last executing test programs:

4m30.952045052s ago: executing program 3 (id=1087):
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000500)='./file0\x00', 0x40, &(0x7f0000000200)=ANY=[], 0x8, 0x25d, &(0x7f0000000f40)="$eJzs2s9rnEUcB+Dvm6a0pqQbf9uCOOhBvbw0OXtokBTEBUEboQrSt+aNLnndDXmXwIrYnBQ89ezJs3j0IAjSo5dc/As86CmXHHsQX0k2adMY0WKzG/R5Ljsw82HmnZkd5jBbr9z6aGV5MpaLfkxkWUxcjo24k8VMTMS+jXj5xWs/PvvWtXden2+3F95M6cr81dm5lNL5535495Nvnr/dP/f2t+e/PxObM+9tbc/9svnU5oWt369+2KlTp07dXj8V6Uav1y9uVGVa6tQreUq3qrKoy9Tp1uXaffXLVW91dZCK7tL01OpaWdep6A7SSjlI/V7qrw1S8UHR6aY8z9P0VPBvLH59p2liuzl9PZqmeeSrOHc7pn+OVmSPpuzxy9mT17OnN7IL203TGvdQORbW///twKF+NqL6fH1xfXH4O6yfX45OVFHGpWjFb7GzTfYMy1deay9cSrtm4rPq5l7+5vriqd38F/v52WjFzNH52WE+3Z8/E1MH+5/77rF44s/5X0+1F+aOzJ+Nl144kM+jFT+9H72oYil2svf6/3Q2pVffaB/KX9xtBwDwX5Onu468v+X5X9UP8w9wPzx0v5qMi5Pj/XYi6sHHK0VVlWsjKezsqX/QuDeC8WR7E/D3jZ+ZGNn8jKfw5ckYxjEVhudY3F3vh9zFQ/0Tnd7bkPsH4zinbgyHESN3b9HHPRIAAAAAAAAAAAAexKFHf63jeHI47m8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABOtj8CAAD//13bww4=")
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r0 = syz_io_uring_setup(0xc2, &(0x7f0000000140)={0x0, 0x1001, 0x0, 0x4}, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000580)=<r2=>0x0)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f0000000440), 0x3)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x18, 0x0, 0x0, 0x4, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x40, 0x1})
io_uring_enter(r0, 0x6e2, 0x3900, 0x1, 0x0, 0xe00)
pause()

4m30.032721748s ago: executing program 3 (id=1097):
r0 = perf_event_open(&(0x7f0000000740)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8d}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x0, 0x2, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x60, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffff9}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2, 0x0, 0x1}, 0x18)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x24, r4, 0xfc5, 0x0, 0x0, {{0x11}, {@val={0x8}, @void}}, [@NL80211_ATTR_IE={0x8, 0x2a, [@perr={0x84, 0xffffffffffffff21}]}]}, 0x24}}, 0x0)

4m30.00183506s ago: executing program 3 (id=1098):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c000000020601080000000000000000000000400500010006200000050005000a00000005000400000000000900020073797a310000000011000300686173683a69702c6d61726b"], 0x4c}, 0x1, 0x0, 0x0, 0x44810}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000980)=ANY=[@ANYBLOB="4c0000000906010400000000000000000500ffff240007801800018014000240fe8000000000000000000000000000aa08000a40000000020900020073797a31000000000500010007"], 0x4c}}, 0x4000080)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c000000030605000000000020000000000000000500010007"], 0x1c}, 0x1, 0x0, 0x0, 0x24044091}, 0x40010)

4m29.938998216s ago: executing program 3 (id=1100):
r0 = getpid()
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
syz_clone(0x7002b180, 0x0, 0x0, 0x0, 0x0, 0x0)

4m29.548312402s ago: executing program 3 (id=1111):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='kfree\x00', r0}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x16, 0x0, 0x4, 0x7, 0x0, 0x1}, 0x50)
r1 = socket$kcm(0xa, 0x5, 0x0)
r2 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r2, &(0x7f00000002c0)={&(0x7f0000000180)={0x2, 0x1, @dev}, 0x10, &(0x7f0000001400)=[{&(0x7f0000000380)="c965", 0x2}], 0x1}, 0x865)
setsockopt$sock_attach_bpf(r2, 0x84, 0x1e, &(0x7f0000000240), 0x4)
r3 = socket$kcm(0xa, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x8916, &(0x7f0000000000)={r3})
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x8936, &(0x7f0000000000)={r3})

4m28.773925824s ago: executing program 3 (id=1128):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x71, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='page_pool_release\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='page_pool_release\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r4, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000300)="b9ff030768f1258c989e14f05c71", 0x0, 0x2, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

4m28.755666286s ago: executing program 32 (id=1128):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x71, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='page_pool_release\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='page_pool_release\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r4, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000300)="b9ff030768f1258c989e14f05c71", 0x0, 0x2, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

3.49800474s ago: executing program 1 (id=5688):
socket$packet(0x11, 0xa, 0x300)
socket$kcm(0x2, 0xa, 0x73)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
close(r0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000e00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000180), r2)
sendmsg$DEVLINK_CMD_RATE_DEL(r2, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x4004800)
socket$kcm(0x2, 0xa, 0x73)
truncate(&(0x7f0000000040)='./file0\x00', 0x0)

3.454133564s ago: executing program 1 (id=5690):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000000180)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)=<r3=>0x0)
timer_settime(r3, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r4, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)

3.227429545s ago: executing program 1 (id=5692):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
r2 = open(&(0x7f0000000480)='.\x00', 0x48800, 0x50)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x42, 0x0)
pwrite64(r3, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
rename(&(0x7f0000000000)='./file1\x00', &(0x7f0000000080)='./file2\x00')
getdents(r2, &(0x7f0000001fc0)=""/184, 0xb8)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000b00)="c01803002e000b12d25a80648c2594e60124fc60100c03400a008328b92582c137153e20d448078000f01700d1bd", 0xffffffffffffffbe}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7020000080000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000030000000900010073797a30000000005c000000090a010400000000000000000300000008000a40000000000900020073797a31000000000900010073797a300000f7ff0800054000000023200011800e000100636f6e6e6c696d69740000000c000280080001"], 0xa4}}, 0x4)

3.182499039s ago: executing program 4 (id=5693):
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000500000ab0000000060a010400000000000000000a0000040900010073797a310000000038000480100001800c0001006e6f747261636b00240001800b0001006578746864720000140002800800064000000001080007400000000b0900020073797a32"], 0xd8}, 0x1, 0x0, 0x0, 0x4000850}, 0x24044010)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x1, 0x800001, 0x0, 0x0, 0x0)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x18}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)

2.745096149s ago: executing program 1 (id=5703):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000001c0)={[{@resgid={'resgid', 0x3d, 0xee00}}, {}, {@grpquota}, {@nobarrier}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x2, 0x572, &(0x7f00000006c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwIF6kCCIWxD/Au8fiH6B/RUELRUrQg5fIbGbbbZLNJunWbJ3PB6Z9b2ayb96++b79zs4uG0BhjWT/lCJejoivk4iDbdsGI984srLf0sNrk9mSxPLyJ38mkeTrWvsn+f/788pLEfHLFxHHS2vbrS8szlSq1XQur482Zi+P1hcWT1ycrUyn0+ml8YmJU29NjL/7zts96+vr5/7+7uO7H5z66ujStz/dP3Q7iTNxIN/W3o+ncKO9MhIj+XMyFGdW7TjWg8b6SbLTB8C2DORxPhTZHHAwBvKoB/7/rkfEMlBQifiHgmrlAa1r+x5dBz83Hry/cgG0tv+DK++NxJ7mtdG+peSJK6Psene4B+1nbfz8x53b2RJd3oe43oP2AFpu3IyIk4ODa+e/JJ//tu9k883jja1uo2ivP7CT7mb5zxvr5T+lR/lPrJP/7F8ndreje/yX7vegmY6y/O+9dfPfR1PX8EBee6GZ8w0lFy5W05MR8WJEHIuh3Vl9o/s5p5buLXfa1p7/ZUvWfisXzI/j/uDuJ/9mqtKoPE2f2z24GfHK4/w3iTXz/55mrrt6/LPn41xW+PXLrm0cSe+82mlb9/63630GvPxjxGvrjv/jO1rJxvcnR5vnw2jrrFjrr1tHfuvU/tb633vZ+O/buP/DSfv92vrW2/hhzz9pp23bPf93JZ82y7vydVcrjcbcWMSu5KO168cf/22r3to/6/+xoxvPf+ud/3sj4rNN9v/W4Vsdd+2H8Z/a0vhvvXDvw8+/79T+5sb/zWbpWL5mM/PfZg/waZ47AAAAAAAA6DeliDgQSan8qFwqlcsrn+84HPtK1Vq9cfxCbf7SVDS/KzscQ6XWne6DbZ+HGMs/D9uqj6+qT0TEoYj4ZmBvs16erFWndrrzAAAAAAAAAAAAAAAAAAAA0Cf2d/j+f+b3gZ0+OuCZ85PfUFxd478Xv/QE9CWv/1Bc4h+KS/xDcYl/KC7xD8Ul/qG4xD8Ul/gHAAAAAAAAAAAAAAAAAAAAAAAAAACAnjp39my2LC89vDaZ1aeuLMzP1K6cmErrM+XZ+cnyZG3ucnm6VpuupuXJ2my3x6vWapfHxmP+6mgjrTdG6wuL52dr85ca5y/OVqbT8+nQf9IrAAAAAAAAAAAAAAAAAAAAeL7UFxZnKtVqOqfQsXA6+uIwtl1Iuo3y6fxk2NIjR14Y3PkOKjyDwg5PTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ5t8AAAD//8nLNLM=")
llistxattr(&(0x7f00000004c0)='./file0\x00', 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x10)
unshare(0x22020600)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380), 0x80080, 0x0)
r1 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000780)=@newtfilter={0x34, 0x2c, 0xf3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0xb, 0xfff3}, {}, {0x7, 0xffff}}, [@filter_kind_options=@f_flow={{0x9}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x20041090}, 0xd0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00'}, 0x18)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0x1)

2.40731756s ago: executing program 1 (id=5708):
r0 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
close(r0)
r2 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x1a1)
fcntl$setlease(r2, 0x400, 0x1)
r3 = memfd_create(&(0x7f0000000180)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xecz\xabq\x95t*T9\xa9\b X \x04\"\x17\xbf\xcb\xccF\xda\xcf\xdd^\xa0\x15\xc0\xcb^h>\x1b\xb5d\xc7\x7f0\x9a&\xb0\x12#\x9c`\xa6\xed\x05\x95g\a\xccYb\xaf\xe9\xb6G?\x9f\xf5\xfe\xc1\xc0JJ\xc8\xd9d\x80\x13\x8fX\xb4\x19\xc4\\\xcb\x89-)\x90\x01\v\xac^\xdbBQ|\xaej;\x92\\\xf8u\x19Y\xee\x99EI\xf1t\xadn<\x9b\xc9\x87\xd0\xa7\x1a\x81\xb9\xc87sq\xd7\x15\xd6\x91O\x9c\x99!9>\xff\xa8\xfa\xe6=d\xcf\xca\xa9\xc61!\xc6P\x13\xd0\x88gZ\xbe\xdfl\xfa\xff\xb0m;d07tx\xbb\xabd\xe5\x16\xc4\xae\xf0', 0x0)
creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb)
r4 = memfd_create(&(0x7f00000002c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9\xd6\x1c\x1b*\x9a!?\x7f\xa5\xad\x9a,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{&\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+\x02\x00\x00\x00\x00\x00\x00\x00\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F91 ^x\x85\x80[\xa3B\n#!\xc2R\xdd\xf4)\xba\x1e\xfb6U\xabc\xda\x9a)\xc3\x9a\x06\xc5\xccP)\xdf.\xa7-\x84\xdf8\xbf\xfc1^}B\xee\xccR/z\x1e\xe8\x1e\x99\x99\n\xf4u\xd4\xbd^L\xb2j\xda\xff\x1d\x10\xc8\xad\xbd_OI\xb1\xe8y\x003\a\x06\x92\x8e\n\x8b\xf3\xd4G\x85\xbd\x1a\x81+3\x99jq\xd1\xacK^\xef\xb6!8\xcd?\x1e\\\x16W2\xbd4$zn\xa9\x7f\x9dE\xaf\x0f\xdb\xe0\xfa\x10\xc3\xb2\xf8\x80\x8c\xec$\xda\xc0\x94y1\t\xc5', 0x2)
write$binfmt_misc(r4, &(0x7f0000000180)="e502", 0x2)
execveat(r4, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
execveat(r3, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

2.011429006s ago: executing program 5 (id=5709):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='sched_switch\x00', r2, 0x0, 0xa}, 0x18)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000030900010073797a310000000054000000030a010400000000000000000100ffff0900030073797a310000000028000480080002400000000008000140000000051400030076657468315f6d6163767461700000000900010073797a31000000004c000000050a01020000000000000000010020000c00024000000000000000010900010073797a31"], 0xe8}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bind$inet(r0, 0x0, 0x0)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1d}}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000300)='scalable', 0x8)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x4000000, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0xe, 0xd}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x0, 0xfffffffe, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)

1.898779176s ago: executing program 4 (id=5710):
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000080)='./file2\x00', 0x2810411, &(0x7f00000001c0)=ANY=[@ANYRES64=0x0, @ANYRESOCT, @ANYRES16=0x0], 0x6, 0x801, &(0x7f0000001540)="$eJzs3U1oHOcZAOB3FMmW5WBMWtxgbGfspOCAo6xWiVKRQ7JZjeRJpF2xuyo2paQmloOwnAS7obUviSkkbWkpPfXQQ5prbr21FFrooc2p0Bx66S2QU0mhf6QNBZXZH1mytZL8n9TPI6SZnXm/+d5vtJp3RtLOBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQSXWqVBpLYjavLZxI+6tONepzm6zvbe836ybrPLuu34ik+Izh4fjkH51lX7yyel/x5Ugc6Dw6EMPFZDgu7d639+kvDA702m+S0I06vM24JOLNIqmzp5aXF89fdzcxfN1Nbp/v/+q6m/x7pfg6k9XyZuRzlZkszZv1dHJiovT48elmOp3PZs2TzVY2l1YbWaVVb6RHq4+mY5OT42k2erK+UJuZqsxmvYVPPVYulSbS50fns0qjWa89/nw0q8fz2dm8NtOOKZe+FUXMU8UT8YW8lbayylyanllaXhzfKtUiaGyjFfd1nj8HHtn70esf/n1psXhC9ttI0n1ilsfGyuWxiScnn3yqVBosl8rrF5SuEqsRMRBRRNyWJy2fI7f2AA43YaBb/2M28qjFQpyIdIOPoajGVDSiHnPF4z8NXRPR1av/X378r3/YrN+19b9X5R+8snp/tOv/oc6jQ/3q/4a53smPC3ExLsXZOBXLsRyLcf6uZ7TFx8DNbiFZ++g/90dELfJoRj3ymItKzEQWaXdJGpMxERNRihfjeExHM9KYjjxmI4tmnIxmtCJrP6Oq0YgsKtGKejQijaNRjUcjjbGYjMkYjzSyGI2TUY+FqMVMTEWlvZUzsdTe7+NXZblvV/zy5T9+9E4xvxo0tsngk+Jkrgj62yZjH4jyddT/lZXifOHqCPX/HrBjs5W34SgON2alV/8BAACA/1tJ+7fvxfX/UBxsz03ns9nX7nZaAAAAwC3U/sv/gWIyVMwdjKS4/i9tEPnBHc8NAAAAuDWS9mvskogYiYc6c2diKd6MxdjolwARsfdOpwgAAADcpPbf/w8Vk5GIN9oLerdL6XP9DwAAAHzefLffPfY/7N1jtzm/M/n1UEQMJZfnTzySnKsUcZVz93XadSdfXd1ia3p/sqe7kfZkYvDS7iQiBqvZgaR398v/7uxMP25/3T+42rzfvf6TRqNIYFfR90YJxOYJtB/FD+JwJ+bw6fZkd7fJYNLpZWQ6n81Gq/XZp9u3RCw+W6+/svTtiKL379Xm9iRxZml5cfSlV5dPt3fG5aL55XPdGygmEYPbzWWluwfiYAzv6M6uHfFQ+4UY3X5HOv2W1n4DBjptBjYff7K2z7fiSCfmyEhnOtJb0+lzuOhzbPTpsahU9gy0shOt11fWjL7Iosh6deRDa0f+093bHPlb8XAn5uGjD3cmG2RRXpfFK1dlsbS8WF67/7e3L7adxTuH3zjxr9/Vk2x8qyzGryOLlfsirs4C4G45077rT6cKFZNd7br76UpHUf87dXdnr+7u6rXcxrH2n1d6WT3L6LVfU90Ho1fde9VtYPXAuL3qvhKdI/rRTszRzvnE4P5uXKfSdupKaYMj+mtLr/2+e0R/4r2f/Ozrh97/ebvftdVtG1l0jujvxaOdmO4kHvhtnxpbjPmHq5VkrD36d4sW7/bttzlbTtqnGN8891rsu3Dx0mNL5069vPjy4ivl8vhE6YlS6cly72RiqH3GsEmmANy7tn6Pnb4RvTqTPFFcVQ+v2ejp9ddzD6z+S8FovBSvxnKcjmPtVxtExEMb9zuy5t8Qjm1x1XoldiyObXFteSW2fG1sEn1ix9cM7ks/bk8+uQ3fDAC4Q45sUYeTOPJ+N7TfGUJyrN919zV1tKjlV10dR/9avpGv3M6dAQD3iKzxcTLSejtpNPL5F8cmJ8cqreP3p4169YW0kU/NZGlea2WN6vFKbSZL5xv1Vr3a+8XxVNZMmwvz8/VGK52uN9IYaOYn2u/8nnbf+r2ZzVVqrbzanJ/NKs0srdZrrUq1lU7lzWo6v/DcbN48njXajZvzWTWfzquVVl6vpc36QqOajaZpM8vWBOZTWa2VT+fFbC2db+RzlcbliJhdmMvSqaxZbeTzrXpng72+8tp0vTHX3uzotcP/y53e3wDwWXDh4qWzp5aXF8/f2MyftxN8t8cIAKynSgMAAAAAAAAAAAAAwGffhYuXzg7H8uL5vb0XAhRLb+IVgdc3szNuexf37EzxjfwMpHFjMwfvvzXb+cYzz5ztF/PcGw8e3952uj8pg7HlS13f3hOx4xc/6ix5tn/wd7o/f7dmj30QETfQfCXZYNWnK52ZdYeJHXf+yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1/pfAAAA//+iNle9")
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x3, 0x5, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x61}, @call={0x85, 0x0, 0x0, 0x7}]}, &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x5, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r1, 0x18000000000002a0, 0x22, 0x0, &(0x7f0000000440)="b9ff033168440372b89e14f00800a25e4113c182879e029dbaeeaa7caa23c54957f1", 0x0, 0xa, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendto$inet6(r0, &(0x7f0000000080)="b3019c28", 0x4, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x5, @mcast2}, 0x1c)
capset(&(0x7f00000002c0)={0x19980330}, 0x0)
socket$netlink(0x10, 0x3, 0x8000000004)
openat$zero(0xffffffffffffff9c, &(0x7f0000000340), 0x1c9081, 0x0)
ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f00000000c0))
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kmem_cache_free\x00'}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0, 0x96)

1.832105342s ago: executing program 4 (id=5712):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0xffffffffffffff34, &(0x7f0000000080)={0x0, 0xb8}}, 0x0)
getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="34000000100081eee80000040000000010000000", @ANYRES32=r3, @ANYBLOB="ddfffffdff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=@ipv4_newaddr={0x20, 0x14, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0xff, r3}, [@IFA_LOCAL={0x8, 0x2, @local}]}, 0x20}}, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x55, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x56e}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r5}, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=@delchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xb}, {0x9}}}, 0x24}}, 0x0)

1.559576868s ago: executing program 2 (id=5713):
syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000240)='./file1\x00', 0x80c406, &(0x7f0000000540)=ANY=[], 0x1, 0x291, &(0x7f0000000280)="$eJzs3M9r034YwPGn6dZ0+7Ifpy/oxQe96CXMelQPVTYQC0q3inoQMpZpaG1HErQVwZw97e8YHr0J4j+w/8LbEGSnnYyszbKs+4Wza2f7fkHJkzz5tE8SUp5PId16uv66uupbq3YgRl7FEAllR2RWXNmTiZe5dpxLtsvdgoRyY+7N9sfFZ88fFkul+bLqQnHpVkFVp698ffv+09VvwX9PPk+bpmzOvtj6Wfi++f/mpa1fS69cX11f641AbV1uNAJ7ueboiutXLdXHNcf2HXXrvuMdyK/WGmtrLbXrK1OTa57j+2rXW2pIS4OG5uOq6mpZlk5N7sZ5GSG5Px5R2SiX7eK5FIMLw/OKdlZEJg7dDZWNwVQEAAAG6fj+30j22ev/je7+X+SU/v9DvNf0l573/1lJ+v+q0+7/A6+l9kvbTff/ONHZ+n/jfIrB38iEqZV7B1KeV5w4ehD9PwAAAAAAAAAAAAAAAAAAAAAA/4KdKJqJomhmd2mISBSvmyKSTa0fMXSknq0fVunrH6VeZnyBT7j+GAKpB/fyIj/CZqVZybSXnfzCg9L8nLalHvzbbjYr2SR/s5PXg/lxmYzzhSPzObl+rZPfzd1/VErn15uVCVk5sfKwV6cAAAAAAIChZ2liNtmYl2R+b1lqSne+PX/vROH+7wNd8/sxuTzWv+MAAAAAAADH81vvqnat5nj9CbJ9/KwzByJnG347MntSRlZETtmnvCgy+BN1KDDlQpQxzMGdnr1hlBHpbBmPvwy67gIAAAAAw2V/PjDoSgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGF39+OuyQR8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcFH8DgAA//8sg70h")
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000500)=ANY=[@ANYRES32=r0, @ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1, 0x0, 0xfffffffffffffffc}, 0x18)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000040)=0x3)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
truncate(&(0x7f0000000040)='./file2\x00', 0x5)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40}, 0x90)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000007c0)={r3, 0x0, 0x25, 0x8, @val=@kprobe_multi=@addrs={0x1, 0x0, 0x0, 0x0, 0x9}}, 0x30)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001580)={&(0x7f0000001440)=ANY=[@ANYBLOB], &(0x7f00000014c0)=""/164, 0x2e, 0xa4, 0x1, 0x54}, 0x28)

1.515976122s ago: executing program 1 (id=5714):
r0 = getpid()
perf_event_open(&(0x7f0000001100)={0x5, 0x80, 0x9, 0x8, 0xb, 0xfb, 0x0, 0x3c, 0xc002, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x1}, 0x18842, 0x0, 0x7fffffff, 0x2, 0x3cd, 0x3, 0x7, 0x0, 0x0, 0x0, 0x6}, r0, 0x0, 0xffffffffffffffff, 0x2)
socket$netlink(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]})
mlockall(0x2)
syz_clone(0x41064400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x2, 0x0, 0x0, 0x0, 0x0, 0x32, 0x0, 0x0, 0xd, '\x00', 0x0, @fallback=0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r1 = syz_io_uring_setup(0x4175, &(0x7f0000000180)={0x0, 0xbf56, 0x10000, 0xfffffffe, 0x2d0}, &(0x7f0000000040), &(0x7f0000000400))
io_uring_enter(r1, 0x7b20, 0xe93c, 0x0, 0x0, 0x0)
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r1, 0x13, &(0x7f0000000000)=[0xffff, 0x3], 0x2)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x80078b, &(0x7f0000000000)={[{@i_version}, {@journal_dev={'journal_dev', 0x3d, 0xff}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@nouid32}, {@errors_remount}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x8d55}}]}, 0x0, 0x470, &(0x7f0000000bc0)="$eJzs281rHGUYAPBnJh9t7UdirR+tVaNFCIpJk1btwYui4KGioId6jMm2hG4baaLYUmwqUi+CFPQsHgX/Am8iiHoSvOrFkxSK9tLqKTKzM+1mm02N2WRi9veDzb7vzrs7z5P5eud9dwPoWkPZnyRiR0T8EhEDjeriBkONpxvXzk/+de38ZBILC6//keTtrl87P1k2Ld+3vagMpxHph0mxksVmz547OVGv184U9dG5U2+Pzp4999S7pyZO1E7UTo8fOXL40Nizz4w/3ZE8s7yu73t/Zv/el9+8/Mrksctv/fBVFu+OYnlzHp0ylCX+50KuddnjnV5ZxXY2lZPeCgNhRXoiIttcffnxPxA9cWvjDcRLH1QaHLCmsmvTlvaL5xeATSyJqiMAqlFe6LP73/KxTl2PDeHq840boCzvG8WjsaQ30qJNX8v9bScNRcSx+b8/zx6xRuMQAADNPp787Gh/U7/jVv8jjfvy59/yv7uKOZTBiLg7InZHxD0RsSci7o3I294fEQ+sMp7b+z/plVV+5LKy/t9zxdzW4v5f2fuLwZ6itjPPvy85Pl2vHSz+J8PRtyWrjy2zjm9e/PmTdsua+3/ZI1t/2Rcs4rjS2zJANzUxN5F3Sjvg6sWIfb1L5Z/cnAlIImJvROxb2UfvKgvTT3y5v12jO+e/jA7MMy18kaU3n+U/Hy35l5Lm+cnp2+YnR7dGvXZwtNwrbvfjT5dea7f+VeXfAVdrjeem7d/aZDBpnq+dXfk6Lv36Udt7mv+4/6f9yRv5PHN/8dp7E3NzZ8Yi+pOjeX3R6+O33lvWy/bZ/j98YOnjf3fxniz/ByMi24kfioiHI+KRIvZHI+KxiDiwTP7fv9B+WZl/pBVt/4sRU0ue/27u/y3bf+WFnpPffd1u/f9u+x/OS8PFK/n57w6WCic7XbQGuJr/HQAAAPxfpPl34JN05GY5TUdGGt/h3xN3pfWZ2bknj8+8c3qq8V35wehLy5GugWI8tD5dr40l88UnNsZHx4ux4nK89FAxbvxpz7a8PjI5U5+qOHfodtvbHP+Z33uqjg5YY9uWfHW8f90DASrQOo+eLq5eeDWcDGCz8ntt6F53OP7T9YoDWH+u/9C9ljr+L7TUzQXA5uT6D93L8Q9dKv226giACrn+Q1daze/617CwdWOEUU1ho26UvBBRFtINEY/CGhWqPjMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0xj8BAAD//02e6R0=")

1.330174229s ago: executing program 2 (id=5715):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
r2 = open(&(0x7f0000000480)='.\x00', 0x48800, 0x50)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x42, 0x0)
pwrite64(r3, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
rename(&(0x7f0000000000)='./file1\x00', &(0x7f0000000080)='./file2\x00')
getdents(r2, &(0x7f0000001fc0)=""/184, 0xb8)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000b00)="c01803002e000b12d25a80648c2594e60124fc60100c03400a008328b92582c137153e20d448078000f01700d1bd", 0xffffffffffffffbe}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7020000080000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000030000000900010073797a30000000005c000000090a010400000000000000000300000008000a40000000000900020073797a31000000000900010073797a300000f7ff0800054000000023200011800e000100636f6e6e6c696d69740000000c000280080001"], 0xa4}}, 0x4)

1.329960129s ago: executing program 0 (id=5716):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r1, 0x0, 0x5}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000002000000000a3c000000120a01080000000000000000020000000900020073797a2a0000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[], 0x74}}, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
socket$unix(0x1, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x800)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x20000000)
socket$nl_netfilter(0x10, 0x3, 0xc)

1.329465169s ago: executing program 5 (id=5718):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
r4 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r5 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r5, 0x0)
write(r4, &(0x7f0000000300)="2cd889f035a53e14f3d5ac17", 0xc)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x54, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r6, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000240)=[0x8], 0x0, 0x0, 0x1}}, 0x40)

1.180735742s ago: executing program 5 (id=5719):
socket$packet(0x11, 0xa, 0x300)
socket$kcm(0x2, 0xa, 0x73)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
close(r0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000e00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000180), r2)
sendmsg$DEVLINK_CMD_RATE_DEL(r2, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x4004800)
socket$kcm(0x2, 0xa, 0x73)
truncate(&(0x7f0000000040)='./file0\x00', 0x0)

1.180172062s ago: executing program 4 (id=5721):
r0 = io_uring_setup(0x1d48, &(0x7f0000000340)={0x0, 0x60b140, 0x0, 0x6, 0x3a2})
r1 = socket$rxrpc(0x21, 0x2, 0xa)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x18)
close_range(r0, r1, 0x0)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r3, &(0x7f0000000140)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r3, 0x0)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, &(0x7f0000000080)={0x28, 0x0, 0x2710}, 0x10)
r5 = accept4(r3, 0x0, 0x0, 0x0)
sendto(r5, &(0x7f0000000000)='\x00', 0x1, 0x0, 0x0, 0x0)
recvfrom(r4, &(0x7f00000001c0)=""/62, 0x3e, 0x10120, 0x0, 0x0)

1.168730273s ago: executing program 0 (id=5722):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002300000018110000", @ANYRES32=r0], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket(0x10, 0x3, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbff, 0x2ffffffff}, 0xc)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r5)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r6, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=@newqdisc={0x48, 0x24, 0x5820a61ca228651, 0x0, 0x2, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}, {0x1}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x7fffffff, 0x1}}]}}]}, 0x48}}, 0x8d0)
sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newtfilter={0x70, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0x8}, {0xfff2}, {0xfff1, 0x10}}, [@filter_kind_options=@f_bpf={{0x8}, {0x44, 0x2, [@TCA_BPF_ACT={0x34, 0x1, [@m_vlan={0x30, 0x9, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc}, {0xc}}}]}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}]}}]}, 0x70}}, 0x0)

1.09287721s ago: executing program 5 (id=5723):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$BTRFS_IOC_SCRUB_PROGRESS(0xffffffffffffffff, 0xc400941d, 0x0)
bind$vsock_stream(r0, &(0x7f0000000140)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x2710}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001340)={&(0x7f0000000040)='kmem_cache_free\x00', r3, 0x0, 0x2}, 0x18)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x1, 0x0, 0x0)
r4 = accept4(r0, 0x0, 0x0, 0x0)
sendto(r4, &(0x7f0000000000)="00c881d76049ac562e4e5094890b55e5ea113389145c57e7b3479bf3f2cf8ac5d94a71e37b8bc9f4e71c8b097042535f04d39b07b6e29be0a2734c7332f8", 0x3e, 0x0, 0x0, 0x0)
recvfrom(r1, &(0x7f00000001c0)=""/62, 0x3e, 0x10120, 0x0, 0x0)

1.09210171s ago: executing program 4 (id=5725):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000000), r0)
sendmsg$DEVLINK_CMD_RATE_DEL(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000440)={0x44, r1, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@DEVLINK_ATTR_RATE_NODE_NAME={0xe}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x40001}, 0x20040800)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r3, 0x0, 0x7}, 0x18)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmmsg$unix(r5, &(0x7f0000003580)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000040)="a1", 0x1}], 0x1, &(0x7f0000000800)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r4, @ANYBLOB="0000000014"], 0x30, 0x40400d1}}], 0x1, 0x810)
pipe(&(0x7f00000006c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000000020200400000000000000bfa100000000000007010000f8ffffffb702000003dcffffb6ff0f0000000000850000007300000095"], &(0x7f0000000140)='syzkaller\x00', 0xc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='kfree\x00', r7}, 0x18)
add_key(&(0x7f0000000280)='rxrpc\x00', 0x0, &(0x7f0000000100)="01000000020000000000006bb55a2a630bf7c045f94cd977", 0x18, 0xffffffffffffffff)
splice(r4, 0x0, r6, 0x0, 0xa85, 0x0)

1.031861516s ago: executing program 0 (id=5726):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
bpf$PROG_BIND_MAP(0x23, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, 0xffffffffffffffff, 0x0, 0x9}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={<r4=>0xffffffffffffffff})
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14)
sendmsg$nl_route_sched(r3, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000600)=@newtaction={0x68, 0x30, 0x1, 0x0, 0x0, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x2}, 0x2, r5}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@newtaction={0x88, 0x30, 0xffff, 0x0, 0x0, {0x0, 0x0, 0x1300}, [{0x74, 0x1, [@m_mirred={0x70, 0x1, 0x0, 0x0, {{0xb}, {0x44, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x4, {{0x3, 0x0, 0x3}}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x1, 0x0, 0x1, 0x400, 0xfffffffb}, 0x2}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)

965.534322ms ago: executing program 5 (id=5727):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000440), 0x10)
listen(r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x80, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x8, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
accept4$vsock_stream(r0, &(0x7f0000000880)={0x28, 0x0, 0x2711}, 0x10, 0x80000)
shutdown(r1, 0x1)

965.222962ms ago: executing program 4 (id=5728):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = io_uring_setup(0x1e5, &(0x7f0000000340)={0x0, 0xf96d, 0x10, 0x2, 0x3b0})
io_uring_register$IORING_REGISTER_RESTRICTIONS(r1, 0xb, &(0x7f00000003c0), 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x60, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffff9ce}, 0x94)
open_tree(0xffffffffffffff9c, &(0x7f0000000040)='\x00', 0x89901)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r4}, &(0x7f0000000200), &(0x7f0000000280)=r5}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r5, 0x0, 0x4}, 0x18)
ioctl$PPPIOCSPASS(r3, 0x40107447, 0x0)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="6000000002060103000000000000000000000004050001000700000013000300686173683a6e65742c696661636500000900020073797a30000000000500040000000000050005000a00000014000780050015000000000008001240"], 0x60}}, 0x0)

964.844132ms ago: executing program 0 (id=5729):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cgroup.controllers\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='memory.swap.current\x00', 0x275a, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="200000001000c10701000000000000000a00"], 0x7b}}, 0x20048482)
write$binfmt_script(r1, &(0x7f0000000000), 0x208e24b)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kfree\x00', r3, 0x0, 0x100000000000000}, 0x18)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
preadv(r1, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffffff000}], 0x5, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000240), 0x3af4701e)
sendfile(r4, r0, 0x0, 0x10000a007)

565.460689ms ago: executing program 2 (id=5730):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0), r0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, 0x0})
syz_genetlink_get_family_id$tipc(0x0, r0)
sendmsg$TIPC_CMD_RESET_LINK_STATS(r0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x800}, 0x8, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[], 0x28}, 0x1, 0x0, 0x0, 0x340008c4}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r1}, 0x10)
r2 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000000740)={'ip6gre0\x00', &(0x7f00000009c0)={'syztnl1\x00', <r3=>0x0, 0x0, 0x0, 0x1, 0x400002, 0x74, @rand_addr=' \x01\x00', @mcast2, 0x80, 0x8000, 0x3e, 0x5}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r2, 0x89f3, &(0x7f0000000440)={'syztnl1\x00', &(0x7f0000000640)={'ip6_vti0\x00', r3, 0x0, 0x0, 0x3, 0x4, 0x0, @private1, @mcast1, 0x0, 0x0, 0xa, 0xc0}})

481.999006ms ago: executing program 2 (id=5731):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r3}, &(0x7f0000000180), &(0x7f00000001c0)=r2}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
r5 = perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0xfe, 0x0, 0xfc, 0x0, 0x0, 0x5022, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x200, 0x2, 0x40, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r5)
sendmsg$NL80211_CMD_VENDOR(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f0000000980)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r0, @ANYBLOB="a1ab0000ffff00000000320000000800170156"], 0x1c}, 0x1, 0x0, 0x0, 0x4050}, 0x0)

431.897711ms ago: executing program 0 (id=5732):
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f00000000c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='\r'], 0x50)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ff9000/0x3000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x880)
r2 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1600000004"], 0x50)
prlimit64(0x0, 0x7, &(0x7f0000000140)={0x4, 0xc4}, 0x0)
io_uring_enter(r2, 0x2219, 0x7721, 0x16, 0x0, 0x20)
connect$unix(r0, &(0x7f0000000200)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)

388.205905ms ago: executing program 0 (id=5733):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0xffffffffffffff34, &(0x7f0000000080)={0x0, 0xb8}}, 0x0)
getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="34000000100081eee80000040000000010000000", @ANYRES32=r3, @ANYBLOB="ddfffffdff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=@ipv4_newaddr={0x20, 0x14, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0xff, r3}, [@IFA_LOCAL={0x8, 0x2, @local}]}, 0x20}}, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x55, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x56e}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r5}, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=@delchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xb}, {0x9}}}, 0x24}}, 0x0)

331.781299ms ago: executing program 2 (id=5734):
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180200009b1aecb60000000000000000850000007500000095"], 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x5, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0xfffffffd}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$selinux_policy(0xffffff9c, 0x0, 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000001c000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r2, 0x0, 0x2}, 0x18)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff})
sendmmsg$sock(r3, &(0x7f00000044c0), 0x4000000000001c0, 0x0)

126.707078ms ago: executing program 2 (id=5735):
eventfd(0x0)
socket(0x22, 0x80000, 0x4e)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0xe7c)
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000001000)='./bus\x00', 0x0, &(0x7f0000000000)={[{@noquota}, {@errors_remount}, {@grpquota}, {@norecovery}]}, 0xfe, 0x275, &(0x7f0000000980)="$eJzs3T1onHUcB/Dfcy8mMUGiLoL4AiKigRAHQXDRRSEgIYgIKkREnCQRYoJbzsnFwc5tydQllG5NO5YuoUuha9pmSJcODR0aOrTDleeeu3BJLiS515Ln84HL8/zv/m8H9/0/d8PzTwC5NR4RX0ZEMSImIqIcEUlzhfezx3i9uDqyMRdRrX73OKnVy8qZRrvRiKhExOcRpcZry+s/bT/d/Oaj/5bKH15a/3GkX+8vYnjvbGd769vdizP/Xp3+dLlQf26sfmx+H92UtHiulES80YvBXhJJadAz4CRm/75yN839mxHxQS3/5SjUI/v/4is3y/HJhaPannt05+1+zhXovmq1nF4DK1Ugdwq178BJYTIisvNCYXIy+w5/r5jEHwuLf038vrA0/1vL5aPY9wUL6ESS/jZPf4B/fX3o2uiB/D8sZvk/kc96PFOgJ8Yitr6fXbufnu+6ikM+vJMd0vxP/LLyccg/5I78Q37JP+SX/MMZ0GZ25R/yqzn/Q4OeDNBXrv9whpUbJ5WWL8s/5Jf8Q34dyH8f78cFBq05/wBAvlSHBn0HMjAog15/AAAAAAAAAAAAAAAAAACAw1ZHNuYaj36Neet8xM5XEVHaP362H3mx9v+II4Zrf199kqTV9iRZs478/F6HHXTocpfvvp455Uburz3o7vindfvd3vT7z/7ikXvbrcxHVNLKU6XS4c9/Uv/8HevI/l8/pmH515MN0C3JgfIXP3Sv75U22jxf69747ZjejLiRrj9Trda/QrxVO7Zef8aat1hu05/POuwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAvnkRAAD//0x2aeA=")
prctl$PR_SET_NAME(0xf, &(0x7f0000000980)='\xff\x00\x00\x00\x00\x00\x000`\x14\x99\x06\xc0\x7fs\x00\t\x14\x17\xc3\xf5\xc9\v\x85\xe7\x00\x00\x18\x88\x06\x94\x98\xa9\xe7\x1c\x8a\x89\xdc\xcc\xf7L\xbd%\xc3!\x0e\x91S\xb2~8\"\xe2\xed\xbf\x12\x1a\\6p\'p\xef\x1a\n\x99\x12\xe8\'\x1c\x97M\xa5N\xd9\xbeV&\x1c2K?\x95\xd9\"\xbe\x050+\xca\xea\'\xe9)\xfe\xeb\x9c\xb5\xa0F`\xe4D\x10F\x831\xec\\v\xf0\xab_M\b\x03\xc3\n\x89\x01E`\xd35Q2\xecZz\xdc\x065p\x1c\x8f\x9b\x99IGXO\x00\x00\v\xed\xb0\xc5\xd4\xc7,\x1a\xb3}CMOO\x8a\xa8kh\x7f\x05c\xfc\xebb\xc8\xa2\xa9\xbf\xb3\x9b\xafE\xbd\xc5\xdc\xde\xbe_')
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020732600000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000a40)='kfree\x00', r0, 0x0, 0x2}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a09000000000000000000020000000900020073797a310000000008000440000000000900010073797a30000000000800034000000003"], 0x64}}, 0x0)

0s ago: executing program 5 (id=5736):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000680)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kvm_test_age_hva\x00', r1, 0x0, 0x4}, 0x18)
keyctl$KEYCTL_MOVE(0x1e, 0x0, 0xfffffffffffffffe, 0x0, 0x1)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x800000, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x8, 0x80, 0x7, 0x0, 0x0, 0x3, 0x82, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0xf}, 0x8080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x10000000000007}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x2)
sendmsg$inet(r3, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)=[{&(0x7f00000042c0)="86", 0xff0f}], 0x1}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
recvmsg(r2, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000400)=""/64, 0x40}], 0x1}, 0x0)

kernel console output (not intermixed with test programs):

 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  289.837141][   T29] audit: type=1400 audit(289.811:16506): avc:  denied  { create } for  pid=25988 comm="syz.4.4732" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  289.844486][T25990] netlink: 64 bytes leftover after parsing attributes in process `syz.4.4732'.
[  289.890925][   T29] audit: type=1400 audit(289.811:16507): avc:  denied  { bind } for  pid=25988 comm="syz.4.4732" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  289.910702][   T29] audit: type=1400 audit(289.811:16508): avc:  denied  { setopt } for  pid=25988 comm="syz.4.4732" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  290.003728][T25994] lo speed is unknown, defaulting to 1000
[  290.343708][T26012] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4749'.
[  290.352747][T26012] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4749'.
[  290.683147][T26027] ªªªªªª: renamed from wg2
[  290.722663][T26031] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4747'.
[  290.739722][T26033] rdma_rxe: rxe_newlink: failed to add lo
[  290.747574][T26031] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4747'.
[  291.097157][T26044] lo speed is unknown, defaulting to 1000
[  291.314410][T26053] xt_TPROXY: Can be used only with -p tcp or -p udp
[  291.530286][T26065] loop5: detected capacity change from 0 to 128
[  291.616762][T26044] IPVS: wlc: FWM 3 0x00000003 - no destination available
[  291.623953][ T2972] IPVS: starting estimator thread 0...
[  291.713747][T26069] IPVS: using max 2400 ests per chain, 120000 per kthread
[  291.753907][T26073] loop1: detected capacity change from 0 to 164
[  291.780370][T26073] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  291.801428][T26065] bio_check_eod: 97 callbacks suppressed
[  291.801447][T26065] syz.5.4760: attempt to access beyond end of device
[  291.801447][T26065] loop5: rw=8390657, sector=128, nr_sectors = 1 limit=128
[  291.806201][T26073] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  291.807215][T26065] Buffer I/O error on dev loop5, logical block 128, lost async page write
[  291.838541][T26073] Symlink component flag not implemented
[  291.844243][T26073] Symlink component flag not implemented
[  291.862892][T26065] syz.5.4760: attempt to access beyond end of device
[  291.862892][T26065] loop5: rw=8390657, sector=128, nr_sectors = 1 limit=128
[  291.869153][T26073] Symlink component flag not implemented (7)
[  291.876627][T26065] Buffer I/O error on dev loop5, logical block 128, lost async page write
[  291.882594][T26073] Symlink component flag not implemented (116)
[  291.955880][ T4011] IPVS: stop unused estimator thread 0...
[  292.017931][T26090] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4768'.
[  292.106259][T26094] lo speed is unknown, defaulting to 1000
[  292.203859][T26097] lo speed is unknown, defaulting to 1000
[  292.221861][T26101] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4770'.
[  292.783393][ T3320] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  292.794439][ T3320] CPU: 1 UID: 0 PID: 3320 Comm: syz-executor Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  292.794620][ T3320] Tainted: [W]=WARN
[  292.794646][ T3320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  292.794657][ T3320] Call Trace:
[  292.794663][ T3320]  <TASK>
[  292.794671][ T3320]  __dump_stack+0x1d/0x30
[  292.794694][ T3320]  dump_stack_lvl+0x95/0xd0
[  292.794713][ T3320]  dump_stack+0x15/0x1b
[  292.794730][ T3320]  dump_header+0x81/0x240
[  292.794797][ T3320]  oom_kill_process+0x295/0x350
[  292.794866][ T3320]  out_of_memory+0x97b/0xb80
[  292.794887][ T3320]  try_charge_memcg+0x610/0xa10
[  292.794945][ T3320]  charge_memcg+0x51/0xc0
[  292.795015][ T3320]  __mem_cgroup_charge+0x28/0xb0
[  292.795042][ T3320]  filemap_add_folio+0x111/0x360
[  292.795062][ T3320]  __filemap_get_folio_mpol+0x326/0x650
[  292.795135][ T3320]  filemap_fault+0x44d/0xb70
[  292.795160][ T3320]  __do_fault+0xbc/0x200
[  292.795256][ T3320]  handle_mm_fault+0xfab/0x2c60
[  292.795292][ T3320]  do_user_addr_fault+0x630/0x1080
[  292.795320][ T3320]  exc_page_fault+0x62/0xa0
[  292.795345][ T3320]  asm_exc_page_fault+0x26/0x30
[  292.795424][ T3320] RIP: 0033:0x7ff12e535fd4
[  292.795438][ T3320] Code: 85 ed 09 00 00 48 b8 db 34 b6 d7 82 de 1b 43 48 f7 a4 24 98 00 00 00 48 8b 05 c8 f7 ea 00 48 69 8c 24 90 00 00 00 e8 03 00 00 <8b> 78 08 48 8b 44 24 18 48 c1 ea 12 4c 8b 0d d9 f6 ea 00 48 01 d1
[  292.795454][ T3320] RSP: 002b:00007fff3a6f3880 EFLAGS: 00010206
[  292.795470][ T3320] RAX: 0000001b33f24000 RBX: 0000000000000945 RCX: 00000000000474a0
[  292.795482][ T3320] RDX: 000000000bb9ca4a RSI: 00007fff3a6f3910 RDI: 0000000000000001
[  292.795561][ T3320] RBP: 00007fff3a6f38bc R08: 000000002cbaebbf R09: 7fffffffffffffff
[  292.795573][ T3320] R10: 3fffffffffffffff R11: 0000000000000202 R12: 0000000000001388
[  292.795609][ T3320] R13: 00000000000927c0 R14: 000000000004773a R15: 00007fff3a6f3910
[  292.795627][ T3320]  </TASK>
[  292.795635][ T3320] memory: usage 307200kB, limit 307200kB, failcnt 1491
[  292.987292][ T3320] memory+swap: usage 307200kB, limit 9007199254740988kB, failcnt 0
[  292.995229][ T3320] kmem: usage 226676kB, limit 9007199254740988kB, failcnt 0
[  293.002525][ T3320] Memory cgroup stats for /syz0:
[  293.003545][ T3320] cache 82075648
[  293.012082][ T3320] rss 376832
[  293.015367][ T3320] shmem 82075648
[  293.018938][ T3320] mapped_file 11755520
[  293.023079][ T3320] dirty 0
[  293.026118][ T3320] writeback 0
[  293.029411][ T3320] workingset_refault_anon 1615
[  293.034194][ T3320] workingset_refault_file 1756
[  293.038977][ T3320] swap 0
[  293.041858][ T3320] swapcached 0
[  293.045274][ T3320] pgpgin 352068
[  293.048744][ T3320] pgpgout 331937
[  293.052302][ T3320] pgfault 336418
[  293.055914][ T3320] pgmajfault 342
[  293.059546][ T3320] inactive_anon 82087936
[  293.063876][ T3320] active_anon 368640
[  293.067778][ T3320] inactive_file 0
[  293.071417][ T3320] active_file 0
[  293.074929][ T3320] unevictable 0
[  293.078393][ T3320] hierarchical_memory_limit 314572800
[  293.083796][ T3320] hierarchical_memsw_limit 9223372036854771712
[  293.090007][ T3320] total_cache 82075648
[  293.094079][ T3320] total_rss 376832
[  293.098083][ T3320] total_shmem 82075648
[  293.102311][ T3320] total_mapped_file 11755520
[  293.106985][ T3320] total_dirty 0
[  293.110446][ T3320] total_writeback 0
[  293.114264][ T3320] total_workingset_refault_anon 1615
[  293.119594][ T3320] total_workingset_refault_file 1756
[  293.124983][ T3320] total_swap 0
[  293.128360][ T3320] total_swapcached 0
[  293.132310][ T3320] total_pgpgin 352068
[  293.136304][ T3320] total_pgpgout 331937
[  293.140356][ T3320] total_pgfault 336418
[  293.144424][ T3320] total_pgmajfault 342
[  293.148503][ T3320] total_inactive_anon 82087936
[  293.153257][ T3320] total_active_anon 368640
[  293.157677][ T3320] total_inactive_file 0
[  293.161819][ T3320] total_active_file 0
[  293.165812][ T3320] total_unevictable 0
[  293.169786][ T3320] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.4766,pid=26085,uid=0
[  293.184534][ T3320] Memory cgroup out of memory: Killed process 26085 (syz.0.4766) total-vm:96148kB, anon-rss:1264kB, file-rss:22124kB, shmem-rss:11392kB, UID:0 pgtables:144kB oom_score_adj:0
[  293.476619][T26129] tipc: Resetting bearer <eth:syzkaller0>
[  293.594454][T26145] lo speed is unknown, defaulting to 1000
[  293.660649][T26147] loop1: detected capacity change from 0 to 512
[  293.677883][T26147] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #15: comm syz.1.4789: corrupted inode contents
[  293.696583][T26147] EXT4-fs error (device loop1) in ext4_orphan_del:303: Corrupt filesystem
[  293.713925][T26147] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #15: comm syz.1.4789: corrupted inode contents
[  293.726732][T26147] EXT4-fs error (device loop1): ext4_evict_inode:301: inode #15: comm syz.1.4789: mark_inode_dirty error
[  293.738599][T26147] EXT4-fs (loop1): 1 orphan inode deleted
[  293.745260][T26147] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  293.776453][ T3327] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  294.234785][T26171] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4797'.
[  294.283645][T26171] 8021q: adding VLAN 0 to HW filter on device bond4
[  294.311134][T26173] bond0: (slave dummy0): Releasing backup interface
[  294.331618][T26173] bond4: (slave dummy0): Enslaving as an active interface with an up link
[  294.394705][T26171] bond4 (unregistering): (slave dummy0): Releasing backup interface
[  294.414394][T26171] bond4 (unregistering): Released all slaves
[  294.466920][T26175] syzkaller0: entered promiscuous mode
[  294.472471][T26175] syzkaller0: entered allmulticast mode
[  294.503988][T26175] tipc: Resetting bearer <eth:syzkaller0>
[  294.537928][   T29] kauditd_printk_skb: 125 callbacks suppressed
[  294.537944][   T29] audit: type=1326 audit(294.511:16634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26176 comm="syz.4.4801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f948b0af749 code=0x7ffc0000
[  294.591986][T26183] loop1: detected capacity change from 0 to 512
[  294.598468][   T29] audit: type=1326 audit(294.551:16635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26176 comm="syz.4.4801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f948b0af749 code=0x7ffc0000
[  294.621596][   T29] audit: type=1326 audit(294.551:16636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26176 comm="syz.4.4801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f948b0af749 code=0x7ffc0000
[  294.644652][   T29] audit: type=1326 audit(294.551:16637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26176 comm="syz.4.4801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f948b0af749 code=0x7ffc0000
[  294.646081][T26183] EXT4-fs error (device loop1): ext4_xattr_inode_iget:446: comm syz.1.4802: error while reading EA inode 32 err=-116
[  294.667731][   T29] audit: type=1326 audit(294.551:16638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26176 comm="syz.4.4801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f948b0af749 code=0x7ffc0000
[  294.703044][   T29] audit: type=1326 audit(294.551:16639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26176 comm="syz.4.4801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f948b0af749 code=0x7ffc0000
[  294.726080][   T29] audit: type=1326 audit(294.551:16640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26176 comm="syz.4.4801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f948b0af749 code=0x7ffc0000
[  294.743862][T26183] EXT4-fs (loop1): Remounting filesystem read-only
[  294.749094][   T29] audit: type=1326 audit(294.551:16641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26176 comm="syz.4.4801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f948b0af749 code=0x7ffc0000
[  294.765056][T26183] EXT4-fs (loop1): 1 orphan inode deleted
[  294.778533][   T29] audit: type=1326 audit(294.551:16642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26176 comm="syz.4.4801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f948b0af749 code=0x7ffc0000
[  294.804051][T26183] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  294.807262][   T29] audit: type=1326 audit(294.551:16643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26176 comm="syz.4.4801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f948b0af749 code=0x7ffc0000
[  294.915532][ T3327] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.226571][T26196] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4807'.
[  295.352752][T26200] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4808'.
[  295.459186][T26204] netlink: 80 bytes leftover after parsing attributes in process `syz.1.4809'.
[  295.474134][T26166] loop5: detected capacity change from 0 to 512
[  295.481456][T26166] EXT4-fs: Ignoring removed i_version option
[  295.490278][T26166] EXT4-fs (loop5): orphan cleanup on readonly fs
[  295.497765][T26166] EXT4-fs warning (device loop5): ext4_xattr_inode_get:560: inode #11: comm syz.5.4796: EA inode hash validation failed
[  295.514629][T26166] EXT4-fs warning (device loop5): ext4_expand_extra_isize_ea:2857: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  295.528612][T26166] EXT4-fs error (device loop5): ext4_xattr_inode_update_ref:1037: inode #11: comm syz.5.4796: EA inode 11 ref wraparound: ref_count=0 ref_change=-1
[  295.544948][T26166] EXT4-fs (loop5): Remounting filesystem read-only
[  295.551476][T26166] EXT4-fs warning (device loop5): ext4_xattr_inode_dec_ref_all:1230: inode #11: comm syz.5.4796: ea_inode dec ref err=-117
[  295.566754][T26166] EXT4-fs warning (device loop5): ext4_evict_inode:273: xattr delete (err -30)
[  295.580943][T26166] EXT4-fs (loop5): 1 orphan inode deleted
[  295.587283][T26166] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  295.624299][T26209] rdma_rxe: rxe_newlink: failed to add lo
[  295.630741][ T7190] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.704734][T26218] netlink: 'syz.2.4814': attribute type 29 has an invalid length.
[  295.732447][T26218] netlink: 'syz.2.4814': attribute type 29 has an invalid length.
[  295.762858][T26218] netlink: 500 bytes leftover after parsing attributes in process `syz.2.4814'.
[  296.878529][T26254] loop5: detected capacity change from 0 to 2048
[  297.285788][T26271] netlink: 'syz.0.4834': attribute type 29 has an invalid length.
[  298.407209][T26289] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4841'.
[  298.455306][T26289] batadv1: left allmulticast mode
[  298.460396][T26289] batadv1: left promiscuous mode
[  298.465505][T26289] bridge0: port 3(batadv1) entered disabled state
[  298.492884][T26289] bridge_slave_1: left allmulticast mode
[  298.498630][T26289] bridge_slave_1: left promiscuous mode
[  298.504432][T26289] bridge0: port 2(bridge_slave_1) entered disabled state
[  298.537200][T26289] bridge_slave_0: left promiscuous mode
[  298.543052][T26289] bridge0: port 1(bridge_slave_0) entered disabled state
[  298.612243][T26289] vlan0 (unregistering): left allmulticast mode
[  298.618708][T26289] bridge0 (unregistering): left allmulticast mode
[  298.625241][T26289] vlan0 (unregistering): left promiscuous mode
[  298.631472][T26289] bridge0 (unregistering): left promiscuous mode
[  298.638064][T26289] bridge3: port 1(vlan0) entered disabled state
[  299.117076][T26310] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4849'.
[  299.669693][   T29] kauditd_printk_skb: 398 callbacks suppressed
[  299.669711][   T29] audit: type=1400 audit(299.641:17039): avc:  denied  { load_policy } for  pid=26312 comm="syz.1.4851" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  299.704343][T26313] SELinux: failed to load policy
[  299.800063][   T29] audit: type=1400 audit(299.771:17040): avc:  denied  { execute } for  pid=26312 comm="syz.1.4851" path="/879/file0" dev="tmpfs" ino=4616 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  299.947187][T26313] lo speed is unknown, defaulting to 1000
[  300.379489][   T29] audit: type=1400 audit(300.351:17041): avc:  denied  { create } for  pid=26334 comm="syz.5.4859" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  300.454835][   T29] audit: type=1400 audit(300.351:17042): avc:  denied  { write } for  pid=26334 comm="syz.5.4859" name="file0" dev="tmpfs" ino=3879 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  300.476976][   T29] audit: type=1400 audit(300.351:17043): avc:  denied  { open } for  pid=26334 comm="syz.5.4859" path="/738/file0" dev="tmpfs" ino=3879 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  300.499508][   T29] audit: type=1400 audit(300.381:17044): avc:  denied  { ioctl } for  pid=26334 comm="syz.5.4859" path="/738/file0" dev="tmpfs" ino=3879 ioctlcmd=0x1273 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  300.513608][T26343] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4861'.
[  300.595254][   T29] audit: type=1400 audit(300.561:17045): avc:  denied  { unlink } for  pid=7190 comm="syz-executor" name="file0" dev="tmpfs" ino=3879 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  300.656228][T26347] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4863'.
[  300.693178][T26347] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=26347 comm=syz.5.4863
[  300.770680][T26360] lo speed is unknown, defaulting to 1000
[  300.797239][   T29] audit: type=1400 audit(300.771:17046): avc:  denied  { mount } for  pid=26361 comm="syz.1.4869" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  300.850554][   T29] audit: type=1400 audit(300.771:17047): avc:  denied  { mount } for  pid=26361 comm="syz.1.4869" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  300.855132][T26371] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4872'.
[  300.961184][   T29] audit: type=1400 audit(300.931:17048): avc:  denied  { execute_no_trans } for  pid=26377 comm="syz.2.4875" path="/1007/file0" dev="tmpfs" ino=5251 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  301.357337][T26408] netlink: 'syz.4.4887': attribute type 1 has an invalid length.
[  301.381457][T26408] 8021q: adding VLAN 0 to HW filter on device bond6
[  301.402573][T26408] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4887'.
[  301.413437][T26408] bond6 (unregistering): Released all slaves
[  301.534218][T26415] netlink: 'syz.4.4889': attribute type 13 has an invalid length.
[  301.766712][T26419] lo speed is unknown, defaulting to 1000
[  302.279800][T26428] rdma_rxe: rxe_newlink: failed to add lo
[  302.982757][T26448] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4899'.
[  303.985268][T26477] 8021q: adding VLAN 0 to HW filter on device bond0
[  303.994436][T26477] 8021q: adding VLAN 0 to HW filter on device team0
[  304.004335][T26477] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  304.474758][T26504] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4922'.
[  304.575149][T26508] netlink: 'syz.0.4924': attribute type 3 has an invalid length.
[  304.583346][T26510] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=1551 sclass=netlink_xfrm_socket pid=26510 comm=syz.1.4925
[  304.604194][T26508] netlink: 'syz.0.4924': attribute type 3 has an invalid length.
[  304.649595][T26513] loop1: detected capacity change from 0 to 256
[  304.665343][T26513] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  304.746744][   T29] kauditd_printk_skb: 80 callbacks suppressed
[  304.746763][   T29] audit: type=1326 audit(304.721:17129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26518 comm="syz.2.4929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  304.776119][   T29] audit: type=1326 audit(304.721:17130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26518 comm="syz.2.4929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  304.800003][   T29] audit: type=1326 audit(304.781:17131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26518 comm="syz.2.4929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  304.823210][   T29] audit: type=1326 audit(304.781:17132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26518 comm="syz.2.4929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  304.846238][   T29] audit: type=1326 audit(304.781:17133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26518 comm="syz.2.4929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  304.869354][   T29] audit: type=1326 audit(304.781:17134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26518 comm="syz.2.4929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  304.892360][   T29] audit: type=1326 audit(304.781:17135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26518 comm="syz.2.4929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  304.915601][   T29] audit: type=1326 audit(304.781:17136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26518 comm="syz.2.4929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  304.938738][   T29] audit: type=1326 audit(304.781:17137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26518 comm="syz.2.4929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  304.969174][   T29] audit: type=1326 audit(304.941:17138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26518 comm="syz.2.4929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  305.044638][T26528] netlink: '+}[@': attribute type 1 has an invalid length.
[  305.168750][T26532] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4934'.
[  305.290947][T26546] loop1: detected capacity change from 0 to 512
[  305.812692][T26546] EXT4-fs error (device loop1): ext4_xattr_inode_iget:441: inode #18: comm syz.1.4940: iget: bad extra_isize 90 (inode size 256)
[  305.852905][T26546] EXT4-fs (loop1): Remounting filesystem read-only
[  305.859548][T26546] EXT4-fs warning (device loop1): ext4_evict_inode:273: xattr delete (err -30)
[  305.869945][T26546] EXT4-fs (loop1): 1 orphan inode deleted
[  305.877216][T26546] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  305.971570][ T3327] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  306.084152][T26576] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4958'.
[  306.144293][T26580] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4950'.
[  306.227778][T26586] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=12 sclass=netlink_xfrm_socket pid=26586 comm=syz.4.4951
[  306.541669][T26592] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4956'.
[  306.550719][T26592] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4956'.
[  306.817137][T26605] netlink: 660 bytes leftover after parsing attributes in process `syz.0.4961'.
[  306.994735][T26631] lo: Caught tx_queue_len zero misconfig
[  307.014076][T26631] sch_tbf: peakrate 7 is lower than or equals to rate 19 !
[  307.040901][T26635] loop1: detected capacity change from 0 to 1024
[  307.057883][T26635] EXT4-fs: Ignoring removed nomblk_io_submit option
[  307.066015][T26637] lo speed is unknown, defaulting to 1000
[  307.087026][T26635] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  307.578800][T26651] IPVS: wrr: UDP 224.0.0.2:0 - no destination available
[  307.740600][ T3327] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  307.901326][T26676] netlink: 'syz.4.4989': attribute type 39 has an invalid length.
[  308.340352][T26693] netlink: 'syz.0.4995': attribute type 12 has an invalid length.
[  308.372413][T26695] loop1: detected capacity change from 0 to 512
[  308.396292][T26695] EXT4-fs warning (device loop1): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  308.416005][T26695] EXT4-fs (loop1): mount failed
[  308.580597][T26710] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5001'.
[  308.651124][T26715] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  308.715671][T26715] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  308.776517][T26715] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  308.825253][T26715] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  308.941548][ T4011] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[  308.963103][ T4011] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[  308.984080][ T4011] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[  308.998845][ T4011] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[  309.556176][T26751] lo speed is unknown, defaulting to 1000
[  309.621605][T26755] netlink: 'syz.4.5020': attribute type 21 has an invalid length.
[  309.671572][T26755] netlink: 132 bytes leftover after parsing attributes in process `syz.4.5020'.
[  310.138259][   T29] kauditd_printk_skb: 173 callbacks suppressed
[  310.138274][   T29] audit: type=1326 audit(310.111:17311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26774 comm="syz.4.5027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f948b0af749 code=0x7ffc0000
[  310.174147][   T29] audit: type=1326 audit(310.151:17312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26774 comm="syz.4.5027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f948b0af749 code=0x7ffc0000
[  310.197280][   T29] audit: type=1326 audit(310.151:17313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26774 comm="syz.4.5027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f948b0af749 code=0x7ffc0000
[  310.220291][   T29] audit: type=1326 audit(310.151:17314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26774 comm="syz.4.5027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f948b0af749 code=0x7ffc0000
[  310.243329][   T29] audit: type=1326 audit(310.151:17315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26774 comm="syz.4.5027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f948b0af749 code=0x7ffc0000
[  310.266421][   T29] audit: type=1326 audit(310.151:17316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26781 comm="syz.4.5027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f948b0e2005 code=0x7ffc0000
[  310.289445][   T29] audit: type=1326 audit(310.151:17317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26774 comm="syz.4.5027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7f948b0af749 code=0x7ffc0000
[  310.464929][   T29] audit: type=1326 audit(310.431:17318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26781 comm="syz.4.5027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f948b0af749 code=0x7ffc0000
[  310.585787][   T29] audit: type=1326 audit(310.481:17319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26774 comm="syz.4.5027" exe="/root/syz-executor" sig=0 arch=c000003e syscall=219 compat=0 ip=0x7f948b0af749 code=0x7ffc0000
[  311.357676][   T29] audit: type=1326 audit(567.261:17320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26798 comm="syz.5.5032" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f68d244f749 code=0x0
[  311.533333][T26811] lo speed is unknown, defaulting to 1000
[  311.932533][T26814] sch_tbf: peakrate 7 is lower than or equals to rate 19 !
[  311.971235][T26815] lo speed is unknown, defaulting to 1000
[  311.984547][T26819] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5039'.
[  312.236780][T26824] netlink: 188 bytes leftover after parsing attributes in process `syz.1.5041'.
[  312.423036][T26842] lo speed is unknown, defaulting to 1000
[  312.782206][T26815] Set syz1 is full, maxelem 65536 reached
[  313.440527][T26871] lo speed is unknown, defaulting to 1000
[  314.215541][T26877] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5058'.
[  314.440960][T26885] lo speed is unknown, defaulting to 1000
[  315.123322][T26903] lo speed is unknown, defaulting to 1000
[  315.211119][T26885] Set syz1 is full, maxelem 65536 reached
[  315.753415][T26922] lo speed is unknown, defaulting to 1000
[  316.257480][T26928] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5072'.
[  316.447239][T26938] netlink: 9 bytes leftover after parsing attributes in process `syz.2.5076'.
[  316.480075][T26938] netlink: 9 bytes leftover after parsing attributes in process `syz.2.5076'.
[  316.567093][   T29] kauditd_printk_skb: 497 callbacks suppressed
[  316.567110][   T29] audit: type=1326 audit(572.531:17818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26941 comm="syz.2.5078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  316.596487][   T29] audit: type=1326 audit(572.531:17819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26941 comm="syz.2.5078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  316.619522][   T29] audit: type=1326 audit(572.531:17820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26941 comm="syz.2.5078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  316.642585][   T29] audit: type=1326 audit(572.531:17821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26941 comm="syz.2.5078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  316.665675][   T29] audit: type=1326 audit(572.531:17822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26941 comm="syz.2.5078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=128 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  316.783302][   T29] audit: type=1326 audit(572.601:17823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26941 comm="syz.2.5078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  316.787325][T26946] lo speed is unknown, defaulting to 1000
[  316.806372][   T29] audit: type=1326 audit(572.601:17824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26941 comm="syz.2.5078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  316.806400][   T29] audit: type=1326 audit(572.601:17825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26941 comm="syz.2.5078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  316.820317][T26947] Cannot find add_set index 0 as target
[  316.835177][   T29] audit: type=1326 audit(572.601:17826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26941 comm="syz.2.5078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  316.835204][   T29] audit: type=1326 audit(572.601:17827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26941 comm="syz.2.5078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  317.624840][T26934] Set syz1 is full, maxelem 65536 reached
[  317.790947][T26960] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5082'.
[  317.895898][T26967] netlink: 'syz.2.5086': attribute type 12 has an invalid length.
[  318.743197][T26989] loop1: detected capacity change from 0 to 1024
[  318.753636][T26989] EXT4-fs: Ignoring removed orlov option
[  318.764584][T26989] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  318.839634][ T3327] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  319.133720][T27009] rdma_rxe: rxe_newlink: failed to add lo
[  320.076716][T27036] lo speed is unknown, defaulting to 1000
[  320.774103][T27046] loop5: detected capacity change from 0 to 1024
[  320.814427][   T23] IPVS: starting estimator thread 0...
[  320.820392][T27036] IPVS: wlc: FWM 3 0x00000003 - no destination available
[  320.830947][T27046] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  320.904776][T27048] IPVS: using max 2544 ests per chain, 127200 per kthread
[  321.014367][ T7190] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  321.077058][T27065] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5115'.
[  321.096650][ T4000] IPVS: stop unused estimator thread 0...
[  321.153065][T27067] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5117'.
[  321.195866][T27077] loop5: detected capacity change from 0 to 2048
[  321.259910][T27084] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  321.338434][T27084] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  321.396795][T27084] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  321.449090][T27084] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  321.519914][ T4000] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[  321.542666][ T4000] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[  321.575005][ T4000] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[  321.584193][   T29] kauditd_printk_skb: 747 callbacks suppressed
[  321.584208][   T29] audit: type=1326 audit(577.561:18575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27069 comm="syz.1.5118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f4db6352005 code=0x7ffc0000
[  321.603076][ T4000] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[  321.642946][   T29] audit: type=1326 audit(577.591:18576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27069 comm="syz.1.5118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f4db6352005 code=0x7ffc0000
[  321.666218][   T29] audit: type=1326 audit(577.591:18577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27069 comm="syz.1.5118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f4db6352005 code=0x7ffc0000
[  321.689219][   T29] audit: type=1326 audit(577.591:18578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27069 comm="syz.1.5118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f4db6352005 code=0x7ffc0000
[  321.712194][   T29] audit: type=1326 audit(577.591:18579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27069 comm="syz.1.5118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f4db6352005 code=0x7ffc0000
[  321.735202][   T29] audit: type=1326 audit(577.591:18580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27069 comm="syz.1.5118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f4db6352005 code=0x7ffc0000
[  321.758234][   T29] audit: type=1326 audit(577.591:18581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27069 comm="syz.1.5118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f4db6352005 code=0x7ffc0000
[  321.781200][   T29] audit: type=1326 audit(577.591:18582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27069 comm="syz.1.5118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f4db6352005 code=0x7ffc0000
[  321.804228][   T29] audit: type=1326 audit(577.591:18583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27069 comm="syz.1.5118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f4db6352005 code=0x7ffc0000
[  321.827249][   T29] audit: type=1326 audit(577.591:18584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27069 comm="syz.1.5118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f4db6352005 code=0x7ffc0000
[  322.644544][T27159] 0ªî{X¹¦: left allmulticast mode
[  322.692975][T27159] wg2: left promiscuous mode
[  322.697810][T27159] wg2: left allmulticast mode
[  322.707848][T27159] team1: left promiscuous mode
[  322.712657][T27159] team1: left allmulticast mode
[  322.718065][T27159] veth4: left promiscuous mode
[  322.722833][T27159] veth4: left allmulticast mode
[  322.727932][T27159] bridge7: left promiscuous mode
[  322.732909][T27159] bond3: left allmulticast mode
[  322.737782][T27159] ip6gretap1: left allmulticast mode
[  322.743169][T27159] ip6gre1: left promiscuous mode
[  322.748128][T27159] ip6gre1: left allmulticast mode
[  322.777785][T27168] loop5: detected capacity change from 0 to 1024
[  322.784827][T27168] EXT4-fs: Ignoring removed nomblk_io_submit option
[  322.795897][T27168] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  323.295485][T27250] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5149'.
[  323.411961][T27168] syz.5.5137 invoked oom-killer: gfp_mask=0xc40(GFP_NOFS), order=0, oom_score_adj=1000
[  323.421814][T27168] CPU: 0 UID: 0 PID: 27168 Comm: syz.5.5137 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  323.421853][T27168] Tainted: [W]=WARN
[  323.421862][T27168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  323.421877][T27168] Call Trace:
[  323.421883][T27168]  <TASK>
[  323.421893][T27168]  __dump_stack+0x1d/0x30
[  323.421981][T27168]  dump_stack_lvl+0x95/0xd0
[  323.422006][T27168]  dump_stack+0x15/0x1b
[  323.422025][T27168]  dump_header+0x81/0x240
[  323.422046][T27168]  oom_kill_process+0x295/0x350
[  323.422073][T27168]  out_of_memory+0x97b/0xb80
[  323.422108][T27168]  try_charge_memcg+0x610/0xa10
[  323.422153][T27168]  charge_memcg+0x51/0xc0
[  323.422189][T27168]  __mem_cgroup_charge+0x28/0xb0
[  323.422296][T27168]  filemap_add_folio+0x111/0x360
[  323.422322][T27168]  __filemap_get_folio_mpol+0x326/0x650
[  323.422353][T27168]  ext4_mb_load_buddy_gfp+0x2b7/0x890
[  323.422393][T27168]  ext4_mb_scan_group+0x86e/0xf10
[  323.422424][T27168]  ext4_mb_regular_allocator+0x70a/0x15e0
[  323.422462][T27168]  ? __ext4_mark_inode_dirty+0x2fe/0x3f0
[  323.422501][T27168]  ext4_mb_new_blocks+0x800/0x2080
[  323.422539][T27168]  ? iput+0x427/0x650
[  323.422564][T27168]  ? find_get_block_common+0x6de/0x8e0
[  323.422592][T27168]  ext4_new_meta_blocks+0xc3/0x1b0
[  323.422812][T27168]  ext4_xattr_block_set+0x10ff/0x1a30
[  323.422851][T27168]  ? folio_mark_accessed+0x236/0x3a0
[  323.422897][T27168]  ext4_expand_extra_isize_ea+0xc6a/0x11f0
[  323.422948][T27168]  __ext4_expand_extra_isize+0x246/0x280
[  323.423000][T27168]  __ext4_mark_inode_dirty+0x29d/0x3f0
[  323.423039][T27168]  ext4_dirty_inode+0x92/0xc0
[  323.423083][T27168]  ? __pfx_ext4_dirty_inode+0x10/0x10
[  323.423108][T27168]  __mark_inode_dirty+0x162/0x750
[  323.423141][T27168]  file_update_time_flags+0x2e5/0x310
[  323.423235][T27168]  file_modified+0x3d/0x50
[  323.423261][T27168]  ext4_buffered_write_iter+0x1d0/0x3c0
[  323.423343][T27168]  ext4_file_write_iter+0x387/0xf60
[  323.423379][T27168]  ? futex_unqueue+0xc5/0xf0
[  323.423402][T27168]  ? __futex_wait+0x1fa/0x260
[  323.423423][T27168]  do_iter_readv_writev+0x4a1/0x540
[  323.423500][T27168]  vfs_writev+0x2df/0x8b0
[  323.423638][T27168]  __se_sys_pwritev2+0xfc/0x1c0
[  323.423784][T27168]  __x64_sys_pwritev2+0x67/0x80
[  323.423807][T27168]  x64_sys_call+0x2c9e/0x3000
[  323.423829][T27168]  do_syscall_64+0xca/0x2b0
[  323.423979][T27168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  323.423999][T27168] RIP: 0033:0x7f68d244f749
[  323.424051][T27168] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  323.424073][T27168] RSP: 002b:00007f68d0eb7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  323.424096][T27168] RAX: ffffffffffffffda RBX: 00007f68d26a5fa0 RCX: 00007f68d244f749
[  323.424110][T27168] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000007
[  323.424122][T27168] RBP: 00007f68d24d3f91 R08: 0000000000000000 R09: 0000000000000003
[  323.424137][T27168] R10: 0000000000002000 R11: 0000000000000246 R12: 0000000000000000
[  323.424230][T27168] R13: 00007f68d26a6038 R14: 00007f68d26a5fa0 R15: 00007ffce4e9cac8
[  323.424250][T27168]  </TASK>
[  323.730218][T27168] memory: usage 307200kB, limit 307200kB, failcnt 424
[  323.737169][T27168] memory+swap: usage 307292kB, limit 9007199254740988kB, failcnt 0
[  323.745112][T27168] kmem: usage 227460kB, limit 9007199254740988kB, failcnt 0
[  323.752411][T27168] Memory cgroup stats for /syz5:
[  323.756378][T27168] cache 81432576
[  323.765060][T27168] rss 204800
[  323.768275][T27168] shmem 81403904
[  323.771843][T27168] mapped_file 11755520
[  323.775996][T27168] dirty 0
[  323.778942][T27168] writeback 0
[  323.782230][T27168] workingset_refault_anon 4453
[  323.787077][T27168] workingset_refault_file 2176
[  323.791854][T27168] swap 94208
[  323.795092][T27168] swapcached 4096
[  323.798734][T27168] pgpgin 475359
[  323.802201][T27168] pgpgout 455424
[  323.805782][T27168] pgfault 422390
[  323.809340][T27168] pgmajfault 665
[  323.812968][T27168] inactive_anon 10858496
[  323.817271][T27168] active_anon 70754304
[  323.821344][T27168] inactive_file 40960
[  323.825371][T27168] active_file 0
[  323.828865][T27168] unevictable 0
[  323.832335][T27168] hierarchical_memory_limit 314572800
[  323.837778][T27168] hierarchical_memsw_limit 9223372036854771712
[  323.843959][T27168] total_cache 81432576
[  323.848038][T27168] total_rss 204800
[  323.851767][T27168] total_shmem 81403904
[  323.855881][T27168] total_mapped_file 11755520
[  323.860474][T27168] total_dirty 0
[  323.863988][T27168] total_writeback 0
[  323.867810][T27168] total_workingset_refault_anon 4453
[  323.873156][T27168] total_workingset_refault_file 2176
[  323.878471][T27168] total_swap 94208
[  323.882208][T27168] total_swapcached 4096
[  323.886422][T27168] total_pgpgin 475359
[  323.890396][T27168] total_pgpgout 455424
[  323.894539][T27168] total_pgfault 422390
[  323.898599][T27168] total_pgmajfault 665
[  323.902674][T27168] total_inactive_anon 10858496
[  323.907447][T27168] total_active_anon 70754304
[  323.912028][T27168] total_inactive_file 40960
[  323.916574][T27168] total_active_file 0
[  323.920577][T27168] total_unevictable 0
[  323.924589][T27168] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz5,task_memcg=/syz5,task=syz.5.5137,pid=27167,uid=0
[  323.939378][T27168] Memory cgroup out of memory: Killed process 27167 (syz.5.5137) total-vm:96148kB, anon-rss:1264kB, file-rss:22312kB, shmem-rss:11392kB, UID:0 pgtables:148kB oom_score_adj:1000
[  323.957896][T27261] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=27261 comm=syz.4.5143
[  324.000008][T27263] netlink: 3 bytes leftover after parsing attributes in process `syz.0.5141'.
[  324.070429][ T7190] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  324.473925][T27282] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  324.535872][T27282] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  324.605575][T27282] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  324.686836][T27282] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  324.764642][ T3980] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[  324.794935][ T3980] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[  324.812544][ T3980] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[  324.830347][ T3980] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[  324.915522][T27302] loop5: detected capacity change from 0 to 2048
[  324.932554][T27302] EXT4-fs: Ignoring removed nobh option
[  324.963908][T27302] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  325.001613][T23734] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  325.018761][T23734] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  325.091002][T27311] tipc: Failed to remove unknown binding: 66,0,0/3141817520:2224738775/2224738776
[  325.156742][T27311] tipc: Failed to remove unknown binding: 66,0,0/3141817520:2224738775/2224738776
[  325.188652][T27314] netlink: 'syz.2.5161': attribute type 1 has an invalid length.
[  325.241022][T27316] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5161'.
[  325.260123][T27314] 8021q: adding VLAN 0 to HW filter on device bond11
[  325.295418][T27316] bond11 (unregistering): Released all slaves
[  325.309214][ T7190] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  325.436792][T27320] ref_ctr increment failed for inode: 0x15ff offset: 0x5 ref_ctr_offset: 0x1000 of mm: 0xffff8881042f86c0
[  325.479717][T27318] rdma_rxe: rxe_newlink: failed to add lo
[  325.746745][T27312] syz.4.5159 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=0
[  325.760681][T27312] CPU: 0 UID: 0 PID: 27312 Comm: syz.4.5159 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  325.760705][T27312] Tainted: [W]=WARN
[  325.760709][T27312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  325.760717][T27312] Call Trace:
[  325.760722][T27312]  <TASK>
[  325.760752][T27312]  __dump_stack+0x1d/0x30
[  325.760769][T27312]  dump_stack_lvl+0x95/0xd0
[  325.760783][T27312]  dump_stack+0x15/0x1b
[  325.760796][T27312]  dump_header+0x81/0x240
[  325.760810][T27312]  oom_kill_process+0x295/0x350
[  325.760826][T27312]  out_of_memory+0x97b/0xb80
[  325.760903][T27312]  try_charge_memcg+0x610/0xa10
[  325.760930][T27312]  obj_cgroup_charge_pages+0xa6/0x150
[  325.761000][T27312]  __memcg_kmem_charge_page+0x9f/0x170
[  325.761077][T27312]  __alloc_frozen_pages_noprof+0x18f/0x360
[  325.761097][T27312]  alloc_pages_mpol+0xb3/0x260
[  325.761117][T27312]  alloc_pages_noprof+0x90/0x130
[  325.761196][T27312]  __vmalloc_node_range_noprof+0xa7b/0x1310
[  325.761228][T27312]  __kvmalloc_node_noprof+0x492/0x6b0
[  325.761244][T27312]  ? ip_set_alloc+0x24/0x30
[  325.761316][T27312]  ? ip_set_alloc+0x24/0x30
[  325.761351][T27312]  ip_set_alloc+0x24/0x30
[  325.761373][T27312]  hash_netiface_create+0x282/0x740
[  325.761395][T27312]  ? __pfx_hash_netiface_create+0x10/0x10
[  325.761490][T27312]  ip_set_create+0x3cc/0x970
[  325.761583][T27312]  ? __nla_parse+0x40/0x60
[  325.761604][T27312]  nfnetlink_rcv_msg+0x4c6/0x590
[  325.761634][T27312]  netlink_rcv_skb+0x123/0x220
[  325.761677][T27312]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  325.761710][T27312]  nfnetlink_rcv+0x167/0x16c0
[  325.761790][T27312]  ? kmem_cache_free+0xe3/0x3a0
[  325.761807][T27312]  ? __kfree_skb+0x109/0x150
[  325.761822][T27312]  ? nlmon_xmit+0x4f/0x60
[  325.761896][T27312]  ? consume_skb+0x49/0x150
[  325.761911][T27312]  ? nlmon_xmit+0x4f/0x60
[  325.761924][T27312]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  325.762007][T27312]  ? __dev_queue_xmit+0x13a6/0x1ee0
[  325.762129][T27312]  ? __dev_queue_xmit+0x148/0x1ee0
[  325.762155][T27312]  ? ref_tracker_free+0x37d/0x3e0
[  325.762274][T27312]  ? __netlink_deliver_tap+0x4dc/0x500
[  325.762306][T27312]  netlink_unicast+0x5c0/0x690
[  325.762409][T27312]  netlink_sendmsg+0x58b/0x6b0
[  325.762440][T27312]  ? __pfx_netlink_sendmsg+0x10/0x10
[  325.762508][T27312]  __sock_sendmsg+0x145/0x180
[  325.762521][T27312]  ____sys_sendmsg+0x31e/0x4a0
[  325.762557][T27312]  ___sys_sendmsg+0x17b/0x1d0
[  325.762713][T27312]  __x64_sys_sendmsg+0xd4/0x160
[  325.762751][T27312]  x64_sys_call+0x17ba/0x3000
[  325.762770][T27312]  do_syscall_64+0xca/0x2b0
[  325.762807][T27312]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  325.762827][T27312] RIP: 0033:0x7f948b0af749
[  325.762894][T27312] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  325.762906][T27312] RSP: 002b:00007f9489aee038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  325.762921][T27312] RAX: ffffffffffffffda RBX: 00007f948b306090 RCX: 00007f948b0af749
[  325.762930][T27312] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000004
[  325.762938][T27312] RBP: 00007f948b133f91 R08: 0000000000000000 R09: 0000000000000000
[  325.762947][T27312] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  325.762955][T27312] R13: 00007f948b306128 R14: 00007f948b306090 R15: 00007ffd8e351e68
[  325.763013][T27312]  </TASK>
[  325.763018][T27312] memory: usage 307200kB, limit 307200kB, failcnt 843
[  326.097525][T27312] memory+swap: usage 363852kB, limit 9007199254740988kB, failcnt 0
[  326.105496][T27312] kmem: usage 283788kB, limit 9007199254740988kB, failcnt 0
[  326.112855][T27312] Memory cgroup stats for /syz4:
[  326.113216][T27312] cache 22753280
[  326.121740][T27312] rss 307200
[  326.125012][T27312] shmem 22740992
[  326.128546][T27312] mapped_file 11767808
[  326.132604][T27312] dirty 8192
[  326.135817][T27312] writeback 8192
[  326.139399][T27312] workingset_refault_anon 3274
[  326.144185][T27312] workingset_refault_file 7187
[  326.148974][T27312] swap 58011648
[  326.152417][T27312] swapcached 868352
[  326.156230][T27312] pgpgin 430720
[  326.159676][T27312] pgpgout 424875
[  326.163225][T27312] pgfault 373832
[  326.166778][T27312] pgmajfault 458
[  326.170308][T27312] inactive_anon 11837440
[  326.174549][T27312] active_anon 12079104
[  326.178679][T27312] inactive_file 20480
[  326.182708][T27312] active_file 4096
[  326.186432][T27312] unevictable 0
[  326.189878][T27312] hierarchical_memory_limit 314572800
[  326.195269][T27312] hierarchical_memsw_limit 9223372036854771712
[  326.201410][T27312] total_cache 22753280
[  326.205557][T27312] total_rss 307200
[  326.209305][T27312] total_shmem 22740992
[  326.213360][T27312] total_mapped_file 11767808
[  326.218073][T27312] total_dirty 8192
[  326.221832][T27312] total_writeback 8192
[  326.225933][T27312] total_workingset_refault_anon 3274
[  326.231275][T27312] total_workingset_refault_file 7187
[  326.236563][T27312] total_swap 58011648
[  326.240543][T27312] total_swapcached 868352
[  326.244891][T27312] total_pgpgin 430720
[  326.248855][T27312] total_pgpgout 424875
[  326.252911][T27312] total_pgfault 373832
[  326.256979][T27312] total_pgmajfault 458
[  326.261036][T27312] total_inactive_anon 11837440
[  326.265800][T27312] total_active_anon 12079104
[  326.270374][T27312] total_inactive_file 20480
[  326.274896][T27312] total_active_file 4096
[  326.279129][T27312] total_unevictable 0
[  326.283110][T27312] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.1576,pid=8451,uid=0
[  326.297740][T27312] Memory cgroup out of memory: Killed process 8451 (syz.4.1576) total-vm:95884kB, anon-rss:1148kB, file-rss:20736kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[  326.347739][T27312] syz.4.5159 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=0
[  326.361607][T27312] CPU: 0 UID: 0 PID: 27312 Comm: syz.4.5159 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  326.361630][T27312] Tainted: [W]=WARN
[  326.361635][T27312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  326.361643][T27312] Call Trace:
[  326.361683][T27312]  <TASK>
[  326.361689][T27312]  __dump_stack+0x1d/0x30
[  326.361707][T27312]  dump_stack_lvl+0x95/0xd0
[  326.361722][T27312]  dump_stack+0x15/0x1b
[  326.361735][T27312]  dump_header+0x81/0x240
[  326.361749][T27312]  oom_kill_process+0x295/0x350
[  326.361783][T27312]  out_of_memory+0x97b/0xb80
[  326.361879][T27312]  try_charge_memcg+0x610/0xa10
[  326.361906][T27312]  obj_cgroup_charge_pages+0xa6/0x150
[  326.361925][T27312]  __memcg_kmem_charge_page+0x9f/0x170
[  326.361986][T27312]  __alloc_frozen_pages_noprof+0x18f/0x360
[  326.362034][T27312]  alloc_pages_mpol+0xb3/0x260
[  326.362054][T27312]  alloc_pages_noprof+0x90/0x130
[  326.362140][T27312]  __vmalloc_node_range_noprof+0xa7b/0x1310
[  326.362173][T27312]  __kvmalloc_node_noprof+0x492/0x6b0
[  326.362223][T27312]  ? ip_set_alloc+0x24/0x30
[  326.362307][T27312]  ? ip_set_alloc+0x24/0x30
[  326.362375][T27312]  ip_set_alloc+0x24/0x30
[  326.362409][T27312]  hash_netiface_create+0x282/0x740
[  326.362437][T27312]  ? __pfx_hash_netiface_create+0x10/0x10
[  326.362490][T27312]  ip_set_create+0x3cc/0x970
[  326.362531][T27312]  ? __nla_parse+0x40/0x60
[  326.362599][T27312]  nfnetlink_rcv_msg+0x4c6/0x590
[  326.362629][T27312]  netlink_rcv_skb+0x123/0x220
[  326.362658][T27312]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  326.362679][T27312]  nfnetlink_rcv+0x167/0x16c0
[  326.362695][T27312]  ? kmem_cache_free+0xe3/0x3a0
[  326.362711][T27312]  ? __kfree_skb+0x109/0x150
[  326.362783][T27312]  ? nlmon_xmit+0x4f/0x60
[  326.362796][T27312]  ? consume_skb+0x49/0x150
[  326.362811][T27312]  ? nlmon_xmit+0x4f/0x60
[  326.362894][T27312]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  326.362913][T27312]  ? __dev_queue_xmit+0x13a6/0x1ee0
[  326.362931][T27312]  ? __dev_queue_xmit+0x148/0x1ee0
[  326.362950][T27312]  ? ref_tracker_free+0x37d/0x3e0
[  326.362973][T27312]  ? __netlink_deliver_tap+0x4dc/0x500
[  326.362995][T27312]  netlink_unicast+0x5c0/0x690
[  326.363014][T27312]  netlink_sendmsg+0x58b/0x6b0
[  326.363103][T27312]  ? __pfx_netlink_sendmsg+0x10/0x10
[  326.363122][T27312]  __sock_sendmsg+0x145/0x180
[  326.363216][T27312]  ____sys_sendmsg+0x31e/0x4a0
[  326.363237][T27312]  ___sys_sendmsg+0x17b/0x1d0
[  326.363310][T27312]  __x64_sys_sendmsg+0xd4/0x160
[  326.363331][T27312]  x64_sys_call+0x17ba/0x3000
[  326.363350][T27312]  do_syscall_64+0xca/0x2b0
[  326.363442][T27312]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  326.363457][T27312] RIP: 0033:0x7f948b0af749
[  326.363469][T27312] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  326.363490][T27312] RSP: 002b:00007f9489aee038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  326.363505][T27312] RAX: ffffffffffffffda RBX: 00007f948b306090 RCX: 00007f948b0af749
[  326.363514][T27312] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000004
[  326.363522][T27312] RBP: 00007f948b133f91 R08: 0000000000000000 R09: 0000000000000000
[  326.363531][T27312] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  326.363539][T27312] R13: 00007f948b306128 R14: 00007f948b306090 R15: 00007ffd8e351e68
[  326.363552][T27312]  </TASK>
[  326.363627][T27312] memory: usage 307200kB, limit 307200kB, failcnt 1353
[  326.602204][   T29] kauditd_printk_skb: 1072 callbacks suppressed
[  326.602220][   T29] audit: type=1326 audit(582.571:19657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27258 comm="syz.1.5142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f4db63165e7 code=0x7ffc0000
[  326.604282][T27312] memory+swap: usage 364560kB, limit 9007199254740988kB, failcnt 0
[  326.609025][   T29] audit: type=1326 audit(582.581:19658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27258 comm="syz.1.5142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4db62bb829 code=0x7ffc0000
[  326.614717][T27312] kmem: usage 284628kB, limit 9007199254740988kB, failcnt 0
[  326.619349][   T29] audit: type=1326 audit(582.591:19659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27258 comm="syz.1.5142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f4db63165e7 code=0x7ffc0000
[  326.638771][T27312] Memory cgroup stats for /syz4:
[  326.639136][T27312] cache 22671360
[  326.647245][   T29] audit: type=1326 audit(582.591:19660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27258 comm="syz.1.5142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4db62bb829 code=0x7ffc0000
[  326.655223][T27312] rss 307200
[  326.655236][T27312] shmem 22663168
[  326.663211][   T29] audit: type=1326 audit(582.591:19661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27258 comm="syz.1.5142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4db631f749 code=0x7ffc0000
[  326.663947][   T29] audit: type=1326 audit(582.641:19662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27258 comm="syz.1.5142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f4db63165e7 code=0x7ffc0000
[  326.671276][T27312] mapped_file 11759616
[  326.679247][   T29] audit: type=1326 audit(582.641:19663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27258 comm="syz.1.5142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4db62bb829 code=0x7ffc0000
[  326.687217][T27312] dirty 0
[  326.687229][T27312] writeback 0
[  326.690311][   T29] audit: type=1326 audit(582.641:19664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27258 comm="syz.1.5142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4db631f749 code=0x7ffc0000
[  326.697112][T27312] workingset_refault_anon 3274
[  326.697124][T27312] workingset_refault_file 7187
[  326.697134][T27312] swap 58736640
[  326.697142][T27312] swapcached 118784
[  326.697229][T27312] pgpgin 430720
[  326.697237][T27312] pgpgout 425078
[  326.697245][T27312] pgfault 373838
[  326.697254][T27312] pgmajfault 458
[  326.697263][T27312] inactive_anon 11177984
[  326.697272][T27312] active_anon 11911168
[  326.704152][   T29] audit: type=1326 audit(582.681:19665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27258 comm="syz.1.5142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f4db63165e7 code=0x7ffc0000
[  326.726396][T27312] inactive_file 0
[  326.734287][   T29] audit: type=1326 audit(582.681:19666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27258 comm="syz.1.5142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4db62bb829 code=0x7ffc0000
[  326.757145][T27312] active_file 20480
[  326.757156][T27312] unevictable 0
[  327.023859][T27312] hierarchical_memory_limit 314572800
[  327.029234][T27312] hierarchical_memsw_limit 9223372036854771712
[  327.035418][T27312] total_cache 22671360
[  327.039496][T27312] total_rss 307200
[  327.043239][T27312] total_shmem 22663168
[  327.047335][T27312] total_mapped_file 11759616
[  327.051996][T27312] total_dirty 0
[  327.055497][T27312] total_writeback 0
[  327.059316][T27312] total_workingset_refault_anon 3274
[  327.064682][T27312] total_workingset_refault_file 7187
[  327.069980][T27312] total_swap 58736640
[  327.073991][T27312] total_swapcached 118784
[  327.078325][T27312] total_pgpgin 430720
[  327.082311][T27312] total_pgpgout 425078
[  327.086422][T27312] total_pgfault 373838
[  327.090498][T27312] total_pgmajfault 458
[  327.094590][T27312] total_inactive_anon 11177984
[  327.099460][T27312] total_active_anon 11911168
[  327.104077][T27312] total_inactive_file 0
[  327.108235][T27312] total_active_file 20480
[  327.112607][T27312] total_unevictable 0
[  327.116618][T27312] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.5159,pid=27307,uid=0
[  327.131310][T27312] Memory cgroup out of memory: Killed process 27312 (syz.4.5159) total-vm:96148kB, anon-rss:1264kB, file-rss:22184kB, shmem-rss:11392kB, UID:0 pgtables:144kB oom_score_adj:0
[  327.383046][T27357] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5177'.
[  327.488779][T27357] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5177'.
[  327.513095][T27357] loop1: detected capacity change from 0 to 512
[  327.528377][T27357] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  327.548686][T27357] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.5177: bg 0: block 104: invalid block bitmap
[  327.575099][T27357] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6689: Corrupt filesystem
[  327.594457][T27357] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.5177: invalid indirect mapped block 1 (level 1)
[  327.618349][T27357] EXT4-fs (loop1): 1 truncate cleaned up
[  327.634354][T27357] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  327.787854][ T3327] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  327.807086][T27370] loop1: detected capacity change from 0 to 512
[  327.824964][T27370] EXT4-fs warning (device loop1): ext4_enable_quotas:7221: Failed to enable quota tracking (type=0, err=-13, ino=3). Please run e2fsck to fix.
[  327.839883][T27370] EXT4-fs (loop1): mount failed
[  327.900097][T27373] lo speed is unknown, defaulting to 1000
[  328.534908][T27377] syzkaller0: entered promiscuous mode
[  328.540413][T27377] syzkaller0: entered allmulticast mode
[  328.785760][T27400] rdma_rxe: rxe_newlink: failed to add lo
[  329.079778][T27402] netlink: 83992 bytes leftover after parsing attributes in process `syz.1.5190'.
[  329.113704][T27402] netlink: zone id is out of range
[  329.118892][T27402] netlink: zone id is out of range
[  329.127631][T27404] loop5: detected capacity change from 0 to 32768
[  329.142469][T27402] netlink: zone id is out of range
[  329.187277][T27402] netlink: set zone limit has 8 unknown bytes
[  329.453397][T27422] xt_recent: hitcount (16777216) is larger than allowed maximum (65535)
[  329.512924][T27385] syz.2.5184 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  329.523755][T27385] CPU: 1 UID: 0 PID: 27385 Comm: syz.2.5184 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  329.523788][T27385] Tainted: [W]=WARN
[  329.523794][T27385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  329.523881][T27385] Call Trace:
[  329.523888][T27385]  <TASK>
[  329.523896][T27385]  __dump_stack+0x1d/0x30
[  329.523920][T27385]  dump_stack_lvl+0x95/0xd0
[  329.523946][T27385]  dump_stack+0x15/0x1b
[  329.523965][T27385]  dump_header+0x81/0x240
[  329.524007][T27385]  oom_kill_process+0x295/0x350
[  329.524085][T27385]  out_of_memory+0x97b/0xb80
[  329.524114][T27385]  try_charge_memcg+0x610/0xa10
[  329.524226][T27385]  charge_memcg+0x51/0xc0
[  329.524293][T27385]  __mem_cgroup_charge+0x28/0xb0
[  329.524384][T27385]  filemap_add_folio+0x111/0x360
[  329.524411][T27385]  __filemap_get_folio_mpol+0x326/0x650
[  329.524507][T27385]  filemap_fault+0x44d/0xb70
[  329.524535][T27385]  ? tracing_record_taskinfo_sched_switch+0x71/0x260
[  329.524570][T27385]  ? __rcu_read_lock+0x37/0x50
[  329.524668][T27385]  __do_fault+0xbc/0x200
[  329.524690][T27385]  handle_mm_fault+0xd9c/0x2c60
[  329.524739][T27385]  do_user_addr_fault+0x630/0x1080
[  329.524771][T27385]  ? switch_fpu_return+0xe/0x20
[  329.524794][T27385]  ? arch_exit_work+0x30/0x40
[  329.524833][T27385]  exc_page_fault+0x62/0xa0
[  329.524859][T27385]  asm_exc_page_fault+0x26/0x30
[  329.524972][T27385] RIP: 0033:0x7f63acadf11a
[  329.524989][T27385] Code: 01 4c 89 44 24 10 4c 89 54 24 08 e8 a0 9d fe ff 48 8b 43 38 4c 8b 44 24 10 83 43 28 08 4c 8b 54 24 08 48 8d 48 f8 48 89 4b 38 <48> 89 68 f8 45 3b 78 04 0f 82 5e fe ff ff e9 ed fe ff ff 0f 1f 00
[  329.525007][T27385] RSP: 002b:00007fffa81ab950 EFLAGS: 00010206
[  329.525023][T27385] RAX: 0000001b3470f9f0 RBX: 00007f63ad985720 RCX: 0000001b3470f9e8
[  329.525036][T27385] RDX: 0000001b34124220 RSI: 0000000000000008 RDI: 00007f63ad985720
[  329.525048][T27385] RBP: ffffffff815f3d54 R08: 00007f63ace56128 R09: 00007f63ace42000
[  329.525071][T27385] R10: 00007f63ac26d008 R11: 0000000000000008 R12: 0000000000000008
[  329.525083][T27385] R13: 0000000000000624 R14: ffffffff815f3ada R15: 0000000000069242
[  329.525096][T27385]  ? bpf_trace_run4+0x3a/0x1e0
[  329.525172][T27385]  ? bpf_trace_run5+0xc4/0x1f0
[  329.525271][T27385]  </TASK>
[  329.525277][T27385] memory: usage 307200kB, limit 307200kB, failcnt 613
[  329.747106][T27385] memory+swap: usage 372636kB, limit 9007199254740988kB, failcnt 0
[  329.755041][T27385] kmem: usage 224220kB, limit 9007199254740988kB, failcnt 0
[  329.762408][T27385] Memory cgroup stats for /syz2:
[  329.764669][T27385] cache 82419712
[  329.773232][T27385] rss 806912
[  329.776480][T27385] shmem 13291520
[  329.780030][T27385] mapped_file 11755520
[  329.784163][T27385] dirty 0
[  329.787214][T27385] writeback 0
[  329.790731][T27385] workingset_refault_anon 814
[  329.795462][T27385] workingset_refault_file 10942
[  329.800412][T27385] swap 67006464
[  329.803900][T27385] swapcached 1720320
[  329.807805][T27385] pgpgin 481786
[  329.811270][T27385] pgpgout 461045
[  329.814985][T27385] pgfault 454945
[  329.818545][T27385] pgmajfault 138
[  329.822186][T27385] inactive_anon 4734976
[  329.826361][T27385] active_anon 11083776
[  329.830432][T27385] inactive_file 0
[  329.834087][T27385] active_file 8192
[  329.837814][T27385] unevictable 69128192
[  329.841883][T27385] hierarchical_memory_limit 314572800
[  329.847286][T27385] hierarchical_memsw_limit 9223372036854771712
[  329.853449][T27385] total_cache 82419712
[  329.857532][T27385] total_rss 806912
[  329.861297][T27385] total_shmem 13291520
[  329.865445][T27385] total_mapped_file 11755520
[  329.870087][T27385] total_dirty 0
[  329.873589][T27385] total_writeback 0
[  329.877482][T27385] total_workingset_refault_anon 814
[  329.882675][T27385] total_workingset_refault_file 10942
[  329.888146][T27385] total_swap 67006464
[  329.892122][T27385] total_swapcached 1720320
[  329.896584][T27385] total_pgpgin 481786
[  329.900575][T27385] total_pgpgout 461045
[  329.904749][T27385] total_pgfault 454945
[  329.908864][T27385] total_pgmajfault 138
[  329.912929][T27385] total_inactive_anon 4734976
[  329.917626][T27385] total_active_anon 11083776
[  329.922295][T27385] total_inactive_file 0
[  329.926527][T27385] total_active_file 8192
[  329.930904][T27385] total_unevictable 69128192
[  329.935549][T27385] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.1467,pid=8173,uid=0
[  329.950197][T27385] Memory cgroup out of memory: Killed process 8173 (syz.2.1467) total-vm:95884kB, anon-rss:1148kB, file-rss:20736kB, shmem-rss:0kB, UID:0 pgtables:88kB oom_score_adj:1000
[  330.107512][T27396] syz.2.5184 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=0
[  330.121432][T27396] CPU: 1 UID: 0 PID: 27396 Comm: syz.2.5184 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  330.121468][T27396] Tainted: [W]=WARN
[  330.121475][T27396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  330.121487][T27396] Call Trace:
[  330.121494][T27396]  <TASK>
[  330.121502][T27396]  __dump_stack+0x1d/0x30
[  330.121553][T27396]  dump_stack_lvl+0x95/0xd0
[  330.121575][T27396]  dump_stack+0x15/0x1b
[  330.121599][T27396]  dump_header+0x81/0x240
[  330.121748][T27396]  oom_kill_process+0x295/0x350
[  330.121771][T27396]  out_of_memory+0x97b/0xb80
[  330.121800][T27396]  try_charge_memcg+0x610/0xa10
[  330.121849][T27396]  obj_cgroup_charge_pages+0xa6/0x150
[  330.121929][T27396]  __memcg_kmem_charge_page+0x9f/0x170
[  330.121957][T27396]  __alloc_frozen_pages_noprof+0x18f/0x360
[  330.121990][T27396]  alloc_pages_mpol+0xb3/0x260
[  330.122070][T27396]  alloc_pages_noprof+0x90/0x130
[  330.122163][T27396]  __vmalloc_node_range_noprof+0xa7b/0x1310
[  330.122206][T27396]  __kvmalloc_node_noprof+0x492/0x6b0
[  330.122234][T27396]  ? ip_set_alloc+0x24/0x30
[  330.122268][T27396]  ? ip_set_alloc+0x24/0x30
[  330.122337][T27396]  ip_set_alloc+0x24/0x30
[  330.122442][T27396]  hash_netiface_create+0x282/0x740
[  330.122531][T27396]  ? __pfx_hash_netiface_create+0x10/0x10
[  330.122565][T27396]  ip_set_create+0x3cc/0x970
[  330.122627][T27396]  ? __nla_parse+0x40/0x60
[  330.122655][T27396]  nfnetlink_rcv_msg+0x4c6/0x590
[  330.122751][T27396]  netlink_rcv_skb+0x123/0x220
[  330.122780][T27396]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  330.122896][T27396]  nfnetlink_rcv+0x167/0x16c0
[  330.122930][T27396]  ? __rcu_read_unlock+0x34/0x70
[  330.122952][T27396]  ? __rcu_read_unlock+0x34/0x70
[  330.123036][T27396]  ? is_bpf_text_address+0x141/0x160
[  330.123074][T27396]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  330.123159][T27396]  ? kernel_text_address+0x94/0xb0
[  330.123182][T27396]  ? __kernel_text_address+0xd/0x40
[  330.123205][T27396]  ? unwind_get_return_address+0x16/0x40
[  330.123231][T27396]  ? perf_callchain_kernel+0x2e9/0x350
[  330.123258][T27396]  ? bcmp+0x2e/0x90
[  330.123283][T27396]  ? should_fail_ex+0x30/0x280
[  330.123334][T27396]  ? selinux_nlmsg_lookup+0x99/0x890
[  330.123359][T27396]  ? __rcu_read_unlock+0x34/0x70
[  330.123384][T27396]  ? __netlink_lookup+0x266/0x2a0
[  330.123421][T27396]  netlink_unicast+0x5c0/0x690
[  330.123491][T27396]  netlink_sendmsg+0x58b/0x6b0
[  330.123594][T27396]  ? __pfx_netlink_sendmsg+0x10/0x10
[  330.123632][T27396]  __sock_sendmsg+0x145/0x180
[  330.123682][T27396]  ____sys_sendmsg+0x31e/0x4a0
[  330.123813][T27396]  ___sys_sendmsg+0x17b/0x1d0
[  330.123883][T27396]  __x64_sys_sendmsg+0xd4/0x160
[  330.123916][T27396]  x64_sys_call+0x17ba/0x3000
[  330.123944][T27396]  do_syscall_64+0xca/0x2b0
[  330.123983][T27396]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  330.124035][T27396] RIP: 0033:0x7f63acbff749
[  330.124095][T27396] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  330.124115][T27396] RSP: 002b:00007f63ab646038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  330.124138][T27396] RAX: ffffffffffffffda RBX: 00007f63ace56090 RCX: 00007f63acbff749
[  330.124158][T27396] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000004
[  330.124173][T27396] RBP: 00007f63acc83f91 R08: 0000000000000000 R09: 0000000000000000
[  330.124188][T27396] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  330.124203][T27396] R13: 00007f63ace56128 R14: 00007f63ace56090 R15: 00007fffa81ab8c8
[  330.124225][T27396]  </TASK>
[  330.467865][T27396] memory: usage 307200kB, limit 307200kB, failcnt 837
[  330.474805][T27396] memory+swap: usage 372636kB, limit 9007199254740988kB, failcnt 0
[  330.482735][T27396] kmem: usage 224328kB, limit 9007199254740988kB, failcnt 0
[  330.490094][T27396] Memory cgroup stats for /syz2:
[  330.490455][T27396] cache 82423808
[  330.498967][T27396] rss 708608
[  330.502174][T27396] shmem 13291520
[  330.505760][T27396] mapped_file 11755520
[  330.509841][T27396] dirty 0
[  330.512793][T27396] writeback 0
[  330.516102][T27396] workingset_refault_anon 814
[  330.520855][T27396] workingset_refault_file 10948
[  330.525791][T27396] swap 67006464
[  330.529305][T27396] swapcached 1720320
[  330.533215][T27396] pgpgin 481792
[  330.536699][T27396] pgpgout 461074
[  330.540254][T27396] pgfault 454951
[  330.543899][T27396] pgmajfault 143
[  330.547451][T27396] inactive_anon 4734976
[  330.551637][T27396] active_anon 10985472
[  330.555752][T27396] inactive_file 0
[  330.559447][T27396] active_file 12288
[  330.563261][T27396] unevictable 69128192
[  330.567365][T27396] hierarchical_memory_limit 314572800
[  330.572756][T27396] hierarchical_memsw_limit 9223372036854771712
[  330.578924][T27396] total_cache 82423808
[  330.582998][T27396] total_rss 708608
[  330.586741][T27396] total_shmem 13291520
[  330.590852][T27396] total_mapped_file 11755520
[  330.595521][T27396] total_dirty 0
[  330.598985][T27396] total_writeback 0
[  330.602819][T27396] total_workingset_refault_anon 814
[  330.608059][T27396] total_workingset_refault_file 10948
[  330.613507][T27396] total_swap 67006464
[  330.617534][T27396] total_swapcached 1720320
[  330.621950][T27396] total_pgpgin 481792
[  330.625959][T27396] total_pgpgout 461074
[  330.630026][T27396] total_pgfault 454951
[  330.634135][T27396] total_pgmajfault 143
[  330.638212][T27396] total_inactive_anon 4734976
[  330.642985][T27396] total_active_anon 10985472
[  330.647675][T27396] total_inactive_file 0
[  330.651844][T27396] total_active_file 12288
[  330.656210][T27396] total_unevictable 69128192
[  330.660810][T27396] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.5184,pid=27385,uid=0
[  330.675780][T27396] Memory cgroup out of memory: Killed process 27385 (syz.2.5184) total-vm:96148kB, anon-rss:1268kB, file-rss:22180kB, shmem-rss:11392kB, UID:0 pgtables:148kB oom_score_adj:0
[  330.834182][T27448] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5215'.
[  330.914001][T27449] lo speed is unknown, defaulting to 1000
[  331.062184][T27461] netlink: 'syz.5.5210': attribute type 1 has an invalid length.
[  331.073874][T27463] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5211'.
[  331.103347][T27461] 8021q: adding VLAN 0 to HW filter on device bond6
[  331.145130][T27465] .`: (slave dummy0): Releasing backup interface
[  331.174676][T27465] bond6: (slave dummy0): making interface the new active one
[  331.183143][T27465] bond6: (slave dummy0): Enslaving as an active interface with an up link
[  331.194142][T27463] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=27463 comm=syz.0.5211
[  331.255879][T27463] netlink: 'syz.0.5211': attribute type 1 has an invalid length.
[  331.394567][T27478] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  331.427255][T27484] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5219'.
[  331.458225][T27478] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  331.556267][T27478] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  331.618184][T27478] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  331.694052][ T4012] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[  331.727787][ T4012] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[  331.748755][T27506] netlink: 'syz.2.5225': attribute type 39 has an invalid length.
[  331.761718][ T4012] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[  331.788149][ T4012] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[  331.865218][T27511] netlink: 'syz.4.5228': attribute type 1 has an invalid length.
[  331.886918][T27511] 8021q: adding VLAN 0 to HW filter on device bond6
[  331.907733][T27511] .`: (slave dummy0): Releasing backup interface
[  331.917484][T27511] bond6: (slave dummy0): making interface the new active one
[  331.925729][T27511] bond6: (slave dummy0): Enslaving as an active interface with an up link
[  331.934411][T27514] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  331.958913][T27516] xt_recent: hitcount (16777216) is larger than allowed maximum (65535)
[  332.029809][   T29] kauditd_printk_skb: 156 callbacks suppressed
[  332.029826][   T29] audit: type=1326 audit(588.001:19823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27526 comm="wg1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  332.058751][   T29] audit: type=1326 audit(588.001:19824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27526 comm="wg1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  332.081145][   T29] audit: type=1326 audit(588.001:19825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27526 comm="wg1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  332.103509][   T29] audit: type=1326 audit(588.001:19826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27526 comm="wg1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  332.125994][   T29] audit: type=1326 audit(588.001:19827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27526 comm="wg1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  332.148352][   T29] audit: type=1326 audit(588.001:19828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27526 comm="wg1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  332.170807][   T29] audit: type=1326 audit(588.001:19829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27526 comm="wg1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  332.193175][   T29] audit: type=1326 audit(588.001:19830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27526 comm="wg1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  332.215428][   T29] audit: type=1326 audit(588.001:19831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27526 comm="wg1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  332.237830][   T29] audit: type=1326 audit(588.001:19832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27526 comm="wg1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  332.276901][T27531] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5233'.
[  332.645467][T27557] netlink: 'syz.4.5244': attribute type 7 has an invalid length.
[  332.653285][T27557] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5244'.
[  332.713149][ T2972] IPVS: starting estimator thread 0...
[  332.726274][T27564] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  332.782633][T27571] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5249'.
[  332.793208][T27564] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  332.803748][T27563] IPVS: using max 2112 ests per chain, 105600 per kthread
[  332.823301][T27571] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=27571 comm=syz.1.5249
[  332.836947][T27571] netlink: 'syz.1.5249': attribute type 1 has an invalid length.
[  332.857736][T27564] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  332.878078][T27573] netlink: 'syz.1.5250': attribute type 7 has an invalid length.
[  332.885903][T27573] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5250'.
[  332.920526][T27564] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  332.981607][ T3980] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[  332.996236][ T3980] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[  333.013246][ T3980] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[  333.040454][ T3980] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[  333.096931][T27581] vlan0: entered allmulticast mode
[  333.371884][T27592] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5258'.
[  333.573078][T27603] netlink: 'syz.4.5262': attribute type 7 has an invalid length.
[  333.580908][T27603] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5262'.
[  333.965613][T27625] xt_recent: hitcount (16777216) is larger than allowed maximum (65535)
[  334.094740][T27631] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5271'.
[  334.175570][T27633] Cannot find add_set index 0 as target
[  334.238874][T27642] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5275'.
[  334.247895][T27642] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5275'.
[  334.296473][T27644] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  334.345249][T27644] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  334.357802][T27649] netlink: 'syz.0.5279': attribute type 1 has an invalid length.
[  334.385712][T27649] 8021q: adding VLAN 0 to HW filter on device bond4
[  334.406309][T27644] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  334.450184][T27649] bond4: (slave veth13): Enslaving as an active interface with a down link
[  334.485291][T27644] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  334.503378][T27649] vlan0: entered allmulticast mode
[  334.508706][T27649] veth1: entered allmulticast mode
[  334.514374][T27649] bond4: (slave vlan0): Opening slave failed
[  334.527062][T27654] xt_recent: hitcount (16777216) is larger than allowed maximum (65535)
[  334.527523][T27653] bridge0: port 1(gretap0) entered blocking state
[  334.541958][T27653] bridge0: port 1(gretap0) entered disabled state
[  334.549499][T27653] gretap0: entered allmulticast mode
[  334.555197][T27653] gretap0: left allmulticast mode
[  334.567169][ T3965] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[  334.583242][ T4004] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[  334.606622][ T4004] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[  334.621548][ T4004] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[  334.644344][T27660] netlink: 'syz.0.5293': attribute type 3 has an invalid length.
[  334.652160][T27660] netlink: 181400 bytes leftover after parsing attributes in process `syz.0.5293'.
[  334.664686][T27661] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5283'.
[  334.723198][T27670] loop5: detected capacity change from 0 to 512
[  334.730699][T27670] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  334.745184][T27670] EXT4-fs warning (device loop5): ext4_expand_extra_isize_ea:2857: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  334.758820][T27670] EXT4-fs (loop5): 1 truncate cleaned up
[  334.765598][T27670] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  334.807328][T27680] netlink: 16 bytes leftover after parsing attributes in process `syz.4.5290'.
[  334.900475][ T7190] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  334.972225][T27682] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5291'.
[  335.293097][T27719] netlink: 96 bytes leftover after parsing attributes in process `syz.4.5305'.
[  335.296415][T27720] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5303'.
[  335.330589][T27722] Cannot find add_set index 0 as target
[  335.444531][T27731] bridge: RTM_NEWNEIGH with invalid ether address
[  335.768520][T27751] netlink: 664 bytes leftover after parsing attributes in process `syz.4.5318'.
[  335.858349][T27754] bridge0: port 2(gretap0) entered blocking state
[  335.864911][T27754] bridge0: port 2(gretap0) entered disabled state
[  335.871825][T27754] gretap0: entered allmulticast mode
[  335.878949][T27754] gretap0: entered promiscuous mode
[  335.884331][T27754] team0: entered promiscuous mode
[  335.889426][T27754] team_slave_0: entered promiscuous mode
[  335.895160][T27754] bridge11: entered promiscuous mode
[  335.930838][T27759] SET target dimension over the limit!
[  336.287738][T27791] validate_nla: 2 callbacks suppressed
[  336.287755][T27791] netlink: 'syz.1.5343': attribute type 142 has an invalid length.
[  336.352209][T27797] usb usb1: usbfs: interface 0 claimed by hub while 'syz.5.5331' sets config #1
[  336.480376][T27791] loop1: detected capacity change from 0 to 8192
[  336.993079][T27804] bridge0: port 2(
30ªî{X¹¦) entered blocking state
[  337.000005][T27804] bridge0: port 2(
30ªî{X¹¦) entered disabled state
[  337.006982][T27804] 0ªî{X¹¦: entered allmulticast mode
[  337.013083][T27804] 0ªî{X¹¦: entered promiscuous mode
[  337.018493][T27804] team0: entered promiscuous mode
[  337.023611][T27804] bridge7: entered promiscuous mode
[  337.048828][   T29] kauditd_printk_skb: 395 callbacks suppressed
[  337.048906][   T29] audit: type=1326 audit(593.021:20228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27809 comm="syz.5.5336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68d244f749 code=0x7ffc0000
[  337.078162][   T29] audit: type=1326 audit(593.021:20229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27809 comm="syz.5.5336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68d244f749 code=0x7ffc0000
[  337.101411][   T29] audit: type=1326 audit(593.021:20230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27809 comm="syz.5.5336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f68d244f749 code=0x7ffc0000
[  337.124655][   T29] audit: type=1326 audit(593.021:20231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27809 comm="syz.5.5336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68d244f749 code=0x7ffc0000
[  337.147665][   T29] audit: type=1326 audit(593.021:20232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27809 comm="syz.5.5336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f68d244f749 code=0x7ffc0000
[  337.198440][   T29] audit: type=1326 audit(593.021:20233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27809 comm="syz.5.5336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68d244f749 code=0x7ffc0000
[  337.221655][   T29] audit: type=1326 audit(593.021:20234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27809 comm="syz.5.5336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f68d244f749 code=0x7ffc0000
[  337.244685][   T29] audit: type=1326 audit(593.021:20235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27809 comm="syz.5.5336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68d244f749 code=0x7ffc0000
[  337.267846][   T29] audit: type=1326 audit(593.021:20236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27809 comm="syz.5.5336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f68d244f749 code=0x7ffc0000
[  337.290896][   T29] audit: type=1326 audit(593.021:20237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27809 comm="syz.5.5336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68d244f749 code=0x7ffc0000
[  337.701942][T27851] bridge0: port 1(gretap0) entered blocking state
[  337.708571][T27851] bridge0: port 1(gretap0) entered disabled state
[  337.717174][T27851] gretap0: entered allmulticast mode
[  337.726997][T27851] gretap0: entered promiscuous mode
[  337.763402][T27860] netlink: 'syz.2.5356': attribute type 142 has an invalid length.
[  337.864540][T27868] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  338.380072][T27907] tipc: Trying to set illegal importance in message
[  338.418767][T27909] loop5: detected capacity change from 0 to 512
[  338.434480][T27909] EXT4-fs: Ignoring removed oldalloc option
[  338.444545][T27909] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  338.479317][ T7190] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  338.485252][T27916] IPVS: wrr: UDP 224.0.0.2:0 - no destination available
[  338.513482][T27916] lo speed is unknown, defaulting to 1000
[  338.589617][T27921] lo speed is unknown, defaulting to 1000
[  338.637687][T27925] 8021q: adding VLAN 0 to HW filter on device bond0
[  338.659532][T27925] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  339.118571][T27942] __nla_validate_parse: 5 callbacks suppressed
[  339.118588][T27942] netlink: 28 bytes leftover after parsing attributes in process `'.
[  339.203036][T27949] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5389'.
[  339.398724][T27963] lo speed is unknown, defaulting to 1000
[  339.598962][T27975] IPv6: NLM_F_CREATE should be specified when creating new route
[  339.722382][T27977] lo speed is unknown, defaulting to 1000
[  340.480182][T28009] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5407'.
[  340.542048][T28009] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5407'.
[  340.986935][T28041] lo speed is unknown, defaulting to 1000
[  342.055091][   T29] kauditd_printk_skb: 677 callbacks suppressed
[  342.055109][   T29] audit: type=1326 audit(598.031:20915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28065 comm="syz.2.5429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f63acbf65e7 code=0x7ffc0000
[  342.124051][   T29] audit: type=1326 audit(598.061:20916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28065 comm="syz.2.5429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f63acb9b829 code=0x7ffc0000
[  342.147030][   T29] audit: type=1326 audit(598.061:20917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28065 comm="syz.2.5429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f63acbf65e7 code=0x7ffc0000
[  342.170019][   T29] audit: type=1326 audit(598.061:20918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28065 comm="syz.2.5429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f63acb9b829 code=0x7ffc0000
[  342.193017][   T29] audit: type=1326 audit(598.061:20919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28065 comm="syz.2.5429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  342.216118][   T29] audit: type=1326 audit(598.071:20920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28065 comm="syz.2.5429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f63acbf65e7 code=0x7ffc0000
[  342.239143][   T29] audit: type=1326 audit(598.071:20921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28065 comm="syz.2.5429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f63acb9b829 code=0x7ffc0000
[  342.261993][   T29] audit: type=1326 audit(598.071:20922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28065 comm="syz.2.5429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  342.285003][   T29] audit: type=1326 audit(598.081:20923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28065 comm="syz.2.5429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f63acbf65e7 code=0x7ffc0000
[  342.308044][   T29] audit: type=1326 audit(598.081:20924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28065 comm="syz.2.5429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f63acb9b829 code=0x7ffc0000
[  342.487316][T28083] lo speed is unknown, defaulting to 1000
[  342.552515][T28092] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5439'.
[  342.575638][T28092] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=28092 comm=syz.1.5439
[  342.758338][T28107] netlink: 28 bytes leftover after parsing attributes in process `'.
[  342.850794][T28112] lo speed is unknown, defaulting to 1000
[  342.913575][T28116] lo speed is unknown, defaulting to 1000
[  342.951822][T28118] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  343.420545][T28143] netlink: 36 bytes leftover after parsing attributes in process `syz.2.5454'.
[  343.429579][T28143] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5454'.
[  343.438609][T28143] netlink: 36 bytes leftover after parsing attributes in process `syz.2.5454'.
[  343.501685][T28143] netlink: 36 bytes leftover after parsing attributes in process `syz.2.5454'.
[  343.630852][T28157] lo speed is unknown, defaulting to 1000
[  344.185482][T28184] __nla_validate_parse: 1 callbacks suppressed
[  344.185511][T28184] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5473'.
[  344.363976][T28186] lo speed is unknown, defaulting to 1000
[  344.529455][T28192] bond6: (slave dummy0): Releasing active interface
[  344.557234][T28192] .`: (slave bond_slave_0): Releasing backup interface
[  344.574616][T28192] .`: (slave bond_slave_1): Releasing backup interface
[  344.583598][T28192] batman_adv: batadv0: Removing interface: batadv_slave_0
[  344.596021][T28192] batman_adv: batadv0: Removing interface: batadv_slave_1
[  344.611039][T28192] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  344.717081][T28199] netlink: 660 bytes leftover after parsing attributes in process `syz.1.5478'.
[  344.737186][T28197] lo speed is unknown, defaulting to 1000
[  345.093913][ T3787] page_pool_release_retry() stalled pool shutdown: id 187, 1 inflight 60 sec
[  345.195438][T28221] netlink: 52 bytes leftover after parsing attributes in process `syz.2.5488'.
[  345.965723][T28234] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5493'.
[  346.026919][T28236] lo speed is unknown, defaulting to 1000
[  346.167703][T28252] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5499'.
[  346.244519][T28252] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=28252 comm=syz.0.5499
[  346.891555][T28286] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5513'.
[  347.051173][T28305] netlink: 32 bytes leftover after parsing attributes in process `syz.5.5520'.
[  347.064187][   T29] kauditd_printk_skb: 923 callbacks suppressed
[  347.064256][   T29] audit: type=1326 audit(603.041:21848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28304 comm="syz.5.5520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f68d244f749 code=0x7ffc0000
[  347.093990][   T29] audit: type=1326 audit(603.071:21849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28281 comm="syz.0.5510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7ff12e6565e7 code=0x7ffc0000
[  347.117024][   T29] audit: type=1326 audit(603.071:21850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28281 comm="syz.0.5510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7ff12e5fb829 code=0x7ffc0000
[  347.139961][   T29] audit: type=1326 audit(603.071:21851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28281 comm="syz.0.5510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7ff12e65f749 code=0x7ffc0000
[  347.163697][   T29] audit: type=1326 audit(603.101:21852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28281 comm="syz.0.5510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7ff12e6565e7 code=0x7ffc0000
[  347.186710][   T29] audit: type=1326 audit(603.101:21853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28281 comm="syz.0.5510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7ff12e5fb829 code=0x7ffc0000
[  347.209607][   T29] audit: type=1326 audit(603.101:21854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28281 comm="syz.0.5510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7ff12e65f749 code=0x7ffc0000
[  347.232612][   T29] audit: type=1326 audit(603.101:21855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28304 comm="syz.5.5520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68d244f749 code=0x7ffc0000
[  347.255689][   T29] audit: type=1326 audit(603.101:21856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28304 comm="syz.5.5520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68d244f749 code=0x7ffc0000
[  347.278669][   T29] audit: type=1326 audit(603.101:21857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28281 comm="syz.0.5510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7ff12e6565e7 code=0x7ffc0000
[  347.838667][T28322] netlink: 'syz.1.5525': attribute type 39 has an invalid length.
[  347.932158][T28330] lo speed is unknown, defaulting to 1000
[  348.203492][T28334] lo speed is unknown, defaulting to 1000
[  349.694327][T28361] gretap0: left allmulticast mode
[  349.699481][T28361] gretap0: left promiscuous mode
[  349.704612][T28361] bridge0: port 1(gretap0) entered disabled state
[  349.732868][T28361] bond0: (slave dummy0): Releasing backup interface
[  349.974281][T28394] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=65535 sclass=netlink_xfrm_socket pid=28394 comm=syz.1.5554
[  350.000042][T28394] netlink: 64 bytes leftover after parsing attributes in process `syz.1.5554'.
[  350.077099][T28399] netlink: 'syz.1.5555': attribute type 10 has an invalid length.
[  350.107296][T28399] bond4: (slave dummy0): Releasing active interface
[  350.137459][T28399] netlink: 'syz.1.5555': attribute type 10 has an invalid length.
[  350.307826][T28407] netem: change failed
[  350.324470][T28409] SELinux:  Context system_u:object_r:ssh_keysign_exec_t:s0 is not valid (left unmapped).
[  350.452487][T28418] IPVS: wrr: UDP 224.0.0.2:0 - no destination available
[  350.477033][T28418] IPVS: set_ctl: invalid protocol: 44 255.255.255.255:20002
[  351.069721][T28467] netlink: 64 bytes leftover after parsing attributes in process `syz.1.5580'.
[  351.138684][T28473] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  351.205182][T28479] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5585'.
[  351.276901][T28486] netlink: 96 bytes leftover after parsing attributes in process `syz.2.5588'.
[  351.630558][T28503] lo speed is unknown, defaulting to 1000
[  352.625003][T28529] netlink: 32 bytes leftover after parsing attributes in process `syz.4.5601'.
[  352.716801][T28530] netlink: 'syz.4.5601': attribute type 13 has an invalid length.
[  352.894883][T23736] lo speed is unknown, defaulting to 1000
[  352.900734][T23736] syz2: Port: 1 Link DOWN
[  353.022616][   T29] kauditd_printk_skb: 593 callbacks suppressed
[  353.022634][   T29] audit: type=1326 audit(608.991:22451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28543 comm="syz.2.5607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  353.075036][   T29] audit: type=1326 audit(608.991:22452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28543 comm="syz.2.5607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  353.098356][   T29] audit: type=1326 audit(608.991:22453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28543 comm="syz.2.5607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  353.118166][T28526] syz.1.5600 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=0
[  353.121468][   T29] audit: type=1326 audit(608.991:22454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28543 comm="syz.2.5607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  353.135217][T28526] CPU: 0 UID: 0 PID: 28526 Comm: syz.1.5600 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  353.135253][T28526] Tainted: [W]=WARN
[  353.135260][T28526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  353.135306][T28526] Call Trace:
[  353.135314][T28526]  <TASK>
[  353.135362][T28526]  __dump_stack+0x1d/0x30
[  353.135388][T28526]  dump_stack_lvl+0x95/0xd0
[  353.135411][T28526]  dump_stack+0x15/0x1b
[  353.135510][T28526]  dump_header+0x81/0x240
[  353.135532][T28526]  oom_kill_process+0x295/0x350
[  353.135557][T28526]  out_of_memory+0x97b/0xb80
[  353.135581][T28526]  try_charge_memcg+0x610/0xa10
[  353.135689][T28526]  obj_cgroup_charge_pages+0xa6/0x150
[  353.135760][T28526]  __memcg_kmem_charge_page+0x9f/0x170
[  353.135838][T28526]  __alloc_frozen_pages_noprof+0x18f/0x360
[  353.135870][T28526]  alloc_pages_mpol+0xb3/0x260
[  353.135901][T28526]  alloc_pages_noprof+0x90/0x130
[  353.135968][T28526]  __vmalloc_node_range_noprof+0xa7b/0x1310
[  353.136005][T28526]  __kvmalloc_node_noprof+0x492/0x6b0
[  353.136107][T28526]  ? ip_set_alloc+0x24/0x30
[  353.136137][T28526]  ? ip_set_alloc+0x24/0x30
[  353.136218][T28526]  ip_set_alloc+0x24/0x30
[  353.136246][T28526]  hash_netiface_create+0x282/0x740
[  353.136334][T28526]  ? __pfx_hash_netiface_create+0x10/0x10
[  353.136366][T28526]  ip_set_create+0x3cc/0x970
[  353.136406][T28526]  ? __nla_parse+0x40/0x60
[  353.136510][T28526]  nfnetlink_rcv_msg+0x4c6/0x590
[  353.136554][T28526]  netlink_rcv_skb+0x123/0x220
[  353.136619][T28526]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  353.136652][T28526]  nfnetlink_rcv+0x167/0x16c0
[  353.136677][T28526]  ? kmem_cache_free+0xe3/0x3a0
[  353.136760][T28526]  ? __kfree_skb+0x109/0x150
[  353.136785][T28526]  ? nlmon_xmit+0x4f/0x60
[  353.136804][T28526]  ? consume_skb+0x49/0x150
[  353.136829][T28526]  ? nlmon_xmit+0x4f/0x60
[  353.136912][T28526]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  353.136942][T28526]  ? __dev_queue_xmit+0x13a6/0x1ee0
[  353.137164][T28526]  ? __dev_queue_xmit+0x148/0x1ee0
[  353.137249][T28526]  ? ref_tracker_free+0x37d/0x3e0
[  353.137329][T28526]  ? __netlink_deliver_tap+0x4dc/0x500
[  353.137420][T28526]  netlink_unicast+0x5c0/0x690
[  353.137465][T28526]  netlink_sendmsg+0x58b/0x6b0
[  353.137551][T28526]  ? __pfx_netlink_sendmsg+0x10/0x10
[  353.137658][T28526]  __sock_sendmsg+0x145/0x180
[  353.137678][T28526]  ____sys_sendmsg+0x31e/0x4a0
[  353.137709][T28526]  ___sys_sendmsg+0x17b/0x1d0
[  353.137749][T28526]  __x64_sys_sendmsg+0xd4/0x160
[  353.137830][T28526]  x64_sys_call+0x17ba/0x3000
[  353.137911][T28526]  do_syscall_64+0xca/0x2b0
[  353.137945][T28526]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  353.137969][T28526] RIP: 0033:0x7f4db631f749
[  353.137985][T28526] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  353.138083][T28526] RSP: 002b:00007f4db4d87038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  353.138105][T28526] RAX: ffffffffffffffda RBX: 00007f4db6575fa0 RCX: 00007f4db631f749
[  353.138119][T28526] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003
[  353.138133][T28526] RBP: 00007f4db63a3f91 R08: 0000000000000000 R09: 0000000000000000
[  353.138166][T28526] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  353.138206][T28526] R13: 00007f4db6576038 R14: 00007f4db6575fa0 R15: 00007fff0a094538
[  353.138226][T28526]  </TASK>
[  353.138233][T28526] memory: usage 307200kB, limit 307200kB, failcnt 1292
[  353.158104][   T29] audit: type=1326 audit(608.991:22455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28543 comm="syz.2.5607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  353.169517][T28526] memory+swap: usage 307296kB, limit 9007199254740988kB, failcnt 0
[  353.173325][   T29] audit: type=1326 audit(609.001:22456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28543 comm="syz.2.5607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  353.183409][T28526] kmem: usage 306500kB, limit 9007199254740988kB, failcnt 0
[  353.186734][   T29] audit: type=1326 audit(609.001:22457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28543 comm="syz.2.5607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  353.189663][T28526] Memory cgroup stats for /syz1:
[  353.198324][T28526] cache 4096
[  353.199072][   T29] audit: type=1326 audit(609.001:22458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28543 comm="syz.2.5607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  353.202706][T28526] rss 573440
[  353.207040][   T29] audit: type=1326 audit(609.001:22459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28543 comm="syz.2.5607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  353.211880][T28526] shmem 0
[  353.211890][T28526] mapped_file 4096
[  353.216492][   T29] audit: type=1326 audit(609.001:22460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28543 comm="syz.2.5607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  353.221328][T28526] dirty 0
[  353.221336][T28526] writeback 4096
[  353.221343][T28526] workingset_refault_anon 3357
[  353.675407][T28526] workingset_refault_file 1540
[  353.680194][T28526] swap 98304
[  353.683443][T28526] swapcached 0
[  353.686881][T28526] pgpgin 377606
[  353.690351][T28526] pgpgout 377458
[  353.693918][T28526] pgfault 446715
[  353.697531][T28526] pgmajfault 621
[  353.701088][T28526] inactive_anon 258048
[  353.705233][T28526] active_anon 315392
[  353.709143][T28526] inactive_file 32768
[  353.713222][T28526] active_file 0
[  353.716724][T28526] unevictable 0
[  353.720194][T28526] hierarchical_memory_limit 314572800
[  353.725602][T28526] hierarchical_memsw_limit 9223372036854771712
[  353.731768][T28526] total_cache 4096
[  353.735525][T28526] total_rss 573440
[  353.739256][T28526] total_shmem 0
[  353.742723][T28526] total_mapped_file 4096
[  353.746983][T28526] total_dirty 0
[  353.750463][T28526] total_writeback 4096
[  353.754555][T28526] total_workingset_refault_anon 3357
[  353.759845][T28526] total_workingset_refault_file 1540
[  353.765257][T28526] total_swap 98304
[  353.768993][T28526] total_swapcached 0
[  353.772897][T28526] total_pgpgin 377606
[  353.776939][T28526] total_pgpgout 377458
[  353.781015][T28526] total_pgfault 446715
[  353.785108][T28526] total_pgmajfault 621
[  353.789182][T28526] total_inactive_anon 258048
[  353.793790][T28526] total_active_anon 315392
[  353.798214][T28526] total_inactive_file 32768
[  353.802777][T28526] total_active_file 0
[  353.806782][T28526] total_unevictable 0
[  353.810772][T28526] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.5387,pid=27951,uid=0
[  353.825554][T28526] Memory cgroup out of memory: Killed process 27951 (syz.1.5387) total-vm:95884kB, anon-rss:1300kB, file-rss:20736kB, shmem-rss:0kB, UID:0 pgtables:100kB oom_score_adj:1000
[  354.144402][T28572] lo speed is unknown, defaulting to 1000
[  354.280966][T28576] lo speed is unknown, defaulting to 1000
[  355.089670][T28594] lo speed is unknown, defaulting to 1000
[  355.309815][T28602] netlink: 'syz.1.5625': attribute type 4 has an invalid length.
[  355.753231][T28619] lo speed is unknown, defaulting to 1000
[  356.658249][T28637] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5637'.
[  356.694760][T28639] netlink: 'syz.5.5636': attribute type 4 has an invalid length.
[  356.725223][T28643] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5639'.
[  356.772223][T28643] bond7: (slave bridge0): Enslaving as an active interface with an up link
[  356.786179][T28643] macvlan0: entered promiscuous mode
[  356.791605][T28643] macvlan0: entered allmulticast mode
[  356.797839][T28643] bond7: entered promiscuous mode
[  356.802969][T28643] bridge0: entered promiscuous mode
[  356.809489][T28643] 8021q: adding VLAN 0 to HW filter on device macvlan0
[  356.820723][T28643] bond7: left promiscuous mode
[  356.825657][T28643] bridge0: left promiscuous mode
[  357.153983][T28668] lo speed is unknown, defaulting to 1000
[  357.550614][T28674] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5647'.
[  357.615646][T28674] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5647'.
[  357.651280][T28679] netlink: 176 bytes leftover after parsing attributes in process `syz.0.5650'.
[  358.090960][   T29] kauditd_printk_skb: 72 callbacks suppressed
[  358.090979][   T29] audit: type=1326 audit(614.061:22533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28693 comm="syz.5.5658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68d244f749 code=0x7ffc0000
[  358.144312][   T29] audit: type=1326 audit(614.091:22534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28693 comm="syz.5.5658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=459 compat=0 ip=0x7f68d244f749 code=0x7ffc0000
[  358.167460][   T29] audit: type=1326 audit(614.091:22535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28693 comm="syz.5.5658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68d244f749 code=0x7ffc0000
[  358.190502][   T29] audit: type=1326 audit(614.091:22536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28693 comm="syz.5.5658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68d244f749 code=0x7ffc0000
[  358.319468][T28706] lo speed is unknown, defaulting to 1000
[  358.533796][T28709] rdma_rxe: rxe_newlink: failed to add lo
[  358.599721][T28718] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5665'.
[  358.647347][T28719] lo speed is unknown, defaulting to 1000
[  359.021090][T28718] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5665'.
[  359.178775][T28721] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5666'.
[  359.188173][T28721] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5666'.
[  359.197409][T28721] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5666'.
[  359.393032][T28729] netlink: 'syz.2.5670': attribute type 13 has an invalid length.
[  359.655551][   T29] audit: type=1326 audit(615.631:22537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28743 comm="syz.2.5673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  359.678735][   T29] audit: type=1326 audit(615.631:22538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28743 comm="syz.2.5673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  359.741538][   T29] audit: type=1326 audit(615.661:22539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28743 comm="syz.2.5673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  359.764785][   T29] audit: type=1326 audit(615.661:22540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28743 comm="syz.2.5673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  359.788060][   T29] audit: type=1326 audit(615.661:22541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28743 comm="syz.2.5673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  359.811068][   T29] audit: type=1326 audit(615.661:22542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28743 comm="syz.2.5673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f63acbff749 code=0x7ffc0000
[  360.312669][T28780] netlink: 'syz.2.5685': attribute type 83 has an invalid length.
[  361.840316][T28840] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  361.875312][T28840] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  361.946859][T28840] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  362.025614][T28840] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  362.125264][ T3980] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[  362.143187][ T3980] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[  362.171798][ T3980] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[  362.208843][ T3980] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[  362.275436][T28848] __nla_validate_parse: 129 callbacks suppressed
[  362.275453][T28848] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5720'.
[  362.303751][T28850] netlink: 32 bytes leftover after parsing attributes in process `syz.5.5709'.
[  362.328010][T28850] netlink: 'syz.5.5709': attribute type 13 has an invalid length.
[  362.403441][ T3320] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  362.414438][ T3320] CPU: 1 UID: 0 PID: 3320 Comm: syz-executor Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  362.414476][ T3320] Tainted: [W]=WARN
[  362.414495][ T3320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  362.414507][ T3320] Call Trace:
[  362.414515][ T3320]  <TASK>
[  362.414525][ T3320]  __dump_stack+0x1d/0x30
[  362.414555][ T3320]  dump_stack_lvl+0x95/0xd0
[  362.414581][ T3320]  dump_stack+0x15/0x1b
[  362.414600][ T3320]  dump_header+0x81/0x240
[  362.414631][ T3320]  oom_kill_process+0x295/0x350
[  362.414655][ T3320]  out_of_memory+0x97b/0xb80
[  362.414678][ T3320]  try_charge_memcg+0x610/0xa10
[  362.414717][ T3320]  charge_memcg+0x51/0xc0
[  362.414800][ T3320]  __mem_cgroup_charge+0x28/0xb0
[  362.414835][ T3320]  filemap_add_folio+0x111/0x360
[  362.414857][ T3320]  __filemap_get_folio_mpol+0x326/0x650
[  362.414884][ T3320]  filemap_fault+0x44d/0xb70
[  362.414911][ T3320]  __do_fault+0xbc/0x200
[  362.414929][ T3320]  handle_mm_fault+0xfab/0x2c60
[  362.415053][ T3320]  do_user_addr_fault+0x630/0x1080
[  362.415084][ T3320]  exc_page_fault+0x62/0xa0
[  362.415192][ T3320]  asm_exc_page_fault+0x26/0x30
[  362.415211][ T3320] RIP: 0033:0x7ff12e535fd4
[  362.415227][ T3320] Code: 85 ed 09 00 00 48 b8 db 34 b6 d7 82 de 1b 43 48 f7 a4 24 98 00 00 00 48 8b 05 c8 f7 ea 00 48 69 8c 24 90 00 00 00 e8 03 00 00 <8b> 78 08 48 8b 44 24 18 48 c1 ea 12 4c 8b 0d d9 f6 ea 00 48 01 d1
[  362.415246][ T3320] RSP: 002b:00007fff3a6f3880 EFLAGS: 00010202
[  362.415341][ T3320] RAX: 0000001b33f24000 RBX: 0000000000000b6a RCX: 0000000000058610
[  362.415354][ T3320] RDX: 00000000055fa2a4 RSI: 00007fff3a6f3910 RDI: 0000000000000001
[  362.415366][ T3320] RBP: 00007fff3a6f38bc R08: 00000000147fa1de R09: 7fffffffffffffff
[  362.415379][ T3320] R10: 3fffffffffffffff R11: 0000000000000202 R12: 0000000000001388
[  362.415392][ T3320] R13: 00000000000927c0 R14: 00000000000585bf R15: 00007fff3a6f3910
[  362.415411][ T3320]  </TASK>
[  362.415418][ T3320] memory: usage 307200kB, limit 307200kB, failcnt 1629
[  362.446979][T28857] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5712'.
[  362.447354][ T3320] memory+swap: usage 307200kB, limit 9007199254740988kB, failcnt 0
[  362.624162][ T3320] kmem: usage 238708kB, limit 9007199254740988kB, failcnt 0
[  362.631485][ T3320] Memory cgroup stats for /syz0:
[  362.632029][ T3320] cache 69758976
[  362.640100][ T4245] Process accounting resumed
[  362.640619][ T3320] rss 376832
[  362.648570][ T3320] shmem 69758976
[  362.652152][ T3320] mapped_file 0
[  362.655650][ T3320] dirty 0
[  362.658590][ T3320] writeback 0
[  362.661882][ T3320] workingset_refault_anon 1665
[  362.666694][ T3320] workingset_refault_file 2014
[  362.671468][ T3320] swap 0
[  362.674342][ T3320] swapcached 0
[  362.677799][ T3320] pgpgin 473535
[  362.681270][ T3320] pgpgout 456412
[  362.684897][ T3320] pgfault 472606
[  362.688451][ T3320] pgmajfault 356
[  362.692004][ T3320] inactive_anon 172032
[  362.696137][ T3320] active_anon 69963776
[  362.700256][ T3320] inactive_file 0
[  362.703958][ T3320] active_file 0
[  362.707425][ T3320] unevictable 0
[  362.710953][ T3320] hierarchical_memory_limit 314572800
[  362.716357][ T3320] hierarchical_memsw_limit 9223372036854771712
[  362.722606][ T3320] total_cache 69758976
[  362.726893][ T3320] total_rss 376832
[  362.730652][ T3320] total_shmem 69758976
[  362.734793][ T3320] total_mapped_file 0
[  362.738809][ T3320] total_dirty 0
[  362.742275][ T3320] total_writeback 0
[  362.746206][ T3320] total_workingset_refault_anon 1665
[  362.751498][ T3320] total_workingset_refault_file 2014
[  362.756852][ T3320] total_swap 0
[  362.760359][ T3320] total_swapcached 0
[  362.764327][ T3320] total_pgpgin 473535
[  362.768318][ T3320] total_pgpgout 456412
[  362.772398][ T3320] total_pgfault 472606
[  362.776601][ T3320] total_pgmajfault 356
[  362.780751][ T3320] total_inactive_anon 172032
[  362.785418][ T3320] total_active_anon 69963776
[  362.790027][ T3320] total_inactive_file 0
[  362.794215][ T3320] total_active_file 0
[  362.798207][ T3320] total_unevictable 0
[  362.802231][ T3320] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.5717,pid=28842,uid=0
[  362.809601][T28861] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5712'.
[  362.816973][ T3320] Memory cgroup out of memory: Killed process 28842 (syz.0.5717) total-vm:95884kB, anon-rss:1264kB, file-rss:22184kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:0
[  362.934977][ T3980] netdevsim netdevsim5 eth0: unset [1, 0] type 2 family 0 port 20000 - 0
[  362.949770][T28864] lo speed is unknown, defaulting to 1000
[  362.950279][ T3980] netdevsim netdevsim5 eth1: unset [1, 0] type 2 family 0 port 20000 - 0
[  362.982326][T28873] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5716'.
[  362.986801][ T3980] netdevsim netdevsim5 eth2: unset [1, 0] type 2 family 0 port 20000 - 0
[  363.033754][ T3980] netdevsim netdevsim5 eth3: unset [1, 0] type 2 family 0 port 20000 - 0
[  363.042468][T28877] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5716'.
[  363.118306][T28884] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5722'.
[  363.284359][T28891] netlink: 'syz.0.5726': attribute type 4 has an invalid length.
[  363.369311][   T29] kauditd_printk_skb: 103 callbacks suppressed
[  363.369326][   T29] audit: type=1326 audit(619.341:22646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28897 comm="syz.1.5714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f4db6352005 code=0x7ffc0000
[  363.519383][   T29] audit: type=1326 audit(619.491:22647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28897 comm="syz.1.5714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f4db631f749 code=0x7ffc0000
[  363.583555][   T29] audit: type=1326 audit(619.491:22648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28863 comm="syz.1.5714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4db631f749 code=0x7ffc0000
[  363.606725][   T29] audit: type=1326 audit(619.491:22649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28863 comm="syz.1.5714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4db631f749 code=0x7ffc0000
[  363.651583][T28898] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5729'.
[  363.691247][T28898] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5729'.
[  363.737581][T28898] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5729'.
[  363.974700][T28893] syz.4.5728 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=0
[  363.988762][T28893] CPU: 0 UID: 0 PID: 28893 Comm: syz.4.5728 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  363.988835][T28893] Tainted: [W]=WARN
[  363.988844][T28893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  363.988858][T28893] Call Trace:
[  363.988866][T28893]  <TASK>
[  363.988876][T28893]  __dump_stack+0x1d/0x30
[  363.988902][T28893]  dump_stack_lvl+0x95/0xd0
[  363.988941][T28893]  dump_stack+0x15/0x1b
[  363.989029][T28893]  dump_header+0x81/0x240
[  363.989056][T28893]  oom_kill_process+0x295/0x350
[  363.989079][T28893]  out_of_memory+0x97b/0xb80
[  363.989101][T28893]  try_charge_memcg+0x610/0xa10
[  363.989212][T28893]  obj_cgroup_charge_pages+0xa6/0x150
[  363.989307][T28893]  __memcg_kmem_charge_page+0x9f/0x170
[  363.989343][T28893]  __alloc_frozen_pages_noprof+0x18f/0x360
[  363.989371][T28893]  alloc_pages_mpol+0xb3/0x260
[  363.989459][T28893]  alloc_pages_noprof+0x90/0x130
[  363.989525][T28893]  __vmalloc_node_range_noprof+0xa7b/0x1310
[  363.989614][T28893]  __kvmalloc_node_noprof+0x492/0x6b0
[  363.989647][T28893]  ? ip_set_alloc+0x24/0x30
[  363.989683][T28893]  ? ip_set_alloc+0x24/0x30
[  363.989720][T28893]  ip_set_alloc+0x24/0x30
[  363.989780][T28893]  hash_netiface_create+0x282/0x740
[  363.989824][T28893]  ? __pfx_hash_netiface_create+0x10/0x10
[  363.989860][T28893]  ip_set_create+0x3cc/0x970
[  363.989906][T28893]  ? __nla_parse+0x40/0x60
[  363.989930][T28893]  nfnetlink_rcv_msg+0x4c6/0x590
[  363.990008][T28893]  netlink_rcv_skb+0x123/0x220
[  363.990114][T28893]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  363.990158][T28893]  nfnetlink_rcv+0x167/0x16c0
[  363.990189][T28893]  ? insn_get_prefixes+0xa72/0xca0
[  363.990223][T28893]  ? insn_get_prefixes+0xa72/0xca0
[  363.990267][T28893]  ? inat_get_opcode_attribute+0xc/0x20
[  363.990294][T28893]  ? inat_get_opcode_attribute+0xc/0x20
[  363.990318][T28893]  ? insn_get_opcode+0x7dd/0x890
[  363.990422][T28893]  ? insn_get_modrm+0x367/0x390
[  363.990449][T28893]  ? _raw_spin_lock+0x52/0xa0
[  363.990476][T28893]  ? __pte_offset_map_lock+0x1d9/0x240
[  363.990507][T28893]  ? do_sync_core+0x39/0x60
[  363.990527][T28893]  ? smp_call_function_many_cond+0x7f8/0xc40
[  363.990570][T28893]  ? should_fail_ex+0x30/0x280
[  363.990596][T28893]  ? selinux_nlmsg_lookup+0x99/0x890
[  363.990620][T28893]  ? __rcu_read_unlock+0x34/0x70
[  363.990711][T28893]  ? __netlink_lookup+0x266/0x2a0
[  363.990743][T28893]  netlink_unicast+0x5c0/0x690
[  363.990771][T28893]  netlink_sendmsg+0x58b/0x6b0
[  363.990848][T28893]  ? __pfx_netlink_sendmsg+0x10/0x10
[  363.990877][T28893]  __sock_sendmsg+0x145/0x180
[  363.990925][T28893]  ____sys_sendmsg+0x31e/0x4a0
[  363.990953][T28893]  ___sys_sendmsg+0x17b/0x1d0
[  363.991046][T28893]  __x64_sys_sendmsg+0xd4/0x160
[  363.991085][T28893]  x64_sys_call+0x17ba/0x3000
[  363.991121][T28893]  do_syscall_64+0xca/0x2b0
[  363.991171][T28893]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  363.991195][T28893] RIP: 0033:0x7f948b0af749
[  363.991212][T28893] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  363.991229][T28893] RSP: 002b:00007f9489b0f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  363.991273][T28893] RAX: ffffffffffffffda RBX: 00007f948b305fa0 RCX: 00007f948b0af749
[  363.991289][T28893] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000006
[  363.991305][T28893] RBP: 00007f948b133f91 R08: 0000000000000000 R09: 0000000000000000
[  363.991320][T28893] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  363.991335][T28893] R13: 00007f948b306038 R14: 00007f948b305fa0 R15: 00007ffd8e351e68
[  363.991405][T28893]  </TASK>
[  363.991411][T28893] memory: usage 307200kB, limit 307200kB, failcnt 1607
[  364.293717][   T29] audit: type=1326 audit(620.261:22650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28913 comm="syz.5.5736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68d244f749 code=0x7ffc0000
[  364.299251][T28893] memory+swap: usage 364560kB, limit 9007199254740988kB, failcnt 0
[  364.307167][   T29] audit: type=1326 audit(620.261:22651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28913 comm="syz.5.5736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=47 compat=0 ip=0x7f68d244f749 code=0x7ffc0000
[  364.315141][T28893] kmem: usage 231148kB, limit 9007199254740988kB, failcnt 0
[  364.315166][T28893] Memory cgroup stats for /syz4
[  364.323136][   T29] audit: type=1326 audit(620.261:22652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28913 comm="syz.5.5736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68d244f749 code=0x7ffc0000
[  364.331125][T28893] :
[  364.380069][T28892] ==================================================================
[  364.402913][   T29] audit: type=1326 audit(620.261:22653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28913 comm="syz.5.5736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68d244f749 code=0x7ffc0000
[  364.410160][T28892] BUG: KCSAN: data-race in mem_cgroup_flush_stats_ratelimited / tick_do_update_jiffies64
[  364.481053][T28892] 
[  364.483380][T28892] read-write to 0xffffffff86809a00 of 8 bytes by interrupt on cpu 1:
[  364.491450][T28892]  tick_do_update_jiffies64+0x113/0x1c0
[  364.497010][T28892]  tick_nohz_handler+0x8d/0x3d0
[  364.501872][T28892]  __hrtimer_run_queues+0x20f/0x5a0
[  364.507079][T28892]  hrtimer_interrupt+0x21a/0x460
[  364.512027][T28892]  __sysvec_apic_timer_interrupt+0x5f/0x1d0
[  364.517927][T28892]  sysvec_apic_timer_interrupt+0x6f/0x80
[  364.523570][T28892]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  364.529557][T28892]  console_flush_all+0x541/0x6c0
[  364.534503][T28892]  console_unlock+0x97/0x270
[  364.539112][T28892]  vprintk_emit+0x39f/0x5c0
[  364.543632][T28892]  vprintk_default+0x26/0x30
[  364.548242][T28892]  vprintk+0x1d/0x30
[  364.552141][T28892]  _printk+0x79/0xa0
[  364.556047][T28892]  kauditd_hold_skb+0x1b1/0x1c0
[  364.560907][T28892]  kauditd_send_queue+0x273/0x2c0
[  364.565940][T28892]  kauditd_thread+0x442/0x680
[  364.570625][T28892]  kthread+0x489/0x510
[  364.574710][T28892]  ret_from_fork+0x149/0x290
[  364.579314][T28892]  ret_from_fork_asm+0x1a/0x30
[  364.584088][T28892] 
[  364.586413][T28892] read to 0xffffffff86809a00 of 8 bytes by task 28892 on cpu 0:
[  364.594042][T28892]  mem_cgroup_flush_stats_ratelimited+0x29/0x70
[  364.600292][T28892]  count_shadow_nodes+0x6a/0x230
[  364.605240][T28892]  do_shrink_slab+0x63/0x680
[  364.609838][T28892]  shrink_slab+0x4f5/0x840
[  364.614263][T28892]  shrink_node+0x6a9/0x2010
[  364.618769][T28892]  do_try_to_free_pages+0x3f6/0xcd0
[  364.623975][T28892]  try_to_free_mem_cgroup_pages+0x1ab/0x410
[  364.629879][T28892]  try_charge_memcg+0x383/0xa10
[  364.634748][T28892]  charge_memcg+0x51/0xc0
[  364.639090][T28892]  __mem_cgroup_charge+0x28/0xb0
[  364.644046][T28892]  filemap_add_folio+0x111/0x360
[  364.648989][T28892]  __filemap_get_folio_mpol+0x326/0x650
[  364.654540][T28892]  filemap_fault+0x44d/0xb70
[  364.659137][T28892]  __do_fault+0xbc/0x200
[  364.663399][T28892]  handle_mm_fault+0xd9c/0x2c60
[  364.668283][T28892]  do_user_addr_fault+0x630/0x1080
[  364.673422][T28892]  exc_page_fault+0x62/0xa0
[  364.677945][T28892]  asm_exc_page_fault+0x26/0x30
[  364.682801][T28892] 
[  364.685125][T28892] value changed: 0x00000001000018e7 -> 0x00000001000018e8
[  364.692243][T28892] 
[  364.694570][T28892] Reported by Kernel Concurrency Sanitizer on:
[  364.700724][T28892] CPU: 0 UID: 0 PID: 28892 Comm: syz.4.5728 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  364.712099][T28892] Tainted: [W]=WARN
[  364.715905][T28892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  364.725965][T28892] ==================================================================
[  364.741159][T28893] cache 77447168
[  364.744783][T28893] rss 299008
[  364.748011][T28893] shmem 10412032
[  364.751564][T28893] mapped_file 0
[  364.755051][T28893] dirty 0
[  364.757999][T28893] writeback 0
[  364.761323][T28893] workingset_refault_anon 3274
[  364.766184][T28893] workingset_refault_file 9486
[  364.770989][T28893] swap 58736640
[  364.774464][T28893] swapcached 118784
[  364.778279][T28893] pgpgin 536796
[  364.781745][T28893] pgpgout 517783
[  364.785320][T28893] pgfault 432147
[  364.788925][T28893] pgmajfault 466
[  364.792518][T28893] inactive_anon 10768384
[  364.796770][T28893] active_anon 61440
[  364.800577][T28893] inactive_file 8192
[  364.804483][T28893] active_file 4096
[  364.808224][T28893] unevictable 67035136
[  364.812301][T28893] hierarchical_memory_limit 314572800
[  364.817692][T28893] hierarchical_memsw_limit 9223372036854771712
[  364.823884][T28893] total_cache 77447168
[  364.827957][T28893] total_rss 299008
[  364.831725][T28893] total_shmem 10412032
[  364.835863][T28893] total_mapped_file 0
[  364.839851][T28893] total_dirty 0
[  364.843319][T28893] total_writeback 0
[  364.847211][T28893] total_workingset_refault_anon 3274
[  364.852502][T28893] total_workingset_refault_file 9486
[  364.857806][T28893] total_swap 58736640
[  364.861787][T28893] total_swapcached 118784
[  364.866143][T28893] total_pgpgin 536796
[  364.870205][T28893] total_pgpgout 517783
[  364.874299][T28893] total_pgfault 432147
[  364.878373][T28893] total_pgmajfault 466
[  364.882450][T28893] total_inactive_anon 10768384
[  364.887243][T28893] total_active_anon 61440
[  364.891577][T28893] total_inactive_file 8192
[  364.896018][T28893] total_active_file 4096
[  364.900267][T28893] total_unevictable 67035136
[  364.904881][T28893] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.5728,pid=28892,uid=0
[  364.919667][T28893] Memory cgroup out of memory: Killed process 28892 (syz.4.5728) total-vm:95884kB, anon-rss:1136kB, file-rss:22184kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:0