x13}, [@IFLA_VFINFO_LIST={0x8, 0x16, 0x0, 0x1, [{0x4}]}, @IFLA_IFNAME={0x14, 0x3, 'team0\x00'}, @IFLA_ADDRESS={0xa, 0x1, @remote}]}, 0x48}, 0x1, 0x0, 0x0, 0x40801}, 0x4000000)
r3 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)

1.628725301s ago: executing program 1 (id=5984):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8b}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180200000000008400"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010328bd7000fedbdf251c", @ANYRES32], 0x20}}, 0x10)

1.628312431s ago: executing program 1 (id=5985):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008020000"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7030000003e740085"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = socket$packet(0x11, 0x2, 0x300)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000780), r4)
getsockname$packet(r4, &(0x7f0000000300)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="4400000010000104001007fb5c360dff9fe30000", @ANYRES32=r5, @ANYBLOB="0100000000000000240012000c000100627269646765000e140002000800070005"], 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendto$packet(r2, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0x11, 0x8100, r5, 0x1, 0x0, 0x6, @local}, 0x14)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000080)={'syztnl2\x00', &(0x7f0000000100)={'ip6gre0\x00', r5, 0x0, 0xd, 0x9, 0x4, 0x5b, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, @loopback, 0x700, 0x10, 0x5, 0xd942}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800e00010069703665727370616e0000002000028006000200300000001400060000000000000000000000ffff7f00000108000a00", @ANYRESOCT], 0x5c}}, 0x0)

1.580502946s ago: executing program 1 (id=5986):
inotify_rm_watch(0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = io_uring_setup(0x100b91, &(0x7f0000000180)={0x0, 0x2c3c, 0x4, 0x2, 0x381})
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r3}, 0x38)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4, 0x0, 0x2}, 0x18)
clock_getres(0x9, 0x0)
sendmsg$inet(r2, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)=[{&(0x7f00000042c0)="86", 0xff0f}], 0x1}, 0x0)
recvmsg(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000600)=""/203, 0xcb}], 0x1}, 0x0)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001200), 0x42801, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$TCSBRKP(r5, 0x5425, 0x6)
close_range(r0, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r6 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r6, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0xffff, @remote}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f00000004c0)="1ed8b7f9d457", 0x14}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000890b040a0101027f00000100000000001c000000000000000000000008"], 0x40}, 0x20000000)
ioctl$sock_SIOCADDRT(r6, 0x890b, &(0x7f0000000440)={0x0, @llc={0x1a, 0x338, 0xf8, 0x3, 0x10, 0xc2}, @ethernet={0x306, @multicast}, @generic={0x2c, "b51a9afdc597cff9fc6e20121583"}, 0x8e, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000200)='geneve0\x00', 0x6, 0x0, 0x2})
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000000)={0x2042, 0x4, 0x1}, 0x10)
r7 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r7, 0x107, 0x12, &(0x7f0000000000), 0x8)

1.456343588s ago: executing program 3 (id=5990):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x1a00404, &(0x7f0000000080)={[{@grpquota}, {@noblock_validity}]}, 0x1, 0xbb6, &(0x7f0000000c00)="$eJzs3M1rXOUaAPDnnEy+c5v0crn3tggGpCqK07QpFbpqXYsKunDZmExKyPTDJIIJXaR1ry5EXBSkf4Lg3m5cCS7qQutfUMQiRTdtFyNnPtIxk5nEZDLHpr8fvDnve96TeZ4nJ5nzHpiTAJ5ak9mXNOJIRJxPIsbr+9OIGKj2hiLWa8c9vH91NmtJVCpv/5ZEEhEP7l+dbbxWUt+O1gdDEXH7tST+/VFr3OXVtcWZcrm0VB8fX7l45fjy6torCxdnLpQulC6dmn711PTp6eku1nr3yntfPPPDG89fv/nx1JufH/ouibMxVp9rrqNbJmNy42fSrBARM90OlpO+ej3NdSaFHBMCAKCjtGkN998Yj754vHgbj29/zDU5AAAAoCsqfREVAAAA4IBL3P8DAADAAdf4HMCD+1dnGy3fTyT01r1zETFRq7/xfHNtphDr1e1Q9EfEyO9JND/WmtS+bc8ms0hff1/KWmz3HPJwFwJusn4tIv6/1flPqvVPVJ/ibq0/jYipLsSf3DTu9e/fXuo/24X4edcPwNPp1rnahaz1+pfW1j+DtdHm619hi2vXbuR9/Wus/x62rP/SjfVfX5v131s7jHH00Uu32801r//e/eTnuSx+tt1TUX/DvWsRRwtb1Z9s1J+0qf/8DmOMzt690W4uqz+rt9F6XX/lZsSx6mqutf6GpNP/Jzo+v1AuTdW+bvH6q6c7x28+/1nL4jfuBXohO/8jsbvzf2WHMSb+9+uRdnPb15/+MpC8U+0N1Pd8OLOysnQiYiB5vXX/yc65NI5pvEZW/4vPdf7736r+7D1hvf5zyH57rtW32fj6ppijx05+tfv691dW/9wuz/+nO4zx5Tc33m83l3f9AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwZ0ogYiyQtbvTTtFiMGI2I/8RIWr68vPLy/OUPLs1lcxET0Z/OL5RLUxExXhsn2fhEtf94fHLTeDoiDkfEZ+PD1XFx9nJ5Lu/iAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2DAaEWORpMWISCPij/E0LRbzzgoAAADouom8EwAAAAD2nft/AAAAOPha7v8LfxkN9TIXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADqTDz966k0TE+pnhassM1Of6c80M2G/pzg4b2e88gN7ryzsBIDeFpn6lUqnkmArQY+7xgWSb+aG2M4NdzwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf64Xjty6k0TE+pnhassM1Of6c80M2G9p3gkAuenrNJlsuwN4ghXyTgDIjXt8oLayf1SpaZ0favudg3uOCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCTY6zakrQYEWm1n6bFYsS/ImIi+pP5hXJpKiIORcRP4/2D2fhE3kkDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQdcura4sz5XJpSUdHp4ud4ehZrOH6H3ObYwbbT3Xo5PzGBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABALpZX1xZnyuXS0nLemQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5W15dW5wpl0tL+9jJu0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLzZwAAAP//0L4Jug==")
r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f00000000c0), 0x0, 0x9000)
r1 = open(&(0x7f0000000240)='./file2\x00', 0x145142, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='gtp\x00')
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r2}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x4}, {}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendfile(r1, r1, 0x0, 0x800000009)

1.402440683s ago: executing program 3 (id=5992):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x1a00404, &(0x7f0000000080)={[{@grpquota}, {@noblock_validity}]}, 0x1, 0xbb6, &(0x7f0000000c00)="$eJzs3M1rXOUaAPDnnEy+c5v0crn3tggGpCqK07QpFbpqXYsKunDZmExKyPTDJIIJXaR1ry5EXBSkf4Lg3m5cCS7qQutfUMQiRTdtFyNnPtIxk5nEZDLHpr8fvDnve96TeZ4nJ5nzHpiTAJ5ak9mXNOJIRJxPIsbr+9OIGKj2hiLWa8c9vH91NmtJVCpv/5ZEEhEP7l+dbbxWUt+O1gdDEXH7tST+/VFr3OXVtcWZcrm0VB8fX7l45fjy6torCxdnLpQulC6dmn711PTp6eku1nr3yntfPPPDG89fv/nx1JufH/ouibMxVp9rrqNbJmNy42fSrBARM90OlpO+ej3NdSaFHBMCAKCjtGkN998Yj754vHgbj29/zDU5AAAAoCsqfREVAAAA4IBL3P8DAADAAdf4HMCD+1dnGy3fTyT01r1zETFRq7/xfHNtphDr1e1Q9EfEyO9JND/WmtS+bc8ms0hff1/KWmz3HPJwFwJusn4tIv6/1flPqvVPVJ/ibq0/jYipLsSf3DTu9e/fXuo/24X4edcPwNPp1rnahaz1+pfW1j+DtdHm619hi2vXbuR9/Wus/x62rP/SjfVfX5v131s7jHH00Uu32801r//e/eTnuSx+tt1TUX/DvWsRRwtb1Z9s1J+0qf/8DmOMzt690W4uqz+rt9F6XX/lZsSx6mqutf6GpNP/Jzo+v1AuTdW+bvH6q6c7x28+/1nL4jfuBXohO/8jsbvzf2WHMSb+9+uRdnPb15/+MpC8U+0N1Pd8OLOysnQiYiB5vXX/yc65NI5pvEZW/4vPdf7736r+7D1hvf5zyH57rtW32fj6ppijx05+tfv691dW/9wuz/+nO4zx5Tc33m83l3f9AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwZ0ogYiyQtbvTTtFiMGI2I/8RIWr68vPLy/OUPLs1lcxET0Z/OL5RLUxExXhsn2fhEtf94fHLTeDoiDkfEZ+PD1XFx9nJ5Lu/iAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2DAaEWORpMWISCPij/E0LRbzzgoAAADouom8EwAAAAD2nft/AAAAOPha7v8LfxkN9TIXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADqTDz966k0TE+pnhassM1Of6c80M2G/pzg4b2e88gN7ryzsBIDeFpn6lUqnkmArQY+7xgWSb+aG2M4NdzwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf64Xjty6k0TE+pnhassM1Of6c80M2G9p3gkAuenrNJlsuwN4ghXyTgDIjXt8oLayf1SpaZ0favudg3uOCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCTY6zakrQYEWm1n6bFYsS/ImIi+pP5hXJpKiIORcRP4/2D2fhE3kkDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQdcura4sz5XJpSUdHp4ud4ehZrOH6H3ObYwbbT3Xo5PzGBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABALpZX1xZnyuXS0nLemQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5W15dW5wpl0tL+9jJu0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLzZwAAAP//0L4Jug==")
r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
unshare(0x400)
timerfd_create(0x0, 0x80800)
r1 = open(&(0x7f0000000240)='./file2\x00', 0x145142, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'bridge0\x00'})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00'}, 0x10)
socket$inet6(0xa, 0x3, 0xff)
unshare(0x30000000)
creat(0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x4}, {}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x18)
sendfile(r1, r1, 0x0, 0x800000009)

1.158183587s ago: executing program 3 (id=5997):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x1a00404, &(0x7f0000000080)={[{@grpquota}, {@noblock_validity}]}, 0x1, 0xbb6, &(0x7f0000000c00)="$eJzs3M1rXOUaAPDnnEy+c5v0crn3tggGpCqK07QpFbpqXYsKunDZmExKyPTDJIIJXaR1ry5EXBSkf4Lg3m5cCS7qQutfUMQiRTdtFyNnPtIxk5nEZDLHpr8fvDnve96TeZ4nJ5nzHpiTAJ5ak9mXNOJIRJxPIsbr+9OIGKj2hiLWa8c9vH91NmtJVCpv/5ZEEhEP7l+dbbxWUt+O1gdDEXH7tST+/VFr3OXVtcWZcrm0VB8fX7l45fjy6torCxdnLpQulC6dmn711PTp6eku1nr3yntfPPPDG89fv/nx1JufH/ouibMxVp9rrqNbJmNy42fSrBARM90OlpO+ej3NdSaFHBMCAKCjtGkN998Yj754vHgbj29/zDU5AAAAoCsqfREVAAAA4IBL3P8DAADAAdf4HMCD+1dnGy3fTyT01r1zETFRq7/xfHNtphDr1e1Q9EfEyO9JND/WmtS+bc8ms0hff1/KWmz3HPJwFwJusn4tIv6/1flPqvVPVJ/ibq0/jYipLsSf3DTu9e/fXuo/24X4edcPwNPp1rnahaz1+pfW1j+DtdHm619hi2vXbuR9/Wus/x62rP/SjfVfX5v131s7jHH00Uu32801r//e/eTnuSx+tt1TUX/DvWsRRwtb1Z9s1J+0qf/8DmOMzt690W4uqz+rt9F6XX/lZsSx6mqutf6GpNP/Jzo+v1AuTdW+bvH6q6c7x28+/1nL4jfuBXohO/8jsbvzf2WHMSb+9+uRdnPb15/+MpC8U+0N1Pd8OLOysnQiYiB5vXX/yc65NI5pvEZW/4vPdf7736r+7D1hvf5zyH57rtW32fj6ppijx05+tfv691dW/9wuz/+nO4zx5Tc33m83l3f9AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwZ0ogYiyQtbvTTtFiMGI2I/8RIWr68vPLy/OUPLs1lcxET0Z/OL5RLUxExXhsn2fhEtf94fHLTeDoiDkfEZ+PD1XFx9nJ5Lu/iAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2DAaEWORpMWISCPij/E0LRbzzgoAAADouom8EwAAAAD2nft/AAAAOPha7v8LfxkN9TIXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADqTDz966k0TE+pnhassM1Of6c80M2G/pzg4b2e88gN7ryzsBIDeFpn6lUqnkmArQY+7xgWSb+aG2M4NdzwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf64Xjty6k0TE+pnhassM1Of6c80M2G9p3gkAuenrNJlsuwN4ghXyTgDIjXt8oLayf1SpaZ0favudg3uOCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCTY6zakrQYEWm1n6bFYsS/ImIi+pP5hXJpKiIORcRP4/2D2fhE3kkDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQdcura4sz5XJpSUdHp4ud4ehZrOH6H3ObYwbbT3Xo5PzGBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABALpZX1xZnyuXS0nLemQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5W15dW5wpl0tL+9jJu0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLzZwAAAP//0L4Jug==")
r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
unshare(0x400)
timerfd_create(0x0, 0x80800)
r1 = open(&(0x7f0000000240)='./file2\x00', 0x145142, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'bridge0\x00'})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00'}, 0x10)
socket$inet6(0xa, 0x3, 0xff)
unshare(0x30000000)
creat(0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x4}, {}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x18)
sendfile(r1, r1, 0x0, 0x800000009)

987.083724ms ago: executing program 4 (id=5998):
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000880, 0x0, 0x1, 0x0, &(0x7f0000000000))
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)) (fail_nth: 2)

744.085018ms ago: executing program 4 (id=5999):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0xba0660c4a32a97d3, &(0x7f0000000000)=[{0x8, 0x0, 0xff}, {0x5, 0x3, 0x9}, {0x2, 0x1, 0x0, 0xfffffffc}, {0x6, 0x0, 0x0, 0x400}]})

743.602728ms ago: executing program 1 (id=6000):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffffd}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
kexec_load(0x4, 0xa, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.avg_queue_size\x00', 0x26e1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000040)={<r2=>0xffffffffffffffff}, 0x2, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r1, &(0x7f00000002c0)={0xe, 0x18, 0xfa00, @id_resuseaddr={0x0, r2, 0x0, 0x7ffffffe}}, 0x20)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
openat$vsock(0xffffffffffffff9c, &(0x7f0000000240), 0x230141, 0x0)
write$cgroup_subtree(r0, &(0x7f00000006c0)=ANY=[], 0xcfa4)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
accept4$inet6(r3, 0x0, 0x0, 0x80800)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=ANY=[], 0x28}}, 0x800)

723.54488ms ago: executing program 2 (id=6001):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0xb5)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[], 0x48)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
symlink(&(0x7f0000000000)='.\x00', &(0x7f0000000100)='./file0\x00')
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r2}, 0x38)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xfe, 0x0, 0x7ffc9ffe}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
set_mempolicy(0x8006, 0x0, 0x5)
syz_genetlink_get_family_id$fou(&(0x7f0000000280), 0xffffffffffffffff)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r3, 0x11b, 0x3, &(0x7f0000000380)=0x20000, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = timerfd_create(0x0, 0x0)
timerfd_settime(r4, 0x0, &(0x7f0000000200)={{}, {0x0, 0x989680}}, 0x0)
epoll_pwait(0xffffffffffffffff, &(0x7f0000000240)=[{}], 0x1, 0x7fffffff, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r4, &(0x7f00000001c0)={0x1})
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1018e58, &(0x7f00000001c0), 0x6, 0x642, &(0x7f0000000b40)="$eJzs3U1oG1ceAPD/SLZjO951sizLJrCsIYcEljh2Nmx299I0PTSHHgLNoZRSYmI7NVE+iB1o3EBt6KGFFkrptZRQKPTce8m9t1Joe+u5kJaS0kJbojKjUSLLkr9iSbbn94OR3rwZ6b2/Rk/zZsbPE0BhjaUPpYhDEQ8vJhGjDctGorZwLF/vwY93LqVTEtXq8z8kkeR59fWT/Hl/PjMYEV+cjfhLeXW587cXr0xVqjWvR5xYuHrjxPztxeNzV6cuz1yeuTZ58r+nTk/8b/LU5LbEuT9/3hcR77zxyn9mv6wcT+JMXOh/bTqa4tguYzEWD/MQG/P7IuJ0mmjxuew2eyCEQivn38f+iPhbjEY5m6sZjbm3e1o5oKOq5YgqUFDJZtt/2kGopz9Z9PMBu1a9H1A/tt/YcfCFDvdKuuf+07UDoNXx99XOjcRgdmw0/CBpODKqnds4sA3lp2X8fufwB+kUK85D/PJo6/RtQzntLC1HxN9bxZ9kdTuQRZrGX1pRjyQiJiJiIK/fM09Qh6Qh3YnzMGvZavyliDiTP6f5Z7dY/ljTfLfjB6CYsn1vuiNfShOP939p36Pe/4kW/Z+RFvuurej1/q99/6++vx/MzpGXmvph6ed2vvVb9jdnfPvWuffald/Y/0untPx6X7Ab7i9HHG6K/8002Lz/k8aftNj+6SoXz2ysjGe/+v5cu2W9jr96N+Joy+Ofx73SNLXG9ckTs3OVmYnaY8syPvv8pY/bld/r+NPtP9wm/obtX2p+XfqZ3NhgGZ+ev3u13bKReHmd+EvfDSS1482B7PGj4VenFhZuTkYMJM/lq9SesvyTa9elvk79PdL4jx1p3f5XfP+XV77PUP0ncwNuvHDlQbtljds/SWr1WG/7N1xMfljdYB3aSeOfXn/7r2r/ad67Gyzj5xdv/aPdsrW+/0NPEhgAAAAAAAAUUCm7BpuUxh+lS6Xx8dp42b/GcKlyfX7hX7PXb12bjjiW/T1kf6l+pXu0Np+k85P538PW5082zf87Ig5GxPvloWx+/NL1ynSvgwcAAAAAAAAAAAAAAAAAAIAdYn8+/r9+n+qfyrXx/0BBdPIGc8DOpv1DcWXtf9UtnoAiaLf/n+9yPYDu0/+H4tL+obi0fygu7R+KS/uH4tL+obi0fwAAAADYkw7+8943SUQs/X8om1ID+TIjgmBv619vhYHu1APovnKvKwD0zKNL/zr7UDjr9v9Tv+b/HLDz1QF6IGmVmXUOqms3/nsrXulwAgAAAAAAAAAAAAA66OihhvH/wyvH/29obACwa21i2N9yJ+sBdN8TDNgx1gd2Of/6H4pry8f4g9tbD6B3Wo7/b9C2ud9b75WbLQkAAAAAAAAAAAAAaGckm5LSeD4WeCRKpfHxiD9FxIHoT2bnKjMTEfHniPi63L8vnZ/sdaUBAAAAAAAAAAAAAAAAAABgj5m/vXhlqlKZudmY+G1Vzt5O1O+C2oWynopNviqS7n8sQxHR843SsURfQ04SsZRu+R1RsZvzsTOqkSV6/MMEAAAAAAAAAAAAAAAAAAAF1DD2uLXDH3a5RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQfY/v/78ykazKaU4cab+oKdHrGAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA3emPAAAA//+y+jZu")
umount2(&(0x7f00000002c0)='./file0\x00', 0x2)

722.89159ms ago: executing program 3 (id=6002):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, @perf_bp={0x0, 0x2}, 0x0, 0x10000, 0x0, 0x6, 0x4008, 0xd, 0x4, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x18, 0x7, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000e50003000000000085100000fcffffff250000001000000006000000faffffff"], &(0x7f0000000140)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000}, 0x94)

676.816544ms ago: executing program 4 (id=6003):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x3800480, &(0x7f0000002200), 0x45, 0x786, &(0x7f00000007c0)="$eJzs3d9rW2UfAPDvSX93e9/2hRd0XhUELYyldtZNwYuJFyI4GOi1W0mzMps2o0nHWgpuiOCNoOKFoDe79se889Yft/pfeCEbU7vhxAupnDRZszXpkq1J5vb5wGme5zwnfZ5vnnOe8yTnkATwyJpI/2QiDkTEB0nEWHV9EhEDlVR/xLGt7W5urOfSJYnNzdd/Syrb3NhYz0Xdc1L7qpnHI+L7dyMOZnbWW1pdW5gtFPLL1fxUefHsVGl17dCZxdn5/Hx+6cj0zMzho88dPbJ3sf7x09r+qx++8vRXx/5657HL7/+QxLHYXy2rj2OvTMRE9TUZSF/C27y815X1WLJ7cYM9gAdB2jF9W0d5HIix6KukmhjpZssAgE55OyI2m+lrWgIA/Kslzc//AMBDqfY5wI2N9Vxt6e0nEt117aWIGN6Kv3Z9c6ukv3rNbrhyHXT0RnLblZEkIsb3oP6JiPjsmze/SJfo0HVIgEYuXIyIU+MTO8f/ZMc9C+16poVtJu7IG/+ge75N5z/PN5r/ZW7Nf6LB/GeowbF7L+5+/Geu7EE1TaXzvxfr7m27WRd/1XhfNfefypxvIDl9ppBPx7b/RsRkDAyl+eld6pi8/vf1ZmX187/fP3rr87T+9HF7i8yV/qHbnzM3W569n5jrXbsY8UR/o/iTW/2fNJn/nmixjldfeO/TZmVp/Gm8tWVn/J21eSniqYb9v31HW7Lr/YlTld1hqrZTNPD1z5+MNqu/vv/TJa2/9l6gG9L+H909/vGk/n7NUvt1/Hhp7LtmZXePv/H+P5i8UUkPVtedny2Xl6cjBpPXdq4/vP3cWr62fRr/5JONj//d9v/0PeGpFuPvv/rrl/cef2el8c+11f/tJy7fXOhrVn9r/T9TSU1W17Qy/rXawPt57QAAAAAAAAAAAAAAAAAAAAAAAACgVZmI2B9JJnsrnclks1u/4f3/GM0UiqXywdPFlaW5qPxW9ngMZGpfdTlW932o09Xvw6/lD9+RfzYi/hcRHw+NVPLZXLEw1+vgAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBqX5Pf/0/9MtTr1gEAHTPc1+sWAADdNtzf6xYAAN023NbWIx1rBwDQPe2d/wGAh4HzPwA8epz/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6LATx4+ny+afG+u5ND93bnVloXju0Fy+tJBdXMllc8Xls9n5YnG+kM/miotN/9GFrYdCsXh2JpZWzk+V86XyVGl17eRicWWpfPLM4ux8/mR+oGuRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDrSqtrC7OFQn5ZQkKi7URc2DqOHpT27F0iBrdHiZGejU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD7p/AgAA//+mAybn")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
creat(0x0, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r2 = open(&(0x7f0000000540)='./bus\x00', 0x4000, 0x100)
preadv2(r2, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x100000}], 0x2, 0x0, 0x0, 0x0)

556.834566ms ago: executing program 0 (id=6004):
inotify_rm_watch(0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
io_uring_setup(0x100b91, &(0x7f0000000180)={0x0, 0x2c3c, 0x4, 0x2, 0x381})
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000340))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x2}, 0x18)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000000), 0x8)

556.338426ms ago: executing program 1 (id=6005):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008f50850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x16, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a80)={{r2}, &(0x7f0000000a00), &(0x7f0000000400)=r1}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r2}, &(0x7f0000000880), &(0x7f00000008c0)=r1}, 0x20)
r3 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r3, &(0x7f0000000680)={&(0x7f0000000140)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000180)='W', 0xfe8a}], 0x1}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
r5 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r5, 0x0, 0x5)
fchdir(r6)

423.094559ms ago: executing program 0 (id=6006):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
getsockname(r0, &(0x7f00000014c0)=@ll={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000001540)=0x80)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000600)=@deltfilter={0x240, 0x2d, 0x1, 0x800000, 0x25dfdbfb, {0x0, 0x0, 0x0, r1, {0xfff1, 0xd}, {0x10}, {0x0, 0xffff}}, [@filter_kind_options=@f_basic={{0xa}, {0x210, 0x2, [@TCA_BASIC_CLASSID={0x8, 0x1, {0x8, 0x1}}, @TCA_BASIC_POLICE={0x10, 0x4, [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x4}]}, @TCA_BASIC_POLICE={0x18, 0x4, [@TCA_POLICE_AVRATE={0x8, 0x4, 0x892}, @TCA_POLICE_RATE64={0xc, 0x8, 0x9}]}, @TCA_BASIC_ACT={0x1dc, 0x3, [@m_connmark={0x1d8, 0x1a, 0x0, 0x0, {{0xd}, {0xc8, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x8000, 0xfffffff8, 0x3, 0x4, 0xe7}, 0x4}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0xc7b, 0x5, 0x7, 0xfb02, 0x10}, 0x7}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x101, 0x0, 0x6, 0x4, 0x3}, 0x401}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x4, 0x2, 0x5, 0x25, 0x6}, 0x6}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x8001, 0xc, 0x6, 0x1, 0x6}, 0x5}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x2, 0x2, 0x3, 0xd, 0x7f}, 0x7}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x9, 0x5, 0x15f179f3d70de0c4, 0x4, 0x7}, 0x6}}]}, {0xe3, 0x6, "5427be269bcc2f0b4d628f199a79fed5e0fea19c57ed7b0f15b7bfe6157e592af4bcbb71b0b944bad5b2807f4c990d239827f47e31fb17e326eedfb5e79f5ad53239e455d21386fff64325735bfe2294e450d72cf500f176fd7f4b1a8e92a07a7221ee1a4d007fee502cc6b71044f4077c27ac4f8815ff55b60c2f8c79b94d36fc74790ef8a29171ac7a85337d20ee969ec434b11a15ef1bf4879ba7a8d8fba38553795a24e4378f20907f3923efc6930c2a061484a7d58e8064e0d62befede75261ee839a935bdf917da0e43bbbc9d148456b5d14c841773852f7f57a15e2"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x2}}}}]}]}}]}, 0x240}, 0x1, 0x0, 0x0, 0x4000840}, 0x80)

338.577087ms ago: executing program 4 (id=6007):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000200)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0], &(0x7f0000000180)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
close(r2)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r4=>0x0]}, &(0x7f0000000240)=0x8)
sendmsg$inet_sctp(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000440)="be6f88e904006dd2bd0117c586023380ec289d6c15d3fc0fb99d7337093227523ac2fe6bc9040e01b630dcecf43a9dc2ec73ca8323adbd5e3a0b91ebec615dfb1a23c01b1977a0b14dc32cafe1a70aaa8fb8a3683c7a114b56dd7f22da4178ffd809abddedaa6dfd4637286f12610033f3a62b203f7432b1ce1d701f3b38d77f0fd821733693a34566fd7aba12f7c8f6ff8092e2028fafa4bf4fa980508d371217af62f17c4eac6032968e543fd5a565b8efc372aa05a1b5add6c58ac7d8f828a9bfcb1081ffaecb10e29000"/219, 0xfe98}], 0x1, &(0x7f00000000c0)=ANY=[@ANYBLOB="2000000000000000840000000200000006000400280100000b008002", @ANYRES32=r4], 0x20, 0x6044}, 0x6)

337.052947ms ago: executing program 3 (id=6008):
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r0 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$IPVS_CMD_NEW_SERVICE(r0, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000200)={&(0x7f0000000100)={0xe8, 0x0, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_SERVICE={0xc, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xb}, @IPVS_CMD_ATTR_DEST={0x44, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x4}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x81}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e23}, @IPVS_DEST_ATTR_TUN_TYPE={0x5, 0xd, 0x1}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0xffffffff}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0xa}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x200}]}, @IPVS_CMD_ATTR_SERVICE={0x2c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x5b}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x7f}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x3b}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0xd}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x1}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x4}]}, @IPVS_CMD_ATTR_SERVICE={0x3c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x101}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x2f}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x7ff}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'rr\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x80000000}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}]}]}, 0xe8}, 0x1, 0x0, 0x0, 0x800}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94)
syz_emit_ethernet(0x56, &(0x7f0000004180)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x20, 0x6, 0x0, @local, @local, {[], {{0x8000, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x8, 0x2, 0x100, 0x0, 0x0, {[@sack_perm={0x4, 0x2}, @exp_fastopen={0xfe, 0xa, 0xf989, "f16d73c0e798"}]}}}}}}}}, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000080)={r1, 0x0, 0x2d, 0x0, @val=@perf_event={0xa}}, 0x18)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000d00)={0x0, <r2=>0x0}, 0x8)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000006c0)=@updsa={0xf0, 0x1a, 0x1, 0x70bd2c, 0x25dfdbfe, {{@in=@empty, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4e22, 0x9, 0x4e23, 0xa, 0x2, 0x180, 0xc0, 0x29}, {@in6=@private1, 0x4d5, 0x3c}, @in=@multicast2, {0x2752, 0x5, 0xe7dd, 0x2, 0x100, 0x9, 0x8, 0x3}, {0x2, 0x5, 0x753, 0x7}, {0x4003, 0xc, 0x1}, 0x70bd29, 0x0, 0xa, 0x0, 0x4, 0x14}}, 0xf0}}, 0x0)
r4 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000000)=r2, 0x4)
bpf$LINK_DETACH(0x22, &(0x7f0000000040)=r4, 0x4)

336.892007ms ago: executing program 0 (id=6009):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='kmem_cache_free\x00', r0}, 0x18)
pipe2(&(0x7f0000001cc0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80000)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@access_uid}]}})

224.697429ms ago: executing program 4 (id=6010):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000050b6850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0x80}, 0x18)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r1, &(0x7f0000000000)=0xfe8e, 0x12)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r2}, &(0x7f0000000340), &(0x7f0000000300)=r3}, 0x20)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MON_SET(r4, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYRESOCT=r4, @ANYRES16=0x0, @ANYBLOB="00012bbd7000fddbdf25110000004c000980080001000600000008000100070000000800010003000000080002000900000008000200ff010000080002000080000008000100650000000800020003000000080001000900000030000580240002800800040004000000080003006c0000000800030009000000080004000700000008000100657468000c0003800800030006000000380004803400078008000200170000000800040008000000080001001900000008000200ffffffff080001000800000008000200810000000c000980080002000700000024000980080002000900000008000100ff03000008000100060000000800010058120000", @ANYRES16=r4, @ANYRESDEC], 0x104}}, 0x40000)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r5, 0x24, &(0x7f0000001100)={0x0, 0x0, 0x0, 0x1, 0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xb, 0xb76e}, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x1, 0x800}, 0x0, 0xc, 0xffffffffffffffff, 0x2)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x800, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200a}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r7}, &(0x7f0000000180), &(0x7f00000001c0)=r6}, 0x20)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x10)
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000080)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x4e04, 0x0, 0x0, 0x0, {0xa, 0x4e22, 0xa, @private2={0xfc, 0x2, '\x00', 0x1}, 0x77f}}}, 0x32)
getpgrp(0x0)
r9 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r9, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x490, 0x168, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x3c0, 0xffffffff, 0xffffffff, 0x3c0, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00', {}, {}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x148, 0x168, 0x0, {}, [@common=@unspec=@helper={{0x48}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x810001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @unspec=@NOTRACK={0x20}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00'}, 0x0, 0x228, 0x258, 0x0, {}, [@common=@ipv6header={{0x28}, {0x20}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0x0, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x4f0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x18)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)

197.134101ms ago: executing program 0 (id=6011):
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="00e27f000001000000e8bbd68edd6f7e00"/27, @ANYRES32, @ANYBLOB='\x00'/19, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/27], 0x50)
close(0x3)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000c0000000000008001000000", @ANYRES32, @ANYBLOB='\x00\x00'], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000080), 0x5, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000002300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001240)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d19f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981179186e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2a434b9048ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d6356e4450d043ed20d313cd56a56d2e4cdf26f19af9a41695a58a9b6b45af1ca939b18d7b57791b99cfc6ec2a0848c29fea4eb8b82395a38e8aca5ab4bfc2ad8acf2e51b766f8ecd16194ad41ec097082f7fa32179ef99dafa6c2aa206a25ddc33e6f0a09169eeff428c71f54e1dfcfcd7cfc8f6e169f11c47d504"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
socket$packet(0x11, 0x3, 0x300)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000002c0)=ANY=[@ANYRESHEX=r3, @ANYRES64=r1, @ANYRESHEX=0x0], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
socket$can_j1939(0x1d, 0x2, 0x7)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001640)=ANY=[@ANYBLOB="120000000a0000000800000002"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r4}, &(0x7f0000000200), &(0x7f0000000100)}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0xd, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000611218003f8ca8b8de54dacf00000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
connect$inet(0xffffffffffffffff, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = gettid()
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc)=<r6=>0x0)
timer_settime(r6, 0x0, &(0x7f0000000240)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r7 = mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x0, 0x0)
mq_timedreceive(r7, &(0x7f000001d600)=""/102378, 0x2000, 0x3, 0x0)

53.784885ms ago: executing program 4 (id=6012):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7020000130000008500000086000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0xfffffffffffffd42, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r4, &(0x7f00000002c0)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r5, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}, 0x1, 0xfffc}, 0x4000800)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r6=>0xffffffffffffffff})
shutdown(r6, 0x1)
sendmsg$nl_route_sched(r2, &(0x7f0000000280)={0x0, 0x3580, &(0x7f0000000240)={&(0x7f0000003080)=@delchain={0x34, 0x64, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xfff3, 0xffff}, {0x0, 0x1b}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r8}, &(0x7f00000005c0), &(0x7f0000000600)}, 0x2f)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$netlink(0x10, 0x3, 0x0)
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0xb, 0x0, 0x0, 0x0, 0x1b0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xa}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r7, 0x5, 0xe, 0x0, &(0x7f0000000000)="259a53f271a76d2688ca4c6588a8", 0x0, 0xcfb, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
syz_open_procfs(0x0, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000940)=@delchain={0x24, 0x11, 0x1, 0x1f, 0x3f00, {0x0, 0x0, 0x0, r5}}, 0x24}}, 0x0)

0s ago: executing program 3 (id=6013):
inotify_rm_watch(0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = io_uring_setup(0x100b91, &(0x7f0000000180)={0x0, 0x2c3c, 0x4, 0x2, 0x381})
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r3}, 0x38)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4, 0x0, 0x2}, 0x18)
clock_getres(0x9, 0x0)
sendmsg$inet(r2, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)=[{&(0x7f00000042c0)="86", 0xff0f}], 0x1}, 0x0)
recvmsg(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000600)=""/203, 0xcb}], 0x1}, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001200), 0x42801, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000680)=ANY=[@ANYBLOB="240000002e000100000000000000000008000000", @ANYRES32, @ANYBLOB="0c00008005000100f43ddd2b"], 0x24}], 0x1}, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r6 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r6, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0xffff, @remote}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f00000004c0)="1ed8b7f9d457", 0x14}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000890b040a0101027f00000100000000001c000000000000000000000008"], 0x40}, 0x20000000)
ioctl$sock_SIOCADDRT(r6, 0x890b, &(0x7f0000000440)={0x0, @llc={0x1a, 0x338, 0xf8, 0x3, 0x10, 0xc2}, @ethernet={0x306, @multicast}, @generic={0x2c, "b51a9afdc597cff9fc6e20121583"}, 0x8e, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000200)='geneve0\x00', 0x6, 0x0, 0x2})
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000000)={0x2042, 0x4, 0x1}, 0x10)
r7 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r7, 0x107, 0x12, &(0x7f0000000000), 0x8)

kernel console output (not intermixed with test programs):

][T18571] syz.4.5583 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  358.886067][T13783] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  358.899135][T18571] CPU: 0 UID: 0 PID: 18571 Comm: syz.4.5583 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  358.899205][T18571] Tainted: [W]=WARN
[  358.899213][T18571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  358.899229][T18571] Call Trace:
[  358.899237][T18571]  <TASK>
[  358.899246][T18571]  __dump_stack+0x1d/0x30
[  358.899300][T18571]  dump_stack_lvl+0xe8/0x140
[  358.899322][T18571]  dump_stack+0x15/0x1b
[  358.899385][T18571]  dump_header+0x81/0x220
[  358.899489][T18571]  oom_kill_process+0x342/0x400
[  358.899527][T18571]  out_of_memory+0x979/0xb80
[  358.899562][T18571]  try_charge_memcg+0x610/0xa10
[  358.899604][T18571]  obj_cgroup_charge_pages+0xa6/0x150
[  358.899680][T18571]  __memcg_kmem_charge_page+0x9f/0x170
[  358.899721][T18571]  __alloc_frozen_pages_noprof+0x188/0x360
[  358.899814][T18571]  alloc_pages_mpol+0xb3/0x260
[  358.899838][T18571]  alloc_pages_noprof+0x90/0x130
[  358.899860][T18571]  __vmalloc_node_range_noprof+0x7a5/0xed0
[  358.899930][T18571]  __kvmalloc_node_noprof+0x483/0x670
[  358.899964][T18571]  ? ip_set_alloc+0x24/0x30
[  358.899994][T18571]  ? ip_set_alloc+0x24/0x30
[  358.900052][T18571]  ? __kmalloc_cache_noprof+0x249/0x4a0
[  358.900087][T18571]  ip_set_alloc+0x24/0x30
[  358.900116][T18571]  hash_netiface_create+0x282/0x740
[  358.900195][T18571]  ? __pfx_hash_netiface_create+0x10/0x10
[  358.900302][T18571]  ip_set_create+0x3cc/0x970
[  358.900475][T18571]  ? __nla_parse+0x40/0x60
[  358.900501][T18571]  nfnetlink_rcv_msg+0x4c6/0x590
[  358.900547][T18571]  netlink_rcv_skb+0x123/0x220
[  358.900579][T18571]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  358.900678][T18571]  nfnetlink_rcv+0x167/0x16c0
[  358.900701][T18571]  ? __rmqueue_pcplist+0x9d2/0xbd0
[  358.900733][T18571]  ? bsearch+0x95/0xc0
[  358.900762][T18571]  ? __pfx_cmp_ex_search+0x10/0x10
[  358.900875][T18571]  ? rep_movs_alternative+0xf/0x90
[  358.900929][T18571]  ? search_extable+0x53/0x80
[  358.900959][T18571]  ? rep_movs_alternative+0xf/0x90
[  358.900993][T18571]  ? rep_movs_alternative+0xf/0x90
[  358.901072][T18571]  ? fixup_exception+0x741/0xd50
[  358.901100][T18571]  ? fixup_exception+0x741/0xd50
[  358.901125][T18571]  ? do_user_addr_fault+0xd9e/0x1080
[  358.901149][T18571]  ? prep_new_page+0x5c/0x200
[  358.901241][T18571]  ? do_user_addr_fault+0xd9e/0x1080
[  358.901265][T18571]  ? kernelmode_fixup_or_oops+0x59/0xb0
[  358.901299][T18571]  ? exc_page_fault+0x62/0xa0
[  358.901320][T18571]  ? kernelmode_fixup_or_oops+0x59/0xb0
[  358.901416][T18571]  ? should_fail_ex+0x30/0x280
[  358.901455][T18571]  ? selinux_nlmsg_lookup+0x99/0x890
[  358.901486][T18571]  ? __rcu_read_unlock+0x34/0x70
[  358.901514][T18571]  ? __netlink_lookup+0x266/0x2a0
[  358.901585][T18571]  netlink_unicast+0x5c0/0x690
[  358.901617][T18571]  netlink_sendmsg+0x58b/0x6b0
[  358.901652][T18571]  ? __pfx_netlink_sendmsg+0x10/0x10
[  358.901686][T18571]  __sock_sendmsg+0x145/0x180
[  358.901791][T18571]  ____sys_sendmsg+0x31e/0x4e0
[  358.901827][T18571]  ___sys_sendmsg+0x17b/0x1d0
[  358.901940][T18571]  __x64_sys_sendmsg+0xd4/0x160
[  358.902049][T18571]  x64_sys_call+0x191e/0x3000
[  358.902082][T18571]  do_syscall_64+0xd2/0x200
[  358.902110][T18571]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  358.902200][T18571]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  358.902225][T18571]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  358.902250][T18571] RIP: 0033:0x7f504888eec9
[  358.902268][T18571] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  358.902289][T18571] RSP: 002b:00007f50472ef038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  358.902345][T18571] RAX: ffffffffffffffda RBX: 00007f5048ae5fa0 RCX: 00007f504888eec9
[  358.902360][T18571] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000004
[  358.902374][T18571] RBP: 00007f5048911f91 R08: 0000000000000000 R09: 0000000000000000
[  358.902389][T18571] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  358.902403][T18571] R13: 00007f5048ae6038 R14: 00007f5048ae5fa0 R15: 00007ffdf9649898
[  358.902440][T18571]  </TASK>
[  358.902480][T18571] memory: usage 307200kB, limit 307200kB, failcnt 5880
[  358.930514][T13783] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  358.938812][T18571] memory+swap: usage 307404kB, limit 9007199254740988kB, failcnt 0
[  358.938829][T18571] kmem: usage 307124kB, limit 9007199254740988kB, failcnt 0
[  358.938842][T18571] Memory cgroup stats for /syz4:
[  358.939107][T18571] cache 0
[  359.342026][T18571] rss 0
[  359.344774][T18571] shmem 0
[  359.347700][T18571] mapped_file 0
[  359.351204][T18571] dirty 0
[  359.354170][T18571] writeback 0
[  359.357498][T18571] workingset_refault_anon 1893
[  359.362283][T18571] workingset_refault_file 3542
[  359.367058][T18571] swap 208896
[  359.370338][T18571] swapcached 4096
[  359.373945][T18571] pgpgin 382068
[  359.377436][T18571] pgpgout 382049
[  359.380982][T18571] pgfault 433195
[  359.384548][T18571] pgmajfault 518
[  359.388066][T18571] inactive_anon 0
[  359.391690][T18571] active_anon 0
[  359.395123][T18571] inactive_file 0
[  359.398725][T18571] active_file 73728
[  359.402517][T18571] unevictable 0
[  359.405950][T18571] hierarchical_memory_limit 314572800
[  359.411323][T18571] hierarchical_memsw_limit 9223372036854771712
[  359.417452][T18571] total_cache 0
[  359.420945][T18571] total_rss 0
[  359.424217][T18571] total_shmem 0
[  359.427686][T18571] total_mapped_file 0
[  359.431677][T18571] total_dirty 0
[  359.435124][T18571] total_writeback 0
[  359.438921][T18571] total_workingset_refault_anon 1893
[  359.444227][T18571] total_workingset_refault_file 3542
[  359.449527][T18571] total_swap 208896
[  359.453326][T18571] total_swapcached 4096
[  359.457462][T18571] total_pgpgin 382068
[  359.461461][T18571] total_pgpgout 382049
[  359.465539][T18571] total_pgfault 433195
[  359.469617][T18571] total_pgmajfault 518
[  359.473744][T18571] total_inactive_anon 0
[  359.477907][T18571] total_active_anon 0
[  359.481975][T18571] total_inactive_file 0
[  359.486182][T18571] total_active_file 73728
[  359.490585][T18571] total_unevictable 0
[  359.494553][T18571] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.5583,pid=18570,uid=0
[  359.509333][T18571] Memory cgroup out of memory: Killed process 18570 (syz.4.5583) total-vm:96004kB, anon-rss:1268kB, file-rss:22348kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  359.528928][T13783] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  359.631987][T18611] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5598'.
[  360.340983][   T29] kauditd_printk_skb: 425 callbacks suppressed
[  360.340996][   T29] audit: type=1326 audit(1760371512.708:29079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18621 comm="syz.2.5601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c2094eec9 code=0x7ffc0000
[  360.341300][   T29] audit: type=1326 audit(1760371512.708:29080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18621 comm="syz.2.5601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f6c2094eec9 code=0x7ffc0000
[  360.347904][   T29] audit: type=1326 audit(1760371512.708:29081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18621 comm="syz.2.5601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c2094eec9 code=0x7ffc0000
[  360.348108][   T29] audit: type=1326 audit(1760371512.708:29082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18621 comm="syz.2.5601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6c2094eec9 code=0x7ffc0000
[  360.348296][   T29] audit: type=1326 audit(1760371512.708:29083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18621 comm="syz.2.5601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c2094eec9 code=0x7ffc0000
[  360.348529][   T29] audit: type=1326 audit(1760371512.708:29084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18621 comm="syz.2.5601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6c2094eec9 code=0x7ffc0000
[  360.348676][   T29] audit: type=1326 audit(1760371512.708:29085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18621 comm="syz.2.5601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c2094eec9 code=0x7ffc0000
[  360.349020][   T29] audit: type=1326 audit(1760371512.708:29086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18621 comm="syz.2.5601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6c2094eec9 code=0x7ffc0000
[  360.349204][   T29] audit: type=1326 audit(1760371512.708:29087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18621 comm="syz.2.5601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c2094eec9 code=0x7ffc0000
[  360.349409][   T29] audit: type=1326 audit(1760371512.708:29088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18621 comm="syz.2.5601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6c2094eec9 code=0x7ffc0000
[  360.351220][T18623] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  360.732394][T18632] netlink: 'syz.4.5605': attribute type 7 has an invalid length.
[  360.740206][T18632] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5605'.
[  360.800719][T18639] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  361.580127][T18655] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  361.771528][T18665] __nla_validate_parse: 1 callbacks suppressed
[  361.771546][T18665] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5615'.
[  362.320526][T18671] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5618'.
[  362.388353][T18675] loop1: detected capacity change from 0 to 2048
[  362.401715][T18675] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  362.443612][T13783] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  362.458476][T13783] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  362.475620][T13783] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  362.498001][T18683] loop1: detected capacity change from 0 to 512
[  362.514718][T18683] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  362.514767][T18683] ext4 filesystem being mounted at /356/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  362.578178][T18688] netlink: 'syz.4.5623': attribute type 7 has an invalid length.
[  362.578198][T18688] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5623'.
[  362.632505][T13783] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  362.648813][T18693] netlink: 36 bytes leftover after parsing attributes in process `syz.4.5624'.
[  362.683410][T18698] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5625'.
[  362.806973][T18710] loop3: detected capacity change from 0 to 2048
[  362.822205][T18710] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  362.857038][T11362] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  362.857178][T11362] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  362.882701][T11362] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  363.226340][T18728] loop2: detected capacity change from 0 to 512
[  363.350632][T18728] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  363.363595][T18728] ext4 filesystem being mounted at /457/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  363.370794][T18733] netlink: 36 bytes leftover after parsing attributes in process `syz.0.5637'.
[  363.399695][T18735] netlink: 'syz.0.5638': attribute type 7 has an invalid length.
[  363.407435][T18735] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5638'.
[  363.469662][T11748] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  363.539257][T18746] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  363.562754][T18748] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5641'.
[  363.829713][T18761] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  364.078575][T18770] netlink: 'syz.3.5651': attribute type 7 has an invalid length.
[  364.078591][T18770] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5651'.
[  364.631164][T18786] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5655'.
[  364.770079][T18794] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.811616][T18794] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.950665][T18794] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  365.090564][T18794] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  365.145209][T18801] loop3: detected capacity change from 0 to 2048
[  365.161015][T18801] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  365.254984][T18780] syz.0.5654 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  365.255060][T18780] CPU: 1 UID: 0 PID: 18780 Comm: syz.0.5654 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  365.255091][T18780] Tainted: [W]=WARN
[  365.255098][T18780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  365.255112][T18780] Call Trace:
[  365.255159][T18780]  <TASK>
[  365.255167][T18780]  __dump_stack+0x1d/0x30
[  365.255187][T18780]  dump_stack_lvl+0xe8/0x140
[  365.255207][T18780]  dump_stack+0x15/0x1b
[  365.255223][T18780]  dump_header+0x81/0x220
[  365.255277][T18780]  oom_kill_process+0x342/0x400
[  365.255313][T18780]  out_of_memory+0x979/0xb80
[  365.255411][T18780]  try_charge_memcg+0x610/0xa10
[  365.255444][T18780]  obj_cgroup_charge_pages+0xa6/0x150
[  365.255560][T18780]  __memcg_kmem_charge_page+0x9f/0x170
[  365.255631][T18780]  __alloc_frozen_pages_noprof+0x188/0x360
[  365.255673][T18780]  alloc_pages_mpol+0xb3/0x260
[  365.255766][T18780]  alloc_pages_noprof+0x90/0x130
[  365.255789][T18780]  __vmalloc_node_range_noprof+0x7a5/0xed0
[  365.255834][T18780]  __kvmalloc_node_noprof+0x483/0x670
[  365.256015][T18780]  ? ip_set_alloc+0x24/0x30
[  365.256047][T18780]  ? ip_set_alloc+0x24/0x30
[  365.256107][T18780]  ? __kmalloc_cache_noprof+0x249/0x4a0
[  365.256144][T18780]  ip_set_alloc+0x24/0x30
[  365.256175][T18780]  hash_netiface_create+0x282/0x740
[  365.256208][T18780]  ? __pfx_hash_netiface_create+0x10/0x10
[  365.256380][T18780]  ip_set_create+0x3cc/0x970
[  365.256458][T18780]  ? __nla_parse+0x40/0x60
[  365.256486][T18780]  nfnetlink_rcv_msg+0x4c6/0x590
[  365.256539][T18780]  netlink_rcv_skb+0x123/0x220
[  365.256572][T18780]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  365.256617][T18780]  nfnetlink_rcv+0x167/0x16c0
[  365.256643][T18780]  ? __rmqueue_pcplist+0x9d2/0xbd0
[  365.256674][T18780]  ? bsearch+0x95/0xc0
[  365.256704][T18780]  ? __pfx_cmp_ex_search+0x10/0x10
[  365.256738][T18780]  ? rep_movs_alternative+0xf/0x90
[  365.256772][T18780]  ? search_extable+0x53/0x80
[  365.256800][T18780]  ? rep_movs_alternative+0xf/0x90
[  365.256908][T18780]  ? rep_movs_alternative+0xf/0x90
[  365.257017][T18780]  ? fixup_exception+0x741/0xd50
[  365.257048][T18780]  ? do_user_addr_fault+0xd9e/0x1080
[  365.257070][T18780]  ? prep_new_page+0x5c/0x200
[  365.257102][T18780]  ? kernelmode_fixup_or_oops+0x59/0xb0
[  365.257146][T18780]  ? exc_page_fault+0x62/0xa0
[  365.257169][T18780]  ? kernelmode_fixup_or_oops+0x59/0xb0
[  365.257194][T18780]  ? should_fail_ex+0x30/0x280
[  365.257234][T18780]  ? selinux_nlmsg_lookup+0x99/0x890
[  365.257262][T18780]  ? __rcu_read_unlock+0x34/0x70
[  365.257317][T18780]  ? __netlink_lookup+0x266/0x2a0
[  365.257357][T18780]  netlink_unicast+0x5c0/0x690
[  365.257389][T18780]  netlink_sendmsg+0x58b/0x6b0
[  365.257436][T18780]  ? __pfx_netlink_sendmsg+0x10/0x10
[  365.257583][T18780]  __sock_sendmsg+0x145/0x180
[  365.257610][T18780]  ____sys_sendmsg+0x31e/0x4e0
[  365.257649][T18780]  ___sys_sendmsg+0x17b/0x1d0
[  365.257695][T18780]  __x64_sys_sendmsg+0xd4/0x160
[  365.257774][T18780]  x64_sys_call+0x191e/0x3000
[  365.257801][T18780]  do_syscall_64+0xd2/0x200
[  365.257827][T18780]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  365.257856][T18780]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  365.257883][T18780]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  365.257984][T18780] RIP: 0033:0x7fb0545feec9
[  365.258002][T18780] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  365.258024][T18780] RSP: 002b:00007fb053067038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  365.258081][T18780] RAX: ffffffffffffffda RBX: 00007fb054855fa0 RCX: 00007fb0545feec9
[  365.258094][T18780] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000004
[  365.258110][T18780] RBP: 00007fb054681f91 R08: 0000000000000000 R09: 0000000000000000
[  365.258125][T18780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  365.258140][T18780] R13: 00007fb054856038 R14: 00007fb054855fa0 R15: 00007ffd1bf39798
[  365.258216][T18780]  </TASK>
[  365.258251][T18780] memory: usage 307200kB, limit 307200kB, failcnt 2007
[  365.258266][T18780] memory+swap: usage 307400kB, limit 9007199254740988kB, failcnt 0
[  365.258282][T18780] kmem: usage 307136kB, limit 9007199254740988kB, failcnt 0
[  365.258296][T18780] Memory cgroup stats for /syz0:
[  365.258636][T18780] cache 0
[  365.258643][T18780] rss 0
[  365.258650][T18780] shmem 0
[  365.258656][T18780] mapped_file 0
[  365.258663][T18780] dirty 0
[  365.258671][T18780] writeback 0
[  365.258679][T18780] workingset_refault_anon 360
[  365.258690][T18780] workingset_refault_file 1890
[  365.258699][T18780] swap 204800
[  365.258727][T18780] swapcached 0
[  365.258736][T18780] pgpgin 458866
[  365.258744][T18780] pgpgout 458866
[  365.258753][T18780] pgfault 481981
[  365.258787][T18780] pgmajfault 220
[  365.258794][T18780] inactive_anon 0
[  365.258801][T18780] active_anon 0
[  365.258808][T18780] inactive_file 0
[  365.258815][T18780] active_file 0
[  365.258869][T18780] unevictable 0
[  365.258931][T18780] hierarchical_memory_limit 314572800
[  365.258942][T18780] hierarchical_memsw_limit 9223372036854771712
[  365.258954][T18780] total_cache 0
[  365.258962][T18780] total_rss 0
[  365.258970][T18780] total_shmem 0
[  365.258978][T18780] total_mapped_file 0
[  365.258987][T18780] total_dirty 0
[  365.258996][T18780] total_writeback 0
[  365.259005][T18780] total_workingset_refault_anon 360
[  365.259058][T18780] total_workingset_refault_file 1890
[  365.259067][T18780] total_swap 204800
[  365.259074][T18780] total_swapcached 0
[  365.259098][T18780] total_pgpgin 458866
[  365.259108][T18780] total_pgpgout 458866
[  365.259117][T18780] total_pgfault 481981
[  365.259126][T18780] total_pgmajfault 220
[  365.259135][T18780] total_inactive_anon 0
[  365.259214][T18780] total_active_anon 0
[  365.259222][T18780] total_inactive_file 0
[  365.259229][T18780] total_active_file 0
[  365.259237][T18780] total_unevictable 0
[  365.259245][T18780] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.5654,pid=18779,uid=0
[  365.259378][T18780] Memory cgroup out of memory: Killed process 18779 (syz.0.5654) total-vm:96004kB, anon-rss:1260kB, file-rss:22348kB, shmem-rss:0kB, UID:0 pgtables:120kB oom_score_adj:1000
[  365.380591][T11362] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  365.380815][T11362] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  365.385690][T11362] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  365.423939][ T7771] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  365.423990][ T7771] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  365.424074][ T7771] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  365.427710][ T7786] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  365.489935][   T29] kauditd_printk_skb: 216 callbacks suppressed
[  365.489950][   T29] audit: type=1326 audit(1760371517.858:29305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18804 comm="syz.0.5662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0545feec9 code=0x7ffc0000
[  365.490042][   T29] audit: type=1326 audit(1760371517.858:29306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18804 comm="syz.0.5662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb0545feec9 code=0x7ffc0000
[  365.490199][   T29] audit: type=1326 audit(1760371517.858:29307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18804 comm="syz.0.5662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0545feec9 code=0x7ffc0000
[  365.490285][   T29] audit: type=1326 audit(1760371517.858:29308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18804 comm="syz.0.5662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb0545feec9 code=0x7ffc0000
[  365.492033][   T29] audit: type=1326 audit(1760371517.858:29309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18804 comm="syz.0.5662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0545feec9 code=0x7ffc0000
[  365.492097][   T29] audit: type=1326 audit(1760371517.858:29310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18804 comm="syz.0.5662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb0545feec9 code=0x7ffc0000
[  365.492189][   T29] audit: type=1326 audit(1760371517.858:29311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18804 comm="syz.0.5662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0545feec9 code=0x7ffc0000
[  365.492220][   T29] audit: type=1326 audit(1760371517.858:29312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18804 comm="syz.0.5662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb0545feec9 code=0x7ffc0000
[  365.492273][   T29] audit: type=1326 audit(1760371517.858:29313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18804 comm="syz.0.5662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0545feec9 code=0x7ffc0000
[  365.492303][   T29] audit: type=1326 audit(1760371517.858:29314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18804 comm="syz.0.5662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7fb0545feec9 code=0x7ffc0000
[  365.817352][T18820] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  366.647659][T18840] loop1: detected capacity change from 0 to 1024
[  366.676901][T18840] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  366.688284][T18840] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #11: comm syz.1.5673: iget: bogus i_mode (1)
[  366.699799][T18840] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.5673: couldn't read orphan inode 11 (err -117)
[  366.713730][T18840] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  366.731525][T18840] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  366.772900][T18851] loop2: detected capacity change from 0 to 1024
[  366.780049][T18851] EXT4-fs: Ignoring removed orlov option
[  366.788502][T18851] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  366.839423][T18849] __nla_validate_parse: 6 callbacks suppressed
[  366.839440][T18849] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5677'.
[  367.181116][T18833] syz.1.5673 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  367.195286][T18833] CPU: 1 UID: 0 PID: 18833 Comm: syz.1.5673 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  367.195368][T18833] Tainted: [W]=WARN
[  367.195376][T18833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  367.195393][T18833] Call Trace:
[  367.195401][T18833]  <TASK>
[  367.195410][T18833]  __dump_stack+0x1d/0x30
[  367.195514][T18833]  dump_stack_lvl+0xe8/0x140
[  367.195536][T18833]  dump_stack+0x15/0x1b
[  367.195553][T18833]  dump_header+0x81/0x220
[  367.195646][T18833]  oom_kill_process+0x342/0x400
[  367.195684][T18833]  out_of_memory+0x979/0xb80
[  367.195759][T18833]  try_charge_memcg+0x610/0xa10
[  367.195795][T18833]  obj_cgroup_charge_pages+0xa6/0x150
[  367.195831][T18833]  __memcg_kmem_charge_page+0x9f/0x170
[  367.195930][T18833]  __alloc_frozen_pages_noprof+0x188/0x360
[  367.195973][T18833]  alloc_pages_mpol+0xb3/0x260
[  367.196011][T18833]  ? alloc_pages_noprof+0x61/0x130
[  367.196036][T18833]  alloc_pages_noprof+0x90/0x130
[  367.196060][T18833]  __vmalloc_node_range_noprof+0x7a5/0xed0
[  367.196138][T18833]  __kvmalloc_node_noprof+0x483/0x670
[  367.196263][T18833]  ? ip_set_alloc+0x24/0x30
[  367.196291][T18833]  ? ip_set_alloc+0x24/0x30
[  367.196321][T18833]  ? __kmalloc_cache_noprof+0x249/0x4a0
[  367.196398][T18833]  ip_set_alloc+0x24/0x30
[  367.196424][T18833]  hash_netiface_create+0x282/0x740
[  367.196455][T18833]  ? __pfx_hash_netiface_create+0x10/0x10
[  367.196485][T18833]  ip_set_create+0x3cc/0x970
[  367.196604][T18833]  ? __nla_parse+0x40/0x60
[  367.196700][T18833]  nfnetlink_rcv_msg+0x4c6/0x590
[  367.196796][T18833]  netlink_rcv_skb+0x123/0x220
[  367.196828][T18833]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  367.196922][T18833]  nfnetlink_rcv+0x167/0x16c0
[  367.196943][T18833]  ? kmem_cache_free+0xe4/0x3d0
[  367.196974][T18833]  ? __kfree_skb+0x109/0x150
[  367.197002][T18833]  ? nlmon_xmit+0x4f/0x60
[  367.197098][T18833]  ? consume_skb+0x49/0x150
[  367.197128][T18833]  ? nlmon_xmit+0x4f/0x60
[  367.197157][T18833]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  367.197188][T18833]  ? __dev_queue_xmit+0x1200/0x2000
[  367.197318][T18833]  ? __dev_queue_xmit+0x182/0x2000
[  367.197424][T18833]  ? ref_tracker_free+0x37d/0x3e0
[  367.197470][T18833]  ? __netlink_deliver_tap+0x4dc/0x500
[  367.197541][T18833]  netlink_unicast+0x5c0/0x690
[  367.197583][T18833]  netlink_sendmsg+0x58b/0x6b0
[  367.197666][T18833]  ? __pfx_netlink_sendmsg+0x10/0x10
[  367.197704][T18833]  __sock_sendmsg+0x145/0x180
[  367.197807][T18833]  ____sys_sendmsg+0x31e/0x4e0
[  367.197869][T18833]  ___sys_sendmsg+0x17b/0x1d0
[  367.197916][T18833]  __x64_sys_sendmsg+0xd4/0x160
[  367.197954][T18833]  x64_sys_call+0x191e/0x3000
[  367.197997][T18833]  do_syscall_64+0xd2/0x200
[  367.198024][T18833]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  367.198055][T18833]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  367.198080][T18833]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.198105][T18833] RIP: 0033:0x7fcd2ef3eec9
[  367.198123][T18833] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  367.198178][T18833] RSP: 002b:00007fcd2d9a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  367.198202][T18833] RAX: ffffffffffffffda RBX: 00007fcd2f195fa0 RCX: 00007fcd2ef3eec9
[  367.198217][T18833] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000004
[  367.198232][T18833] RBP: 00007fcd2efc1f91 R08: 0000000000000000 R09: 0000000000000000
[  367.198247][T18833] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  367.198261][T18833] R13: 00007fcd2f196038 R14: 00007fcd2f195fa0 R15: 00007ffc140a66b8
[  367.198280][T18833]  </TASK>
[  367.198287][T18833] memory: usage 307200kB, limit 307200kB, failcnt 1656
[  367.377637][T18864] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5683'.
[  367.379252][T18833] memory+swap: usage 307416kB, limit 9007199254740988kB, failcnt 0
[  367.573601][T18833] kmem: usage 307160kB, limit 9007199254740988kB, failcnt 0
[  367.580880][T18833] Memory cgroup stats for /syz1:
[  367.581232][T18833] cache 0
[  367.589213][T18833] rss 0
[  367.592071][T18833] shmem 0
[  367.594986][T18833] mapped_file 0
[  367.598450][T18833] dirty 0
[  367.601481][T18833] writeback 0
[  367.604775][T18833] workingset_refault_anon 460
[  367.609448][T18833] workingset_refault_file 2000
[  367.614228][T18833] swap 221184
[  367.617499][T18833] swapcached 4096
[  367.621149][T18833] pgpgin 369103
[  367.624599][T18833] pgpgout 369093
[  367.628129][T18833] pgfault 401110
[  367.631689][T18833] pgmajfault 262
[  367.635225][T18833] inactive_anon 0
[  367.638887][T18833] active_anon 4096
[  367.642637][T18833] inactive_file 0
[  367.646260][T18833] active_file 36864
[  367.650129][T18833] unevictable 0
[  367.653596][T18833] hierarchical_memory_limit 314572800
[  367.658949][T18833] hierarchical_memsw_limit 9223372036854771712
[  367.665102][T18833] total_cache 0
[  367.668596][T18833] total_rss 0
[  367.671879][T18833] total_shmem 0
[  367.675361][T18833] total_mapped_file 0
[  367.679312][T18833] total_dirty 0
[  367.682762][T18833] total_writeback 0
[  367.686612][T18833] total_workingset_refault_anon 460
[  367.691838][T18833] total_workingset_refault_file 2000
[  367.697172][T18833] total_swap 221184
[  367.700972][T18833] total_swapcached 4096
[  367.705107][T18833] total_pgpgin 369103
[  367.709091][T18833] total_pgpgout 369093
[  367.713163][T18833] total_pgfault 401110
[  367.717212][T18833] total_pgmajfault 262
[  367.721278][T18833] total_inactive_anon 0
[  367.725407][T18833] total_active_anon 4096
[  367.729678][T18833] total_inactive_file 0
[  367.733805][T18833] total_active_file 36864
[  367.738105][T18833] total_unevictable 0
[  367.742076][T18833] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.5673,pid=18832,uid=0
[  367.756776][T18833] Memory cgroup out of memory: Killed process 18832 (syz.1.5673) total-vm:96136kB, anon-rss:1140kB, file-rss:22472kB, shmem-rss:0kB, UID:0 pgtables:120kB oom_score_adj:1000
[  367.780533][T11748] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  367.952532][T18882] loop4: detected capacity change from 0 to 4096
[  367.962468][T18882] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  367.998246][T18885] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5690'.
[  368.174085][T11087] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  368.323850][T18902] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  368.480948][T18906] netlink: 36 bytes leftover after parsing attributes in process `syz.2.5699'.
[  368.647699][T18912] loop2: detected capacity change from 0 to 2048
[  368.671159][T18912] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  368.715982][T11748] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  368.716100][T11748] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  368.741955][T11748] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  368.764235][T18916] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5703'.
[  368.832746][T18916] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5703'.
[  368.902876][T18920] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5705'.
[  369.116463][T18941] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5716'.
[  369.179238][T18941] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5716'.
[  369.331156][T18972] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5724'.
[  369.432912][T18967] chnl_net:caif_netlink_parms(): no params data found
[  369.476190][T18967] bridge0: port 1(bridge_slave_0) entered blocking state
[  369.476227][T18967] bridge0: port 1(bridge_slave_0) entered disabled state
[  369.476404][T18967] bridge_slave_0: entered allmulticast mode
[  369.477175][T18967] bridge_slave_0: entered promiscuous mode
[  369.504303][T18967] bridge0: port 2(bridge_slave_1) entered blocking state
[  369.504337][T18967] bridge0: port 2(bridge_slave_1) entered disabled state
[  369.504460][T18967] bridge_slave_1: entered allmulticast mode
[  369.504988][T18967] bridge_slave_1: entered promiscuous mode
[  369.527583][T18967] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  369.543647][T18967] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  369.566079][T18967] team0: Port device team_slave_0 added
[  369.567519][T18967] team0: Port device team_slave_1 added
[  369.596552][T18967] batman_adv: batadv0: Adding interface: batadv_slave_0
[  369.596568][T18967] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  369.596637][T18967] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  369.597202][T18967] batman_adv: batadv0: Adding interface: batadv_slave_1
[  369.647875][T18967] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  369.647909][T18967] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  369.700438][T18967] hsr_slave_0: entered promiscuous mode
[  369.706645][T18967] hsr_slave_1: entered promiscuous mode
[  369.707099][T18967] debugfs: 'hsr0' already exists in 'hsr'
[  369.718245][T18967] Cannot create hsr debugfs directory
[  369.733822][ T7786] bridge_slave_1: left allmulticast mode
[  369.733844][ T7786] bridge_slave_1: left promiscuous mode
[  369.733991][ T7786] bridge0: port 2(bridge_slave_1) entered disabled state
[  369.734959][ T7786] bridge_slave_0: left allmulticast mode
[  369.734978][ T7786] bridge_slave_0: left promiscuous mode
[  369.735061][ T7786] bridge0: port 1(bridge_slave_0) entered disabled state
[  369.782301][T18985] loop2: detected capacity change from 0 to 4096
[  369.803355][T18985] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  370.043115][T11748] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  370.096951][T18991] loop2: detected capacity change from 0 to 4096
[  370.098884][T18991] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  370.170419][T19000] loop4: detected capacity change from 0 to 512
[  370.191126][T19000] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  370.204453][T19000] ext4 filesystem being mounted at /542/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  370.329570][T11087] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  370.361252][ T7786] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  370.370338][ T7786] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  370.379449][ T7786] bond0 (unregistering): Released all slaves
[  370.387436][ T7786] bond1 (unregistering): Released all slaves
[  370.395455][ T7786] bond2 (unregistering): Released all slaves
[  370.411212][T19005] bridge0: port 3(macsec1) entered blocking state
[  370.417763][T19005] bridge0: port 3(macsec1) entered disabled state
[  370.424663][T19005] macsec1: entered allmulticast mode
[  370.430012][T19005] bridge0: entered allmulticast mode
[  370.438345][T19005] macsec1: left allmulticast mode
[  370.443532][T19005] bridge0: left allmulticast mode
[  370.454365][T11748] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  370.482055][ T7786] hsr_slave_0: left promiscuous mode
[  370.487870][ T7786] hsr_slave_1: left promiscuous mode
[  370.493544][ T7786] batman_adv: batadv0: Removing interface: batadv_slave_0
[  370.501165][ T7786] batman_adv: batadv0: Removing interface: batadv_slave_1
[  370.541097][ T7786] team0 (unregistering): Port device team_slave_1 removed
[  370.550974][ T7786] team0 (unregistering): Port device team_slave_0 removed
[  370.579562][ T7786] team0 (unregistering): Port device dummy0 removed
[  370.598644][T19015] loop2: detected capacity change from 0 to 2048
[  370.622109][T19015] EXT4-fs (loop2): failed to initialize system zone (-117)
[  370.635905][T19015] EXT4-fs (loop2): mount failed
[  370.761599][   T29] kauditd_printk_skb: 540 callbacks suppressed
[  370.761613][   T29] audit: type=1326 audit(1760371523.128:29855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19024 comm="syz.2.5739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c2094eec9 code=0x7ffc0000
[  370.808384][T19026] loop2: detected capacity change from 0 to 1024
[  370.839572][   T29] audit: type=1326 audit(1760371523.158:29856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19024 comm="syz.2.5739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6c2094eec9 code=0x7ffc0000
[  370.863330][   T29] audit: type=1326 audit(1760371523.158:29857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19024 comm="syz.2.5739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c2094eec9 code=0x7ffc0000
[  370.886960][   T29] audit: type=1326 audit(1760371523.158:29858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19024 comm="syz.2.5739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c2094eec9 code=0x7ffc0000
[  370.910620][   T29] audit: type=1326 audit(1760371523.158:29859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19024 comm="syz.2.5739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6c2094eec9 code=0x7ffc0000
[  370.934193][   T29] audit: type=1326 audit(1760371523.158:29860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19024 comm="syz.2.5739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c2094eec9 code=0x7ffc0000
[  370.957857][   T29] audit: type=1326 audit(1760371523.158:29861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19024 comm="syz.2.5739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c2094eec9 code=0x7ffc0000
[  370.981584][   T29] audit: type=1326 audit(1760371523.158:29862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19024 comm="syz.2.5739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6c2094eec9 code=0x7ffc0000
[  371.005258][   T29] audit: type=1326 audit(1760371523.158:29863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19024 comm="syz.2.5739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c2094eec9 code=0x7ffc0000
[  371.028906][   T29] audit: type=1326 audit(1760371523.158:29864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19024 comm="syz.2.5739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6c20950de7 code=0x7ffc0000
[  371.081701][T19026] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  371.207710][T19026] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #11: comm syz.2.5739: iget: bogus i_mode (1)
[  371.279825][T19026] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.5739: couldn't read orphan inode 11 (err -117)
[  371.280460][T19026] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  371.281116][T19026] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  371.505645][T18967] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  371.511308][T18967] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  371.520367][T18967] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  371.522610][T18967] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  371.630208][T19051] netlink: 'syz.4.5746': attribute type 7 has an invalid length.
[  371.652171][T18967] 8021q: adding VLAN 0 to HW filter on device bond0
[  371.655936][T18967] 8021q: adding VLAN 0 to HW filter on device team0
[  371.691410][ T7786] bridge0: port 1(bridge_slave_0) entered blocking state
[  371.691475][ T7786] bridge0: port 1(bridge_slave_0) entered forwarding state
[  371.692984][ T7786] bridge0: port 2(bridge_slave_1) entered blocking state
[  371.693056][ T7786] bridge0: port 2(bridge_slave_1) entered forwarding state
[  371.825053][T18967] 8021q: adding VLAN 0 to HW filter on device batadv0
[  371.865900][T19056] __nla_validate_parse: 5 callbacks suppressed
[  371.865917][T19056] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5747'.
[  371.911045][T19065] loop3: detected capacity change from 0 to 2048
[  371.962347][T19065] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  371.983752][T18967] veth0_vlan: entered promiscuous mode
[  371.999030][T18967] veth1_vlan: entered promiscuous mode
[  372.017764][T18967] veth0_macvtap: entered promiscuous mode
[  372.024809][T18967] veth1_macvtap: entered promiscuous mode
[  372.047524][T11362] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  372.050603][T11362] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  372.075991][T18967] batman_adv: batadv0: Interface activated: batadv_slave_0
[  372.077277][T18967] batman_adv: batadv0: Interface activated: batadv_slave_1
[  372.135777][ T7815] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  372.161350][T11362] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  372.175213][ T7815] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  372.189755][ T7815] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  372.204906][T19075] loop3: detected capacity change from 0 to 512
[  372.220091][ T7788] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  372.242556][T19075] EXT4-fs: Ignoring removed bh option
[  372.281130][T19075] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  372.300730][T19075] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  372.308674][T19075] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=884ec128, mo2=0002]
[  372.326885][T19075] EXT4-fs (loop3): orphan cleanup on readonly fs
[  372.333315][T19075] EXT4-fs error (device loop3): ext4_quota_enable:7132: comm syz.3.5750: Bad quota inum: 4294967291, type: 0
[  372.417643][T19075] EXT4-fs (loop3): Remounting filesystem read-only
[  372.424208][T19075] EXT4-fs warning (device loop3): ext4_enable_quotas:7180: Failed to enable quota tracking (type=0, err=-117, ino=4294967291). Please run e2fsck to fix.
[  372.439634][T19075] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  372.456154][T19086] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  372.468280][T19075] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  372.511257][T19086] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  372.537932][T19091] xt_CT: You must specify a L4 protocol and not use inversions on it
[  372.585762][T11362] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  372.632599][T19086] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  372.691293][T19086] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  372.741550][T19095] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5755'.
[  372.765235][ T7771] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  372.786243][ T7771] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  372.794814][ T7771] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  372.816504][ T7771] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  372.842884][T19101] loop1: detected capacity change from 0 to 512
[  372.951522][T19101] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  372.966417][T19101] ext4 filesystem being mounted at /383/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  373.192549][T13783] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  373.222757][T19106] netlink: 'syz.1.5759': attribute type 7 has an invalid length.
[  373.230539][T19106] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5759'.
[  373.379935][T19114] loop2: detected capacity change from 0 to 1024
[  373.387192][T19114] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  373.400774][T19114] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #11: comm syz.2.5762: iget: bogus i_mode (1)
[  373.412459][T19114] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.5762: couldn't read orphan inode 11 (err -117)
[  373.415495][T19125] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5765'.
[  373.425184][T19114] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  373.447069][T19114] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  373.490031][T19125] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5765'.
[  373.575181][T19132] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  373.611027][T19132] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  373.662158][T19138] loop3: detected capacity change from 0 to 1024
[  373.668880][T19138] EXT4-fs: Ignoring removed orlov option
[  373.676400][T19132] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  373.676659][T19138] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  373.771753][T19132] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  374.159805][T19149] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5774'.
[  374.182576][T19151] netlink: 'syz.4.5775': attribute type 7 has an invalid length.
[  374.190419][T19151] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5775'.
[  374.290111][T19155] loop4: detected capacity change from 0 to 1024
[  374.297333][T19155] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  374.308807][T19155] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #11: comm syz.4.5776: iget: bogus i_mode (1)
[  374.320637][T19155] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.5776: couldn't read orphan inode 11 (err -117)
[  374.333176][T19155] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  374.346493][T19155] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  374.418677][T19161] loop2: detected capacity change from 0 to 4096
[  374.427022][T19161] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  374.544192][T11362] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  374.567031][T19169] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  374.617903][T11748] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  374.645459][T19177] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd
[  374.691183][T19178] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5783'.
[  374.771624][T19182] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5785'.
[  375.024564][T19186] loop3: detected capacity change from 0 to 1024
[  375.031677][T19186] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  375.043107][T19186] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #11: comm syz.3.5786: iget: bogus i_mode (1)
[  375.054669][T19186] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.5786: couldn't read orphan inode 11 (err -117)
[  375.067247][T19186] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  375.080913][T19186] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  375.092442][T19190] loop2: detected capacity change from 0 to 1024
[  375.100437][T19190] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  375.114128][T19190] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #11: comm syz.2.5788: iget: bogus i_mode (1)
[  375.125839][T19190] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.5788: couldn't read orphan inode 11 (err -117)
[  375.138553][T19190] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  375.151965][T19190] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  375.187493][T19198] loop2: detected capacity change from 0 to 1024
[  375.194446][T19198] EXT4-fs: Ignoring removed orlov option
[  375.202661][T19198] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  375.336682][T19204] netlink: 'syz.4.5792': attribute type 7 has an invalid length.
[  375.344507][T19204] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5792'.
[  375.443046][T11362] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  375.454064][T11362] CPU: 0 UID: 0 PID: 11362 Comm: syz-executor Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  375.454099][T11362] Tainted: [W]=WARN
[  375.454152][T11362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  375.454168][T11362] Call Trace:
[  375.454176][T11362]  <TASK>
[  375.454183][T11362]  __dump_stack+0x1d/0x30
[  375.454204][T11362]  dump_stack_lvl+0xe8/0x140
[  375.454225][T11362]  dump_stack+0x15/0x1b
[  375.454248][T11362]  dump_header+0x81/0x220
[  375.454281][T11362]  oom_kill_process+0x342/0x400
[  375.454327][T11362]  out_of_memory+0x979/0xb80
[  375.454439][T11362]  try_charge_memcg+0x610/0xa10
[  375.454488][T11362]  charge_memcg+0x51/0xc0
[  375.454521][T11362]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  375.454614][T11362]  __read_swap_cache_async+0x17b/0x2d0
[  375.454663][T11362]  swap_cluster_readahead+0x262/0x3c0
[  375.454694][T11362]  swapin_readahead+0xde/0x6f0
[  375.454713][T11362]  ? bpf_trace_printk+0xcf/0x1c0
[  375.454805][T11362]  ? bpf_trace_run4+0x105/0x1d0
[  375.454839][T11362]  ? __rcu_read_unlock+0x4f/0x70
[  375.454874][T11362]  ? __rcu_read_unlock+0x4f/0x70
[  375.454904][T11362]  ? swap_cache_get_folio+0x277/0x280
[  375.454945][T11362]  do_swap_page+0x2ae/0x2370
[  375.455011][T11362]  ? _raw_spin_unlock+0x26/0x50
[  375.455053][T11362]  ? finish_task_switch+0xad/0x2b0
[  375.455080][T11362]  ? __pfx_default_wake_function+0x10/0x10
[  375.455159][T11362]  handle_mm_fault+0x9a5/0x2be0
[  375.455184][T11362]  ? vma_start_read+0x141/0x1f0
[  375.455225][T11362]  do_user_addr_fault+0x630/0x1080
[  375.455251][T11362]  ? fpregs_restore_userregs+0xe2/0x1d0
[  375.455292][T11362]  ? switch_fpu_return+0xe/0x20
[  375.455327][T11362]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  375.455354][T11362]  exc_page_fault+0x62/0xa0
[  375.455374][T11362]  asm_exc_page_fault+0x26/0x30
[  375.455442][T11362] RIP: 0033:0x7f7db4fa1745
[  375.455457][T11362] Code: 00 00 00 00 00 83 ff 03 74 7b 83 ff 02 b8 fa ff ff ff 49 89 ca 0f 44 f8 80 3d 1e 6e 1f 00 00 74 14 b8 e6 00 00 00 0f 05 f7 d8 <c3> 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec 28 48 89 54 24 10 89 74
[  375.455480][T11362] RSP: 002b:00007ffc095dea18 EFLAGS: 00010246
[  375.455498][T11362] RAX: 0000000000000000 RBX: 0000000000000505 RCX: 00007f7db4fa1743
[  375.455583][T11362] RDX: 00007ffc095dea30 RSI: 0000000000000000 RDI: 0000000000000000
[  375.455595][T11362] RBP: 00007ffc095dea9c R08: 000000001600a693 R09: 0000000000000000
[  375.455621][T11362] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000001388
[  375.455638][T11362] R13: 00000000000927c0 R14: 000000000005b932 R15: 00007ffc095deaf0
[  375.455732][T11362]  </TASK>
[  375.455740][T11362] memory: usage 307200kB, limit 307200kB, failcnt 7593
[  375.485530][T19208] netlink: 'syz.4.5794': attribute type 1 has an invalid length.
[  375.487465][T11362] memory+swap: usage 307412kB, limit 9007199254740988kB, failcnt 0
[  375.487482][T11362] kmem: usage 307092kB, limit 9007199254740988kB, failcnt 0
[  375.715443][T19209] IPVS: set_ctl: invalid protocol: 50 172.30.1.5:20000
[  375.718782][T11362] Memory cgroup stats for /syz3:
[  375.719171][T11362] cache 0
[  375.748788][T11362] rss 0
[  375.751554][T11362] shmem 0
[  375.754477][T11362] mapped_file 0
[  375.757920][T11362] dirty 0
[  375.760885][T11362] writeback 0
[  375.764151][T11362] workingset_refault_anon 722
[  375.768832][T11362] workingset_refault_file 5013
[  375.773606][T11362] swap 217088
[  375.776903][T11362] swapcached 8192
[  375.780596][T11362] pgpgin 394559
[  375.784045][T11362] pgpgout 394532
[  375.787577][T11362] pgfault 418638
[  375.791229][T11362] pgmajfault 435
[  375.794759][T11362] inactive_anon 0
[  375.798371][T11362] active_anon 8192
[  375.802200][T11362] inactive_file 0
[  375.805880][T11362] active_file 102400
[  375.809780][T11362] unevictable 0
[  375.813234][T11362] hierarchical_memory_limit 314572800
[  375.818610][T11362] hierarchical_memsw_limit 9223372036854771712
[  375.824781][T11362] total_cache 0
[  375.828262][T11362] total_rss 0
[  375.831566][T11362] total_shmem 0
[  375.835014][T11362] total_mapped_file 0
[  375.838982][T11362] total_dirty 0
[  375.842478][T11362] total_writeback 0
[  375.846282][T11362] total_workingset_refault_anon 722
[  375.851636][T11362] total_workingset_refault_file 5013
[  375.856961][T11362] total_swap 217088
[  375.860781][T11362] total_swapcached 8192
[  375.864920][T11362] total_pgpgin 394559
[  375.868878][T11362] total_pgpgout 394532
[  375.872955][T11362] total_pgfault 418638
[  375.877003][T11362] total_pgmajfault 435
[  375.881082][T11362] total_inactive_anon 0
[  375.885215][T11362] total_active_anon 8192
[  375.889438][T11362] total_inactive_file 0
[  375.893595][T11362] total_active_file 102400
[  375.897989][T11362] total_unevictable 0
[  375.901967][T11362] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.5786,pid=19181,uid=0
[  375.916728][T11362] Memory cgroup out of memory: Killed process 19181 (syz.3.5786) total-vm:96136kB, anon-rss:1268kB, file-rss:22512kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  376.089577][T11748] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  376.144499][   T29] kauditd_printk_skb: 427 callbacks suppressed
[  376.144567][   T29] audit: type=1326 audit(1760371528.508:30292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19214 comm="syz.2.5796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c2094eec9 code=0x7ffc0000
[  376.199912][   T29] audit: type=1326 audit(1760371528.538:30293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19214 comm="syz.2.5796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6c2094eec9 code=0x7ffc0000
[  376.223619][   T29] audit: type=1326 audit(1760371528.538:30294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19214 comm="syz.2.5796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c2094eec9 code=0x7ffc0000
[  376.247264][   T29] audit: type=1326 audit(1760371528.538:30295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19214 comm="syz.2.5796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6c2094eec9 code=0x7ffc0000
[  376.270871][   T29] audit: type=1326 audit(1760371528.538:30296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19214 comm="syz.2.5796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c2094eec9 code=0x7ffc0000
[  376.294590][   T29] audit: type=1326 audit(1760371528.538:30297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19214 comm="syz.2.5796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c2094eec9 code=0x7ffc0000
[  376.318183][   T29] audit: type=1326 audit(1760371528.538:30298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19214 comm="syz.2.5796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6c2094eec9 code=0x7ffc0000
[  376.341932][   T29] audit: type=1326 audit(1760371528.538:30299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19214 comm="syz.2.5796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c2094eec9 code=0x7ffc0000
[  376.365515][   T29] audit: type=1326 audit(1760371528.538:30300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19214 comm="syz.2.5796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c2094eec9 code=0x7ffc0000
[  376.389157][   T29] audit: type=1326 audit(1760371528.538:30301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19214 comm="syz.2.5796" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6c2094eec9 code=0x7ffc0000
[  376.681722][T19239] loop4: detected capacity change from 0 to 512
[  376.694188][ T7815] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  376.707258][T19239] EXT4-fs: Ignoring removed bh option
[  376.712859][T19241] loop3: detected capacity change from 0 to 1024
[  376.715123][ T7815] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  376.723897][T19241] EXT4-fs: Ignoring removed orlov option
[  376.733353][T19239] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  376.743405][ T7815] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  376.752528][ T7815] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  376.764525][T19243] netlink: 'syz.1.5807': attribute type 7 has an invalid length.
[  376.778452][T19239] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  376.786486][T19239] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=884ec128, mo2=0002]
[  376.794955][T19239] EXT4-fs (loop4): orphan cleanup on readonly fs
[  376.801487][T19239] EXT4-fs error (device loop4): ext4_quota_enable:7132: comm syz.4.5805: Bad quota inum: 4294967291, type: 0
[  376.820966][T19239] EXT4-fs (loop4): Remounting filesystem read-only
[  376.827817][T19239] EXT4-fs warning (device loop4): ext4_enable_quotas:7180: Failed to enable quota tracking (type=0, err=-117, ino=4294967291). Please run e2fsck to fix.
[  376.843280][T19239] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  376.850462][T19239] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  376.901735][T19255] __nla_validate_parse: 5 callbacks suppressed
[  376.901750][T19255] netlink: 36 bytes leftover after parsing attributes in process `syz.1.5811'.
[  376.918830][T19241] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  376.966615][T19239] xt_CT: You must specify a L4 protocol and not use inversions on it
[  376.978480][T11087] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  377.023201][T19264] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5815'.
[  377.040784][T19268] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5814'.
[  377.212194][T19284] netlink: 36 bytes leftover after parsing attributes in process `syz.1.5824'.
[  377.262727][T19286] loop1: detected capacity change from 0 to 4096
[  377.282769][T19286] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  377.312946][T13783] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  377.387992][T19296] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5829'.
[  377.418806][T19299] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5830'.
[  377.674674][T11362] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  377.723970][T19307] loop3: detected capacity change from 0 to 2048
[  377.767986][T19307] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  378.136730][T11362] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  378.183424][T11362] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  378.225061][T11362] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  378.289119][T19314] loop3: detected capacity change from 0 to 4096
[  378.485372][T19327] netlink: 32 bytes leftover after parsing attributes in process `syz.2.5838'.
[  378.510702][T19327] netlink: 32 bytes leftover after parsing attributes in process `syz.2.5838'.
[  378.531351][T19333] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5841'.
[  378.563539][T19336] loop1: detected capacity change from 0 to 1024
[  378.570446][T19336] EXT4-fs: Ignoring removed orlov option
[  378.625036][T19349] loop3: detected capacity change from 0 to 512
[  378.641386][T19349] ext4 filesystem being mounted at /527/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  378.733559][T19355] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  379.181070][T19361] netlink: 36 bytes leftover after parsing attributes in process `syz.4.5851'.
[  379.448575][T19375] batadv_slave_1: entered promiscuous mode
[  379.455986][T19375] batman_adv: batadv0: Adding interface: macsec1
[  379.462400][T19375] batman_adv: batadv0: The MTU of interface macsec1 is too small (1468) to handle the transport of batman-adv packets. If you experience problems getting traffic through try increasing the MTU to 1500.
[  379.482131][T19375] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  379.492777][T19375] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  379.503568][T19375] batman_adv: batadv0: Interface activated: macsec1
[  379.554267][T19382] loop4: detected capacity change from 0 to 2048
[  379.604177][T11087] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  379.651336][T19391] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  379.666082][T11087] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  379.725707][T19391] xt_hashlimit: max too large, truncated to 1048576
[  379.765566][T19400] loop2: detected capacity change from 0 to 512
[  379.804541][T19400] ext4 filesystem being mounted at /507/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  379.906160][T19409] loop4: detected capacity change from 0 to 4096
[  379.997916][T19417] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  380.130990][T19388] syz.0.5863 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  380.145347][T19388] CPU: 1 UID: 0 PID: 19388 Comm: syz.0.5863 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  380.145465][T19388] Tainted: [W]=WARN
[  380.145474][T19388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  380.145490][T19388] Call Trace:
[  380.145499][T19388]  <TASK>
[  380.145509][T19388]  __dump_stack+0x1d/0x30
[  380.145533][T19388]  dump_stack_lvl+0xe8/0x140
[  380.145557][T19388]  dump_stack+0x15/0x1b
[  380.145622][T19388]  dump_header+0x81/0x220
[  380.145656][T19388]  oom_kill_process+0x342/0x400
[  380.145690][T19388]  out_of_memory+0x979/0xb80
[  380.145795][T19388]  try_charge_memcg+0x610/0xa10
[  380.145874][T19388]  obj_cgroup_charge_pages+0xa6/0x150
[  380.145917][T19388]  __memcg_kmem_charge_page+0x9f/0x170
[  380.145958][T19388]  __alloc_frozen_pages_noprof+0x188/0x360
[  380.146016][T19388]  alloc_pages_mpol+0xb3/0x260
[  380.146035][T19388]  ? alloc_pages_noprof+0x61/0x130
[  380.146127][T19388]  alloc_pages_noprof+0x90/0x130
[  380.146147][T19388]  __vmalloc_node_range_noprof+0x7a5/0xed0
[  380.146271][T19388]  __kvmalloc_node_noprof+0x483/0x670
[  380.146307][T19388]  ? ip_set_alloc+0x24/0x30
[  380.146339][T19388]  ? ip_set_alloc+0x24/0x30
[  380.146370][T19388]  ? __kmalloc_cache_noprof+0x249/0x4a0
[  380.146439][T19388]  ip_set_alloc+0x24/0x30
[  380.146466][T19388]  hash_netiface_create+0x282/0x740
[  380.146500][T19388]  ? __pfx_hash_netiface_create+0x10/0x10
[  380.146530][T19388]  ip_set_create+0x3cc/0x970
[  380.146585][T19388]  ? __nla_parse+0x40/0x60
[  380.146608][T19388]  nfnetlink_rcv_msg+0x4c6/0x590
[  380.146712][T19388]  netlink_rcv_skb+0x123/0x220
[  380.146740][T19388]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  380.146820][T19388]  nfnetlink_rcv+0x167/0x16c0
[  380.146844][T19388]  ? kmem_cache_free+0xe4/0x3d0
[  380.146877][T19388]  ? __kfree_skb+0x109/0x150
[  380.146953][T19388]  ? nlmon_xmit+0x4f/0x60
[  380.146978][T19388]  ? consume_skb+0x49/0x150
[  380.147008][T19388]  ? nlmon_xmit+0x4f/0x60
[  380.147036][T19388]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  380.147124][T19388]  ? __dev_queue_xmit+0x1200/0x2000
[  380.147209][T19388]  ? __dev_queue_xmit+0x182/0x2000
[  380.147246][T19388]  ? ref_tracker_free+0x37d/0x3e0
[  380.147290][T19388]  ? __netlink_deliver_tap+0x4dc/0x500
[  380.147328][T19388]  netlink_unicast+0x5c0/0x690
[  380.147352][T19388]  netlink_sendmsg+0x58b/0x6b0
[  380.147371][T19388]  ? __pfx_netlink_sendmsg+0x10/0x10
[  380.147398][T19388]  __sock_sendmsg+0x145/0x180
[  380.147412][T19388]  ____sys_sendmsg+0x31e/0x4e0
[  380.147499][T19388]  ___sys_sendmsg+0x17b/0x1d0
[  380.147524][T19388]  __x64_sys_sendmsg+0xd4/0x160
[  380.147620][T19388]  x64_sys_call+0x191e/0x3000
[  380.147634][T19388]  do_syscall_64+0xd2/0x200
[  380.147667][T19388]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  380.147684][T19388]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  380.147737][T19388]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  380.147751][T19388] RIP: 0033:0x7f4f4782eec9
[  380.147762][T19388] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  380.147835][T19388] RSP: 002b:00007f4f4628f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  380.147848][T19388] RAX: ffffffffffffffda RBX: 00007f4f47a85fa0 RCX: 00007f4f4782eec9
[  380.147856][T19388] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000004
[  380.147864][T19388] RBP: 00007f4f478b1f91 R08: 0000000000000000 R09: 0000000000000000
[  380.147876][T19388] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  380.147884][T19388] R13: 00007f4f47a86038 R14: 00007f4f47a85fa0 R15: 00007ffdf7ba7d48
[  380.147895][T19388]  </TASK>
[  380.147899][T19388] memory: usage 307200kB, limit 307200kB, failcnt 2326
[  380.505513][T19388] memory+swap: usage 307392kB, limit 9007199254740988kB, failcnt 0
[  380.513405][T19388] kmem: usage 307184kB, limit 9007199254740988kB, failcnt 0
[  380.520760][T19388] Memory cgroup stats for /syz0:
[  380.521246][T19388] cache 0
[  380.529139][T19388] rss 0
[  380.531937][T19388] shmem 0
[  380.534862][T19388] mapped_file 0
[  380.538297][T19388] dirty 0
[  380.541230][T19388] writeback 0
[  380.544511][T19388] workingset_refault_anon 501
[  380.549187][T19388] workingset_refault_file 2402
[  380.554036][T19388] swap 196608
[  380.557318][T19388] swapcached 16384
[  380.561057][T19388] pgpgin 471595
[  380.561599][T19419] FAULT_INJECTION: forcing a failure.
[  380.561599][T19419] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  380.564563][T19388] pgpgout 471591
[  380.564577][T19388] pgfault 496248
[  380.564585][T19388] pgmajfault 317
[  380.577638][T19419] CPU: 1 UID: 0 PID: 19419 Comm: syz.1.5874 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  380.577674][T19419] Tainted: [W]=WARN
[  380.577682][T19419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  380.577697][T19419] Call Trace:
[  380.577705][T19419]  <TASK>
[  380.577751][T19419]  __dump_stack+0x1d/0x30
[  380.577774][T19419]  dump_stack_lvl+0xe8/0x140
[  380.577797][T19419]  dump_stack+0x15/0x1b
[  380.577815][T19419]  should_fail_ex+0x265/0x280
[  380.577873][T19419]  should_fail+0xb/0x20
[  380.577924][T19419]  should_fail_usercopy+0x1a/0x20
[  380.577962][T19419]  strncpy_from_user+0x25/0x230
[  380.577993][T19419]  ? kmem_cache_alloc_noprof+0x242/0x480
[  380.578024][T19419]  ? getname_flags+0x80/0x3b0
[  380.578086][T19419]  getname_flags+0xae/0x3b0
[  380.578118][T19419]  do_sys_openat2+0x60/0x110
[  380.578156][T19419]  __x64_sys_openat+0xf2/0x120
[  380.578238][T19419]  x64_sys_call+0x2eab/0x3000
[  380.578357][T19419]  do_syscall_64+0xd2/0x200
[  380.578385][T19419]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  380.578453][T19419]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  380.578561][T19419]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  380.578586][T19419] RIP: 0033:0x7fcd2ef3eec9
[  380.578603][T19419] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  380.578623][T19419] RSP: 002b:00007fcd2d9a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  380.578644][T19419] RAX: ffffffffffffffda RBX: 00007fcd2f195fa0 RCX: 00007fcd2ef3eec9
[  380.578659][T19419] RDX: 0000000000004000 RSI: 0000200000000340 RDI: ffffffffffffff9c
[  380.578673][T19419] RBP: 00007fcd2d9a7090 R08: 0000000000000000 R09: 0000000000000000
[  380.578701][T19419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  380.578716][T19419] R13: 00007fcd2f196038 R14: 00007fcd2f195fa0 R15: 00007ffc140a66b8
[  380.578736][T19419]  </TASK>
[  380.676350][T19425] netlink: 'syz.3.5877': attribute type 7 has an invalid length.
[  380.680450][T19388] inactive_anon 4096
[  380.680463][T19388] active_anon 12288
[  380.680471][T19388] inactive_file 0
[  380.680479][T19388] active_file 0
[  380.680487][T19388] unevictable 0
[  380.804287][T19388] hierarchical_memory_limit 314572800
[  380.809761][T19388] hierarchical_memsw_limit 9223372036854771712
[  380.815916][T19388] total_cache 0
[  380.819368][T19388] total_rss 0
[  380.822683][T19388] total_shmem 0
[  380.826122][T19388] total_mapped_file 0
[  380.830103][T19388] total_dirty 0
[  380.833577][T19388] total_writeback 0
[  380.837362][T19388] total_workingset_refault_anon 501
[  380.842902][T19388] total_workingset_refault_file 2402
[  380.848166][T19388] total_swap 196608
[  380.851962][T19388] total_swapcached 16384
[  380.856181][T19388] total_pgpgin 471595
[  380.860171][T19388] total_pgpgout 471591
[  380.864213][T19388] total_pgfault 496248
[  380.868258][T19388] total_pgmajfault 317
[  380.872330][T19388] total_inactive_anon 4096
[  380.876756][T19388] total_active_anon 12288
[  380.881135][T19388] total_inactive_file 0
[  380.885334][T19388] total_active_file 0
[  380.889291][T19388] total_unevictable 0
[  380.893346][T19388] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.5863,pid=19387,uid=0
[  380.908128][T19388] Memory cgroup out of memory: Killed process 19387 (syz.0.5863) total-vm:96064kB, anon-rss:1132kB, file-rss:22472kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  381.076453][T19438] loop3: detected capacity change from 0 to 4096
[  381.474336][T19451] loop1: detected capacity change from 0 to 2048
[  381.597069][T13783] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  381.660140][T13783] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  381.968643][   T29] kauditd_printk_skb: 352 callbacks suppressed
[  381.968680][   T29] audit: type=1326 audit(1760371534.318:30654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19460 comm="syz.4.5887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504888eec9 code=0x7ffc0000
[  381.998628][   T29] audit: type=1326 audit(1760371534.318:30655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19460 comm="syz.4.5887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f504888eec9 code=0x7ffc0000
[  382.022313][   T29] audit: type=1326 audit(1760371534.318:30656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19460 comm="syz.4.5887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504888eec9 code=0x7ffc0000
[  382.046078][   T29] audit: type=1326 audit(1760371534.318:30657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19460 comm="syz.4.5887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f504888eec9 code=0x7ffc0000
[  382.069746][   T29] audit: type=1326 audit(1760371534.318:30658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19460 comm="syz.4.5887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504888eec9 code=0x7ffc0000
[  382.093442][   T29] audit: type=1326 audit(1760371534.318:30659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19460 comm="syz.4.5887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f504888eec9 code=0x7ffc0000
[  382.117320][   T29] audit: type=1326 audit(1760371534.318:30660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19460 comm="syz.4.5887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504888eec9 code=0x7ffc0000
[  382.140896][   T29] audit: type=1326 audit(1760371534.318:30661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19460 comm="syz.4.5887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f504888eec9 code=0x7ffc0000
[  382.164529][   T29] audit: type=1326 audit(1760371534.318:30662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19460 comm="syz.4.5887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504888eec9 code=0x7ffc0000
[  382.188266][   T29] audit: type=1326 audit(1760371534.318:30663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19460 comm="syz.4.5887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7f504888eec9 code=0x7ffc0000
[  383.166477][T19488] __nla_validate_parse: 3 callbacks suppressed
[  383.166493][T19488] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5896'.
[  383.224980][T19490] xt_CT: You must specify a L4 protocol and not use inversions on it
[  383.243767][T19488] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5896'.
[  383.293411][T19496] 9pnet_fd: Insufficient options for proto=fd
[  383.310489][T19498] xt_CT: You must specify a L4 protocol and not use inversions on it
[  383.380176][T19504] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  383.406752][T19505] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5903'.
[  383.585339][T19506] 9pnet_fd: Insufficient options for proto=fd
[  383.841800][T19517] loop3: detected capacity change from 0 to 1024
[  383.852472][T19517] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  384.201877][T19517] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #11: comm syz.3.5906: iget: bogus i_mode (1)
[  384.234300][T19528] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5911'.
[  384.235430][T19517] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.5906: couldn't read orphan inode 11 (err -117)
[  384.314754][T19528] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5911'.
[  384.369383][T19513] syz.3.5906 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  384.380531][T19513] CPU: 1 UID: 0 PID: 19513 Comm: syz.3.5906 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  384.380565][T19513] Tainted: [W]=WARN
[  384.380572][T19513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  384.380585][T19513] Call Trace:
[  384.380591][T19513]  <TASK>
[  384.380600][T19513]  __dump_stack+0x1d/0x30
[  384.380624][T19513]  dump_stack_lvl+0xe8/0x140
[  384.380648][T19513]  dump_stack+0x15/0x1b
[  384.380730][T19513]  dump_header+0x81/0x220
[  384.380776][T19513]  oom_kill_process+0x342/0x400
[  384.380813][T19513]  out_of_memory+0x979/0xb80
[  384.380848][T19513]  try_charge_memcg+0x610/0xa10
[  384.380882][T19513]  charge_memcg+0x51/0xc0
[  384.380965][T19513]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  384.380995][T19513]  __read_swap_cache_async+0x17b/0x2d0
[  384.381078][T19513]  swap_cluster_readahead+0x262/0x3c0
[  384.381109][T19513]  swapin_readahead+0xde/0x6f0
[  384.381131][T19513]  ? mod_memcg_lruvec_state+0x1fc/0x2c0
[  384.381164][T19513]  ? __lruvec_stat_mod_folio+0xd6/0x120
[  384.381199][T19513]  ? __rcu_read_unlock+0x4f/0x70
[  384.381324][T19513]  ? swap_cache_get_folio+0x277/0x280
[  384.381364][T19513]  do_swap_page+0x2ae/0x2370
[  384.381387][T19513]  ? css_rstat_updated+0xb7/0x240
[  384.381426][T19513]  ? __pfx_default_wake_function+0x10/0x10
[  384.381530][T19513]  handle_mm_fault+0x9a5/0x2be0
[  384.381556][T19513]  ? vma_start_read+0x141/0x1f0
[  384.381596][T19513]  do_user_addr_fault+0x630/0x1080
[  384.381625][T19513]  ? fpregs_assert_state_consistent+0xb4/0xe0
[  384.381667][T19513]  exc_page_fault+0x62/0xa0
[  384.381687][T19513]  asm_exc_page_fault+0x26/0x30
[  384.381707][T19513] RIP: 0033:0x7f7db4e41ad8
[  384.381723][T19513] Code: c3 19 1b 00 48 8d 3d c4 19 1b 00 31 c0 e8 e0 d5 fe ff e8 0b 08 ff ff 48 89 c3 e9 39 79 fe ff 0f 1f 00 48 89 f8 40 84 f6 74 70 <48> 39 3d b1 44 38 00 0f 95 c2 0f 95 c1 45 31 c9 48 83 bf 88 00 00
[  384.381792][T19513] RSP: 002b:00007ffc095de7e8 EFLAGS: 00010202
[  384.381811][T19513] RAX: 00007f7db51c6090 RBX: 000000000005db08 RCX: 00007f7db4f6eec9
[  384.381827][T19513] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 00007f7db51c6090
[  384.381840][T19513] RBP: 0000000000000fd2 R08: 00007f7db51c5fa0 R09: 00000018095deb2f
[  384.381853][T19513] R10: 00007ffc095de930 R11: 0000000000000246 R12: 00007f7db51c6090
[  384.381866][T19513] R13: 00007f7db51c6090 R14: 000000000005eada R15: 00007ffc095de950
[  384.381885][T19513]  </TASK>
[  384.381891][T19513] memory: usage 307200kB, limit 307200kB, failcnt 8148
[  384.618107][T19513] memory+swap: usage 307400kB, limit 9007199254740988kB, failcnt 0
[  384.626081][T19513] kmem: usage 307080kB, limit 9007199254740988kB, failcnt 0
[  384.633429][T19513] Memory cgroup stats for /syz3:
[  384.633794][T19513] cache 0
[  384.642354][T19513] rss 4096
[  384.645403][T19513] shmem 0
[  384.648345][T19513] mapped_file 0
[  384.652327][T19513] dirty 0
[  384.655290][T19513] writeback 8192
[  384.658835][T19513] workingset_refault_anon 772
[  384.663607][T19513] workingset_refault_file 5336
[  384.668429][T19513] swap 204800
[  384.671749][T19513] swapcached 12288
[  384.675480][T19513] pgpgin 408304
[  384.678948][T19513] pgpgout 408274
[  384.682638][T19513] pgfault 432572
[  384.686334][T19513] pgmajfault 467
[  384.689903][T19513] inactive_anon 12288
[  384.693876][T19513] active_anon 0
[  384.697409][T19513] inactive_file 110592
[  384.701503][T19513] active_file 0
[  384.705000][T19513] unevictable 0
[  384.708544][T19513] hierarchical_memory_limit 314572800
[  384.714124][T19513] hierarchical_memsw_limit 9223372036854771712
[  384.720323][T19513] total_cache 0
[  384.723775][T19513] total_rss 4096
[  384.727391][T19513] total_shmem 0
[  384.730869][T19513] total_mapped_file 0
[  384.735045][T19513] total_dirty 0
[  384.738631][T19513] total_writeback 8192
[  384.742773][T19513] total_workingset_refault_anon 772
[  384.747964][T19513] total_workingset_refault_file 5336
[  384.753261][T19513] total_swap 204800
[  384.757058][T19513] total_swapcached 12288
[  384.761413][T19513] total_pgpgin 408304
[  384.765394][T19513] total_pgpgout 408274
[  384.769456][T19513] total_pgfault 432572
[  384.773629][T19513] total_pgmajfault 467
[  384.777777][T19513] total_inactive_anon 12288
[  384.782287][T19513] total_active_anon 0
[  384.786259][T19513] total_inactive_file 110592
[  384.790960][T19513] total_active_file 0
[  384.794955][T19513] total_unevictable 0
[  384.798957][T19513] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.5906,pid=19513,uid=0
[  384.813686][T19513] Memory cgroup out of memory: Killed process 19513 (syz.3.5906) total-vm:96004kB, anon-rss:1140kB, file-rss:22344kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  384.924271][T19549] netlink: 'syz.0.5919': attribute type 7 has an invalid length.
[  384.932340][T19549] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5919'.
[  384.989903][T19555] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  385.055112][T19561] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  385.105493][T19568] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  385.119060][T19568] xt_hashlimit: max too large, truncated to 1048576
[  385.217736][T19578] loop2: detected capacity change from 0 to 2048
[  385.255311][T11748] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  385.270340][T11748] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  385.279665][T19583] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[  385.286203][T19583] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  385.293824][T19583] vhci_hcd vhci_hcd.0: Device attached
[  385.299645][T19585] loop1: detected capacity change from 0 to 1024
[  385.336521][T19585] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  385.370234][T19583] new mount options do not match the existing superblock, will be ignored
[  385.380441][T19583] x_tables: unsorted entry at hook 2
[  385.393407][T19585] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #11: comm syz.1.5927: iget: bogus i_mode (1)
[  385.405167][T19585] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.5927: couldn't read orphan inode 11 (err -117)
[  385.466312][T19594] loop2: detected capacity change from 0 to 1024
[  385.474031][T19594] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  385.486012][T19594] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #11: comm syz.2.5932: iget: bogus i_mode (1)
[  385.497852][T19594] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.5932: couldn't read orphan inode 11 (err -117)
[  385.549562][    T9] usb 1-1: new high-speed USB device number 2 using vhci_hcd
[  385.588026][T19597] netlink: 'syz.4.5933': attribute type 7 has an invalid length.
[  385.595811][T19597] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5933'.
[  385.646347][T19601] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  385.764618][T19570] syz.1.5927 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  385.778747][T19570] CPU: 0 UID: 0 PID: 19570 Comm: syz.1.5927 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  385.778771][T19570] Tainted: [W]=WARN
[  385.778775][T19570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  385.778783][T19570] Call Trace:
[  385.778788][T19570]  <TASK>
[  385.778794][T19570]  __dump_stack+0x1d/0x30
[  385.778887][T19570]  dump_stack_lvl+0xe8/0x140
[  385.778911][T19570]  dump_stack+0x15/0x1b
[  385.778930][T19570]  dump_header+0x81/0x220
[  385.778956][T19570]  oom_kill_process+0x342/0x400
[  385.779018][T19570]  out_of_memory+0x979/0xb80
[  385.779041][T19570]  try_charge_memcg+0x610/0xa10
[  385.779060][T19570]  obj_cgroup_charge_pages+0xa6/0x150
[  385.779083][T19570]  __memcg_kmem_charge_page+0x9f/0x170
[  385.779106][T19570]  __alloc_frozen_pages_noprof+0x188/0x360
[  385.779129][T19570]  alloc_pages_mpol+0xb3/0x260
[  385.779148][T19570]  ? alloc_pages_noprof+0xf4/0x130
[  385.779161][T19570]  alloc_pages_noprof+0x90/0x130
[  385.779218][T19570]  __vmalloc_node_range_noprof+0x7a5/0xed0
[  385.779273][T19570]  __kvmalloc_node_noprof+0x483/0x670
[  385.779296][T19570]  ? ip_set_alloc+0x24/0x30
[  385.779313][T19570]  ? ip_set_alloc+0x24/0x30
[  385.779336][T19570]  ? __kmalloc_cache_noprof+0x249/0x4a0
[  385.779462][T19570]  ip_set_alloc+0x24/0x30
[  385.779477][T19570]  hash_netiface_create+0x282/0x740
[  385.779496][T19570]  ? __pfx_hash_netiface_create+0x10/0x10
[  385.779579][T19570]  ip_set_create+0x3cc/0x970
[  385.779606][T19570]  ? __nla_parse+0x40/0x60
[  385.779632][T19570]  nfnetlink_rcv_msg+0x4c6/0x590
[  385.779679][T19570]  netlink_rcv_skb+0x123/0x220
[  385.779720][T19570]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  385.779753][T19570]  nfnetlink_rcv+0x167/0x16c0
[  385.779779][T19570]  ? kmem_cache_free+0xe4/0x3d0
[  385.779822][T19570]  ? __kfree_skb+0x109/0x150
[  385.779838][T19570]  ? nlmon_xmit+0x4f/0x60
[  385.779859][T19570]  ? consume_skb+0x49/0x150
[  385.779874][T19570]  ? nlmon_xmit+0x4f/0x60
[  385.779888][T19570]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  385.779994][T19570]  ? __dev_queue_xmit+0x1200/0x2000
[  385.780020][T19570]  ? __dev_queue_xmit+0x182/0x2000
[  385.780090][T19570]  ? ref_tracker_free+0x37d/0x3e0
[  385.780171][T19570]  ? __netlink_deliver_tap+0x4dc/0x500
[  385.780196][T19570]  netlink_unicast+0x5c0/0x690
[  385.780299][T19570]  netlink_sendmsg+0x58b/0x6b0
[  385.780334][T19570]  ? __pfx_netlink_sendmsg+0x10/0x10
[  385.780352][T19570]  __sock_sendmsg+0x145/0x180
[  385.780365][T19570]  ____sys_sendmsg+0x31e/0x4e0
[  385.780434][T19570]  ___sys_sendmsg+0x17b/0x1d0
[  385.780467][T19570]  __x64_sys_sendmsg+0xd4/0x160
[  385.780511][T19570]  x64_sys_call+0x191e/0x3000
[  385.780612][T19570]  do_syscall_64+0xd2/0x200
[  385.780628][T19570]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  385.780643][T19570]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  385.780698][T19570] RIP: 0033:0x7fcd2ef3eec9
[  385.780709][T19570] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  385.780721][T19570] RSP: 002b:00007fcd2d9a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  385.780734][T19570] RAX: ffffffffffffffda RBX: 00007fcd2f195fa0 RCX: 00007fcd2ef3eec9
[  385.780805][T19570] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000004
[  385.780813][T19570] RBP: 00007fcd2efc1f91 R08: 0000000000000000 R09: 0000000000000000
[  385.780821][T19570] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  385.780829][T19570] R13: 00007fcd2f196038 R14: 00007fcd2f195fa0 R15: 00007ffc140a66b8
[  385.780841][T19570]  </TASK>
[  386.123329][T19570] memory: usage 307200kB, limit 307200kB, failcnt 1861
[  386.130205][T19570] memory+swap: usage 307296kB, limit 9007199254740988kB, failcnt 0
[  386.138108][T19570] kmem: usage 307032kB, limit 9007199254740988kB, failcnt 0
[  386.145413][T19570] Memory cgroup stats for /syz1:
[  386.146331][T19584] vhci_hcd: connection reset by peer
[  386.149708][T19570] cache 0
[  386.159698][T19570] rss 61440
[  386.162819][T19570] shmem 0
[  386.165748][T19570] mapped_file 0
[  386.166621][ T7815] vhci_hcd: stop threads
[  386.169200][T19570] dirty 0
[  386.169209][T19570] writeback 49152
[  386.169218][T19570] workingset_refault_anon 519
[  386.169258][T19570] workingset_refault_file 2000
[  386.169266][T19570] swap 106496
[  386.169273][T19570] swapcached 110592
[  386.169280][T19570] pgpgin 384337
[  386.169288][T19570] pgpgout 384297
[  386.169294][T19570] pgfault 419266
[  386.169302][T19570] pgmajfault 303
[  386.173581][ T7815] vhci_hcd: release socket
[  386.176497][T19570] inactive_anon 106496
[  386.176508][T19570] active_anon 12288
[  386.180249][ T7815] vhci_hcd: disconnect device
[  386.184873][T19570] inactive_file 45056
[  386.232719][T19570] active_file 0
[  386.236166][T19570] unevictable 0
[  386.239684][T19570] hierarchical_memory_limit 314572800
[  386.245058][T19570] hierarchical_memsw_limit 9223372036854771712
[  386.251240][T19570] total_cache 0
[  386.254696][T19570] total_rss 61440
[  386.258324][T19570] total_shmem 0
[  386.261805][T19570] total_mapped_file 0
[  386.265783][T19570] total_dirty 0
[  386.269322][T19570] total_writeback 49152
[  386.273571][T19570] total_workingset_refault_anon 519
[  386.278750][T19570] total_workingset_refault_file 2000
[  386.284034][T19570] total_swap 106496
[  386.287819][T19570] total_swapcached 110592
[  386.292149][T19570] total_pgpgin 384337
[  386.296136][T19570] total_pgpgout 384297
[  386.300310][T19570] total_pgfault 419266
[  386.304437][T19570] total_pgmajfault 303
[  386.308485][T19570] total_inactive_anon 106496
[  386.313137][T19570] total_active_anon 12288
[  386.317514][T19570] total_inactive_file 45056
[  386.322035][T19570] total_active_file 0
[  386.326100][T19570] total_unevictable 0
[  386.330112][T19570] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.5927,pid=19569,uid=0
[  386.344814][T19570] Memory cgroup out of memory: Killed process 19570 (syz.1.5927) total-vm:94088kB, anon-rss:1268kB, file-rss:22436kB, shmem-rss:0kB, UID:0 pgtables:120kB oom_score_adj:1000
[  386.431034][T19614] loop4: detected capacity change from 0 to 4096
[  386.513533][T19619] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  386.532975][T19619] xt_hashlimit: max too large, truncated to 1048576
[  386.572875][T19624] loop2: detected capacity change from 0 to 512
[  386.580294][T19624] EXT4-fs: Ignoring removed bh option
[  386.590856][T19625] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  386.590969][T19624] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  386.630087][T19624] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  386.638123][T19624] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=884ec128, mo2=0002]
[  386.646402][T19624] EXT4-fs (loop2): orphan cleanup on readonly fs
[  386.652784][T19624] EXT4-fs error (device loop2): ext4_quota_enable:7132: comm syz.2.5942: Bad quota inum: 4294967291, type: 0
[  386.673590][T19624] EXT4-fs (loop2): Remounting filesystem read-only
[  386.680236][T19624] EXT4-fs warning (device loop2): ext4_enable_quotas:7180: Failed to enable quota tracking (type=0, err=-117, ino=4294967291). Please run e2fsck to fix.
[  386.689155][T19630] netlink: 'syz.0.5944': attribute type 7 has an invalid length.
[  386.695667][T19624] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  386.696729][T19624] EXT4-fs mount: 25 callbacks suppressed
[  386.696744][T19624] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  386.703421][T19630] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5944'.
[  386.716581][T19624] xt_CT: You must specify a L4 protocol and not use inversions on it
[  386.729487][T11087] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  386.754738][T11748] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  386.780513][T19635] loop2: detected capacity change from 0 to 2048
[  386.801449][T19635] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  386.817597][T19637] loop4: detected capacity change from 0 to 4096
[  386.826255][T19637] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  386.850919][T11748] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  386.865988][T11748] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  386.877971][T11748] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  386.915499][T19644] loop2: detected capacity change from 0 to 4096
[  386.924468][T19644] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  387.050250][T11087] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  387.181255][T11748] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  387.231287][T19649] chnl_net:caif_netlink_parms(): no params data found
[  387.267346][T19649] bridge0: port 1(bridge_slave_0) entered blocking state
[  387.274481][T19649] bridge0: port 1(bridge_slave_0) entered disabled state
[  387.281642][T19649] bridge_slave_0: entered allmulticast mode
[  387.288001][T19649] bridge_slave_0: entered promiscuous mode
[  387.294802][T19649] bridge0: port 2(bridge_slave_1) entered blocking state
[  387.301871][T19649] bridge0: port 2(bridge_slave_1) entered disabled state
[  387.309176][T19649] bridge_slave_1: entered allmulticast mode
[  387.315682][T19649] bridge_slave_1: entered promiscuous mode
[  387.332517][T19649] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  387.342887][T19649] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  387.373910][T19649] team0: Port device team_slave_0 added
[  387.383341][ T7788] bridge_slave_1: left allmulticast mode
[  387.383361][ T7788] bridge_slave_1: left promiscuous mode
[  387.383538][ T7788] bridge0: port 2(bridge_slave_1) entered disabled state
[  387.384168][ T7788] bridge_slave_0: left allmulticast mode
[  387.384184][ T7788] bridge_slave_0: left promiscuous mode
[  387.384374][ T7788] bridge0: port 1(bridge_slave_0) entered disabled state
[  387.689805][   T29] kauditd_printk_skb: 556 callbacks suppressed
[  387.689820][   T29] audit: type=1326 audit(1760371540.058:31220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19677 comm="syz.0.5954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f4782eec9 code=0x7ffc0000
[  387.690042][   T29] audit: type=1326 audit(1760371540.058:31221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19677 comm="syz.0.5954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4f4782eec9 code=0x7ffc0000
[  387.690164][   T29] audit: type=1326 audit(1760371540.058:31222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19677 comm="syz.0.5954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f4782eec9 code=0x7ffc0000
[  387.690325][   T29] audit: type=1326 audit(1760371540.058:31223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19677 comm="syz.0.5954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4f4782eec9 code=0x7ffc0000
[  387.792475][   T29] audit: type=1326 audit(1760371540.058:31224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19677 comm="syz.0.5954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f4782eec9 code=0x7ffc0000
[  387.792513][   T29] audit: type=1326 audit(1760371540.058:31225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19677 comm="syz.0.5954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f4782eec9 code=0x7ffc0000
[  387.792547][   T29] audit: type=1326 audit(1760371540.058:31226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19677 comm="syz.0.5954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4f4782eec9 code=0x7ffc0000
[  387.792580][   T29] audit: type=1326 audit(1760371540.058:31227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19677 comm="syz.0.5954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f4782eec9 code=0x7ffc0000
[  387.792632][   T29] audit: type=1326 audit(1760371540.058:31228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19677 comm="syz.0.5954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4f4782eec9 code=0x7ffc0000
[  387.817034][   T29] audit: type=1326 audit(1760371540.178:31229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19677 comm="syz.0.5954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f4782eec9 code=0x7ffc0000
[  388.321478][ T7788] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  388.330605][ T7788] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  388.339684][ T7788] bond0 (unregistering): Released all slaves
[  388.347947][ T7788] bond1 (unregistering): Released all slaves
[  388.356657][T19649] team0: Port device team_slave_1 added
[  388.362573][T19669] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5951'.
[  388.422226][ T7788] hsr_slave_0: left promiscuous mode
[  388.422820][ T7788] hsr_slave_1: left promiscuous mode
[  388.423128][ T7788] batman_adv: batadv0: Removing interface: batadv_slave_0
[  388.423405][ T7788] batman_adv: batadv0: Removing interface: batadv_slave_1
[  388.495075][ T7788] team0 (unregistering): Port device team_slave_1 removed
[  388.498109][T19691] loop3: detected capacity change from 0 to 1024
[  388.516234][ T7788] team0 (unregistering): Port device team_slave_0 removed
[  388.516445][T19691] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  388.559363][ T7788] team0 (unregistering): Port device dummy0 removed
[  388.573433][T19649] batman_adv: batadv0: Adding interface: batadv_slave_0
[  388.573448][T19649] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  388.573476][T19649] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  388.573602][T19692] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5958'.
[  388.575317][T19649] batman_adv: batadv0: Adding interface: batadv_slave_1
[  388.575329][T19649] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  388.575394][T19649] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  388.619122][T19691] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #11: comm syz.3.5959: iget: bogus i_mode (1)
[  388.619286][T19691] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.5959: couldn't read orphan inode 11 (err -117)
[  388.619864][T19691] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  388.620500][T19691] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  388.671325][T19649] hsr_slave_0: entered promiscuous mode
[  388.671997][T19649] hsr_slave_1: entered promiscuous mode
[  388.672542][T19649] debugfs: 'hsr0' already exists in 'hsr'
[  388.672554][T19649] Cannot create hsr debugfs directory
[  389.099930][T19649] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  389.102863][T19649] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  389.125447][T19649] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  389.130797][T19687] syz.3.5959 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  389.143165][T19687] CPU: 0 UID: 0 PID: 19687 Comm: syz.3.5959 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  389.143215][T19687] Tainted: [W]=WARN
[  389.143223][T19687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  389.143240][T19687] Call Trace:
[  389.143248][T19687]  <TASK>
[  389.143257][T19687]  __dump_stack+0x1d/0x30
[  389.143297][T19687]  dump_stack_lvl+0xe8/0x140
[  389.143316][T19687]  dump_stack+0x15/0x1b
[  389.143333][T19687]  dump_header+0x81/0x220
[  389.143369][T19687]  oom_kill_process+0x342/0x400
[  389.143406][T19687]  out_of_memory+0x979/0xb80
[  389.143497][T19687]  try_charge_memcg+0x610/0xa10
[  389.143576][T19687]  charge_memcg+0x51/0xc0
[  389.143600][T19687]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  389.143629][T19687]  __read_swap_cache_async+0x17b/0x2d0
[  389.143723][T19687]  swap_cluster_readahead+0x262/0x3c0
[  389.143792][T19687]  swapin_readahead+0xde/0x6f0
[  389.143814][T19687]  ? mod_memcg_lruvec_state+0x1fc/0x2c0
[  389.143849][T19687]  ? __lruvec_stat_mod_folio+0xd6/0x120
[  389.143891][T19687]  ? __rcu_read_unlock+0x4f/0x70
[  389.143953][T19687]  ? swap_cache_get_folio+0x277/0x280
[  389.143997][T19687]  do_swap_page+0x2ae/0x2370
[  389.144021][T19687]  ? css_rstat_updated+0xb7/0x240
[  389.144061][T19687]  ? __pfx_default_wake_function+0x10/0x10
[  389.144100][T19687]  handle_mm_fault+0x9a5/0x2be0
[  389.144125][T19687]  ? vma_start_read+0x141/0x1f0
[  389.144160][T19687]  do_user_addr_fault+0x630/0x1080
[  389.144184][T19687]  ? fpregs_assert_state_consistent+0xb4/0xe0
[  389.144235][T19687]  exc_page_fault+0x62/0xa0
[  389.144259][T19687]  asm_exc_page_fault+0x26/0x30
[  389.144284][T19687] RIP: 0033:0x7f7db4e457a8
[  389.144303][T19687] Code: 48 f7 f1 48 01 d8 49 39 c4 4c 0f 42 e0 83 3d 1a 26 38 00 00 0f 8e 09 fe ff ff e8 13 9d fe ff 49 39 c4 72 66 66 0f 1f 44 00 00 <69> 3d e6 fe ea 00 e8 03 00 00 48 8d 1d e7 07 38 00 e8 62 96 12 00
[  389.144323][T19687] RSP: 002b:00007ffc095de840 EFLAGS: 00010212
[  389.144346][T19687] RAX: 000000000005efae RBX: 00007f7db51c7da0 RCX: 000000000005ef88
[  389.144360][T19687] RDX: 0000000000000026 RSI: 00007ffc095de820 RDI: 0000000000000001
[  389.144373][T19687] RBP: 00007f7db51c7da0 R08: 000000000249ae98 R09: 7fffffffffffffff
[  389.144386][T19687] R10: 3fffffffffffffff R11: 0000000000000293 R12: 000000000005f05b
[  389.144401][T19687] R13: 00007f7db51c6090 R14: ffffffffffffffff R15: 00007ffc095de950
[  389.144483][T19687]  </TASK>
[  389.144489][T19687] memory: usage 307200kB, limit 307200kB, failcnt 8290
[  389.144505][T19687] memory+swap: usage 307408kB, limit 9007199254740988kB, failcnt 0
[  389.144520][T19687] kmem: usage 307088kB, limit 9007199254740988kB, failcnt 0
[  389.144535][T19687] Memory cgroup stats for /syz3:
[  389.159964][T19649] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  389.161796][T19687] cache 0
[  389.412509][T19687] rss 0
[  389.412520][T19687] shmem 0
[  389.418213][T19687] mapped_file 0
[  389.418223][T19687] dirty 0
[  389.418231][T19687] writeback 4096
[  389.428208][T19687] workingset_refault_anon 829
[  389.428221][T19687] workingset_refault_file 5337
[  389.428228][T19687] swap 212992
[  389.428237][T19687] swapcached 4096
[  389.444566][T19687] pgpgin 408805
[  389.444578][T19687] pgpgout 408777
[  389.444585][T19687] pgfault 433587
[  389.444593][T19687] pgmajfault 510
[  389.458638][T19687] inactive_anon 4096
[  389.462546][T19687] active_anon 0
[  389.466004][T19687] inactive_file 12288
[  389.470009][T19687] active_file 98304
[  389.473807][T19687] unevictable 0
[  389.477257][T19687] hierarchical_memory_limit 314572800
[  389.482656][T19687] hierarchical_memsw_limit 9223372036854771712
[  389.488808][T19687] total_cache 0
[  389.492295][T19687] total_rss 0
[  389.495578][T19687] total_shmem 0
[  389.499026][T19687] total_mapped_file 0
[  389.503023][T19687] total_dirty 0
[  389.506481][T19687] total_writeback 4096
[  389.510623][T19687] total_workingset_refault_anon 829
[  389.515813][T19687] total_workingset_refault_file 5337
[  389.520195][T19709] loop2: detected capacity change from 0 to 4096
[  389.521104][T19687] total_swap 212992
[  389.531237][T19687] total_swapcached 4096
[  389.532909][T19709] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  389.535381][T19687] total_pgpgin 408805
[  389.535392][T19687] total_pgpgout 408777
[  389.535400][T19687] total_pgfault 433587
[  389.560634][T19687] total_pgmajfault 510
[  389.564789][T19687] total_inactive_anon 4096
[  389.569197][T19687] total_active_anon 0
[  389.573246][T19687] total_inactive_file 12288
[  389.577742][T19687] total_active_file 98304
[  389.582086][T19687] total_unevictable 0
[  389.586071][T19687] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.5959,pid=19687,uid=0
[  389.600799][T19687] Memory cgroup out of memory: Killed process 19687 (syz.3.5959) total-vm:96004kB, anon-rss:1260kB, file-rss:22344kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  389.665555][T19649] 8021q: adding VLAN 0 to HW filter on device bond0
[  389.684938][T19649] 8021q: adding VLAN 0 to HW filter on device team0
[  389.694919][ T7776] bridge0: port 1(bridge_slave_0) entered blocking state
[  389.702009][ T7776] bridge0: port 1(bridge_slave_0) entered forwarding state
[  389.730663][ T7776] bridge0: port 2(bridge_slave_1) entered blocking state
[  389.737754][ T7776] bridge0: port 2(bridge_slave_1) entered forwarding state
[  389.763776][T19649] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  389.774025][T11748] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  389.823121][T19649] 8021q: adding VLAN 0 to HW filter on device batadv0
[  389.830763][T19723] loop2: detected capacity change from 0 to 2048
[  389.842933][T19723] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  389.898596][T11748] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  389.924108][T11748] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  389.954173][T11748] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  389.986651][T19649] veth0_vlan: entered promiscuous mode
[  390.000931][T19649] veth1_vlan: entered promiscuous mode
[  390.027854][T19649] veth0_macvtap: entered promiscuous mode
[  390.042193][T19649] veth1_macvtap: entered promiscuous mode
[  390.063957][T19649] batman_adv: batadv0: Interface activated: batadv_slave_0
[  390.086773][T19649] batman_adv: batadv0: Interface activated: batadv_slave_1
[  390.110133][ T7786] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  390.123974][ T7786] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  390.143580][T19748] loop2: detected capacity change from 0 to 1024
[  390.162156][ T7786] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  390.178279][ T7786] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  390.196392][T19748] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  390.225892][T19748] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #11: comm syz.2.5968: iget: bogus i_mode (1)
[  390.237688][T19748] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.5968: couldn't read orphan inode 11 (err -117)
[  390.250954][T19748] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  390.270313][T19748] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  390.347310][T19765] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  390.414104][T19766] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5973'.
[  390.669942][    T9] vhci_hcd: vhci_device speed not set
[  390.914768][T11748] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  390.914806][T11748] CPU: 1 UID: 0 PID: 11748 Comm: syz-executor Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  390.914948][T11748] Tainted: [W]=WARN
[  390.914955][T11748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  390.914972][T11748] Call Trace:
[  390.914979][T11748]  <TASK>
[  390.914996][T11748]  __dump_stack+0x1d/0x30
[  390.915021][T11748]  dump_stack_lvl+0xe8/0x140
[  390.915082][T11748]  dump_stack+0x15/0x1b
[  390.915100][T11748]  dump_header+0x81/0x220
[  390.915138][T11748]  oom_kill_process+0x342/0x400
[  390.915254][T11748]  out_of_memory+0x979/0xb80
[  390.915289][T11748]  try_charge_memcg+0x610/0xa10
[  390.915324][T11748]  charge_memcg+0x51/0xc0
[  390.915349][T11748]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  390.915409][T11748]  __read_swap_cache_async+0x17b/0x2d0
[  390.915513][T11748]  swap_cluster_readahead+0x262/0x3c0
[  390.915614][T11748]  swapin_readahead+0xde/0x6f0
[  390.915638][T11748]  ? next_uptodate_folio+0x81c/0x890
[  390.915677][T11748]  ? percpu_counter_add_batch+0xb6/0x130
[  390.915759][T11748]  ? __rcu_read_unlock+0x4f/0x70
[  390.915812][T11748]  ? swap_cache_get_folio+0x277/0x280
[  390.915847][T11748]  do_swap_page+0x2ae/0x2370
[  390.915926][T11748]  ? fput+0x8f/0xc0
[  390.915962][T11748]  ? css_rstat_updated+0xb7/0x240
[  390.916131][T11748]  ? __pfx_default_wake_function+0x10/0x10
[  390.916163][T11748]  handle_mm_fault+0x9a5/0x2be0
[  390.916269][T11748]  ? vma_start_read+0x141/0x1f0
[  390.916334][T11748]  do_user_addr_fault+0x630/0x1080
[  390.916361][T11748]  exc_page_fault+0x62/0xa0
[  390.916385][T11748]  asm_exc_page_fault+0x26/0x30
[  390.916408][T11748] RIP: 0033:0x7f6c20825db7
[  390.916424][T11748] Code: 00 00 48 b8 db 34 b6 d7 82 de 1b 43 48 f7 a4 24 98 00 00 00 48 8b 05 e8 f9 ea 00 48 69 8c 24 90 00 00 00 e8 03 00 00 8b 78 08 <48> 8b 44 24 18 48 c1 ea 12 4c 8b 0d f9 f8 ea 00 48 01 d1 39 7c 24
[  390.916504][T11748] RSP: 002b:00007fffeeaad320 EFLAGS: 00010202
[  390.916521][T11748] RAX: 0000001b32e24000 RBX: 0000000000000529 RCX: 000000000005f370
[  390.916536][T11748] RDX: 000000000cc58a5d RSI: 00007fffeeaad3b0 RDI: 0000000000000019
[  390.916623][T11748] RBP: 00007fffeeaad35c R08: 0000000030b84ea1 R09: 7fffffffffffffff
[  390.916637][T11748] R10: 3fffffffffffffff R11: 0000000000000202 R12: 0000000000001388
[  390.916652][T11748] R13: 00000000000927c0 R14: 000000000005f48b R15: 00007fffeeaad3b0
[  390.916672][T11748]  </TASK>
[  390.916680][T11748] memory: usage 307200kB, limit 307200kB, failcnt 3503
[  391.029560][T19773] loop3: detected capacity change from 0 to 1024
[  391.032152][T11748] memory+swap: usage 307416kB, limit 9007199254740988kB, failcnt 0
[  391.038738][T19773] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  391.042109][T11748] kmem: usage 307128kB, limit 9007199254740988kB, failcnt 0
[  391.042125][T11748] Memory cgroup stats for /syz2:
[  391.043509][T11748] cache 0
[  391.049346][T19773] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #11: comm syz.3.5975: iget: bogus i_mode (1)
[  391.051009][T11748] rss 0
[  391.056865][T19773] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.5975: couldn't read orphan inode 11 (err -117)
[  391.061636][T11748] shmem 0
[  391.067092][T19773] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  391.071574][T11748] mapped_file 0
[  391.071584][T11748] dirty 0
[  391.071591][T11748] writeback 0
[  391.071598][T11748] workingset_refault_anon 682
[  391.071606][T11748] workingset_refault_file 3872
[  391.071614][T11748] swap 221184
[  391.071621][T11748] swapcached 4096
[  391.071628][T11748] pgpgin 444942
[  391.071634][T11748] pgpgout 444924
[  391.071642][T11748] pgfault 418833
[  391.071649][T11748] pgmajfault 499
[  391.077080][T19773] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  391.080999][T11748] inactive_anon 4096
[  391.293997][T19782] loop4: detected capacity change from 0 to 128
[  391.295229][T11748] active_anon 0
[  391.304916][T11748] inactive_file 69632
[  391.304927][T11748] active_file 0
[  391.304934][T11748] unevictable 0
[  391.304942][T11748] hierarchical_memory_limit 314572800
[  391.304973][T11748] hierarchical_memsw_limit 9223372036854771712
[  391.304983][T11748] total_cache 0
[  391.309554][T19782] syz.4.5977: attempt to access beyond end of device
[  391.309554][T19782] loop4: rw=2049, sector=138, nr_sectors = 8 limit=128
[  391.312408][T11748] total_rss 0
[  391.312419][T11748] total_shmem 0
[  391.316323][T19782] syz.4.5977: attempt to access beyond end of device
[  391.316323][T19782] loop4: rw=2049, sector=146, nr_sectors = 6 limit=128
[  391.321242][T11748] total_mapped_file 0
[  391.321252][T11748] total_dirty 0
[  391.321260][T11748] total_writeback 0
[  391.321269][T11748] total_workingset_refault_anon 682
[  391.321278][T11748] total_workingset_refault_file 3872
[  391.321313][T11748] total_swap 221184
[  391.332774][T19782] syz.4.5977: attempt to access beyond end of device
[  391.332774][T19782] loop4: rw=2049, sector=150, nr_sectors = 2 limit=128
[  391.344325][T11748] total_swapcached 4096
[  391.347563][T19782] Buffer I/O error on dev loop4, logical block 75, lost async page write
[  391.351128][T11748] total_pgpgin 444942
[  391.365658][T19782] syz.4.5977: attempt to access beyond end of device
[  391.365658][T19782] loop4: rw=2049, sector=152, nr_sectors = 2 limit=128
[  391.368341][T11748] total_pgpgout 444924
[  391.368351][T11748] total_pgfault 418833
[  391.368360][T11748] total_pgmajfault 499
[  391.371870][T19782] Buffer I/O error on dev loop4, logical block 76, lost async page write
[  391.375652][T11748] total_inactive_anon 4096
[  391.375661][T11748] total_active_anon 0
[  391.375673][T11748] total_inactive_file 69632
[  391.375682][T11748] total_active_file 0
[  391.375691][T11748] total_unevictable 0
[  391.381557][T19782] syz.4.5977: attempt to access beyond end of device
[  391.381557][T19782] loop4: rw=2049, sector=170, nr_sectors = 6 limit=128
[  391.386135][T11748] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0
[  391.390409][T19782] syz.4.5977: attempt to access beyond end of device
[  391.390409][T19782] loop4: rw=2049, sector=174, nr_sectors = 2 limit=128
[  391.403329][T11748] ,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.5968,pid=19746,uid=0
[  391.407488][T19782] Buffer I/O error on dev loop4, logical block 87, lost async page write
[  391.415919][T11748] Memory cgroup out of memory: Killed process 19746 (syz.2.5968) total-vm:94088kB, anon-rss:1268kB, file-rss:22276kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  391.544637][T19782] syz.4.5977: attempt to access beyond end of device
[  391.544637][T19782] loop4: rw=2049, sector=176, nr_sectors = 2 limit=128
[  391.544665][T19782] Buffer I/O error on dev loop4, logical block 88, lost async page write
[  391.544931][T19782] syz.4.5977: attempt to access beyond end of device
[  391.544931][T19782] loop4: rw=2049, sector=178, nr_sectors = 6 limit=128
[  391.545286][T19782] syz.4.5977: attempt to access beyond end of device
[  391.545286][T19782] loop4: rw=2049, sector=182, nr_sectors = 2 limit=128
[  391.593974][T19782] Buffer I/O error on dev loop4, logical block 91, lost async page write
[  391.594504][T19782] syz.4.5977: attempt to access beyond end of device
[  391.594504][T19782] loop4: rw=2049, sector=184, nr_sectors = 2 limit=128
[  391.616030][T19782] Buffer I/O error on dev loop4, logical block 92, lost async page write
[  391.650667][T19782] Buffer I/O error on dev loop4, logical block 103, lost async page write
[  391.659291][T19782] Buffer I/O error on dev loop4, logical block 104, lost async page write
[  391.692998][T19782] Buffer I/O error on dev loop4, logical block 107, lost async page write
[  391.719767][T19782] Buffer I/O error on dev loop4, logical block 108, lost async page write
[  391.813346][T19798] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5984'.
[  391.835029][T19800] netlink: 'syz.1.5985': attribute type 7 has an invalid length.
[  391.842816][T19800] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5985'.
[  392.021058][T19814] loop3: detected capacity change from 0 to 4096
[  392.029438][T19814] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  392.055363][T11362] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  392.089843][T19820] loop3: detected capacity change from 0 to 4096
[  392.099710][T19820] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  392.159125][T19827] loop4: detected capacity change from 0 to 2048
[  392.170946][T19827] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  392.208750][T19649] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  392.223889][T19649] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  392.236060][T19649] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  392.300234][T11362] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  392.342508][T19834] loop3: detected capacity change from 0 to 4096
[  392.368513][T19834] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  392.476698][T19839] FAULT_INJECTION: forcing a failure.
[  392.476698][T19839] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  392.489840][T19839] CPU: 0 UID: 0 PID: 19839 Comm: syz.4.5998 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  392.489886][T19839] Tainted: [W]=WARN
[  392.489894][T19839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  392.489918][T19839] Call Trace:
[  392.489925][T19839]  <TASK>
[  392.490014][T19839]  __dump_stack+0x1d/0x30
[  392.490038][T19839]  dump_stack_lvl+0xe8/0x140
[  392.490057][T19839]  dump_stack+0x15/0x1b
[  392.490073][T19839]  should_fail_ex+0x265/0x280
[  392.490148][T19839]  should_fail+0xb/0x20
[  392.490182][T19839]  should_fail_usercopy+0x1a/0x20
[  392.490207][T19839]  _copy_from_user+0x1c/0xb0
[  392.490234][T19839]  memdup_user+0x5e/0xd0
[  392.490305][T19839]  strndup_user+0x68/0xb0
[  392.490375][T19839]  __se_sys_mount+0x4d/0x2e0
[  392.490411][T19839]  ? fput+0x8f/0xc0
[  392.490443][T19839]  ? ksys_write+0x192/0x1a0
[  392.490467][T19839]  __x64_sys_mount+0x67/0x80
[  392.490542][T19839]  x64_sys_call+0x2b51/0x3000
[  392.490566][T19839]  do_syscall_64+0xd2/0x200
[  392.490594][T19839]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  392.490666][T19839]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  392.490689][T19839]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  392.490712][T19839] RIP: 0033:0x7f8b7692eec9
[  392.490727][T19839] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  392.490827][T19839] RSP: 002b:00007f8b75397038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  392.490856][T19839] RAX: ffffffffffffffda RBX: 00007f8b76b85fa0 RCX: 00007f8b7692eec9
[  392.490869][T19839] RDX: 0000200000000280 RSI: 0000200000000300 RDI: 0000000000000000
[  392.490882][T19839] RBP: 00007f8b75397090 R08: 0000200000000600 R09: 0000000000000000
[  392.490895][T19839] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  392.490908][T19839] R13: 00007f8b76b86038 R14: 00007f8b76b85fa0 R15: 00007ffd44a8c838
[  392.490926][T19839]  </TASK>
[  392.722287][   T29] kauditd_printk_skb: 272 callbacks suppressed
[  392.722303][   T29] audit: type=1326 audit(1760371545.088:31502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19842 comm="syz.1.6000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd2ef3eec9 code=0x7ffc0000
[  392.750179][T19845] loop4: detected capacity change from 0 to 2048
[  392.752126][   T29] audit: type=1326 audit(1760371545.088:31503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19842 comm="syz.1.6000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7fcd2ef3eec9 code=0x7ffc0000
[  392.782010][   T29] audit: type=1326 audit(1760371545.088:31504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19842 comm="syz.1.6000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd2ef3eec9 code=0x7ffc0000
[  392.805661][   T29] audit: type=1326 audit(1760371545.088:31505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19842 comm="syz.1.6000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fcd2ef3eec9 code=0x7ffc0000
[  392.829373][   T29] audit: type=1326 audit(1760371545.088:31506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19842 comm="syz.1.6000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd2ef3eec9 code=0x7ffc0000
[  392.853006][   T29] audit: type=1326 audit(1760371545.088:31507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19842 comm="syz.1.6000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fcd2ef3eec9 code=0x7ffc0000
[  392.876566][   T29] audit: type=1326 audit(1760371545.088:31508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19842 comm="syz.1.6000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd2ef3eec9 code=0x7ffc0000
[  392.900143][   T29] audit: type=1326 audit(1760371545.088:31509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19842 comm="syz.1.6000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcd2ef3eec9 code=0x7ffc0000
[  392.923732][   T29] audit: type=1326 audit(1760371545.088:31510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19842 comm="syz.1.6000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd2ef3eec9 code=0x7ffc0000
[  392.947301][   T29] audit: type=1326 audit(1760371545.088:31511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19842 comm="syz.1.6000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fcd2ef3eec9 code=0x7ffc0000
[  392.971755][T11362] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  392.986007][T19845] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  393.070103][T19649] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  393.091422][T19848] loop2: detected capacity change from 0 to 1024
[  393.108194][T19848] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  393.126280][T19848] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #11: comm syz.2.6001: iget: bogus i_mode (1)
[  393.137787][T19848] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.6001: couldn't read orphan inode 11 (err -117)
[  393.151540][T19848] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  393.178831][T19848] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  393.242453][T19871] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  393.347606][T19871] xt_hashlimit: max too large, truncated to 1048576
[  393.413686][T19877] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6012'.
[  393.472889][T19877] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6012'.
[  393.486325][T19877] team0: Port device team_slave_0 removed
[  393.519640][T19847] ==================================================================
[  393.527738][T19847] BUG: KCSAN: data-race in mem_cgroup_flush_stats_ratelimited / tick_do_update_jiffies64
[  393.537559][T19847] 
[  393.539876][T19847] read-write to 0xffffffff868099c0 of 8 bytes by interrupt on cpu 1:
[  393.547925][T19847]  tick_do_update_jiffies64+0x113/0x1c0
[  393.553471][T19847]  tick_nohz_handler+0x7f/0x2d0
[  393.558336][T19847]  __hrtimer_run_queues+0x20f/0x5a0
[  393.563548][T19847]  hrtimer_interrupt+0x21a/0x460
[  393.568488][T19847]  __sysvec_apic_timer_interrupt+0x5f/0x1d0
[  393.574396][T19847]  sysvec_apic_timer_interrupt+0x6f/0x80
[  393.580049][T19847]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  393.586023][T19847]  refill_obj_stock+0x202/0x2e0
[  393.590923][T19847]  __memcg_slab_free_hook+0x1b3/0x230
[  393.596326][T19847]  kmem_cache_free+0x286/0x3d0
[  393.601099][T19847]  __dentry_kill+0x3d1/0x4b0
[  393.605691][T19847]  dput+0x5e/0xd0
[  393.609329][T19847]  __fput+0x444/0x650
[  393.613324][T19847]  ____fput+0x1c/0x30
[  393.617309][T19847]  task_work_run+0x131/0x1a0
[  393.621916][T19847]  exit_to_user_mode_loop+0xed/0x110
[  393.627196][T19847]  do_syscall_64+0x1d6/0x200
[  393.631785][T19847]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  393.637683][T19847] 
[  393.639998][T19847] read to 0xffffffff868099c0 of 8 bytes by task 19847 on cpu 0:
[  393.647615][T19847]  mem_cgroup_flush_stats_ratelimited+0x29/0x70
[  393.653858][T19847]  count_shadow_nodes+0x6a/0x230
[  393.658786][T19847]  do_shrink_slab+0x63/0x680
[  393.663372][T19847]  shrink_slab+0x448/0x760
[  393.667783][T19847]  shrink_node+0x6c3/0x2120
[  393.672295][T19847]  do_try_to_free_pages+0x3f6/0xcd0
[  393.677483][T19847]  try_to_free_mem_cgroup_pages+0x1ab/0x410
[  393.683461][T19847]  try_charge_memcg+0x383/0xa10
[  393.688308][T19847]  obj_cgroup_charge_pages+0xa6/0x150
[  393.693684][T19847]  __memcg_kmem_charge_page+0x9f/0x170
[  393.699158][T19847]  __alloc_frozen_pages_noprof+0x188/0x360
[  393.704978][T19847]  alloc_pages_mpol+0xb3/0x260
[  393.709737][T19847]  alloc_pages_noprof+0x90/0x130
[  393.714665][T19847]  __vmalloc_node_range_noprof+0x7a5/0xed0
[  393.720474][T19847]  __kvmalloc_node_noprof+0x483/0x670
[  393.725849][T19847]  ip_set_alloc+0x24/0x30
[  393.730174][T19847]  hash_netiface_create+0x282/0x740
[  393.735371][T19847]  ip_set_create+0x3cc/0x970
[  393.739957][T19847]  nfnetlink_rcv_msg+0x4c6/0x590
[  393.744893][T19847]  netlink_rcv_skb+0x123/0x220
[  393.749653][T19847]  nfnetlink_rcv+0x167/0x16c0
[  393.754323][T19847]  netlink_unicast+0x5c0/0x690
[  393.759080][T19847]  netlink_sendmsg+0x58b/0x6b0
[  393.763843][T19847]  __sock_sendmsg+0x145/0x180
[  393.768580][T19847]  ____sys_sendmsg+0x31e/0x4e0
[  393.773354][T19847]  ___sys_sendmsg+0x17b/0x1d0
[  393.778037][T19847]  __x64_sys_sendmsg+0xd4/0x160
[  393.782990][T19847]  x64_sys_call+0x191e/0x3000
[  393.787672][T19847]  do_syscall_64+0xd2/0x200
[  393.792177][T19847]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  393.798061][T19847] 
[  393.800368][T19847] value changed: 0x000000010000245b -> 0x000000010000245c
[  393.807477][T19847] 
[  393.809797][T19847] Reported by Kernel Concurrency Sanitizer on:
[  393.815945][T19847] CPU: 0 UID: 0 PID: 19847 Comm: syz.2.6001 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  393.827321][T19847] Tainted: [W]=WARN
[  393.831112][T19847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  393.841158][T19847] ==================================================================
[  393.895167][T19847] syz.2.6001 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  393.909413][T19847] CPU: 1 UID: 0 PID: 19847 Comm: syz.2.6001 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  393.909450][T19847] Tainted: [W]=WARN
[  393.909487][T19847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  393.909513][T19847] Call Trace:
[  393.909519][T19847]  <TASK>
[  393.909528][T19847]  __dump_stack+0x1d/0x30
[  393.909563][T19847]  dump_stack_lvl+0xe8/0x140
[  393.909585][T19847]  dump_stack+0x15/0x1b
[  393.909659][T19847]  dump_header+0x81/0x220
[  393.909770][T19847]  oom_kill_process+0x342/0x400
[  393.909809][T19847]  out_of_memory+0x979/0xb80
[  393.909846][T19847]  try_charge_memcg+0x610/0xa10
[  393.909917][T19847]  obj_cgroup_charge_pages+0xa6/0x150
[  393.909959][T19847]  __memcg_kmem_charge_page+0x9f/0x170
[  393.910002][T19847]  __alloc_frozen_pages_noprof+0x188/0x360
[  393.910078][T19847]  alloc_pages_mpol+0xb3/0x260
[  393.910101][T19847]  ? alloc_pages_noprof+0xf4/0x130
[  393.910126][T19847]  alloc_pages_noprof+0x90/0x130
[  393.910150][T19847]  __vmalloc_node_range_noprof+0x7a5/0xed0
[  393.910280][T19847]  __kvmalloc_node_noprof+0x483/0x670
[  393.910318][T19847]  ? ip_set_alloc+0x24/0x30
[  393.910348][T19847]  ? ip_set_alloc+0x24/0x30
[  393.910373][T19847]  ? __kmalloc_cache_noprof+0x249/0x4a0
[  393.910419][T19847]  ip_set_alloc+0x24/0x30
[  393.910450][T19847]  hash_netiface_create+0x282/0x740
[  393.910527][T19847]  ? __pfx_hash_netiface_create+0x10/0x10
[  393.910562][T19847]  ip_set_create+0x3cc/0x970
[  393.910656][T19847]  ? __nla_parse+0x40/0x60
[  393.910684][T19847]  nfnetlink_rcv_msg+0x4c6/0x590
[  393.910751][T19847]  netlink_rcv_skb+0x123/0x220
[  393.910783][T19847]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  393.910881][T19847]  nfnetlink_rcv+0x167/0x16c0
[  393.910906][T19847]  ? __rmqueue_pcplist+0x9d2/0xbd0
[  393.910996][T19847]  ? mas_wr_store_type+0x898/0xcd0
[  393.911041][T19847]  ? prep_new_page+0x5c/0x200
[  393.911074][T19847]  ? get_page_from_freelist+0x13d7/0x1430
[  393.911172][T19847]  ? xas_create+0xb89/0xbe0
[  393.911200][T19847]  ? should_fail_ex+0x30/0x280
[  393.911240][T19847]  ? selinux_nlmsg_lookup+0x99/0x890
[  393.911308][T19847]  ? __rcu_read_unlock+0x34/0x70
[  393.911335][T19847]  ? __netlink_lookup+0x266/0x2a0
[  393.911368][T19847]  netlink_unicast+0x5c0/0x690
[  393.911395][T19847]  netlink_sendmsg+0x58b/0x6b0
[  393.911473][T19847]  ? __pfx_netlink_sendmsg+0x10/0x10
[  393.911514][T19847]  __sock_sendmsg+0x145/0x180
[  393.911538][T19847]  ____sys_sendmsg+0x31e/0x4e0
[  393.911573][T19847]  ___sys_sendmsg+0x17b/0x1d0
[  393.911635][T19847]  __x64_sys_sendmsg+0xd4/0x160
[  393.911718][T19847]  x64_sys_call+0x191e/0x3000
[  393.911744][T19847]  do_syscall_64+0xd2/0x200
[  393.911772][T19847]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  393.911819][T19847]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  393.911847][T19847]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  393.911871][T19847] RIP: 0033:0x7f6c2094eec9
[  393.911887][T19847] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  393.911910][T19847] RSP: 002b:00007f6c1f3b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  393.911966][T19847] RAX: ffffffffffffffda RBX: 00007f6c20ba5fa0 RCX: 00007f6c2094eec9
[  393.911979][T19847] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000004
[  393.911992][T19847] RBP: 00007f6c209d1f91 R08: 0000000000000000 R09: 0000000000000000
[  393.912005][T19847] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  393.912080][T19847] R13: 00007f6c20ba6038 R14: 00007f6c20ba5fa0 R15: 00007fffeeaacf98
[  393.912098][T19847]  </TASK>
[  394.256910][T19847] memory: usage 307200kB, limit 307200kB, failcnt 3793
[  394.263830][T19847] memory+swap: usage 307424kB, limit 9007199254740988kB, failcnt 0
[  394.271843][T19847] kmem: usage 307120kB, limit 9007199254740988kB, failcnt 0
[  394.279140][T19847] Memory cgroup stats for /syz2:
[  394.279598][T19847] cache 4096
[  394.287741][T19847] rss 0
[  394.290582][T19847] shmem 0
[  394.293505][T19847] mapped_file 0
[  394.296958][T19847] dirty 0
[  394.299915][T19847] writeback 0
[  394.303174][T19847] workingset_refault_anon 732
[  394.307858][T19847] workingset_refault_file 4149
[  394.312652][T19847] swap 229376
[  394.315914][T19847] swapcached 0
[  394.319258][T19847] pgpgin 445495
[  394.322818][T19847] pgpgout 445477
[  394.326338][T19847] pgfault 419240
[  394.329877][T19847] pgmajfault 534
[  394.333493][T19847] inactive_anon 0
[  394.337099][T19847] active_anon 0
[  394.340567][T19847] inactive_file 73728
[  394.344521][T19847] active_file 0
[  394.347971][T19847] unevictable 0
[  394.351452][T19847] hierarchical_memory_limit 314572800
[  394.356896][T19847] hierarchical_memsw_limit 9223372036854771712
[  394.363086][T19847] total_cache 4096
[  394.366791][T19847] total_rss 0
[  394.370148][T19847] total_shmem 0
[  394.373592][T19847] total_mapped_file 0
[  394.377636][T19847] total_dirty 0
[  394.381097][T19847] total_writeback 0
[  394.384885][T19847] total_workingset_refault_anon 732
[  394.390076][T19847] total_workingset_refault_file 4149
[  394.395334][T19847] total_swap 229376
[  394.399118][T19847] total_swapcached 0
[  394.403003][T19847] total_pgpgin 445495
[  394.407004][T19847] total_pgpgout 445477
[  394.411062][T19847] total_pgfault 419240
[  394.415107][T19847] total_pgmajfault 534
[  394.419152][T19847] total_inactive_anon 0
[  394.423326][T19847] total_active_anon 0
[  394.427339][T19847] total_inactive_file 73728
[  394.431927][T19847] total_active_file 0
[  394.435885][T19847] total_unevictable 0
[  394.439863][T19847] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.6001,pid=19846,uid=0
[  394.454572][T19847] Memory cgroup out of memory: Killed process 19846 (syz.2.6001) total-vm:94088kB, anon-rss:1132kB, file-rss:22444kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000