last executing test programs:

6m34.783056724s ago: executing program 1 (id=64):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x11, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = eventfd2(0xffffffff, 0x1)
write$eventfd(r2, &(0x7f0000000080)=0xffffffff00000000, 0x8)
read$eventfd(r2, &(0x7f0000000100), 0x8)

6m34.704862972s ago: executing program 1 (id=68):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001600)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r2}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[], 0x50)

6m34.559464725s ago: executing program 1 (id=71):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa540000850000008200000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000300)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000180)={{{@in=@private, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@local, 0x0, 0x6c}, 0x0, @in=@loopback, 0x0, 0x0, 0x0, 0x4}}, 0xe8)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r3, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x4)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)

6m34.532128107s ago: executing program 1 (id=72):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x100)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
unshare(0x4020400)
mount$bind(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b1098, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2925099, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)

6m34.514839839s ago: executing program 1 (id=73):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3ff}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000f00)='kfree\x00', r3, 0x0, 0x4}, 0x18)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c}}]}, 0x4c}}, 0x0)

6m34.331469056s ago: executing program 1 (id=79):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000300)=""/180}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r1, 0x400, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r2}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)

6m34.331370916s ago: executing program 32 (id=79):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000300)=""/180}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r1, 0x400, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r2}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)

4m25.290214765s ago: executing program 4 (id=2860):
ioperm(0x7, 0x81, 0x2)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x401c2, 0x0)
ftruncate(r0, 0x8800000)
r1 = gettid()
timer_create(0x0, &(0x7f0000001640)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000600)={<r2=>0xffffffffffffffff})
sendfile(r2, r0, 0x0, 0x578410eb)
sendfile(r2, r0, 0x0, 0x100000000)

4m24.993954582s ago: executing program 5 (id=2867):
socket$inet_mptcp(0x2, 0x1, 0x106)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000080)='proc\x00', 0x189, 0x0)
r2 = syz_open_procfs(r0, &(0x7f0000000000)='map_files\x00')
fchdir(r2)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x1a1)
ioctl$FS_IOC_FSSETXATTR(r3, 0x401c5820, &(0x7f0000000000)={0xd2f0, 0x2000, 0x8, 0xadea})

4m24.962935825s ago: executing program 5 (id=2869):
r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
r1 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r1, &(0x7f0000000200)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
r2 = syz_io_uring_setup(0x497, &(0x7f0000000540)={0x0, 0x4660, 0x400, 0x3, 0x34e}, &(0x7f00000004c0)=<r3=>0x0, &(0x7f0000000480)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r1, 0x0, 0x0})
io_uring_enter(r2, 0x3498, 0x969, 0xffff000000000000, 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x2441f, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0xd, 0x8, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
dup3(r2, r0, 0x80000)

4m24.732137056s ago: executing program 5 (id=2873):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="0000000000000000000000000000000000a9760000ed171200"/36, @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000001800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001f40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000080)='skb_copy_datagram_iovec\x00', r1}, 0x18)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0)
recvmsg$unix(r2, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdc8}, 0x0)

4m24.68903928s ago: executing program 5 (id=2874):
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000003c0)={[{@nojournal_checksum}, {@dioread_lock}, {@resgid}, {}, {@resgid}, {@inlinecrypt}, {@debug}, {@usrquota}]}, 0x3, 0x570, &(0x7f0000000680)="$eJzs3V1rHFUYAOB3Nkm/tSmUoiIS6IWV2k2T+FFBsF6KFgt6X5dkGmo23ZLdlCYW2l7YG2+kCCIWxB/gvZfFP+CvKGihSAl64U1kNrPtNtnN52q2zvPAtOfMzObM2TPv2Xd2dtkACmsk+6cU8WLcjK+TiMNt2wYj3ziyst/So+uT2ZLE8vInfySR5Ota+yf5/wfzygsR8cuXESdLa9utLyzOVKrVdC6vjzZmr4zWFxZPXZqtTKfT6eXxiYkzb06Mv/P2Wz3r62vn//ru43sfnPnq+NK3Pz04cieJs3Eo39bejx242V4ZiZH8ORmKs6t2HOtBY/0k2e0DYFsG8jgfimwOOBwDedQD/383ImIZKKhE/ENBtfKA1rV9j66DnxkP31+5AFrb/8GV90ZiX/Pa6MBS8tSVUXa9O9yD9rM2fv797p1siQ3eh7jRg/YAWm7eiojTg4Nr578kn/+273TzzeP1rW6jaK8/sJvuZfnP653yn9Lj/Cc65D8HO8Tudmwc/6UHPWimqyz/e7dj/vt46hoeyGvPNXO+oeTipWp6OiKej4gTMbQ3q693P+fM0v3lbtva879sydpv5YL5cTwY3Pv0Y6YqjcpO+tzu4a2Il57kv0msmf/3NXPd1eOfPR/nN9nGsfTuK922bdz/dr3PgJd/jHi14/g/uaOVrH9/crR5Poy2zoq1/rx97Ndu7W+t/72Xjf+B9fs/nLTfr61vvY0f9v2ddtu23fN/T/Jps7wnX3et0mjMjUXsST5au378yWNb9db+Wf9PHF9//ut0/u+PiM822f/bR2933bUfxn9qS+O/9cL9D7/4vlv7mxv/N5qlE/mazcx/mz3AnTx3AAAAAAAA0G9KEXEoklL5cblUKpdXPt9xNA6UqrV64+TF2vzlqWh+V3Y4hkqtO92H2z4PMZZ/HrZVH19Vn4iIIxHxzcD+Zr08WatO7XbnAQAAAAAAAAAAAAAAAAAAoE8c7PL9/8xvA7t9dMC/zk9+Q3FtGP+9+KUnoC95/Yfi6hL/pgUoAIEOxSX+objEPxSX+IfiEv9QXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeur8uXPZsrz06PpkVp+6ujA/U7t6aiqtz5Rn5yfLk7W5K+XpWm26mpYna7Mb/b1qrXZlbDzmr4020npjtL6weGG2Nn+5ceHSbGU6vZAO/Se9AgAAAAAAAAAAAAAAAAAAgGdLfWFxplKtpnMKXQvvxW4fxucv7+ThSedRTto6uGJbTQz2yzAp9LSwyxMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALT5JwAA//821zOC")
open(&(0x7f0000000680)='./bus\x00', 0x4001410c2, 0x2e)
mount(&(0x7f00000004c0)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000040)='./file0/file0\x00', 0x2)
r0 = open(&(0x7f0000000300)='./file1\x00', 0x14927e, 0x0)
fallocate(r0, 0x0, 0x0, 0x1001f0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x40, 0x8005, 0x0, 0x0, 0xa, 0x4, "ef359f413bb93852f7d6a4ae6dddfbd1000000000000ff91031905b9aaaaf755a3f6a004000000000001000200", "036c47c6780820d1cbf733970000cf33768bbd9bffbcc2542ded71038259ca171ce1a310ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204, 0xffffffffffffffff]})
write$binfmt_misc(r0, &(0x7f0000000340)="be", 0x1)

4m24.422668125s ago: executing program 5 (id=2881):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb79100a000000800000000642"], 0xfdef)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x4200, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1100}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
socket$packet(0x11, 0xa, 0x300)
sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(0xffffffffffffffff, 0x0, 0x4000041)

4m24.422169056s ago: executing program 4 (id=2882):
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[], 0x50)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000e8f70000000000ff000044850000000e000000650000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kfree\x00', r0}, 0x18)
unshare(0x62040200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94)
r2 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000002380)={r1, 0x0, 0x2d, 0x0, @val=@netfilter={0x2, 0x4, 0x600, 0x1}}, 0x20)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$LINK_DETACH(0x22, &(0x7f0000000100)=r2, 0x4)

4m24.064563008s ago: executing program 5 (id=2888):
r0 = socket$inet6(0xa, 0x5, 0x0)
r1 = socket$inet6(0xa, 0x5, 0x0)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
setsockopt$sock_int(r0, 0x1, 0x4000000000000002, &(0x7f0000fee000)=0x3fa, 0x4)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000000)=0x200, 0x4)
r2 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000040)=0x80000004, 0x4)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x33}}}, 0x1c)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2e}}}, 0x1c)

4m24.064346028s ago: executing program 33 (id=2888):
r0 = socket$inet6(0xa, 0x5, 0x0)
r1 = socket$inet6(0xa, 0x5, 0x0)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
setsockopt$sock_int(r0, 0x1, 0x4000000000000002, &(0x7f0000fee000)=0x3fa, 0x4)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000000)=0x200, 0x4)
r2 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000040)=0x80000004, 0x4)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x33}}}, 0x1c)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2e}}}, 0x1c)

4m23.94071817s ago: executing program 4 (id=2891):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet6(0xa, 0x80002, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='rxrpc_recvmsg\x00', r1}, 0x18)
r2 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r2, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @loopback}}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000100)="a6", 0xfffffcf4}, {0x0}], 0x2, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x106)
recvmsg$kcm(r2, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x100)

4m23.476631143s ago: executing program 4 (id=2894):
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000003c0)={[{@nojournal_checksum}, {@dioread_lock}, {@resgid}, {}, {@resgid}, {@inlinecrypt}, {@debug}, {@usrquota}]}, 0x3, 0x570, &(0x7f0000000680)="$eJzs3V1rHFUYAOB3Nkm/tSmUoiIS6IWV2k2T+FFBsF6KFgt6X5dkGmo23ZLdlCYW2l7YG2+kCCIWxB/gvZfFP+CvKGihSAl64U1kNrPtNtnN52q2zvPAtOfMzObM2TPv2Xd2dtkACmsk+6cU8WLcjK+TiMNt2wYj3ziyst/So+uT2ZLE8vInfySR5Ota+yf5/wfzygsR8cuXESdLa9utLyzOVKrVdC6vjzZmr4zWFxZPXZqtTKfT6eXxiYkzb06Mv/P2Wz3r62vn//ru43sfnPnq+NK3Pz04cieJs3Eo39bejx242V4ZiZH8ORmKs6t2HOtBY/0k2e0DYFsG8jgfimwOOBwDedQD/383ImIZKKhE/ENBtfKA1rV9j66DnxkP31+5AFrb/8GV90ZiX/Pa6MBS8tSVUXa9O9yD9rM2fv797p1siQ3eh7jRg/YAWm7eiojTg4Nr578kn/+273TzzeP1rW6jaK8/sJvuZfnP653yn9Lj/Cc65D8HO8Tudmwc/6UHPWimqyz/e7dj/vt46hoeyGvPNXO+oeTipWp6OiKej4gTMbQ3q693P+fM0v3lbtva879sydpv5YL5cTwY3Pv0Y6YqjcpO+tzu4a2Il57kv0msmf/3NXPd1eOfPR/nN9nGsfTuK922bdz/dr3PgJd/jHi14/g/uaOVrH9/crR5Poy2zoq1/rx97Ndu7W+t/72Xjf+B9fs/nLTfr61vvY0f9v2ddtu23fN/T/Jps7wnX3et0mjMjUXsST5au378yWNb9db+Wf9PHF9//ut0/u+PiM822f/bR2933bUfxn9qS+O/9cL9D7/4vlv7mxv/N5qlE/mazcx/mz3AnTx3AAAAAAAA0G9KEXEoklL5cblUKpdXPt9xNA6UqrV64+TF2vzlqWh+V3Y4hkqtO92H2z4PMZZ/HrZVH19Vn4iIIxHxzcD+Zr08WatO7XbnAQAAAAAAAAAAAAAAAAAAoE8c7PL9/8xvA7t9dMC/zk9+Q3FtGP+9+KUnoC95/Yfi6hL/pgUoAIEOxSX+objEPxSX+IfiEv9QXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeur8uXPZsrz06PpkVp+6ujA/U7t6aiqtz5Rn5yfLk7W5K+XpWm26mpYna7Mb/b1qrXZlbDzmr4020npjtL6weGG2Nn+5ceHSbGU6vZAO/Se9AgAAAAAAAAAAAAAAAAAAgGdLfWFxplKtpnMKXQvvxW4fxucv7+ThSedRTto6uGJbTQz2yzAp9LSwyxMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALT5JwAA//821zOC")
open(&(0x7f0000000680)='./bus\x00', 0x4001410c2, 0x2e)
mount(&(0x7f00000004c0)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000040)='./file0/file0\x00', 0x2)
r0 = open(&(0x7f0000000300)='./file1\x00', 0x14927e, 0x0)
fallocate(r0, 0x0, 0x0, 0x1001f0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x40, 0x8005, 0x0, 0x0, 0xa, 0x4, "ef359f413bb93852f7d6a4ae6dddfbd1000000000000ff91031905b9aaaaf755a3f6a004000000000001000200", "036c47c6780820d1cbf733970000cf33768bbd9bffbcc2542ded71038259ca171ce1a310ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204, 0xffffffffffffffff]})
write$binfmt_misc(r0, &(0x7f0000000340)="be", 0x1)

4m23.197557019s ago: executing program 4 (id=2898):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x20020084, &(0x7f00000018c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x50)
r2 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0xa, 0x9, 0x8, 0x2}, 0x48)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x6, &(0x7f0000000080)=@framed={{0x18, 0x2, 0x0, 0x0, 0x4}, [@map_fd={0x18, 0x3, 0x1, 0x0, r2}, @call={0x85, 0x0, 0x0, 0x2b}]}, &(0x7f0000000000)='GPL\x00'}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000280)=ANY=[@ANYRES32=r1, @ANYRES32=r3, @ANYBLOB="05"], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r1, &(0x7f0000000340), &(0x7f0000000040)=@tcp=r0}, 0x20)
sendto$inet(r0, &(0x7f0000000180)='\f', 0x1, 0x400002d, 0x0, 0x0)

4m22.75159303s ago: executing program 4 (id=2902):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x2a0471a, &(0x7f0000000280)={[{@jqfmt_vfsv1}]}, 0x82, 0x48f, &(0x7f0000000380)="$eJzs3M1vVFUfAODfvf3gffmsigpItEqMjR8tLags3Gg0cYHRRBeoq9oWQijU0JpYQqAagxsTQ6JrdWniX+DOjVFXJiaudG9IiLIBjYsx9869Mp12mKFOZwrzPMnQc+acO+ecnnvuPfccpgH0rOHsnyRia0T8EhE7qtHlGYarP65dOTv155WzU0lUKq/+nuT5rl45O1VmLY/bUkRG0oj0g6QoZLn5xTMnJmdnZ04X8bGFk2+PzS+eeeL4ycljM8dmTk0cOnTwwPjTT0082ZZ2Zu26uufc3N7dL75+8aWpIxff+v6rrL5bi/TadqzJ4Mq3hrOG/1HJ1ac9HP//T8VtNNtqwkl/FyvCTemLiKy7BrLxX6lUztek7YgX3m9y+JZ1rh6wjrJ706ZV3i/ui0uVhpIbpgK3giS6XQOgO8r7ffb8W746OP3ousvPVh+AsnZfK17VlP5IizwDdc+37TQcEUeW/vose0U71iEAAJr4aOrTw/H4avO/NO6pybe92EMZiog7IuLOiLgrInZGxN0Red57I2JXK4XWbBDUbw2tnP+kl9beuuay+d8zxd7W8vlfOfuLob4iti1v/0By9PjszP7idzISA5uy+PgNyvjm+Z8+bpRWO//LXln55VywqMel/roFuunJhcl8UtoGl9+L2NMff1cqlbr2J1H2UhIRuyNiz8199PYycPzRL/c2ytS8/Ss+7ro27DNVvoh4pNr/S1HX/lKycn9ycNv1/cmx/8XszP6x8qxY6YcfL7zSqPzW278+sv7fvPz8L1I+XywCQ2/W7tfOR4Ody60Ny7jw64cNn2nWev4PJq/l16Ny2/XdyYWF0+MRg8nhPL7s/Ynrx5bxMn/W/pF9WUrZ/vLINL/GRdH/90XE3mK/7P6IeKCo+4MR8VBE7GvY+ojvnmucthH6f7qm/5OoP/93nav+LPt/8aYDfSe+/bpR+a31/8E8NFK8k1//mmi1gmv/zQEAAMCtI81XbpJ09N9wmo6OVv9j787YnM7OzS88dnTunVPT1RWeoRhIy5WuHTXroePJUvGJ1fhEsVZcph8o1o0/6Ys8Pjo1Nzvd5bZDr9vSYPxnfuvrdu2AdbfaPtrEKl9oA24/9eM/XR49/3InKwN0lO9rQ+9qMv7TTtUD6Dz3f+hdq43/83VxewFwe3L/h95l/EPvMv6hd9WN/774uVs1ATpoDV/nFxCYXzwT6YaoRkuB1v8exHoH3tgY1Wgh0O0rEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQHv8EwAA//9gP+wr")
chdir(&(0x7f0000000140)='./file0\x00')
r0 = gettid()
timer_create(0x0, &(0x7f0000000180)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
timer_settime(r1, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
pipe2(&(0x7f0000000140), 0x0)
pipe2(&(0x7f0000000240)={<r2=>0xffffffffffffffff}, 0x0)
read$msr(r2, &(0x7f0000002140)=""/102400, 0x19000)

4m22.75135604s ago: executing program 34 (id=2902):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x2a0471a, &(0x7f0000000280)={[{@jqfmt_vfsv1}]}, 0x82, 0x48f, &(0x7f0000000380)="$eJzs3M1vVFUfAODfvf3gffmsigpItEqMjR8tLags3Gg0cYHRRBeoq9oWQijU0JpYQqAagxsTQ6JrdWniX+DOjVFXJiaudG9IiLIBjYsx9869Mp12mKFOZwrzPMnQc+acO+ecnnvuPfccpgH0rOHsnyRia0T8EhE7qtHlGYarP65dOTv155WzU0lUKq/+nuT5rl45O1VmLY/bUkRG0oj0g6QoZLn5xTMnJmdnZ04X8bGFk2+PzS+eeeL4ycljM8dmTk0cOnTwwPjTT0082ZZ2Zu26uufc3N7dL75+8aWpIxff+v6rrL5bi/TadqzJ4Mq3hrOG/1HJ1ac9HP//T8VtNNtqwkl/FyvCTemLiKy7BrLxX6lUztek7YgX3m9y+JZ1rh6wjrJ706ZV3i/ui0uVhpIbpgK3giS6XQOgO8r7ffb8W746OP3ousvPVh+AsnZfK17VlP5IizwDdc+37TQcEUeW/vose0U71iEAAJr4aOrTw/H4avO/NO6pybe92EMZiog7IuLOiLgrInZGxN0Red57I2JXK4XWbBDUbw2tnP+kl9beuuay+d8zxd7W8vlfOfuLob4iti1v/0By9PjszP7idzISA5uy+PgNyvjm+Z8+bpRWO//LXln55VywqMel/roFuunJhcl8UtoGl9+L2NMff1cqlbr2J1H2UhIRuyNiz8199PYycPzRL/c2ytS8/Ss+7ro27DNVvoh4pNr/S1HX/lKycn9ycNv1/cmx/8XszP6x8qxY6YcfL7zSqPzW278+sv7fvPz8L1I+XywCQ2/W7tfOR4Ody60Ny7jw64cNn2nWev4PJq/l16Ny2/XdyYWF0+MRg8nhPL7s/Ynrx5bxMn/W/pF9WUrZ/vLINL/GRdH/90XE3mK/7P6IeKCo+4MR8VBE7GvY+ojvnmucthH6f7qm/5OoP/93nav+LPt/8aYDfSe+/bpR+a31/8E8NFK8k1//mmi1gmv/zQEAAMCtI81XbpJ09N9wmo6OVv9j787YnM7OzS88dnTunVPT1RWeoRhIy5WuHTXroePJUvGJ1fhEsVZcph8o1o0/6Ys8Pjo1Nzvd5bZDr9vSYPxnfuvrdu2AdbfaPtrEKl9oA24/9eM/XR49/3InKwN0lO9rQ+9qMv7TTtUD6Dz3f+hdq43/83VxewFwe3L/h95l/EPvMv6hd9WN/774uVs1ATpoDV/nFxCYXzwT6YaoRkuB1v8exHoH3tgY1Wgh0O0rEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQHv8EwAA//9gP+wr")
chdir(&(0x7f0000000140)='./file0\x00')
r0 = gettid()
timer_create(0x0, &(0x7f0000000180)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
timer_settime(r1, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
pipe2(&(0x7f0000000140), 0x0)
pipe2(&(0x7f0000000240)={<r2=>0xffffffffffffffff}, 0x0)
read$msr(r2, &(0x7f0000002140)=""/102400, 0x19000)

3m44.719900925s ago: executing program 7 (id=3797):
mmap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x67f361886e5fcd1e, 0x12, 0xffffffffffffffff, 0x852ad000)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
syz_clone(0x100411, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000a00)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a44000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc0800034000000014400000000c0a01011d000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xac}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
close(r2)

3m44.643972372s ago: executing program 7 (id=3800):
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x22, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0xfffffffffffffffe, 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setresuid(0xee00, 0xee00, 0x0)
r0 = syz_io_uring_setup(0x4e0, &(0x7f00000000c0)={0x0, 0x79af, 0x1000, 0x3, 0x400252}, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000340)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000500)=@IORING_OP_MKDIRAT={0x25, 0x17, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1f, 0x0, 0xf9b7a26b18f77d51})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
add_key$keyring(&(0x7f0000000540), 0x0, 0x0, 0x0, 0xffffffffffffffff)
io_uring_enter(r0, 0x627, 0x4c1, 0x43, 0x0, 0x0)

3m44.237346679s ago: executing program 7 (id=3803):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="01000000040000000400000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x18)
close(0xffffffffffffffff)
socket(0xa, 0x5, 0x40000000)
r2 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x0)
r4 = openat$cgroup_subtree(r3, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000300)=ANY=[@ANYBLOB='-cpu'], 0x5)

3m44.104658122s ago: executing program 7 (id=3805):
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262)
umount2(&(0x7f00000001c0)='./file0/../file0\x00', 0x2)

3m44.040902097s ago: executing program 7 (id=3817):
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pselect6(0x40, &(0x7f0000000100)={0x0, 0x4, 0x0, 0x1, 0x0, 0xffffffffffffffff}, 0x0, &(0x7f0000000240)={0x1f, 0x1, 0xfffffffffffffffd, 0x0, 0xfffffffffffffffc, 0x3, 0x0, 0x3}, 0x0, 0x0)
io_setup(0x3fd, &(0x7f0000000500)=<r2=>0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff7000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f000068c000/0xc000)=nil, &(0x7f0000ff1000/0xc000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r3 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x1, 0x800000c1})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="16"], 0x50)
io_uring_enter(r3, 0x2219, 0x7721, 0x16, 0x0, 0x0)
io_submit(r2, 0xf000, &(0x7f0000000300)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)='m', 0xfffffdfc}])

3m43.772442262s ago: executing program 7 (id=3809):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
semtimedop(0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000000180)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
timer_settime(r1, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)

3m43.763444443s ago: executing program 35 (id=3809):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
semtimedop(0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000000180)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
timer_settime(r1, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)

1.565544655s ago: executing program 3 (id=7747):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0xff, 0x0, 0x7fff0026}]})
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x20081e, &(0x7f0000000840)={[{@grpjquota}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0xa30}}, {@grpquota}]}, 0x1, 0x52a, &(0x7f0000001440)="$eJzs3c9vHFcdAPDvjL22k7h1WnoABG1oCwFFWcebNqp6gHJCCFVC9AhSauyNFWXXa3nXpTaRcM9ckajECY78AZx74s4FwY1LOSDxwwLVSBwGzezY2di7tpPYXmv385FG+9688XzfizPvzbxd7wtgbF2LiO2ImIqI9yNirtyflFu8093y4z7bebi0u/NwKYkse++fSVGe74uen8ldKc85ExE/+E7Ej5PDcdubWw8WG436epmf7zTX5tubWzfvNxdX6iv11VrtzsKdW2/dfrP2BK2ZObL0leZUmfryp3/Y/sZP82rNlnt623Gauk2v7MfJTUbE984i2BBMlO2ZGnZFeCppRLwYEa8W1/9cTBS/TQBglGXZXGRzvXkAYNSlxRxYklbLuYDZSNNqtTuH91JcThutdufGvdbG6nJ3ruxqVNJ79xv1W+Vc4dWoJHl+oUg/ytcO5G9HxAsR8YvpS0W+utRqLA/zxgcAxtiVA+P/f6a74z8AMOKO/tgMADCKjP8AMH6M/wAwfoz/ADB+uuP/pSf9sSzLfnYW1QEAzoHnfwAYP8Z/ABgr33/33XzLdsvvv17+YHPjQeuDm8v19oNqc2OputRaX6uutForxXf2NI87X6PVWlt4IzY+vPrNtXZnvr25dbfZ2ljt3C2+1/tuvVIctX0OLQMABnnhlU/+nOQj8tuXii161nKoDLVmwFlLh10BYGgmhl0BYGi6q331WaAPGHmPnvGf+EMApgdgRBx3BzDT7w+EsizLzq5KwBm7/gXz/zCuyvn/SZ8ChvFz3Px/sTawNwlhJE0OuwLA0GRZctI1/+OkBwIAF9sRc/xXz/M+BBieAe//v1i+/rZ8c+BHyweP+PgsawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX2976v9Vymd/ZSNNqNeK5YgGgSnLvfqN+KyKej4g/TVem8/zCkOsMADyr9G9Juf7X9bnXZx8revnKfnIqIn7yq/d++eFip7P+x4ip5F/Te/s7H5f7a8cGmzmLFgAAR9sbp4vXngf5z3YeLu1t51mfv3+7e1eQx93dmYrd/fiTMVm8zkQlIi7/OynzXUnP3MWz2P4oIj7fr/1JzBZzIN1bloPx89jPnVL8iRPFTx+Ln5YLNKflv8XnTqEuMG4+yfufd/pdf2lcK177X/8zRQ/17Mr+Lz/V0m7RBz6Kv9f/TQzo/66dNMYbv/9uN3XpcNlHEV+cjNiLvdvT/+zFTwbEf/2E8f/ypZdfHVSW/TrievSP3xtrvtNcm29vbt2831xcqa/UV2u1Owt3br11+83afDFHPT94NPjH2zeeH1SWt//ygPgzx7T/q4NOeuAp9zf/e/+HXzki/tdf6xc/jZeOiJ+PiV8b2OLHLV7+3cDn7jz+8uH2Jyf5/d84YfxP/7p1aNlwAGB42ptbDxYbjfq6hMTFT+T/ZS9ANfomvnVesaaif9HPX+te0weKsuypYg3qMU5j1g24CPYv+oj477ArAwAAAAAAAAAAAAAA9HUef7E07DYCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwuv4fAAD//9VG0+g=")
sendmsg$key(0xffffffffffffffff, 0x0, 0x14)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
futex(0x0, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x12000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, 0x0, 0x0)
poll(0x0, 0x0, 0x9)
close_range(r0, 0xffffffffffffffff, 0x0)

1.535696338s ago: executing program 0 (id=7748):
r0 = gettid()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$int_in(r1, 0x5452, &(0x7f0000b28000)=0x3)
fcntl$setsig(r1, 0xa, 0x12)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000200)=<r3=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r3, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
dup2(r1, r2)
fcntl$setown(r1, 0x8, r0)
tkill(r0, 0x13)

1.463568215s ago: executing program 3 (id=7749):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_bp={0x0, 0x8}, 0x4, 0x0, 0x10000, 0x0, 0x2, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x1022002, 0x0)
r1 = dup(r0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x4, 0x8001, 0x0, 0xb49, 0x200000000002, 0x100000000000007, 0x8, 0x3}, 0x0)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x8000fffffffe)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, 0x0, 0x0)
io_uring_register$IORING_REGISTER_PROBE(0xffffffffffffffff, 0x8, 0xfffffffffffffffe, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, 0xffffffffffffffff, 0x10c000)

1.398799801s ago: executing program 8 (id=7750):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x6, 0x1, 0xffffbfff, 0x1, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000810018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)

1.264852323s ago: executing program 0 (id=7751):
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x2, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x39, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket(0xa, 0x2, 0x0)
setsockopt$inet_int(r0, 0x0, 0xb, &(0x7f00000000c0)=0x1002, 0x4)
sendto$inet(r0, 0x0, 0xffe5, 0x0, &(0x7f0000000000)={0x2, 0x4e20}, 0x10)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff1000/0x3000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ff6000/0x3000)=nil, &(0x7f0000ff2000/0x1000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r1 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0xc89d, 0xc000, 0xa, 0x3c})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x0, 0xfff0}, {0xe, 0xffff}}}, 0x24}}, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000180)=0xb4)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)

1.264606303s ago: executing program 3 (id=7752):
r0 = syz_io_uring_setup(0x6fb2, &(0x7f0000000580)={0x0, 0xd235, 0x10101, 0x0, 0x28a}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x20}}, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000480)=[{&(0x7f00000004c0)=""/45, 0x2d}], 0x1)
mbind(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, &(0x7f00000001c0)=0xffffffffffffff00, 0x9, 0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000a00)=ANY=[@ANYBLOB="180100000700002c0000000000000004850000002a00000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80001}, 0x5c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r3, 0x0, 0x2}, 0x18)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<'], 0x38}}, 0x80)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r4, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FALLOCATE={0x11, 0x10, 0x0, @fd_index=0x8, 0xfff, 0x0, 0x6})
io_uring_enter(r0, 0x2d3e, 0x2936, 0x0, 0x0, 0x0)

1.264296753s ago: executing program 0 (id=7753):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x181)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000500)='9p_client_req\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000002240)='9p_client_req\x00', r1}, 0x10)
pipe2$9p(&(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
r5 = dup(r4)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r5])

1.231892136s ago: executing program 3 (id=7755):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x4a000, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000040000000000000000009ec50936110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r1}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r3}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast})

1.166197492s ago: executing program 0 (id=7757):
r0 = socket(0x2, 0x80805, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
pipe(&(0x7f0000005880)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
fsetxattr$security_selinux(r1, &(0x7f00000000c0), &(0x7f0000000040)='system_u:object_r:dhcp_state_t:s0\x00', 0x1e, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000480)={0x0, 0x9}, 0xc)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000a9000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r2, 0x0, 0xf}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB], 0x48)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)

1.135706345s ago: executing program 3 (id=7759):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r2}, 0x10)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000004c0), 0x0, 0x5}, 0x38)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6tnl0\x00', 0x210})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x108100, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x89f1, &(0x7f0000000080))

1.094573879s ago: executing program 0 (id=7760):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r2)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, 'X.'}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x68}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x48, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x1c, 0x3, 0x0, 0x1, [{0x18, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x68}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)

1.093887219s ago: executing program 8 (id=7761):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x103, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0xb95b5ec032cc8e84}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f0000000080)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r2}, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r4, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}}, 0x6048800)
r5 = memfd_create(&(0x7f0000000040)='!\x00', 0x5)
fstatfs(r5, &(0x7f0000000080)=""/82)

1.073880681s ago: executing program 0 (id=7763):
unshare(0x6a040000)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x3, 0x1d459d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x3}, 0x6025, 0x4005, 0xb, 0x0, 0x1, 0x1000, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000002800)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000002880), 0x1, 0x5fd, &(0x7f0000002ec0)="$eJzs3c9vFFUcAPDv7LalpWALMSoepIkxkCgtLWCI8QBXYxr8ES9erLQgoUDT1mjRhJLgxcR4McbEkwfxv1AiV0960YMXT4aEqOFo4prZ7vTnbH8s7Q4wn0+y7My8ebw3LN++t6/vzQRQWgPpH5WIAxExlUT0JfOLaR3RSBxYOO/ePx+fTV9J1Gpv/JVE0jiWnZ803nsbmbsj4ucfk9hfXVvuzNzVi2OTkxPTjf2h2UtTQzNzV49cuDR2fuL8xOWRF0dOnjh+4uTw0Zau69raQ2l1Puj7dPTtb7/+Nxn+7vfRJE7FK40Tl1/HdhmIgfq/SbI2qffkdhdWkGrj/8nyjzjpKLBCbEn2+XVGxJPRF9VY+vD64pPXCq0csKNqSUQNKKlE/ENJZf2A7Lv96u/BlUJ6JUA73D29MACwNv47FsYGo7s+NrD7XhLLh3WSiGhtZG6lPRHx0+3RG+duj96Y3rsz43BAvvnrEfHUsvjvylKSevz3R3f01+O/siL+037BmcZ7evz1FstfPVQs/qF9FuK/O6f9X4r/aBL/7yyL/3dbLH9gafO9nhXx39PqJQEAAAAAAEBp3TodES/kzf+pLM7/iZz5P70RcWobyh9Ytb/29/+VO9tQDJDj7umIl3Pn/1aiujD7t7/a+D3/3vp8gM7k3IXJiaMR8VhEHI7OXen+8DplHPls/1fN0gYa8/+yV1p++r50RuVOx66VecbHZsfu97qBiLvXI57Onf+bLLb/SU77n/48mNpkGfufu3mmWdrG8Q/slNo3EYdy2/+lu1Yk69+fY6jeHxjKegVrPfPR5983K7/V+HeLCbh/afu/e/3470+W369nZutlHJvrqDVLa7X/35W8Wb/lTLZc4cOx2dnp4Yie5NVqenTF8ZGt1xkeRVk8ZPGSxv/hZ9cf/8vr//dExPyqvzv5e+Wa4swT//X+0aw++v9QnDT+x7fU/jfdSOYjcpNGbvb/0Kz8zbX/x+tt/eHGEeN/sODLLEy7Vh7PCdCOvKR21xcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgWViNgTSWVwcbtSGRyM6I2Ix2N3ZfLKzOzz5668f3k8Tas//7+SPem3b2E/yZ7/379sf2TV/rGI2BcRX1R76vuDZ69Mjhd98QAAAAAAAAAAAAAAAAAAAPCA6G2y/j/1Z7Xo2gE7rqPoCgCFyYn/X4qoB9B+2n8oL/EP5SX+obzEP5SX+IfyEv9QXuIfykv8AwAAAADAI2XfwVu/JREx/1JP/ZXqaqR1FlozYKdViq4AUBi3+IHyMvUHyst3fCDZIL27aaaNcjbLnJo6u3FmAAAAAAAAAAAAACBz6ID1/1BW1v9DeVn/D+WVrf8/WHA9gPZr+Tt+0zW9wMNovZX8zcN9E+v/AQAAAAAAAAAAAIBtMTN39eLY5OTEdPs2fm089Cv3nJ6IaHN9so23iii02I1arXat/lE8IPV5yDeyqfCbz9WdHwU7s5Gt9dtcroJ+IAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGv8HwAA//+xpBxA")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./bus\x00', 0x4040, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0xffffffff, 0xfd}, 0x0, 0x0, 0x1, 0x0, 0x2, 0xff, 0xffff, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xfff8000000000001, 0xffffffffffffffff, 0x9)
futex(0x0, 0xc, 0x1, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7ffff000)
socket$netlink(0x10, 0x3, 0x8000000004)

1.041494694s ago: executing program 3 (id=7764):
r0 = epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
epoll_pwait(r0, &(0x7f0000000140)=[{}], 0x1, 0x2d516fb6, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r2, &(0x7f0000000100)={0x20000014})
pselect6(0x40, &(0x7f0000000000)={0xa, 0x80000001, 0x2, 0x10000000000006, 0x12, 0x8, 0x80000000, 0x8}, 0x0, 0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='contention_end\x00', r3}, 0x10)
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, 0x0, 0x0)

821.604794ms ago: executing program 6 (id=7767):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0xffffffffffffff60)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0xf, 0x0, 0x7fff8000}]})
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x10, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000028000000bca30000000000003403000040feffff720af1ff0000000071a4f1ff000000001f030000000000002e0a0200000000002604fdffffff000e61144400000000001d430000000000007a0a00fe0000001f61141c0000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f30002af51efd601b6bf01c8e8b1fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566de74e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48b936e6f9e0fcda88fe4413537528fd79153baae244e7bf573eac34b781337ad5901a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b602396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb1188883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d648532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54dd84323afc4c10eff462c8843187f1dd48ef0900000000000000ff0f4000000000f00700003c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c1011e32f808890205f0e6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963442aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2869291b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e637d4219ef7ec61261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addbc4b3093c91b8068c5adfcb0d7fd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf699b3746979f99f6a1527f004f37e84fb478199dc1020f4beb98b8074bf7df8b5e783637daf121f175a81cffff4ac55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a4a274000000000000000000000000000000000000000000000009dd14b38f2f5426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd030000006d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10b0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07e18b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e8c0a0d213c3ffad44d2a376def42e41e9fc3167a257e040fa7cf32c221aaac6cfdeb33c27500001a0000000000000000000017350000c11ae694b0c69c2c03f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d10522a7a945b93fb705b95b6aae27a8fab1e6984c8bdc12360627137ab6737b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481ffe46a4ce86be0b1f8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0b74903580ac98708007c80d6c7d0de4614195e40d797c0348dd70f36a220e8b3710fb5358c27e90793bcb9ee6319342c4b239ca8cbc6fc83d32e6eb62ad92e43991f2447be9c2a1ae1119eafb901a43d57e885116d19aa152bfb89f8d0b2516f80120a1cddff771657f3d0288ec3899f1e3ba0151c4037148fb479de703fc52b6573349c28d1b107d859b4961324c17756dde99de1924a1d2b7095d34a55060f47f4407d89acf9f285b20c2e6b3d0491d0d3591b0d94713332b6b79c8297117b0d14eff64e0aca8a4b4aa773d8fba1217e9519952419bb9dd998d0ec870ff00b6d556018602738fbc6cec89d6dd13cf55b96f6fe9a137d2d6a56ad78e52c23ed080000000000002bc261a781fd14126c146a0aac4221839a4b9bbf61e4bba695a41e2109eba8e40c370267cc51ffadbd15cafc97a4d3edfdcb9b5729307c6bdaf7b69325fb05fa8a9869de0600ee477d71bf3e36d1d9019edfa27aae24b632f251df210c86a18fae731ecb8b0d48357378caf2b6789509b1bacfd4fa812dc341875cfa5e798bbf59770000000000000000c8a594ea3c3347962d9113b1fecdfad5a8da641053f02e49456f5d21674521e67a5b18ea451eccf69dd6af928d2d68da9304a296c22fdcea26498d26229110b1aade386b113045033a6188d56e675564d8cb8d5b40114b0f5bf15dd64c9ece60b8588ee8777d0ea8f4713b258427c7d90f9e93348e17723ba9ab8ae790f74cc41ae5795835f3cec40dff485d2802c08611454d9ea784a205bcc07ec26f906f3cf45bb37014ab6f22af6213618e242b283ea9d3f0677ee598072ec06f7170009d92bb7ed9d12c378dfd3e74ec056ee83eef666423d934fc5908c9ff98715218a5964f1e00000000426ac9588e27aefe307f49662990ee823568bbc2f89596ced7c6c52d76b8096f1848410843b93fd404f535be474f456778b5ef85abb8fc2336abd5ea64a6efea8a5aca0015499b88ae780a7bae4df603bd3c72808cf300440b1b638a6640f7de8d0d82f359ca2f779cd48cd8d3603f4f69e47f386988c9b7b5d6dd3d48a1fdca780049d7c87bea42161a4c0d7cf0125b43dc9d8845f3c05a08acda647e7143d0e0aee2949a45e2848890522c2288072467d2afe269f589fb7e034b92d3ca245b16b71998711bfe206c9690b6d0eebb06a29349229eb45ff15c63aa2c82c56d7420738cd1b04eb16e87cb524315d7361ea3635d3799bb7fcc56aa5e1dbe031a7a12554dee6754b72f43a6fddf427f32ec3df274a88097725679769beebf1aa6eb09d5154e4900000000000d0f7160a05911d969879953d3d4702b2676c07bb0fd14020a66718378825d5ed789711b77d40dc31e0b8fc651b45559da463f0000000000000000000000000052d42124e9c26aba885015e69d42ecd710342ac597ebea576ae15fdf611356f622e831741ab15549e0d7a2bd0324e2b3b48a10551607492c19eaf58485feb4cab19c303b30ba2ddea0d792d77724c9fa4ed58b93668fc20484f141ee2b6a0029e88fdc853189b4dafd36ff23b11967090e508f45e3f10857038a52ef275cf9e3e4b5d30b12d138dfa70930c603b5e3f4b7be67be3dba3cbd8d4d143195af0697d779445d67dcfbd922d12a8b49f93eac7a72faacf80346b3b6"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xffffffffffffffc2}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='rxrpc_local\x00', r3, 0x0, 0x80000001}, 0x18)
r4 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001a00)=ANY=[], 0x10b8}, 0x4000000)
close_range(r2, 0xffffffffffffffff, 0x0)

667.035258ms ago: executing program 2 (id=7769):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r4}, 0x0, &(0x7f0000000040)}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r5}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={r3, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000280)="b9ff03076804268c989e14f088a8", 0x0, 0x2, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

657.787989ms ago: executing program 8 (id=7770):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bind$unix(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000750000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000e00000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
setsockopt$inet6_IPV6_RTHDR(0xffffffffffffffff, 0x29, 0x39, 0x0, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="1c000000030605000000000000000000000000060500010007"], 0x1c}, 0x1, 0x0, 0x0, 0x24040800}, 0x8d0)

580.762296ms ago: executing program 6 (id=7771):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x28616, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000026}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_RECVMSG={0xa, 0x34, 0x3, 0xffffffffffffffff, 0x0, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000000240)=[{0x0}], 0x4e}, 0x0, 0x40000000})
r0 = syz_io_uring_setup(0x64d, &(0x7f00000006c0)={0x0, 0x11f8, 0x8, 0x0, 0x3b7}, &(0x7f0000000500)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000780)=""/201, 0xc9}], 0x1)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000200)=[{0x30, 0x4, 0x0, 0x2}]}, 0xffffffffffffff0e)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x0, 0x0, 0xffffffffffffffff, 0x0, r0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='sched_switch\x00'}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000380)='sys_enter\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000050b6850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
io_uring_enter(r0, 0xd12, 0xd9bd, 0x9, 0x0, 0x0)

571.563237ms ago: executing program 8 (id=7772):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, 0x0}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_NAME(0xf, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000130000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000cc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x4}}], 0x18}}], 0x1, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCBRDELBR(r3, 0x89a2, &(0x7f0000000200)='bridge0\x00')
ioctl$sock_SIOCBRDELBR(r2, 0x89a3, &(0x7f0000000200)='bridge0\x00')

524.599091ms ago: executing program 2 (id=7773):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x10}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r0, &(0x7f0000000040)=ANY=[], 0x32)
stat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0005}]})
sync()
syz_io_uring_setup(0x4b5, &(0x7f0000010400)={0x0, 0x86df, 0x1, 0x8}, &(0x7f0000000140), &(0x7f0000000000))

411.285832ms ago: executing program 2 (id=7774):
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000001000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x7}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.controllers\x00', 0x275a, 0x0)
socket$inet6_sctp(0xa, 0x801, 0x84)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000600)={0x5, 0xb, &(0x7f0000000540)=ANY=[@ANYRES32=0x0, @ANYRESOCT, @ANYRESOCT, @ANYRES16, @ANYRES32=0x0, @ANYRES8=r2], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000dc0), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_GET(r3, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000540)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000fbfbdf25270000000e0001006e655f64657673696d0000000f0002006e657464657673696d3000001c0053"], 0x50}, 0x1, 0x0, 0x0, 0x24040011}, 0x0)

348.373158ms ago: executing program 8 (id=7775):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x1b, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xc}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x51, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f00000002c0)='kfree\x00', r1, 0x0, 0x40}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r2)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4044)
sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a480000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000001c000380180000800c00018006000100d1a3a700080003400000000114000000110001"], 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r4, 0xffffffffffffffff, 0x0)

300.566202ms ago: executing program 6 (id=7776):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x3d8}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r2)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r3)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x40000)
sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a480000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000001c000380180000800c00018006000100d1a3a700080003400000000114000000110001"], 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1400000010007b0000000000000000010500000a480000001e0a010100000000000000000a0000060900020073797a31000000000900010073797a31"], 0x70}, 0x1, 0x0, 0x0, 0x4451099e661a63b1}, 0x0)

300.375652ms ago: executing program 2 (id=7777):
r0 = socket(0x2, 0x80805, 0x0)
close(0x3)
r1 = socket(0x2, 0x80805, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r2, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000200)={<r3=>0x0, 0x10, &(0x7f00000005c0)=[@in={0x2, 0x4e22, @rand_addr=0x64010102}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x7a, &(0x7f0000000340)={r3, @in6={{0xa, 0x7, 0x4, @loopback}}}, &(0x7f0000000040)=0x84)
sendmmsg$inet_sctp(r1, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30}], 0x1, 0x0)
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0xc, &(0x7f0000000240)=@assoc_value={<r5=>0x0}, &(0x7f0000000080)=0x8)
setsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000001040)=@assoc_value={r5, 0x6}, 0x8)

299.249342ms ago: executing program 8 (id=7778):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7)
syz_read_part_table(0x59d, &(0x7f0000000000)="$eJzs0r1Le1cYB/CTgIRCJSKCgx0Eg0ujQhx0SAYrMWQxIlYcnAUHHQQHB0mJzr78A4pvIC5iZ0cxgijESTKKc0FxyZTS9hZq7dIWU/rj81ku55znuc89fG/gfy0efmo2m7EQQjPx97u/P8tPFHunxqZnQoiF+RBC/puvfz2JRRW/v/UiWpeidTGRqR3cjr+eddz1PVRTR/Ho/DIewg8hhKWn4+S/vRtfvvPcdXJjc6WwtZZbfCysPw8vDOR7tvPLuyOH2fJsd3Yu+rEu462Zn6qNntw3Sy977YNt1VojcxPVpWOfM5//1p/z3++q1CuNyf7T1aF0Z/2qvBPl/iZ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgk53nrpMbmyuFrbXc4mNh/Xl4YSDfs51f3h05zJZnu7Nz8d/qLuOtmZ+qjZ7cN0sve+2DbdVaI3MT1aVjH1q/+/FzPokW+ja8z3+/q1KvNCb7T1eH0p31q/JOlPvbx/wBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5SfqLYOzU2PRNCLMyHEMbjHce/7DcT7+suomcp2i8mMrWD2/HXs467vodq6mgqEcIfW5aejpNfteoS/GM/BwAA//8394ZP")
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff})
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r2, 0x0, r3, 0x0, 0x7, 0x9)
write$P9_RWRITE(r3, &(0x7f0000000040)={0xb}, 0x11000)

247.660777ms ago: executing program 2 (id=7779):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="160000000000000005000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000880)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a09000000000000000000020000000900020073794f310000000008000440"], 0x64}, 0x1, 0x0, 0x0, 0x814}, 0x0)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'ipvlan0\x00', <r5=>0x0})
syz_io_uring_setup(0xa82, &(0x7f0000000400)={0x0, 0x59fc, 0x80, 0x3, 0xbd7f7fff}, &(0x7f0000000040)=<r6=>0x0, &(0x7f00000001c0))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f00000002c0)=0x9, 0x0, 0x4)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000fedbdf25080000001800028014000380100001800400030008000100050000000c00018008000100", @ANYRES32=r5], 0x38}, 0x1, 0x0, 0x0, 0x40801}, 0x14)

213.56072ms ago: executing program 6 (id=7780):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='page_pool_release\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={r3, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000280)="b9ff03076804268c989e14f088a8", 0x0, 0x2, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

82.901442ms ago: executing program 6 (id=7781):
socket$packet(0x11, 0x3, 0x300)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00'}, 0x10)
open(0x0, 0x149442, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f00000005c0)='kmem_cache_free\x00', r0}, 0x10)
socket$key(0xf, 0x3, 0x2)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=@newsa={0x104, 0x10, 0x7, 0x0, 0x0, {{@in6=@mcast2, @in=@multicast2, 0x4e20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x33, 0x0, 0xee00}, {@in6=@mcast1, 0x0, 0x3c}, @in6=@private0, {0x0, 0x0, 0x2, 0x0, 0x10000000}, {0x0, 0x200000, 0x7}, {0x40000, 0xfffffffd, 0xae8}, 0x0, 0x0, 0xa, 0x2, 0x0, 0x70}, [@coaddr={0x14, 0xe, @in6=@remote}]}, 0x104}}, 0x0)

55.632095ms ago: executing program 2 (id=7782):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
socket$inet6(0xa, 0x3, 0xff)
socket$nl_audit(0x10, 0x3, 0x9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r2, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004140)=[{&(0x7f0000000240)=""/212, 0xd4}], 0x1}, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
syz_io_uring_setup(0x1e1e, &(0x7f0000000280)={0x0, 0x86f7, 0x10100}, 0x0, 0x0)
sendmsg$nl_xfrm(r3, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4c030000160001000000000000000000fc010000000000000000000000000000fe88000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac141400000000000000000000000000000000006c"], 0x34c}}, 0x0)

0s ago: executing program 6 (id=7783):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
r0 = syz_io_uring_setup(0x63c3, &(0x7f00000000c0)={0x0, 0x1e5, 0x3180, 0x0, 0x400251}, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000240)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000500)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x33, 0x4000, @fd_index=0x1, 0x5, 0x0, 0x0, 0x2, 0x1, {0x2}})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x47, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x18)
io_uring_enter(r0, 0x627, 0x4c1, 0x43, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
prlimit64(0x0, 0x7, 0x0, 0x0)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000580), 0x100}, 0x0)
select(0x2a, 0x0, 0x0, &(0x7f0000000400)={0xfefdffffffffffff, 0x1, 0x2, 0x300}, &(0x7f0000000440)={0x0, 0x2710})

kernel console output (not intermixed with test programs):

 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  359.007612][T24679] RSP: 002b:00007f2ca53af038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  359.007638][T24679] RAX: ffffffffffffffda RBX: 00007f2ca6ba5fa0 RCX: 00007f2ca694f749
[  359.007651][T24679] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003
[  359.007665][T24679] RBP: 00007f2ca69d3f91 R08: 0000000000000000 R09: 0000000000000000
[  359.007681][T24679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  359.007697][T24679] R13: 00007f2ca6ba6038 R14: 00007f2ca6ba5fa0 R15: 00007ffe862b6928
[  359.007721][T24679]  </TASK>
[  359.361914][T24679] memory: usage 307200kB, limit 307200kB, failcnt 282
[  359.368772][T24679] memory+swap: usage 372328kB, limit 9007199254740988kB, failcnt 0
[  359.377328][T24679] kmem: usage 297628kB, limit 9007199254740988kB, failcnt 0
[  359.384944][T24679] Memory cgroup stats for /syz3:
[  359.394710][T24679] cache 8060928
[  359.403393][T24679] rss 561152
[  359.406676][T24679] shmem 8056832
[  359.410136][T24679] mapped_file 0
[  359.413684][T24679] dirty 0
[  359.416633][T24679] writeback 0
[  359.420021][T24679] workingset_refault_anon 7759
[  359.424828][T24679] workingset_refault_file 2540
[  359.429591][T24679] swap 66691072
[  359.433137][T24679] swapcached 1134592
[  359.437258][T24679] pgpgin 610317
[  359.440729][T24679] pgpgout 607934
[  359.444362][T24679] pgfault 509190
[  359.447930][T24679] pgmajfault 1039
[  359.451658][T24679] inactive_anon 7278592
[  359.455826][T24679] active_anon 2473984
[  359.459914][T24679] inactive_file 0
[  359.463640][T24679] active_file 4096
[  359.467439][T24679] unevictable 0
[  359.470991][T24679] hierarchical_memory_limit 314572800
[  359.476376][T24679] hierarchical_memsw_limit 9223372036854771712
[  359.482736][T24679] total_cache 8060928
[  359.486718][T24679] total_rss 561152
[  359.490498][T24679] total_shmem 8056832
[  359.494481][T24679] total_mapped_file 0
[  359.498544][T24679] total_dirty 0
[  359.502046][T24679] total_writeback 0
[  359.506059][T24679] total_workingset_refault_anon 7759
[  359.511451][T24679] total_workingset_refault_file 2540
[  359.516754][T24679] total_swap 66691072
[  359.520771][T24679] total_swapcached 1134592
[  359.525263][T24679] total_pgpgin 610317
[  359.529250][T24679] total_pgpgout 607934
[  359.533398][T24679] total_pgfault 509190
[  359.537547][T24679] total_pgmajfault 1039
[  359.541730][T24679] total_inactive_anon 7278592
[  359.546417][T24679] total_active_anon 2473984
[  359.550939][T24679] total_inactive_file 0
[  359.555130][T24679] total_active_file 4096
[  359.559385][T24679] total_unevictable 0
[  359.563392][T24679] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.6689,pid=24678,uid=0
[  359.591261][T24679] Memory cgroup out of memory: Killed process 24679 (syz.3.6689) total-vm:96016kB, anon-rss:1268kB, file-rss:22216kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:0
[  359.762061][T24725] netlink: 'syz.0.6705': attribute type 1 has an invalid length.
[  359.813729][T24725] 8021q: adding VLAN 0 to HW filter on device bond1
[  359.875568][T24725] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6705'.
[  359.999475][T24741] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6712'.
[  360.011473][T24725] bond1 (unregistering): Released all slaves
[  360.055007][ T5172] net_ratelimit: 27 callbacks suppressed
[  360.055079][ T5172] bond2: (slave bridge4): failed to get link speed/duplex
[  360.273166][T24758] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6717'.
[  360.282274][ T5157] bond2: (slave bridge4): failed to get link speed/duplex
[  360.316432][T24758] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6717'.
[  360.396890][ T5160] bond2: (slave bridge4): failed to get link speed/duplex
[  360.514498][ T5160] bond2: (slave bridge4): failed to get link speed/duplex
[  360.540325][T24770] lo speed is unknown, defaulting to 1000
[  360.638480][T24777] set match dimension is over the limit!
[  360.644481][ T5160] bond2: (slave bridge4): failed to get link speed/duplex
[  360.668840][T24779] netlink: 24 bytes leftover after parsing attributes in process `syz.2.6727'.
[  360.771510][   T29] kauditd_printk_skb: 84 callbacks suppressed
[  360.771527][   T29] audit: type=1326 audit(356.511:20546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24784 comm="syz.2.6730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe83e7ff749 code=0x7ffc0000
[  360.824541][ T5160] bond2: (slave bridge4): failed to get link speed/duplex
[  360.842258][   T29] audit: type=1326 audit(356.511:20547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24784 comm="syz.2.6730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe83e7fdf90 code=0x7ffc0000
[  360.865684][   T29] audit: type=1326 audit(356.511:20548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24784 comm="syz.2.6730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe83e7ff749 code=0x7ffc0000
[  360.888827][   T29] audit: type=1326 audit(356.511:20549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24784 comm="syz.2.6730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe83e7ff749 code=0x7ffc0000
[  360.911905][   T29] audit: type=1326 audit(356.511:20550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24784 comm="syz.2.6730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe83e7ff749 code=0x7ffc0000
[  360.935367][   T29] audit: type=1326 audit(356.511:20551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24784 comm="syz.2.6730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe83e7ff749 code=0x7ffc0000
[  360.958552][   T29] audit: type=1326 audit(356.511:20552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24784 comm="syz.2.6730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe83e7ff749 code=0x7ffc0000
[  360.981814][   T29] audit: type=1326 audit(356.511:20553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24784 comm="syz.2.6730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe83e7ff749 code=0x7ffc0000
[  361.005345][   T29] audit: type=1326 audit(356.511:20554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24784 comm="syz.2.6730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe83e7ff749 code=0x7ffc0000
[  361.028687][   T29] audit: type=1326 audit(356.521:20555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24784 comm="syz.2.6730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe83e7ff749 code=0x7ffc0000
[  361.066010][ T5173] bond2: (slave bridge4): failed to get link speed/duplex
[  361.209290][   T53] bond2: (slave bridge4): failed to get link speed/duplex
[  361.219041][T24790] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6732'.
[  361.348471][ T5173] bond2: (slave bridge4): failed to get link speed/duplex
[  361.420479][T24801] netlink: 24 bytes leftover after parsing attributes in process `syz.8.6737'.
[  361.475312][T24802] ipvlan0: left allmulticast mode
[  361.480517][T24802] veth0_vlan: left allmulticast mode
[  361.487291][T24802] veth4: left promiscuous mode
[  361.492093][T24802] veth4: left allmulticast mode
[  361.499523][T24802] bond2: left promiscuous mode
[  361.504360][T24802] bridge4: left promiscuous mode
[  361.509485][T24802] bond2: left allmulticast mode
[  361.514413][T24802] bridge4: left allmulticast mode
[  361.521307][T24802] bond3: left promiscuous mode
[  361.526102][T24802] ip6gretap0: left promiscuous mode
[  361.531516][T24802] bond3: left allmulticast mode
[  361.536505][T24802] ip6gretap0: left allmulticast mode
[  361.550267][T24802] team0: left promiscuous mode
[  361.555143][T24802] team0: left allmulticast mode
[  361.572928][T24802] ip6gre1: left promiscuous mode
[  361.577924][T24802] ip6gre1: left allmulticast mode
[  361.584355][T24801] IPVS: Unknown mcast interface: ipvlan1
[  361.594223][    T9] syb2: Port: 1 Link DOWN
[  361.628043][T24809] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6739'.
[  361.659228][T24809] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6739'.
[  361.750265][T24818] netlink: 'syz.8.6744': attribute type 1 has an invalid length.
[  361.758205][T24818] netlink: 'syz.8.6744': attribute type 4 has an invalid length.
[  361.766004][T24818] netlink: 9462 bytes leftover after parsing attributes in process `syz.8.6744'.
[  361.792850][T24818] netlink: 'syz.8.6744': attribute type 1 has an invalid length.
[  361.800874][T24818] netlink: 'syz.8.6744': attribute type 4 has an invalid length.
[  361.808718][T24818] netlink: 9462 bytes leftover after parsing attributes in process `syz.8.6744'.
[  361.875448][T24830] bridge: RTM_NEWNEIGH with invalid ether address
[  362.125046][T24850] lo speed is unknown, defaulting to 1000
[  362.418465][T24873] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6766'.
[  362.451172][T24875] netlink: 20 bytes leftover after parsing attributes in process `syz.6.6767'.
[  362.818877][T24894] netlink: 14 bytes leftover after parsing attributes in process `syz.2.6773'.
[  363.074330][T24911] lo speed is unknown, defaulting to 1000
[  363.202848][T24914] loop8: detected capacity change from 0 to 4096
[  363.213927][T24914] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  363.299827][T14355] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  363.532104][T24929] netlink: 'syz.6.6788': attribute type 1 has an invalid length.
[  363.574756][T24929] 8021q: adding VLAN 0 to HW filter on device bond5
[  363.595746][T24936] bond5: (slave ip6gretap2): making interface the new active one
[  363.606029][T24936] bond5: (slave ip6gretap2): Enslaving as an active interface with an up link
[  363.638559][T24929] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=24929 comm=syz.6.6788
[  364.051164][T24966] lo speed is unknown, defaulting to 1000
[  364.276021][T24973] VFS: Mount too revealing
[  365.092240][T25007] team1: left allmulticast mode
[  365.097496][T25007] team2: left promiscuous mode
[  365.102445][T25007] team2: left allmulticast mode
[  365.107597][T25007] ip6gre1: left allmulticast mode
[  365.117966][T25007] ip6gre2: left allmulticast mode
[  365.124003][T25007] gtp0: left promiscuous mode
[  365.129903][T25007] bond0: left allmulticast mode
[  365.140085][T25007] bond1: left promiscuous mode
[  365.145020][T25007] bond1: left allmulticast mode
[  365.159120][   T53] netdevsim netdevsim2 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  365.168131][   T53] netdevsim netdevsim2 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  365.178014][   T53] netdevsim netdevsim2 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  365.196632][   T53] netdevsim netdevsim2 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  365.595208][T25032] netlink: 'syz.0.6826': attribute type 4 has an invalid length.
[  365.647172][T25038] lo speed is unknown, defaulting to 1000
[  365.757771][T25046] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=25046 comm=syz.6.6832
[  366.049588][T25059] __nla_validate_parse: 5 callbacks suppressed
[  366.049603][T25059] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6837'.
[  366.108298][T25059] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6837'.
[  366.292613][   T29] kauditd_printk_skb: 442 callbacks suppressed
[  366.292634][   T29] audit: type=1326 audit(361.675:20998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25068 comm="syz.6.6842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3f0b6165e7 code=0x7ffc0000
[  366.358130][   T29] audit: type=1326 audit(361.675:20999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25068 comm="syz.6.6842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f3f0b5bb829 code=0x7ffc0000
[  366.381428][   T29] audit: type=1326 audit(361.675:21000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25068 comm="syz.6.6842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3f0b6165e7 code=0x7ffc0000
[  366.404819][   T29] audit: type=1326 audit(361.675:21001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25068 comm="syz.6.6842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f3f0b5bb829 code=0x7ffc0000
[  366.427855][   T29] audit: type=1326 audit(361.675:21002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25068 comm="syz.6.6842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f0b61f749 code=0x7ffc0000
[  366.451426][   T29] audit: type=1326 audit(361.675:21003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25068 comm="syz.6.6842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f0b61f749 code=0x7ffc0000
[  366.474823][   T29] audit: type=1326 audit(361.675:21004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25068 comm="syz.6.6842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3f0b61f749 code=0x7ffc0000
[  366.498129][   T29] audit: type=1326 audit(361.675:21005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25068 comm="syz.6.6842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f0b61f749 code=0x7ffc0000
[  366.521471][   T29] audit: type=1326 audit(361.675:21006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25068 comm="syz.6.6842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f0b61f749 code=0x7ffc0000
[  366.544630][   T29] audit: type=1326 audit(361.675:21007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25068 comm="syz.6.6842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3f0b61f749 code=0x7ffc0000
[  367.033392][T25076] loop8: detected capacity change from 0 to 128
[  367.056527][T25080] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6846'.
[  367.148982][T25089] lo: left promiscuous mode
[  367.165870][T25089] wg2: left promiscuous mode
[  367.170542][T25089] wg2: left allmulticast mode
[  367.176104][T25089] veth0_to_team: left promiscuous mode
[  367.184030][T25089] bridge6: left promiscuous mode
[  367.189171][T25089] bridge6: left allmulticast mode
[  367.194369][T25089] team2: left promiscuous mode
[  367.199289][T25089] team2: left allmulticast mode
[  367.204222][T25089] ip6gre3: left allmulticast mode
[  367.209415][T25089] ip6gre4: left allmulticast mode
[  367.214972][T25089] veth12: left promiscuous mode
[  367.219860][T25089] veth12: left allmulticast mode
[  367.225605][T25089] team3: left promiscuous mode
[  367.230512][T25089] team3: left allmulticast mode
[  367.231070][T25092] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  367.231070][T25092] The task syz.2.6847 (25092) triggered the difference, watch for misbehavior.
[  367.235744][T25089] veth20: left promiscuous mode
[  367.258340][T25089] veth20: left allmulticast mode
[  367.266082][T25089] bond3: left allmulticast mode
[  367.274352][T25089] veth23: left promiscuous mode
[  367.756146][T25104] syz.0.6852 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=0
[  367.770271][T25104] CPU: 0 UID: 0 PID: 25104 Comm: syz.0.6852 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  367.770313][T25104] Tainted: [W]=WARN
[  367.770322][T25104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  367.770334][T25104] Call Trace:
[  367.770341][T25104]  <TASK>
[  367.770369][T25104]  __dump_stack+0x1d/0x30
[  367.770395][T25104]  dump_stack_lvl+0x95/0xd0
[  367.770423][T25104]  dump_stack+0x15/0x1b
[  367.770449][T25104]  dump_header+0x81/0x240
[  367.770476][T25104]  oom_kill_process+0x295/0x350
[  367.770580][T25104]  out_of_memory+0x97b/0xb80
[  367.770612][T25104]  try_charge_memcg+0x610/0xa10
[  367.770642][T25104]  obj_cgroup_charge_pages+0xa6/0x150
[  367.770714][T25104]  __memcg_kmem_charge_page+0x9f/0x170
[  367.770772][T25104]  __alloc_frozen_pages_noprof+0x18f/0x360
[  367.770804][T25104]  alloc_pages_mpol+0xb3/0x260
[  367.770858][T25104]  alloc_pages_noprof+0x90/0x130
[  367.770918][T25104]  __vmalloc_node_range_noprof+0xa7b/0x1310
[  367.770957][T25104]  __kvmalloc_node_noprof+0x492/0x6b0
[  367.770990][T25104]  ? ip_set_alloc+0x24/0x30
[  367.771028][T25104]  ? ip_set_alloc+0x24/0x30
[  367.771070][T25104]  ip_set_alloc+0x24/0x30
[  367.771106][T25104]  hash_netiface_create+0x282/0x740
[  367.771224][T25104]  ? __pfx_hash_netiface_create+0x10/0x10
[  367.771266][T25104]  ip_set_create+0x3cc/0x970
[  367.771300][T25104]  ? __nla_parse+0x40/0x60
[  367.771334][T25104]  nfnetlink_rcv_msg+0x4c6/0x590
[  367.771421][T25104]  netlink_rcv_skb+0x123/0x220
[  367.771459][T25104]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  367.771566][T25104]  nfnetlink_rcv+0x167/0x16c0
[  367.771668][T25104]  ? xas_find+0x15e/0x3e0
[  367.771699][T25104]  ? xas_load+0x405/0x430
[  367.771734][T25104]  ? find_get_entry+0x374/0x380
[  367.771763][T25104]  ? css_rstat_updated+0xbb/0x280
[  367.771801][T25104]  ? try_charge_memcg+0x215/0xa10
[  367.771826][T25104]  ? css_rstat_updated+0xbb/0x280
[  367.771852][T25104]  ? refill_stock+0x32f/0x390
[  367.771873][T25104]  ? page_counter_cancel+0xb3/0x1b0
[  367.771987][T25104]  ? __rcu_read_unlock+0x4f/0x70
[  367.772008][T25104]  ? obj_cgroup_uncharge_pages+0x103/0x150
[  367.772037][T25104]  ? refill_obj_stock+0x275/0x2e0
[  367.772070][T25104]  ? obj_cgroup_charge_account+0xba/0x1a0
[  367.772159][T25104]  ? should_fail_ex+0x30/0x280
[  367.772182][T25104]  ? selinux_nlmsg_lookup+0x99/0x890
[  367.772291][T25104]  ? __rcu_read_unlock+0x34/0x70
[  367.772315][T25104]  ? __netlink_lookup+0x266/0x2a0
[  367.772350][T25104]  netlink_unicast+0x5c0/0x690
[  367.772388][T25104]  netlink_sendmsg+0x58b/0x6b0
[  367.772428][T25104]  ? __pfx_netlink_sendmsg+0x10/0x10
[  367.772478][T25104]  __sock_sendmsg+0x145/0x180
[  367.772505][T25104]  ____sys_sendmsg+0x31e/0x4a0
[  367.772575][T25104]  ___sys_sendmsg+0x17b/0x1d0
[  367.772618][T25104]  __x64_sys_sendmsg+0xd4/0x160
[  367.772654][T25104]  x64_sys_call+0x17ba/0x3000
[  367.772706][T25104]  do_syscall_64+0xca/0x2b0
[  367.772743][T25104]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.772765][T25104] RIP: 0033:0x7fcecc76f749
[  367.772783][T25104] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  367.772849][T25104] RSP: 002b:00007fcecb1cf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  367.772875][T25104] RAX: ffffffffffffffda RBX: 00007fcecc9c5fa0 RCX: 00007fcecc76f749
[  367.772891][T25104] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003
[  367.772908][T25104] RBP: 00007fcecc7f3f91 R08: 0000000000000000 R09: 0000000000000000
[  367.772921][T25104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  367.772986][T25104] R13: 00007fcecc9c6038 R14: 00007fcecc9c5fa0 R15: 00007ffeb3d0ee68
[  367.773050][T25104]  </TASK>
[  368.132725][T25104] memory: usage 307200kB, limit 307200kB, failcnt 3410
[  368.139611][T25104] memory+swap: usage 365052kB, limit 9007199254740988kB, failcnt 0
[  368.147599][T25104] kmem: usage 228708kB, limit 9007199254740988kB, failcnt 0
[  368.154958][T25104] Memory cgroup stats for /syz0:
[  368.157518][T25104] cache 79503360
[  368.166118][T25104] rss 360448
[  368.169418][T25104] shmem 10186752
[  368.172988][T25104] mapped_file 4096
[  368.176726][T25104] dirty 0
[  368.179782][T25104] writeback 0
[  368.183092][T25104] workingset_refault_anon 3506
[  368.187984][T25104] workingset_refault_file 13726
[  368.192946][T25104] swap 59240448
[  368.196426][T25104] swapcached 499712
[  368.200278][T25104] pgpgin 576126
[  368.204118][T25104] pgpgout 556503
[  368.208285][T25104] pgfault 448890
[  368.211923][T25104] pgmajfault 475
[  368.215471][T25104] inactive_anon 368640
[  368.219826][T25104] active_anon 10678272
[  368.223979][T25104] inactive_file 77824
[  368.228051][T25104] active_file 0
[  368.231611][T25104] unevictable 69251072
[  368.235817][T25104] hierarchical_memory_limit 314572800
[  368.241288][T25104] hierarchical_memsw_limit 9223372036854771712
[  368.247499][T25104] total_cache 79503360
[  368.251774][T25104] total_rss 360448
[  368.255645][T25104] total_shmem 10186752
[  368.259818][T25104] total_mapped_file 4096
[  368.264264][T25104] total_dirty 0
[  368.267740][T25104] total_writeback 0
[  368.271581][T25104] total_workingset_refault_anon 3506
[  368.276959][T25104] total_workingset_refault_file 13726
[  368.282337][T25104] total_swap 59240448
[  368.286606][T25104] total_swapcached 499712
[  368.290940][T25104] total_pgpgin 576126
[  368.294980][T25104] total_pgpgout 556503
[  368.299093][T25104] total_pgfault 448890
[  368.303268][T25104] total_pgmajfault 475
[  368.307379][T25104] total_inactive_anon 368640
[  368.312074][T25104] total_active_anon 10678272
[  368.316988][T25104] total_inactive_file 77824
[  368.321577][T25104] total_active_file 0
[  368.325709][T25104] total_unevictable 69251072
[  368.330416][T25104] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.3730,pid=14134,uid=0
[  368.345152][T25104] Memory cgroup out of memory: Killed process 14134 (syz.0.3730) total-vm:95884kB, anon-rss:1172kB, file-rss:20736kB, shmem-rss:0kB, UID:0 pgtables:96kB oom_score_adj:1000
[  368.556554][T25103] syz.0.6852 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  368.567525][T25103] CPU: 0 UID: 0 PID: 25103 Comm: syz.0.6852 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  368.567564][T25103] Tainted: [W]=WARN
[  368.567572][T25103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  368.567587][T25103] Call Trace:
[  368.567628][T25103]  <TASK>
[  368.567639][T25103]  __dump_stack+0x1d/0x30
[  368.567667][T25103]  dump_stack_lvl+0x95/0xd0
[  368.567716][T25103]  dump_stack+0x15/0x1b
[  368.567740][T25103]  dump_header+0x81/0x240
[  368.567766][T25103]  oom_kill_process+0x295/0x350
[  368.567871][T25103]  out_of_memory+0x97b/0xb80
[  368.567898][T25103]  try_charge_memcg+0x610/0xa10
[  368.567973][T25103]  charge_memcg+0x51/0xc0
[  368.568007][T25103]  __mem_cgroup_charge+0x28/0xb0
[  368.568121][T25103]  filemap_add_folio+0x111/0x360
[  368.568155][T25103]  __filemap_get_folio_mpol+0x326/0x650
[  368.568256][T25103]  filemap_fault+0x44d/0xb70
[  368.568312][T25103]  ? css_rstat_updated+0xbb/0x280
[  368.568438][T25103]  ? balance_dirty_pages_ratelimited_flags+0x40b/0x5e0
[  368.568541][T25103]  ? __rcu_read_lock+0x37/0x50
[  368.568607][T25103]  __do_fault+0xbc/0x200
[  368.568629][T25103]  handle_mm_fault+0xd9c/0x2c60
[  368.568672][T25103]  do_user_addr_fault+0x630/0x1080
[  368.568760][T25103]  exc_page_fault+0x62/0xa0
[  368.568792][T25103]  asm_exc_page_fault+0x26/0x30
[  368.568816][T25103] RIP: 0033:0x7fcecc64f11a
[  368.568835][T25103] Code: 01 4c 89 44 24 10 4c 89 54 24 08 e8 a0 9d fe ff 48 8b 43 38 4c 8b 44 24 10 83 43 28 08 4c 8b 54 24 08 48 8d 48 f8 48 89 4b 38 <48> 89 68 f8 45 3b 78 04 0f 82 5e fe ff ff e9 ed fe ff ff 0f 1f 00
[  368.568900][T25103] RSP: 002b:00007ffeb3d0eef0 EFLAGS: 00010202
[  368.568921][T25103] RAX: 0000001b3400a000 RBX: 00007fcecd4f5720 RCX: 0000001b34009ff8
[  368.568937][T25103] RDX: 0000001b33a24220 RSI: 0000000000000008 RDI: 00007fcecd4f5720
[  368.569018][T25103] RBP: ffffffff817db628 R08: 00007fcecc9c6038 R09: 00007fcecc9b2000
[  368.569033][T25103] R10: 00007fcecc1d7008 R11: 0000000000000004 R12: 0000000000000004
[  368.569103][T25103] R13: 0000000000000467 R14: ffffffff817db058 R15: 000000000000a654
[  368.569119][T25103]  ? evict_folios+0x18d8/0x35a0
[  368.569142][T25103]  ? evict_folios+0x1ea8/0x35a0
[  368.569176][T25103]  </TASK>
[  368.569185][T25103] memory: usage 307200kB, limit 307200kB, failcnt 3617
[  368.788216][T25103] memory+swap: usage 364900kB, limit 9007199254740988kB, failcnt 0
[  368.796193][T25103] kmem: usage 228808kB, limit 9007199254740988kB, failcnt 0
[  368.803516][T25103] Memory cgroup stats for /syz0:
[  368.804165][T25103] cache 79437824
[  368.812890][T25103] rss 360448
[  368.816099][T25103] shmem 10186752
[  368.819669][T25103] mapped_file 0
[  368.823169][T25103] dirty 0
[  368.826115][T25103] writeback 0
[  368.829409][T25103] workingset_refault_anon 3506
[  368.834224][T25103] workingset_refault_file 13803
[  368.839077][T25103] swap 59084800
[  368.842732][T25103] swapcached 462848
[  368.847000][T25103] pgpgin 576203
[  368.850631][T25103] pgpgout 556605
[  368.854273][T25103] pgfault 448901
[  368.857827][T25103] pgmajfault 482
[  368.861415][T25103] inactive_anon 368640
[  368.865614][T25103] active_anon 10641408
[  368.869703][T25103] inactive_file 0
[  368.873452][T25103] active_file 12288
[  368.877358][T25103] unevictable 69251072
[  368.881627][T25103] hierarchical_memory_limit 314572800
[  368.887051][T25103] hierarchical_memsw_limit 9223372036854771712
[  368.893215][T25103] total_cache 79437824
[  368.897332][T25103] total_rss 360448
[  368.901071][T25103] total_shmem 10186752
[  368.905162][T25103] total_mapped_file 0
[  368.909199][T25103] total_dirty 0
[  368.912664][T25103] total_writeback 0
[  368.916592][T25103] total_workingset_refault_anon 3506
[  368.921868][T25103] total_workingset_refault_file 13803
[  368.927257][T25103] total_swap 59084800
[  368.931232][T25103] total_swapcached 462848
[  368.935535][T25103] total_pgpgin 576203
[  368.939513][T25103] total_pgpgout 556605
[  368.943562][T25103] total_pgfault 448901
[  368.947600][T25103] total_pgmajfault 482
[  368.951700][T25103] total_inactive_anon 368640
[  368.956373][T25103] total_active_anon 10641408
[  368.961040][T25103] total_inactive_file 0
[  368.965200][T25103] total_active_file 12288
[  368.969557][T25103] total_unevictable 69251072
[  368.974254][T25103] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.1389,pid=7227,uid=0
[  368.988943][T25103] Memory cgroup out of memory: Killed process 7227 (syz.0.1389) total-vm:95884kB, anon-rss:1168kB, file-rss:20736kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[  369.081336][T25146] netlink: 188 bytes leftover after parsing attributes in process `syz.3.6870'.
[  369.235131][T25160] netlink: 'syz.6.6877': attribute type 39 has an invalid length.
[  369.265871][T25103] syz.0.6852 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  369.276801][T25103] CPU: 1 UID: 0 PID: 25103 Comm: syz.0.6852 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  369.276841][T25103] Tainted: [W]=WARN
[  369.276848][T25103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  369.276940][T25103] Call Trace:
[  369.276947][T25103]  <TASK>
[  369.276980][T25103]  __dump_stack+0x1d/0x30
[  369.277010][T25103]  dump_stack_lvl+0x95/0xd0
[  369.277032][T25103]  dump_stack+0x15/0x1b
[  369.277051][T25103]  dump_header+0x81/0x240
[  369.277075][T25103]  oom_kill_process+0x295/0x350
[  369.277180][T25103]  out_of_memory+0x97b/0xb80
[  369.277208][T25103]  try_charge_memcg+0x610/0xa10
[  369.277239][T25103]  charge_memcg+0x51/0xc0
[  369.277280][T25103]  __mem_cgroup_charge+0x28/0xb0
[  369.277313][T25103]  filemap_add_folio+0x111/0x360
[  369.277336][T25103]  __filemap_get_folio_mpol+0x326/0x650
[  369.277362][T25103]  filemap_fault+0x44d/0xb70
[  369.277434][T25103]  ? tracing_record_taskinfo_sched_switch+0x71/0x260
[  369.277475][T25103]  ? __rcu_read_lock+0x37/0x50
[  369.277500][T25103]  __do_fault+0xbc/0x200
[  369.277521][T25103]  handle_mm_fault+0xd9c/0x2c60
[  369.277697][T25103]  do_user_addr_fault+0x630/0x1080
[  369.277788][T25103]  ? do_sync_core+0x39/0x60
[  369.277816][T25103]  exc_page_fault+0x62/0xa0
[  369.277866][T25103]  asm_exc_page_fault+0x26/0x30
[  369.277891][T25103] RIP: 0033:0x7fcecc64fa46
[  369.277922][T25103] Code: 07 0f 87 54 fe ff ff e9 47 fe ff ff 4c 89 fe 48 89 df e8 6d 94 fe ff 48 8b 43 38 44 01 7b 28 4c 29 f8 41 83 e4 06 48 89 43 38 <c6> 00 00 0f 84 35 fe ff ff b8 01 00 00 00 0f 1f 40 00 48 8b 53 38
[  369.277940][T25103] RSP: 002b:00007ffeb3d0ef10 EFLAGS: 00010202
[  369.277960][T25103] RAX: 0000001b34008a78 RBX: 00007fcecd4f5720 RCX: ffffffff8574c82c
[  369.277975][T25103] RDX: 0000001b33a24220 RSI: 0000000000000004 RDI: 00007fcecd4f5720
[  369.277990][T25103] RBP: 0000000000000569 R08: 00007fcecc1d7058 R09: 00007fcecc9b2000
[  369.278004][T25103] R10: 00007fcecc1d7008 R11: 0000000000000004 R12: 0000000000000004
[  369.278065][T25103] R13: 00007fcecc9c6038 R14: 0000000000002b48 R15: 0000000000000004
[  369.278080][T25103]  ? xa_load+0xac/0xe0
[  369.278113][T25103]  </TASK>
[  369.278122][T25103] memory: usage 307200kB, limit 307200kB, failcnt 3873
[  369.491643][T25103] memory+swap: usage 365176kB, limit 9007199254740988kB, failcnt 0
[  369.499612][T25103] kmem: usage 229260kB, limit 9007199254740988kB, failcnt 0
[  369.506979][T25103] Memory cgroup stats for /syz0:
[  369.507416][T25103] cache 79093760
[  369.515965][T25103] rss 348160
[  369.519182][T25103] shmem 9842688
[  369.522659][T25103] mapped_file 0
[  369.526187][T25103] dirty 0
[  369.529141][T25103] writeback 0
[  369.532441][T25103] workingset_refault_anon 3506
[  369.537338][T25103] workingset_refault_file 13933
[  369.542267][T25103] swap 59367424
[  369.545866][T25103] swapcached 368640
[  369.549871][T25103] pgpgin 576333
[  369.553422][T25103] pgpgout 556848
[  369.557060][T25103] pgfault 448909
[  369.560670][T25103] pgmajfault 486
[  369.564238][T25103] inactive_anon 10153984
[  369.568623][T25103] active_anon 393216
[  369.572541][T25103] inactive_file 0
[  369.576312][T25103] active_file 12288
[  369.580157][T25103] unevictable 69251072
[  369.584233][T25103] hierarchical_memory_limit 314572800
[  369.589728][T25103] hierarchical_memsw_limit 9223372036854771712
[  369.595993][T25103] total_cache 79093760
[  369.600074][T25103] total_rss 348160
[  369.603848][T25103] total_shmem 9842688
[  369.607838][T25103] total_mapped_file 0
[  369.611848][T25103] total_dirty 0
[  369.615313][T25103] total_writeback 0
[  369.619160][T25103] total_workingset_refault_anon 3506
[  369.624541][T25103] total_workingset_refault_file 13933
[  369.630041][T25103] total_swap 59367424
[  369.634152][T25103] total_swapcached 368640
[  369.638479][T25103] total_pgpgin 576333
[  369.642475][T25103] total_pgpgout 556848
[  369.646592][T25103] total_pgfault 448909
[  369.650663][T25103] total_pgmajfault 486
[  369.655038][T25103] total_inactive_anon 10153984
[  369.659804][T25103] total_active_anon 393216
[  369.664313][T25103] total_inactive_file 0
[  369.668572][T25103] total_active_file 12288
[  369.672904][T25103] total_unevictable 69251072
[  369.677514][T25103] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.6852,pid=25103,uid=0
[  369.692300][T25103] Memory cgroup out of memory: Killed process 25103 (syz.0.6852) total-vm:96016kB, anon-rss:1268kB, file-rss:22216kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:0
[  369.720785][T25158] SET target dimension over the limit!
[  369.884018][T25178] loop8: detected capacity change from 0 to 512
[  369.904297][T25178] EXT4-fs: Ignoring removed nomblk_io_submit option
[  369.919503][T25178] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  369.952307][T25178] EXT4-fs (loop8): 1 truncate cleaned up
[  369.976420][T25178] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  370.077662][T25196] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6891'.
[  370.100545][T25196] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6891'.
[  370.106082][T25199] netlink: 188 bytes leftover after parsing attributes in process `syz.6.6892'.
[  370.217425][T25195] lo speed is unknown, defaulting to 1000
[  370.227418][T25204] xt_hashlimit: max too large, truncated to 1048576
[  370.356690][T25202] syz.6.6893 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=0
[  370.360423][T14355] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  370.371029][T25202] CPU: 1 UID: 0 PID: 25202 Comm: syz.6.6893 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  370.371067][T25202] Tainted: [W]=WARN
[  370.371075][T25202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  370.371089][T25202] Call Trace:
[  370.371097][T25202]  <TASK>
[  370.371118][T25202]  __dump_stack+0x1d/0x30
[  370.371146][T25202]  dump_stack_lvl+0x95/0xd0
[  370.371178][T25202]  dump_stack+0x15/0x1b
[  370.371200][T25202]  dump_header+0x81/0x240
[  370.371231][T25202]  oom_kill_process+0x295/0x350
[  370.371258][T25202]  out_of_memory+0x97b/0xb80
[  370.371329][T25202]  try_charge_memcg+0x610/0xa10
[  370.371358][T25202]  obj_cgroup_charge_pages+0xa6/0x150
[  370.371390][T25202]  __memcg_kmem_charge_page+0x9f/0x170
[  370.371442][T25202]  __alloc_frozen_pages_noprof+0x18f/0x360
[  370.371476][T25202]  alloc_pages_mpol+0xb3/0x260
[  370.371509][T25202]  alloc_pages_noprof+0x90/0x130
[  370.371566][T25202]  __vmalloc_node_range_noprof+0xa7b/0x1310
[  370.371659][T25202]  __kvmalloc_node_noprof+0x492/0x6b0
[  370.371687][T25202]  ? ip_set_alloc+0x24/0x30
[  370.371719][T25202]  ? ip_set_alloc+0x24/0x30
[  370.371752][T25202]  ip_set_alloc+0x24/0x30
[  370.371844][T25202]  hash_netiface_create+0x282/0x740
[  370.371878][T25202]  ? __pfx_hash_netiface_create+0x10/0x10
[  370.372045][T25202]  ip_set_create+0x3cc/0x970
[  370.372075][T25202]  ? __nla_parse+0x40/0x60
[  370.372104][T25202]  nfnetlink_rcv_msg+0x4c6/0x590
[  370.372135][T25202]  ? cmp_ex_search+0x25/0x40
[  370.372210][T25202]  netlink_rcv_skb+0x123/0x220
[  370.372243][T25202]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  370.372303][T25202]  nfnetlink_rcv+0x167/0x16c0
[  370.372329][T25202]  ? cmp_ex_search+0x25/0x40
[  370.372350][T25202]  ? bsearch+0x95/0xc0
[  370.372451][T25202]  ? search_extable+0x53/0x80
[  370.372472][T25202]  ? rep_movs_alternative+0xf/0x90
[  370.372497][T25202]  ? rep_movs_alternative+0xf/0x90
[  370.372582][T25202]  ? fixup_exception+0x742/0xcf0
[  370.372615][T25202]  ? xas_load+0x413/0x430
[  370.372712][T25202]  ? do_user_addr_fault+0xd9e/0x1080
[  370.372742][T25202]  ? xa_load+0xb1/0xe0
[  370.372815][T25202]  ? kernelmode_fixup_or_oops+0x59/0xb0
[  370.372877][T25202]  ? kernelmode_fixup_or_oops+0x59/0xb0
[  370.372908][T25202]  ? should_fail_ex+0x30/0x280
[  370.372932][T25202]  ? selinux_nlmsg_lookup+0x99/0x890
[  370.373013][T25202]  ? __rcu_read_unlock+0x34/0x70
[  370.373035][T25202]  ? __netlink_lookup+0x266/0x2a0
[  370.373072][T25202]  netlink_unicast+0x5c0/0x690
[  370.373146][T25202]  netlink_sendmsg+0x58b/0x6b0
[  370.373188][T25202]  ? __pfx_netlink_sendmsg+0x10/0x10
[  370.373238][T25202]  __sock_sendmsg+0x145/0x180
[  370.373330][T25202]  ____sys_sendmsg+0x31e/0x4a0
[  370.373391][T25202]  ___sys_sendmsg+0x17b/0x1d0
[  370.373434][T25202]  __x64_sys_sendmsg+0xd4/0x160
[  370.373468][T25202]  x64_sys_call+0x17ba/0x3000
[  370.373536][T25202]  do_syscall_64+0xca/0x2b0
[  370.373572][T25202]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  370.373596][T25202] RIP: 0033:0x7f3f0b61f749
[  370.373614][T25202] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  370.373682][T25202] RSP: 002b:00007f3f0a07f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  370.373705][T25202] RAX: ffffffffffffffda RBX: 00007f3f0b875fa0 RCX: 00007f3f0b61f749
[  370.373719][T25202] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003
[  370.373733][T25202] RBP: 00007f3f0b6a3f91 R08: 0000000000000000 R09: 0000000000000000
[  370.373747][T25202] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  370.373761][T25202] R13: 00007f3f0b876038 R14: 00007f3f0b875fa0 R15: 00007ffcce6e8168
[  370.373781][T25202]  </TASK>
[  370.373789][T25202] memory: usage 307200kB, limit 307200kB, failcnt 66
[  370.748176][T25202] memory+swap: usage 307200kB, limit 9007199254740988kB, failcnt 0
[  370.756253][T25202] kmem: usage 306372kB, limit 9007199254740988kB, failcnt 0
[  370.763512][T25202] Memory cgroup stats for /syz6:
[  370.763701][T25202] cache 262144
[  370.772233][T25202] rss 565248
[  370.775427][T25202] shmem 262144
[  370.778864][T25202] mapped_file 0
[  370.782300][T25202] dirty 0
[  370.785211][T25202] writeback 0
[  370.788502][T25202] workingset_refault_anon 2052
[  370.793242][T25202] workingset_refault_file 0
[  370.797755][T25202] swap 0
[  370.800647][T25202] swapcached 0
[  370.804113][T25202] pgpgin 246325
[  370.807670][T25202] pgpgout 246119
[  370.811237][T25202] pgfault 291189
[  370.814804][T25202] pgmajfault 272
[  370.818355][T25202] inactive_anon 0
[  370.822058][T25202] active_anon 843776
[  370.826042][T25202] inactive_file 0
[  370.829678][T25202] active_file 0
[  370.833131][T25202] unevictable 0
[  370.836563][T25202] hierarchical_memory_limit 314572800
[  370.842007][T25202] hierarchical_memsw_limit 9223372036854771712
[  370.848236][T25202] total_cache 262144
[  370.852206][T25202] total_rss 565248
[  370.855970][T25202] total_shmem 262144
[  370.859946][T25202] total_mapped_file 0
[  370.863930][T25202] total_dirty 0
[  370.867522][T25202] total_writeback 0
[  370.871307][T25202] total_workingset_refault_anon 2052
[  370.876775][T25202] total_workingset_refault_file 0
[  370.881770][T25202] total_swap 0
[  370.885245][T25202] total_swapcached 0
[  370.889153][T25202] total_pgpgin 246325
[  370.893128][T25202] total_pgpgout 246119
[  370.897270][T25202] total_pgfault 291189
[  370.901370][T25202] total_pgmajfault 272
[  370.905443][T25202] total_inactive_anon 0
[  370.909576][T25202] total_active_anon 843776
[  370.914034][T25202] total_inactive_file 0
[  370.918258][T25202] total_active_file 0
[  370.922232][T25202] total_unevictable 0
[  370.926208][T25202] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz6,task_memcg=/syz6,task=syz.6.3646,pid=13844,uid=0
[  370.941112][T25202] Memory cgroup out of memory: Killed process 13844 (syz.6.3646) total-vm:95884kB, anon-rss:1300kB, file-rss:20736kB, shmem-rss:0kB, UID:0 pgtables:100kB oom_score_adj:1000
[  371.490283][T25233] netlink: 'syz.3.6905': attribute type 1 has an invalid length.
[  371.651918][T25238] bond4: (slave vxcan1): The slave device specified does not support setting the MAC address
[  371.662193][T25238] bond4: (slave vxcan1): Setting fail_over_mac to active for active-backup mode
[  371.733453][T25233] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6905'.
[  371.744547][T25238] bond4: (slave vxcan1): making interface the new active one
[  371.754761][T25238] bond4: (slave vxcan1): Enslaving as an active interface with an up link
[  371.799132][T25233] bond4 (unregistering): (slave vxcan1): Releasing backup interface
[  371.807885][T25252] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6913'.
[  371.817842][T25252] netlink: 24 bytes leftover after parsing attributes in process `syz.6.6913'.
[  371.827430][T25233] bond4 (unregistering): Released all slaves
[  372.039331][T25263] loop8: detected capacity change from 0 to 1024
[  372.046347][T25263] EXT4-fs: Ignoring removed nomblk_io_submit option
[  372.067206][T25263] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  372.104782][T25228] lo speed is unknown, defaulting to 1000
[  372.152742][   T29] kauditd_printk_skb: 279 callbacks suppressed
[  372.152761][   T29] audit: type=1326 audit(367.148:21287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25271 comm="syz.6.6920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f0b61f749 code=0x7ffc0000
[  372.182201][   T29] audit: type=1326 audit(367.148:21288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25271 comm="syz.6.6920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f0b61f749 code=0x7ffc0000
[  372.205243][   T29] audit: type=1326 audit(367.148:21289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25271 comm="syz.6.6920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f0b61f749 code=0x7ffc0000
[  372.228698][   T29] audit: type=1326 audit(367.148:21290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25271 comm="syz.6.6920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f3f0b61f749 code=0x7ffc0000
[  372.251724][   T29] audit: type=1326 audit(367.148:21291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25271 comm="syz.6.6920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f0b61f749 code=0x7ffc0000
[  372.274937][   T29] audit: type=1326 audit(367.148:21292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25271 comm="syz.6.6920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f0b61f749 code=0x7ffc0000
[  372.297949][   T29] audit: type=1326 audit(367.148:21294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25271 comm="syz.6.6920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f3f0b61f749 code=0x7ffc0000
[  372.321085][   T29] audit: type=1326 audit(367.148:21295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25271 comm="syz.6.6920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f0b61f749 code=0x7ffc0000
[  372.344094][   T29] audit: type=1326 audit(367.148:21296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25271 comm="syz.6.6920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f0b61f749 code=0x7ffc0000
[  372.367209][   T29] audit: type=1326 audit(367.148:21293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25271 comm="syz.6.6920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f0b61f749 code=0x7ffc0000
[  372.427449][T25263] syz.8.6918 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  372.441662][T25263] CPU: 0 UID: 0 PID: 25263 Comm: syz.8.6918 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  372.441702][T25263] Tainted: [W]=WARN
[  372.441711][T25263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  372.441725][T25263] Call Trace:
[  372.441754][T25263]  <TASK>
[  372.441763][T25263]  __dump_stack+0x1d/0x30
[  372.441789][T25263]  dump_stack_lvl+0x95/0xd0
[  372.441814][T25263]  dump_stack+0x15/0x1b
[  372.441839][T25263]  dump_header+0x81/0x240
[  372.441867][T25263]  oom_kill_process+0x295/0x350
[  372.441937][T25263]  out_of_memory+0x97b/0xb80
[  372.441960][T25263]  try_charge_memcg+0x610/0xa10
[  372.442020][T25263]  obj_cgroup_charge_pages+0xa6/0x150
[  372.442085][T25263]  __memcg_kmem_charge_page+0x9f/0x170
[  372.442116][T25263]  __alloc_frozen_pages_noprof+0x18f/0x360
[  372.442270][T25263]  alloc_pages_mpol+0xb3/0x260
[  372.442300][T25263]  alloc_pages_noprof+0x90/0x130
[  372.442360][T25263]  __vmalloc_node_range_noprof+0xa7b/0x1310
[  372.442475][T25263]  __kvmalloc_node_noprof+0x492/0x6b0
[  372.442508][T25263]  ? ip_set_alloc+0x24/0x30
[  372.442545][T25263]  ? ip_set_alloc+0x24/0x30
[  372.442619][T25263]  ip_set_alloc+0x24/0x30
[  372.442650][T25263]  hash_netiface_create+0x282/0x740
[  372.442733][T25263]  ? __pfx_hash_netiface_create+0x10/0x10
[  372.442766][T25263]  ip_set_create+0x3cc/0x970
[  372.442798][T25263]  ? __nla_parse+0x40/0x60
[  372.442832][T25263]  nfnetlink_rcv_msg+0x4c6/0x590
[  372.442947][T25263]  ? __rb_reserve_next+0x43e/0x6f0
[  372.443072][T25263]  netlink_rcv_skb+0x123/0x220
[  372.443222][T25263]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  372.443264][T25263]  nfnetlink_rcv+0x167/0x16c0
[  372.443299][T25263]  ? xas_load+0x405/0x430
[  372.443391][T25263]  ? xas_load+0x405/0x430
[  372.443421][T25263]  ? folio_mark_accessed+0x236/0x3a0
[  372.443456][T25263]  ? find_get_block_common+0x6de/0x8e0
[  372.443497][T25263]  ? should_fail_ex+0x30/0x280
[  372.443592][T25263]  ? selinux_nlmsg_lookup+0x99/0x890
[  372.443622][T25263]  ? __rcu_read_unlock+0x34/0x70
[  372.443647][T25263]  ? __netlink_lookup+0x266/0x2a0
[  372.443725][T25263]  netlink_unicast+0x5c0/0x690
[  372.443762][T25263]  netlink_sendmsg+0x58b/0x6b0
[  372.443802][T25263]  ? __pfx_netlink_sendmsg+0x10/0x10
[  372.443892][T25263]  __sock_sendmsg+0x145/0x180
[  372.443919][T25263]  ____sys_sendmsg+0x31e/0x4a0
[  372.443970][T25263]  ___sys_sendmsg+0x17b/0x1d0
[  372.444034][T25263]  __x64_sys_sendmsg+0xd4/0x160
[  372.444079][T25263]  x64_sys_call+0x17ba/0x3000
[  372.444106][T25263]  do_syscall_64+0xca/0x2b0
[  372.444194][T25263]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  372.444219][T25263] RIP: 0033:0x7f26608df749
[  372.444239][T25263] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  372.444262][T25263] RSP: 002b:00007f265f33f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  372.444348][T25263] RAX: ffffffffffffffda RBX: 00007f2660b35fa0 RCX: 00007f26608df749
[  372.444364][T25263] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000004
[  372.444379][T25263] RBP: 00007f2660963f91 R08: 0000000000000000 R09: 0000000000000000
[  372.444405][T25263] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  372.444420][T25263] R13: 00007f2660b36038 R14: 00007f2660b35fa0 R15: 00007ffdd3983158
[  372.444523][T25263]  </TASK>
[  372.768969][T25263] memory: usage 307200kB, limit 307200kB, failcnt 1213
[  372.775857][T25263] memory+swap: usage 307328kB, limit 9007199254740988kB, failcnt 0
[  372.783862][T25263] kmem: usage 238800kB, limit 9007199254740988kB, failcnt 0
[  372.791174][T25263] Memory cgroup stats for /syz8:
[  372.981357][T25263] cache 69799936
[  372.989954][T25263] rss 212992
[  372.993166][T25263] shmem 69771264
[  372.996791][T25263] mapped_file 0
[  373.000317][T25263] dirty 0
[  373.003350][T25263] writeback 0
[  373.006637][T25263] workingset_refault_anon 3230
[  373.011426][T25263] workingset_refault_file 0
[  373.016089][T25263] swap 131072
[  373.019417][T25263] swapcached 32768
[  373.023464][T25263] pgpgin 171571
[  373.026945][T25263] pgpgout 154469
[  373.030510][T25263] pgfault 175890
[  373.034379][T25263] pgmajfault 495
[  373.038013][T25263] inactive_anon 70004736
[  373.042475][T25263] active_anon 12288
[  373.046297][T25263] inactive_file 20480
[  373.050296][T25263] active_file 12288
[  373.054389][T25263] unevictable 0
[  373.057869][T25263] hierarchical_memory_limit 314572800
[  373.063318][T25263] hierarchical_memsw_limit 9223372036854771712
[  373.069531][T25263] total_cache 69799936
[  373.073614][T25263] total_rss 212992
[  373.077501][T25263] total_shmem 69771264
[  373.081585][T25263] total_mapped_file 0
[  373.085651][T25263] total_dirty 0
[  373.089118][T25263] total_writeback 0
[  373.092939][T25263] total_workingset_refault_anon 3230
[  373.098367][T25263] total_workingset_refault_file 0
[  373.103415][T25263] total_swap 131072
[  373.107250][T25263] total_swapcached 32768
[  373.111592][T25263] total_pgpgin 171571
[  373.115636][T25263] total_pgpgout 154469
[  373.120098][T25263] total_pgfault 175890
[  373.124267][T25263] total_pgmajfault 495
[  373.128421][T25263] total_inactive_anon 70004736
[  373.133247][T25263] total_active_anon 12288
[  373.137643][T25263] total_inactive_file 20480
[  373.142187][T25263] total_active_file 12288
[  373.147006][T25263] total_unevictable 0
[  373.151026][T25263] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz8,task_memcg=/syz8,task=syz.8.6918,pid=25262,uid=0
[  373.166024][T25263] Memory cgroup out of memory: Killed process 25262 (syz.8.6918) total-vm:96148kB, anon-rss:1264kB, file-rss:22316kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  373.235326][T14355] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  373.314108][T25280] netlink: 24 bytes leftover after parsing attributes in process `syz.8.6922'.
[  373.357752][T25284] netlink: 24 bytes leftover after parsing attributes in process `syz.2.6924'.
[  373.379112][T25280] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=25280 comm=syz.8.6922
[  373.458837][T25286] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6926'.
[  373.499918][T25286] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6926'.
[  374.177711][T25318] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6940'.
[  374.219737][T25318] lo speed is unknown, defaulting to 1000
[  374.243526][T25322] netlink: 660 bytes leftover after parsing attributes in process `syz.2.6942'.
[  374.298715][T25324] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6943'.
[  374.372241][T25329] netlink: 'syz.2.6945': attribute type 10 has an invalid length.
[  374.382937][T25329] netlink: 'syz.2.6945': attribute type 10 has an invalid length.
[  374.438555][T25333] netem: change failed
[  375.334720][T25349] loop8: detected capacity change from 0 to 1024
[  375.418632][T25349] EXT4-fs (loop8): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  375.448408][T25349] EXT4-fs error (device loop8): ext4_validate_block_bitmap:441: comm syz.8.6954: bg 0: block 112: padding at end of block bitmap is not set
[  375.480312][T25349] EXT4-fs error (device loop8): ext4_map_blocks:825: inode #15: block 3: comm syz.8.6954: lblock 3 mapped to illegal pblock 3 (length 1)
[  375.511512][T25349] EXT4-fs error (device loop8): ext4_ext_remove_space:2955: inode #15: comm syz.8.6954: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  375.565541][T14355] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  375.840815][T25375] SET target dimension over the limit!
[  376.258335][T25396] io-wq is not configured for unbound workers
[  376.490964][T25409] SET target dimension over the limit!
[  377.500404][   T29] kauditd_printk_skb: 257 callbacks suppressed
[  377.500456][   T29] audit: type=1326 audit(372.163:21554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25441 comm="syz.2.6991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe83e7f65e7 code=0x7ffc0000
[  377.557598][   T29] audit: type=1326 audit(372.163:21555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25441 comm="syz.2.6991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe83e79b829 code=0x7ffc0000
[  377.581068][   T29] audit: type=1326 audit(372.163:21556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25441 comm="syz.2.6991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7fe83e7ff749 code=0x7ffc0000
[  377.604743][   T29] audit: type=1326 audit(372.163:21557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25441 comm="syz.2.6991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe83e7f65e7 code=0x7ffc0000
[  377.628044][   T29] audit: type=1326 audit(372.163:21558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25441 comm="syz.2.6991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe83e79b829 code=0x7ffc0000
[  377.651089][   T29] audit: type=1326 audit(372.163:21559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25441 comm="syz.2.6991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7fe83e7ff749 code=0x7ffc0000
[  377.674274][   T29] audit: type=1326 audit(372.163:21560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25441 comm="syz.2.6991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe83e7f65e7 code=0x7ffc0000
[  377.697360][   T29] audit: type=1326 audit(372.163:21561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25441 comm="syz.2.6991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe83e79b829 code=0x7ffc0000
[  377.720474][   T29] audit: type=1326 audit(372.163:21562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25441 comm="syz.2.6991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7fe83e7ff749 code=0x7ffc0000
[  377.743648][   T29] audit: type=1326 audit(372.191:21563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25441 comm="syz.2.6991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe83e7f65e7 code=0x7ffc0000
[  378.452371][T25537] vlan0: entered allmulticast mode
[  378.457543][T25537] bridge_slave_0: entered allmulticast mode
[  379.229615][T25555] __nla_validate_parse: 7 callbacks suppressed
[  379.229635][T25555] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7015'.
[  379.273139][T25557] lo speed is unknown, defaulting to 1000
[  380.525931][T25611] netlink: 7 bytes leftover after parsing attributes in process `syz.6.7038'.
[  380.566883][T25611] netlink: 60 bytes leftover after parsing attributes in process `syz.6.7038'.
[  380.575937][T25611] netlink: 60 bytes leftover after parsing attributes in process `syz.6.7038'.
[  380.626306][T25611] netlink: 7 bytes leftover after parsing attributes in process `syz.6.7038'.
[  380.636466][T25611] netlink: 60 bytes leftover after parsing attributes in process `syz.6.7038'.
[  380.645500][T25611] netlink: 60 bytes leftover after parsing attributes in process `syz.6.7038'.
[  380.688649][T25611] netlink: 7 bytes leftover after parsing attributes in process `syz.6.7038'.
[  380.699149][T25611] netlink: 60 bytes leftover after parsing attributes in process `syz.6.7038'.
[  380.708375][T25611] netlink: 60 bytes leftover after parsing attributes in process `syz.6.7038'.
[  380.741484][T25632] xt_hashlimit: max too large, truncated to 1048576
[  380.926142][T25649] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  381.371226][T25675] loop8: detected capacity change from 0 to 512
[  381.388097][T25675] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  381.519702][T14355] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  382.184149][T25682] syz.2.7064 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=0
[  382.198321][T25682] CPU: 1 UID: 0 PID: 25682 Comm: syz.2.7064 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  382.198361][T25682] Tainted: [W]=WARN
[  382.198370][T25682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  382.198395][T25682] Call Trace:
[  382.198404][T25682]  <TASK>
[  382.198412][T25682]  __dump_stack+0x1d/0x30
[  382.198439][T25682]  dump_stack_lvl+0x95/0xd0
[  382.198461][T25682]  dump_stack+0x15/0x1b
[  382.198565][T25682]  dump_header+0x81/0x240
[  382.198590][T25682]  oom_kill_process+0x295/0x350
[  382.198642][T25682]  out_of_memory+0x97b/0xb80
[  382.198666][T25682]  try_charge_memcg+0x610/0xa10
[  382.198772][T25682]  obj_cgroup_charge_pages+0xa6/0x150
[  382.198896][T25682]  __memcg_kmem_charge_page+0x9f/0x170
[  382.198979][T25682]  __alloc_frozen_pages_noprof+0x18f/0x360
[  382.199014][T25682]  alloc_pages_mpol+0xb3/0x260
[  382.199044][T25682]  alloc_pages_noprof+0x90/0x130
[  382.199125][T25682]  __vmalloc_node_range_noprof+0xa7b/0x1310
[  382.199188][T25682]  __kvmalloc_node_noprof+0x492/0x6b0
[  382.199214][T25682]  ? ip_set_alloc+0x24/0x30
[  382.199249][T25682]  ? ip_set_alloc+0x24/0x30
[  382.199317][T25682]  ? __kmalloc_cache_noprof+0x3e5/0x4c0
[  382.199415][T25682]  ip_set_alloc+0x24/0x30
[  382.199449][T25682]  hash_netiface_create+0x282/0x740
[  382.199491][T25682]  ? __pfx_hash_netiface_create+0x10/0x10
[  382.199538][T25682]  ip_set_create+0x3cc/0x970
[  382.199565][T25682]  ? __nla_parse+0x40/0x60
[  382.199594][T25682]  nfnetlink_rcv_msg+0x4c6/0x590
[  382.199666][T25682]  netlink_rcv_skb+0x123/0x220
[  382.199695][T25682]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  382.199799][T25682]  nfnetlink_rcv+0x167/0x16c0
[  382.199832][T25682]  ? search_extable+0x53/0x80
[  382.199916][T25682]  ? strncpy_from_user+0x183/0x260
[  382.199956][T25682]  ? fixup_exception+0x742/0xcf0
[  382.200059][T25682]  ? __rcu_read_unlock+0x4f/0x70
[  382.200086][T25682]  ? do_user_addr_fault+0xd9e/0x1080
[  382.200159][T25682]  ? xas_load+0x413/0x430
[  382.200226][T25682]  ? kernelmode_fixup_or_oops+0x59/0xb0
[  382.200256][T25682]  ? kernelmode_fixup_or_oops+0x59/0xb0
[  382.200329][T25682]  ? strncpy_from_user+0x111/0x260
[  382.200371][T25682]  ? should_fail_ex+0x30/0x280
[  382.200397][T25682]  ? selinux_nlmsg_lookup+0x99/0x890
[  382.200423][T25682]  ? __rcu_read_unlock+0x34/0x70
[  382.200503][T25682]  ? __netlink_lookup+0x266/0x2a0
[  382.200539][T25682]  netlink_unicast+0x5c0/0x690
[  382.200574][T25682]  netlink_sendmsg+0x58b/0x6b0
[  382.200746][T25682]  ? __pfx_netlink_sendmsg+0x10/0x10
[  382.200836][T25682]  __sock_sendmsg+0x145/0x180
[  382.200857][T25682]  ____sys_sendmsg+0x31e/0x4a0
[  382.200969][T25682]  ___sys_sendmsg+0x17b/0x1d0
[  382.201036][T25682]  __x64_sys_sendmsg+0xd4/0x160
[  382.201075][T25682]  x64_sys_call+0x17ba/0x3000
[  382.201104][T25682]  do_syscall_64+0xca/0x2b0
[  382.201160][T25682]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  382.201188][T25682] RIP: 0033:0x7fe83e7ff749
[  382.201209][T25682] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  382.201232][T25682] RSP: 002b:00007fe83d267038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  382.201254][T25682] RAX: ffffffffffffffda RBX: 00007fe83ea55fa0 RCX: 00007fe83e7ff749
[  382.201327][T25682] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003
[  382.201343][T25682] RBP: 00007fe83e883f91 R08: 0000000000000000 R09: 0000000000000000
[  382.201360][T25682] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  382.201377][T25682] R13: 00007fe83ea56038 R14: 00007fe83ea55fa0 R15: 00007ffebbcdda68
[  382.201398][T25682]  </TASK>
[  382.201461][T25682] memory: usage 307200kB, limit 307200kB, failcnt 7134
[  382.526137][T25703] loop8: detected capacity change from 0 to 1024
[  382.529521][T25682] memory+swap: usage 307460kB, limit 9007199254740988kB, failcnt 0
[  382.538767][T25703] EXT4-fs: Ignoring removed orlov option
[  382.545668][T25682] kmem: usage 306936kB, limit 9007199254740988kB, failcnt 0
[  382.565983][T25703] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  382.570023][T25682] Memory cgroup stats for /syz2:
[  382.610154][T25682] cache 65536
[  382.618593][T25682] rss 204800
[  382.621954][T25682] shmem 65536
[  382.625321][T25682] mapped_file 0
[  382.629094][T25682] dirty 0
[  382.632106][T25682] writeback 0
[  382.635397][T25682] workingset_refault_anon 5209
[  382.640132][T25682] workingset_refault_file 3972
[  382.644967][T25682] swap 266240
[  382.648305][T25682] swapcached 0
[  382.651756][T25682] pgpgin 614897
[  382.655304][T25682] pgpgout 614831
[  382.659027][T25682] pgfault 553700
[  382.662946][T25682] pgmajfault 819
[  382.666530][T25682] inactive_anon 0
[  382.670174][T25682] active_anon 270336
[  382.674119][T25682] inactive_file 0
[  382.677758][T25682] active_file 0
[  382.681247][T25682] unevictable 0
[  382.684848][T25682] hierarchical_memory_limit 314572800
[  382.690315][T25682] hierarchical_memsw_limit 9223372036854771712
[  382.696527][T25682] total_cache 65536
[  382.700352][T25682] total_rss 204800
[  382.704086][T25682] total_shmem 65536
[  382.708193][T25682] total_mapped_file 0
[  382.712199][T25682] total_dirty 0
[  382.715767][T25682] total_writeback 0
[  382.719719][T25682] total_workingset_refault_anon 5209
[  382.725109][T25682] total_workingset_refault_file 3972
[  382.730608][T25682] total_swap 266240
[  382.734422][T25682] total_swapcached 0
[  382.738365][T25682] total_pgpgin 614897
[  382.742367][T25682] total_pgpgout 614831
[  382.746469][T25682] total_pgfault 553700
[  382.750745][T25682] total_pgmajfault 819
[  382.755012][T25682] total_inactive_anon 0
[  382.759224][T25682] total_active_anon 270336
[  382.763823][T25682] total_inactive_file 0
[  382.768336][T25682] total_active_file 0
[  382.772373][T25682] total_unevictable 0
[  382.776484][T25682] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.7064,pid=25677,uid=0
[  382.791510][T25682] Memory cgroup out of memory: Killed process 25677 (syz.2.7064) total-vm:96016kB, anon-rss:1264kB, file-rss:22220kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:0
[  382.999410][   T29] kauditd_printk_skb: 159 callbacks suppressed
[  382.999430][   T29] audit: type=1326 audit(377.299:21723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25719 comm="syz.6.7079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f0b61f749 code=0x7ffc0000
[  383.061947][   T29] audit: type=1326 audit(377.299:21724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25719 comm="syz.6.7079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f0b61f749 code=0x7ffc0000
[  383.085415][   T29] audit: type=1326 audit(377.336:21725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25719 comm="syz.6.7079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f3f0b61f749 code=0x7ffc0000
[  383.109731][   T29] audit: type=1326 audit(377.336:21726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25719 comm="syz.6.7079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f0b61f749 code=0x7ffc0000
[  383.145126][T14355] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  383.242676][   T29] audit: type=1326 audit(377.523:21727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25733 comm="syz.0.7084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcecc76f749 code=0x7ffc0000
[  383.265736][   T29] audit: type=1326 audit(377.523:21728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25733 comm="syz.0.7084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcecc76f749 code=0x7ffc0000
[  383.289295][   T29] audit: type=1326 audit(377.523:21729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25733 comm="syz.0.7084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7fcecc76f749 code=0x7ffc0000
[  383.312565][   T29] audit: type=1326 audit(377.523:21730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25733 comm="syz.0.7084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcecc76f749 code=0x7ffc0000
[  383.336225][   T29] audit: type=1326 audit(377.523:21731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25733 comm="syz.0.7084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcecc76f749 code=0x7ffc0000
[  383.359599][   T29] audit: type=1326 audit(377.523:21732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25733 comm="syz.0.7084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=440 compat=0 ip=0x7fcecc76f749 code=0x7ffc0000
[  383.553681][T25756] lo speed is unknown, defaulting to 1000
[  384.943456][T25826] lo speed is unknown, defaulting to 1000
[  385.041504][T25835] loop8: detected capacity change from 0 to 128
[  385.107137][T25837] lo speed is unknown, defaulting to 1000
[  385.293045][T25848] __nla_validate_parse: 30 callbacks suppressed
[  385.293062][T25848] netlink: 40 bytes leftover after parsing attributes in process `syz.3.7124'.
[  385.349641][T25848] ip6gre5: entered promiscuous mode
[  385.354923][T25848] ip6gre5: entered allmulticast mode
[  385.448312][T25853] netlink: 16 bytes leftover after parsing attributes in process `syz.0.7126'.
[  386.861462][T25910] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7149'.
[  386.879804][T25910] team1: entered promiscuous mode
[  386.885325][T25910] team1: entered allmulticast mode
[  386.891501][T25910] 8021q: adding VLAN 0 to HW filter on device team1
[  387.067294][T25922] netlink: 12 bytes leftover after parsing attributes in process `syz.6.7155'.
[  387.070834][T25923] netlink: 20 bytes leftover after parsing attributes in process `syz.3.7154'.
[  387.106752][T25925] loop8: detected capacity change from 0 to 1024
[  387.128209][T25925] EXT4-fs: Ignoring removed orlov option
[  387.141934][T25925] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  387.159803][T25933] netlink: 'syz.0.7160': attribute type 1 has an invalid length.
[  387.178406][T25933] 8021q: adding VLAN 0 to HW filter on device bond1
[  387.196994][T25933] bond1: up delay (35976) is not a multiple of miimon (100), value rounded to 35900 ms
[  387.207385][T25933] bond1: entered allmulticast mode
[  387.223940][T25933] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  387.270099][T14355] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  387.283128][T25942] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7165'.
[  387.305670][T25942] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7165'.
[  387.754432][T25955] netlink: 20 bytes leftover after parsing attributes in process `syz.2.7169'.
[  388.460500][T25985] pim6reg1: entered promiscuous mode
[  388.465854][T25985] pim6reg1: entered allmulticast mode
[  389.022961][T26008] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7188'.
[  389.071476][T26008] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7188'.
[  389.108099][T26010] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=26010 comm=syz.3.7189
[  389.154569][T26014] 0ªî{X¹¦: renamed from gretap0
[  389.163072][T26014] 0ªî{X¹¦: entered allmulticast mode
[  389.180487][T26014] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  389.323487][   T29] kauditd_printk_skb: 875 callbacks suppressed
[  389.323506][   T29] audit: type=1326 audit(383.220:22608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26019 comm="syz.3.7193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ca694f749 code=0x7ffc0000
[  389.366576][T26027] loop8: detected capacity change from 0 to 512
[  389.389278][   T29] audit: type=1326 audit(383.248:22609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26019 comm="syz.3.7193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f2ca694f749 code=0x7ffc0000
[  389.412604][   T29] audit: type=1326 audit(383.248:22610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26019 comm="syz.3.7193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ca694f749 code=0x7ffc0000
[  389.435626][   T29] audit: type=1326 audit(383.248:22611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26019 comm="syz.3.7193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2ca694f749 code=0x7ffc0000
[  389.458658][   T29] audit: type=1326 audit(383.248:22612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26019 comm="syz.3.7193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ca694f749 code=0x7ffc0000
[  389.481874][   T29] audit: type=1326 audit(383.248:22613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26019 comm="syz.3.7193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ca694f749 code=0x7ffc0000
[  389.490198][T26027] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  389.505085][   T29] audit: type=1326 audit(383.248:22614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26019 comm="syz.3.7193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=71 compat=0 ip=0x7f2ca694f749 code=0x7ffc0000
[  389.536681][   T29] audit: type=1326 audit(383.248:22615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26019 comm="syz.3.7193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ca694f749 code=0x7ffc0000
[  389.559672][   T29] audit: type=1326 audit(383.248:22616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26019 comm="syz.3.7193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ca694f749 code=0x7ffc0000
[  389.657488][T26027] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  389.875588][   T29] audit: type=1400 audit(383.735:22617): avc:  denied  { ioctl } for  pid=26026 comm="syz.8.7196" path="/627/bus/file1" dev="loop8" ino=15 ioctlcmd=0x660f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  389.925335][T14355] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  389.988934][T26040] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=26040 comm=syz.8.7201
[  390.280039][T26058] netlink: zone id is out of range
[  390.285226][T26058] netlink: zone id is out of range
[  390.301160][T26058] netlink: zone id is out of range
[  390.306485][T26058] netlink: zone id is out of range
[  390.314333][T26058] netlink: zone id is out of range
[  390.326857][T26058] netlink: zone id is out of range
[  390.332385][T26058] netlink: del zone limit has 8 unknown bytes
[  390.488907][T26071] veth24: entered promiscuous mode
[  390.494225][T26071] veth24: entered allmulticast mode
[  390.902557][T26080] syz.0.7219 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=0
[  390.916646][T26080] CPU: 0 UID: 0 PID: 26080 Comm: syz.0.7219 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  390.916682][T26080] Tainted: [W]=WARN
[  390.916691][T26080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  390.916707][T26080] Call Trace:
[  390.916716][T26080]  <TASK>
[  390.916785][T26080]  __dump_stack+0x1d/0x30
[  390.916812][T26080]  dump_stack_lvl+0x95/0xd0
[  390.916835][T26080]  dump_stack+0x15/0x1b
[  390.916856][T26080]  dump_header+0x81/0x240
[  390.916938][T26080]  oom_kill_process+0x295/0x350
[  390.916969][T26080]  out_of_memory+0x97b/0xb80
[  390.917030][T26080]  try_charge_memcg+0x610/0xa10
[  390.917064][T26080]  obj_cgroup_charge_pages+0xa6/0x150
[  390.917098][T26080]  __memcg_kmem_charge_page+0x9f/0x170
[  390.917241][T26080]  __alloc_frozen_pages_noprof+0x18f/0x360
[  390.917290][T26080]  alloc_pages_mpol+0xb3/0x260
[  390.917388][T26080]  alloc_pages_noprof+0x90/0x130
[  390.917460][T26080]  __vmalloc_node_range_noprof+0xa7b/0x1310
[  390.917520][T26080]  __kvmalloc_node_noprof+0x492/0x6b0
[  390.917547][T26080]  ? ip_set_alloc+0x24/0x30
[  390.917588][T26080]  ? ip_set_alloc+0x24/0x30
[  390.917686][T26080]  ip_set_alloc+0x24/0x30
[  390.917721][T26080]  hash_netiface_create+0x282/0x740
[  390.917765][T26080]  ? __pfx_hash_netiface_create+0x10/0x10
[  390.917821][T26080]  ip_set_create+0x3cc/0x970
[  390.917849][T26080]  ? __nla_parse+0x40/0x60
[  390.917883][T26080]  nfnetlink_rcv_msg+0x4c6/0x590
[  390.917979][T26080]  ? __rcu_read_unlock+0x4f/0x70
[  390.918017][T26080]  netlink_rcv_skb+0x123/0x220
[  390.918055][T26080]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  390.918140][T26080]  nfnetlink_rcv+0x167/0x16c0
[  390.918228][T26080]  ? trace_event_buffer_commit+0x196/0x5c0
[  390.918283][T26080]  ? trace_event_raw_event_bpf_trace_printk+0xe6/0x160
[  390.918312][T26080]  ? trace_event_reg+0xe0/0x190
[  390.918342][T26080]  ? perf_trace_add+0x176/0x1a0
[  390.918374][T26080]  ? event_sched_in+0x675/0x750
[  390.918425][T26080]  ? __rcu_read_unlock+0x4f/0x70
[  390.918446][T26080]  ? bpf_trace_run3+0x12c/0x1e0
[  390.918511][T26080]  ? should_fail_ex+0x30/0x280
[  390.918539][T26080]  ? selinux_nlmsg_lookup+0x99/0x890
[  390.918596][T26080]  ? __rcu_read_unlock+0x34/0x70
[  390.918643][T26080]  ? __netlink_lookup+0x266/0x2a0
[  390.918717][T26080]  netlink_unicast+0x5c0/0x690
[  390.918800][T26080]  netlink_sendmsg+0x58b/0x6b0
[  390.918836][T26080]  ? __pfx_netlink_sendmsg+0x10/0x10
[  390.918876][T26080]  __sock_sendmsg+0x145/0x180
[  390.918897][T26080]  ____sys_sendmsg+0x31e/0x4a0
[  390.918992][T26080]  ___sys_sendmsg+0x17b/0x1d0
[  390.919046][T26080]  __x64_sys_sendmsg+0xd4/0x160
[  390.919078][T26080]  x64_sys_call+0x17ba/0x3000
[  390.919105][T26080]  do_syscall_64+0xca/0x2b0
[  390.919191][T26080]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  390.919214][T26080] RIP: 0033:0x7fcecc76f749
[  390.919250][T26080] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  390.919272][T26080] RSP: 002b:00007fcecb1cf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  390.919293][T26080] RAX: ffffffffffffffda RBX: 00007fcecc9c5fa0 RCX: 00007fcecc76f749
[  390.919386][T26080] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000005
[  390.919399][T26080] RBP: 00007fcecc7f3f91 R08: 0000000000000000 R09: 0000000000000000
[  390.919414][T26080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  390.919427][T26080] R13: 00007fcecc9c6038 R14: 00007fcecc9c5fa0 R15: 00007ffeb3d0ee68
[  390.919495][T26080]  </TASK>
[  390.919504][T26080] memory: usage 307200kB, limit 307200kB, failcnt 4265
[  391.269958][T26080] memory+swap: usage 365172kB, limit 9007199254740988kB, failcnt 0
[  391.277881][T26080] kmem: usage 229248kB, limit 9007199254740988kB, failcnt 0
[  391.285371][T26080] Memory cgroup stats for /syz0:
[  391.376129][T26093] __nla_validate_parse: 6 callbacks suppressed
[  391.376205][T26093] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7224'.
[  391.396551][T26093] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7224'.
[  391.428020][T26080] cache 79101952
[  391.431752][T26080] rss 360448
[  391.434966][T26080] shmem 9842688
[  391.438496][T26080] mapped_file 4096
[  391.442225][T26080] dirty 0
[  391.445171][T26080] writeback 0
[  391.448550][T26080] workingset_refault_anon 3507
[  391.453461][T26080] workingset_refault_file 14319
[  391.458321][T26080] swap 59363328
[  391.461811][T26080] swapcached 348160
[  391.465635][T26080] pgpgin 589687
[  391.469110][T26080] pgpgout 570199
[  391.472694][T26080] pgfault 464981
[  391.476246][T26080] pgmajfault 489
[  391.479851][T26080] inactive_anon 401408
[  391.484110][T26080] active_anon 10149888
[  391.488429][T26080] inactive_file 0
[  391.492096][T26080] active_file 20480
[  391.496021][T26080] unevictable 69251072
[  391.500111][T26080] hierarchical_memory_limit 314572800
[  391.505578][T26080] hierarchical_memsw_limit 9223372036854771712
[  391.511841][T26080] total_cache 79101952
[  391.515966][T26080] total_rss 360448
[  391.519702][T26080] total_shmem 9842688
[  391.523851][T26080] total_mapped_file 4096
[  391.528212][T26080] total_dirty 0
[  391.531692][T26080] total_writeback 0
[  391.535552][T26080] total_workingset_refault_anon 3507
[  391.540852][T26080] total_workingset_refault_file 14319
[  391.546327][T26080] total_swap 59363328
[  391.550324][T26080] total_swapcached 348160
[  391.554811][T26080] total_pgpgin 589687
[  391.558824][T26080] total_pgpgout 570199
[  391.562909][T26080] total_pgfault 464981
[  391.567054][T26080] total_pgmajfault 489
[  391.571215][T26080] total_inactive_anon 401408
[  391.575831][T26080] total_active_anon 10149888
[  391.580466][T26080] total_inactive_file 0
[  391.584631][T26080] total_active_file 20480
[  391.589007][T26080] total_unevictable 69251072
[  391.593637][T26080] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.7219,pid=26079,uid=0
[  391.608413][T26080] Memory cgroup out of memory: Killed process 26079 (syz.0.7219) total-vm:93968kB, anon-rss:1268kB, file-rss:22184kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:0
[  391.733514][T26103] syz.6.7227 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  391.740312][T26107] veth0: entered promiscuous mode
[  391.743510][T26103] CPU: 1 UID: 0 PID: 26103 Comm: syz.6.7227 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  391.743546][T26103] Tainted: [W]=WARN
[  391.743554][T26103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  391.743591][T26103] Call Trace:
[  391.743598][T26103]  <TASK>
[  391.743607][T26103]  __dump_stack+0x1d/0x30
[  391.743640][T26103]  dump_stack_lvl+0x95/0xd0
[  391.743731][T26103]  dump_stack+0x15/0x1b
[  391.743754][T26103]  dump_header+0x81/0x240
[  391.743778][T26103]  oom_kill_process+0x295/0x350
[  391.743804][T26103]  out_of_memory+0x97b/0xb80
[  391.743872][T26103]  try_charge_memcg+0x610/0xa10
[  391.743902][T26103]  charge_memcg+0x51/0xc0
[  391.743936][T26103]  __mem_cgroup_charge+0x28/0xb0
[  391.744024][T26103]  handle_mm_fault+0xf16/0x2c60
[  391.744130][T26103]  ? _raw_spin_lock+0x52/0xa0
[  391.744155][T26103]  ? __pte_offset_map_lock+0x1d9/0x240
[  391.744190][T26103]  __get_user_pages+0x1024/0x1ed0
[  391.744234][T26103]  __mm_populate+0x243/0x3a0
[  391.744326][T26103]  vm_mmap_pgoff+0x232/0x2e0
[  391.744353][T26103]  ksys_mmap_pgoff+0xc2/0x310
[  391.744403][T26103]  ? __x64_sys_mmap+0x49/0x70
[  391.744455][T26103]  x64_sys_call+0x16bb/0x3000
[  391.744481][T26103]  do_syscall_64+0xca/0x2b0
[  391.744552][T26103]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  391.744593][T26103] RIP: 0033:0x7f3f0b61f749
[  391.744611][T26103] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  391.744631][T26103] RSP: 002b:00007f3f0a03d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  391.744654][T26103] RAX: ffffffffffffffda RBX: 00007f3f0b876180 RCX: 00007f3f0b61f749
[  391.744747][T26103] RDX: 0000000003000003 RSI: 0000000000b36000 RDI: 0000200000000000
[  391.744761][T26103] RBP: 00007f3f0b6a3f91 R08: ffffffffffffffff R09: 0000000000000000
[  391.744776][T26103] R10: 0000000004008032 R11: 0000000000000246 R12: 0000000000000000
[  391.744790][T26103] R13: 00007f3f0b876218 R14: 00007f3f0b876180 R15: 00007ffcce6e8168
[  391.744818][T26103]  </TASK>
[  391.744827][T26103] memory: usage 307200kB, limit 307200kB, failcnt 159
[  391.748619][T26107] veth0: entered allmulticast mode
[  391.760139][T26103] memory+swap: usage 307200kB, limit 9007199254740988kB, failcnt 0
[  391.972786][T26103] kmem: usage 270040kB, limit 9007199254740988kB, failcnt 0
[  391.980214][T26103] Memory cgroup stats for /syz6:
[  391.990142][T26103] cache 262144
[  391.999288][T26103] rss 10338304
[  392.002977][T26103] shmem 262144
[  392.006634][T26103] mapped_file 0
[  392.010336][T26103] dirty 0
[  392.013288][T26103] writeback 0
[  392.016615][T26103] workingset_refault_anon 2052
[  392.021479][T26103] workingset_refault_file 0
[  392.026008][T26103] swap 0
[  392.028908][T26103] swapcached 0
[  392.032347][T26103] pgpgin 261526
[  392.035911][T26103] pgpgout 258934
[  392.039648][T26103] pgfault 316105
[  392.043218][T26103] pgmajfault 272
[  392.046802][T26103] inactive_anon 0
[  392.050505][T26103] active_anon 10616832
[  392.054584][T26103] inactive_file 0
[  392.058240][T26103] active_file 0
[  392.061911][T26103] unevictable 0
[  392.065391][T26103] hierarchical_memory_limit 314572800
[  392.070802][T26103] hierarchical_memsw_limit 9223372036854771712
[  392.077028][T26103] total_cache 262144
[  392.080955][T26103] total_rss 10338304
[  392.084962][T26103] total_shmem 262144
[  392.089045][T26103] total_mapped_file 0
[  392.093133][T26103] total_dirty 0
[  392.096690][T26103] total_writeback 0
[  392.100675][T26103] total_workingset_refault_anon 2052
[  392.106008][T26103] total_workingset_refault_file 0
[  392.111039][T26103] total_swap 0
[  392.114478][T26103] total_swapcached 0
[  392.118533][T26103] total_pgpgin 261526
[  392.122569][T26103] total_pgpgout 258934
[  392.126649][T26103] total_pgfault 316105
[  392.130816][T26103] total_pgmajfault 272
[  392.134919][T26103] total_inactive_anon 0
[  392.139080][T26103] total_active_anon 10616832
[  392.143681][T26103] total_inactive_file 0
[  392.147876][T26103] total_active_file 0
[  392.152429][T26103] total_unevictable 0
[  392.156470][T26103] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz6,task_memcg=/syz6,task=syz.6.7227,pid=26099,uid=0
[  392.171191][T26103] Memory cgroup out of memory: Killed process 26099 (syz.6.7227) total-vm:96148kB, anon-rss:10992kB, file-rss:22188kB, shmem-rss:0kB, UID:0 pgtables:144kB oom_score_adj:0
[  392.528184][T26120] loop8: detected capacity change from 0 to 1024
[  392.546229][T26120] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  392.971434][T26140] netlink: 'syz.3.7238': attribute type 1 has an invalid length.
[  393.013669][T26140] 8021q: adding VLAN 0 to HW filter on device bond4
[  393.053531][T26140] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7238'.
[  393.071272][T26140] bond4 (unregistering): Released all slaves
[  393.736021][T26157] loop8: detected capacity change from 0 to 128
[  393.756708][T26157] netlink: 'syz.8.7245': attribute type 4 has an invalid length.
[  393.764685][T26157] netlink: 152 bytes leftover after parsing attributes in process `syz.8.7245'.
[  393.795894][T26157] .`: renamed from bond0
[  394.248136][T26208] loop8: detected capacity change from 0 to 512
[  394.255454][T26208] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  394.280152][T26208] EXT4-fs (loop8): 1 truncate cleaned up
[  394.297612][T26208] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  394.544213][T14355] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  394.567538][T26230] loop8: detected capacity change from 0 to 512
[  394.576255][T26230] EXT4-fs error (device loop8): ext4_xattr_inode_iget:446: comm syz.8.7274: error while reading EA inode 32 err=-116
[  394.589256][T26230] EXT4-fs (loop8): Remounting filesystem read-only
[  394.596283][T26230] EXT4-fs warning (device loop8): ext4_evict_inode:256: couldn't mark inode dirty (err -30)
[  394.606596][T26230] EXT4-fs (loop8): 1 orphan inode deleted
[  394.612685][T26230] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  394.640529][T14355] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  394.691516][   T29] kauditd_printk_skb: 649 callbacks suppressed
[  394.691535][   T29] audit: type=1326 audit(388.244:23267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26239 comm="syz.8.7279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26608df749 code=0x7ffc0000
[  394.734576][   T29] audit: type=1326 audit(388.272:23268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26239 comm="syz.8.7279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f26608df749 code=0x7ffc0000
[  394.758144][   T29] audit: type=1326 audit(388.272:23269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26239 comm="syz.8.7279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26608df749 code=0x7ffc0000
[  394.781310][   T29] audit: type=1326 audit(388.282:23270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26239 comm="syz.8.7279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26608df749 code=0x7ffc0000
[  394.804560][   T29] audit: type=1326 audit(388.282:23271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26239 comm="syz.8.7279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f26608df749 code=0x7ffc0000
[  394.827835][   T29] audit: type=1326 audit(388.282:23272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26239 comm="syz.8.7279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26608df749 code=0x7ffc0000
[  394.850849][   T29] audit: type=1326 audit(388.282:23273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26239 comm="syz.8.7279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26608df749 code=0x7ffc0000
[  394.874136][   T29] audit: type=1326 audit(388.282:23274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26239 comm="syz.8.7279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f26608df749 code=0x7ffc0000
[  394.897470][   T29] audit: type=1326 audit(388.282:23275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26239 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26608df749 code=0x7ffc0000
[  394.920169][   T29] audit: type=1326 audit(388.282:23276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26239 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26608df749 code=0x7ffc0000
[  395.076370][T26254] netlink: 64 bytes leftover after parsing attributes in process `syz.0.7283'.
[  395.109648][T26261] IPVS: Unknown mcast interface: vcan0
[  395.145349][T26264] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7288'.
[  396.066364][T26338] lo speed is unknown, defaulting to 1000
[  396.113715][T26341] rdma_op ffff88812d671980 conn xmit_rdma 0000000000000000
[  396.264573][T26344] loop8: detected capacity change from 0 to 8192
[  396.345292][T26344]  loop8: p2 p3 p4 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p215 p216 p217 p218 p219 p220 p221 p222 p223 p224 p2
[  396.360416][T26344] loop8: p3 start 5963520 is beyond EOD, truncated
[  397.610482][T26375] netlink: 12 bytes leftover after parsing attributes in process `syz.6.7332'.
[  397.633654][T26375] vlan0: entered allmulticast mode
[  397.639077][T26375] bridge0: entered allmulticast mode
[  397.645343][T26375] bridge10: port 1(vlan0) entered blocking state
[  397.651949][T26375] bridge10: port 1(vlan0) entered disabled state
[  397.659794][T26375] vlan0: entered promiscuous mode
[  397.664866][T26375] bridge0: entered promiscuous mode
[  397.897076][T26394] netlink: 240 bytes leftover after parsing attributes in process `syz.8.7334'.
[  398.672476][T26445] netlink: 16 bytes leftover after parsing attributes in process `syz.2.7357'.
[  399.582535][T26488] lo speed is unknown, defaulting to 1000
[  399.608325][T26480] lo speed is unknown, defaulting to 1000
[  399.631063][T26490] rdma_op ffff88813d8c1d80 conn xmit_rdma 0000000000000000
[  399.876851][T26512] vlan2: entered allmulticast mode
[  400.210226][T26529] netlink: 12 bytes leftover after parsing attributes in process `syz.6.7392'.
[  400.293785][T26534] netlink: 'syz.6.7392': attribute type 5 has an invalid length.
[  400.301764][T26534] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7392'.
[  400.386297][T26538] lo speed is unknown, defaulting to 1000
[  400.434557][T26541] .`: (slave dummy0): Releasing backup interface
[  400.454866][   T29] kauditd_printk_skb: 411 callbacks suppressed
[  400.454885][   T29] audit: type=1326 audit(393.633:23688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26542 comm="syz.6.7395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3f0b6165e7 code=0x7ffc0000
[  400.491199][T26541] .`: (slave bond_slave_0): Releasing backup interface
[  400.517936][T26541] .`: (slave bond_slave_1): Releasing backup interface
[  400.558447][T26541] team0: Port device team_slave_0 removed
[  400.569711][   T29] audit: type=1326 audit(393.633:23689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26542 comm="syz.6.7395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f3f0b5bb829 code=0x7ffc0000
[  400.592940][   T29] audit: type=1326 audit(393.633:23690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26542 comm="syz.6.7395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3f0b6165e7 code=0x7ffc0000
[  400.616155][   T29] audit: type=1326 audit(393.633:23691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26542 comm="syz.6.7395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f3f0b5bb829 code=0x7ffc0000
[  400.639516][   T29] audit: type=1326 audit(393.633:23692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26542 comm="syz.6.7395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f0b61f749 code=0x7ffc0000
[  400.662872][   T29] audit: type=1326 audit(393.633:23693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26542 comm="syz.6.7395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f0b61f749 code=0x7ffc0000
[  400.685961][   T29] audit: type=1326 audit(393.661:23694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26542 comm="syz.6.7395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f3f0b61f749 code=0x7ffc0000
[  400.708979][   T29] audit: type=1326 audit(393.661:23695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26542 comm="syz.6.7395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f0b61f749 code=0x7ffc0000
[  400.732131][   T29] audit: type=1326 audit(393.661:23696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26542 comm="syz.6.7395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=6 compat=0 ip=0x7f3f0b61f749 code=0x7ffc0000
[  400.755158][   T29] audit: type=1326 audit(393.661:23697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26542 comm="syz.6.7395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f0b61f749 code=0x7ffc0000
[  400.790641][T26541] bond1: (slave veth3): Releasing active interface
[  400.797356][T26541] bond1: (slave veth3): the permanent HWaddr of slave - 0e:17:bf:35:60:f2 - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[  400.814118][T26541] batadv1: entered promiscuous mode
[  400.849247][T26541] bond1: (slave batadv1): Releasing active interface
[  400.878050][T26541] batadv1: left promiscuous mode
[  400.895319][T26517] syz.8.7387 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  400.909605][T26517] CPU: 1 UID: 0 PID: 26517 Comm: syz.8.7387 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  400.909646][T26517] Tainted: [W]=WARN
[  400.909655][T26517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  400.909670][T26517] Call Trace:
[  400.909679][T26517]  <TASK>
[  400.909769][T26517]  __dump_stack+0x1d/0x30
[  400.909800][T26517]  dump_stack_lvl+0x95/0xd0
[  400.909829][T26517]  dump_stack+0x15/0x1b
[  400.909856][T26517]  dump_header+0x81/0x240
[  400.909883][T26517]  oom_kill_process+0x295/0x350
[  400.909965][T26517]  out_of_memory+0x97b/0xb80
[  400.909996][T26517]  try_charge_memcg+0x610/0xa10
[  400.910083][T26517]  obj_cgroup_charge_pages+0xa6/0x150
[  400.910116][T26517]  __memcg_kmem_charge_page+0x9f/0x170
[  400.910156][T26517]  __alloc_frozen_pages_noprof+0x18f/0x360
[  400.910254][T26517]  alloc_pages_mpol+0xb3/0x260
[  400.910333][T26517]  alloc_pages_noprof+0x90/0x130
[  400.910429][T26517]  __vmalloc_node_range_noprof+0xa7b/0x1310
[  400.910484][T26517]  __kvmalloc_node_noprof+0x492/0x6b0
[  400.910514][T26517]  ? ip_set_alloc+0x24/0x30
[  400.910615][T26517]  ? ip_set_alloc+0x24/0x30
[  400.910652][T26517]  ip_set_alloc+0x24/0x30
[  400.910759][T26517]  hash_netiface_create+0x282/0x740
[  400.910862][T26517]  ? __pfx_hash_netiface_create+0x10/0x10
[  400.910901][T26517]  ip_set_create+0x3cc/0x970
[  400.911001][T26517]  ? __nla_parse+0x40/0x60
[  400.911033][T26517]  nfnetlink_rcv_msg+0x4c6/0x590
[  400.911138][T26517]  ? __rcu_read_unlock+0x4f/0x70
[  400.911180][T26517]  netlink_rcv_skb+0x123/0x220
[  400.911262][T26517]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  400.911300][T26517]  nfnetlink_rcv+0x167/0x16c0
[  400.911390][T26517]  ? trace_event_raw_event_bpf_trace_printk+0xe6/0x160
[  400.911424][T26517]  ? bpf_bprintf_cleanup+0x75/0xb0
[  400.911457][T26517]  ? __list_add_valid_or_report+0x38/0xe0
[  400.911494][T26517]  ? merge_sched_in+0x605/0xa30
[  400.911656][T26517]  ? rb_next+0x5c/0x80
[  400.911697][T26517]  ? visit_groups_merge+0xf7e/0xfd0
[  400.911725][T26517]  ? should_fail_ex+0x30/0x280
[  400.911752][T26517]  ? selinux_nlmsg_lookup+0x99/0x890
[  400.911860][T26517]  ? __rcu_read_unlock+0x34/0x70
[  400.911904][T26517]  ? __netlink_lookup+0x266/0x2a0
[  400.911945][T26517]  netlink_unicast+0x5c0/0x690
[  400.911982][T26517]  netlink_sendmsg+0x58b/0x6b0
[  400.912079][T26517]  ? __pfx_netlink_sendmsg+0x10/0x10
[  400.912134][T26517]  __sock_sendmsg+0x145/0x180
[  400.912157][T26517]  ____sys_sendmsg+0x31e/0x4a0
[  400.912195][T26517]  ___sys_sendmsg+0x17b/0x1d0
[  400.912265][T26517]  __x64_sys_sendmsg+0xd4/0x160
[  400.912303][T26517]  x64_sys_call+0x17ba/0x3000
[  400.912361][T26517]  do_syscall_64+0xca/0x2b0
[  400.912525][T26517]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  400.912575][T26517] RIP: 0033:0x7f26608df749
[  400.912597][T26517] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  400.912615][T26517] RSP: 002b:00007f265f33f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  400.912633][T26517] RAX: ffffffffffffffda RBX: 00007f2660b35fa0 RCX: 00007f26608df749
[  400.912648][T26517] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000005
[  400.912676][T26517] RBP: 00007f2660963f91 R08: 0000000000000000 R09: 0000000000000000
[  400.912690][T26517] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  400.912726][T26517] R13: 00007f2660b36038 R14: 00007f2660b35fa0 R15: 00007ffdd3983158
[  400.912749][T26517]  </TASK>
[  400.912758][T26517] memory: usage 307200kB, limit 307200kB, failcnt 1311
[  400.961924][T26549] rdma_op ffff88814c46d180 conn xmit_rdma 0000000000000000
[  400.962021][T26517] memory+swap: usage 307328kB, limit 9007199254740988kB, failcnt 0
[  401.274170][T26517] kmem: usage 239332kB, limit 9007199254740988kB, failcnt 0
[  401.281486][T26517] Memory cgroup stats for /syz8:
[  401.281721][T26517] cache 69246976
[  401.282284][T26541] team0: Port device bridge6 removed
[  401.286722][T26517] rss 208896
[  401.286735][T26517] shmem 69246976
[  401.286802][T26517] mapped_file 0
[  401.286811][T26517] dirty 0
[  401.286819][T26517] writeback 0
[  401.286890][T26517] workingset_refault_anon 3230
[  401.286901][T26517] workingset_refault_file 0
[  401.286909][T26517] swap 131072
[  401.286921][T26517] swapcached 32768
[  401.286930][T26517] pgpgin 186436
[  401.286939][T26517] pgpgout 169470
[  401.286948][T26517] pgfault 203296
[  401.339261][T26517] pgmajfault 495
[  401.342793][T26517] inactive_anon 184320
[  401.346845][T26517] active_anon 69304320
[  401.350993][T26517] inactive_file 0
[  401.354688][T26517] active_file 4096
[  401.358441][T26517] unevictable 0
[  401.361918][T26517] hierarchical_memory_limit 314572800
[  401.367324][T26517] hierarchical_memsw_limit 9223372036854771712
[  401.373571][T26517] total_cache 69246976
[  401.377697][T26517] total_rss 208896
[  401.381420][T26517] total_shmem 69246976
[  401.385544][T26517] total_mapped_file 0
[  401.389516][T26517] total_dirty 0
[  401.393058][T26517] total_writeback 0
[  401.396922][T26517] total_workingset_refault_anon 3230
[  401.402217][T26517] total_workingset_refault_file 0
[  401.407300][T26517] total_swap 131072
[  401.411371][T26517] total_swapcached 32768
[  401.415755][T26517] total_pgpgin 186436
[  401.419757][T26517] total_pgpgout 169470
[  401.423867][T26517] total_pgfault 203296
[  401.428105][T26517] total_pgmajfault 495
[  401.432412][T26517] total_inactive_anon 184320
[  401.437065][T26517] total_active_anon 69304320
[  401.441791][T26517] total_inactive_file 0
[  401.446338][T26517] total_active_file 4096
[  401.450791][T26517] total_unevictable 0
[  401.454829][T26517] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz8,task_memcg=/syz8,task=syz.8.7387,pid=26516,uid=0
[  401.469547][T26517] Memory cgroup out of memory: Killed process 26516 (syz.8.7387) total-vm:96016kB, anon-rss:1136kB, file-rss:22192kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  401.487334][T26541] bond3: (slave veth23): Releasing active interface
[  401.553260][T26548] lo speed is unknown, defaulting to 1000
[  401.586435][T26560] netlink: 'syz.8.7402': attribute type 1 has an invalid length.
[  401.665426][T26560] 8021q: adding VLAN 0 to HW filter on device bond0
[  401.700459][T26565] bond0: (slave veth15): Enslaving as an active interface with a down link
[  401.737158][T26560] 8021q: adding VLAN 0 to HW filter on device batadv0
[  401.755963][T26560] bond0: (slave batadv0): making interface the new active one
[  401.777416][T26560] batadv0: entered promiscuous mode
[  401.782828][T26560] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  401.888363][T26569] netlink: 'syz.0.7415': attribute type 10 has an invalid length.
[  401.896424][T26569] netlink: 40 bytes leftover after parsing attributes in process `syz.0.7415'.
[  402.143466][T26589] wg2: left promiscuous mode
[  402.148121][T26589] wg2: left allmulticast mode
[  402.156087][T26589] wg2: entered promiscuous mode
[  402.161690][T26589] wg2: entered allmulticast mode
[  402.326250][T26606] netlink: 'syz.6.7420': attribute type 10 has an invalid length.
[  402.334499][T26606] netlink: 40 bytes leftover after parsing attributes in process `syz.6.7420'.
[  402.386025][T26606] veth1_vlan: left promiscuous mode
[  402.434717][T26606] batman_adv: batadv0: Adding interface: veth1_vlan
[  402.441410][T26606] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  402.508450][T26606] batman_adv: batadv0: Interface activated: veth1_vlan
[  402.598260][ T3504] page_pool_release_retry() stalled pool shutdown: id 260, 1 inflight 60 sec
[  402.704274][T26614] netlink: 'syz.0.7432': attribute type 1 has an invalid length.
[  402.722754][T26614] 8021q: adding VLAN 0 to HW filter on device bond2
[  402.748615][T26614] 8021q: adding VLAN 0 to HW filter on device bond2
[  402.756354][T26614] bond2: (slave vxcan1): The slave device specified does not support setting the MAC address
[  402.780664][T26614] bond2: (slave vxcan1): Error -95 calling set_mac_address
[  402.853203][T26621] lo speed is unknown, defaulting to 1000
[  402.886505][T26626] rdma_op ffff888119951580 conn xmit_rdma 0000000000000000
[  403.114569][T26633] netlink: 24 bytes leftover after parsing attributes in process `gtp'.
[  403.260823][T26639] netlink: 'syz.2.7431': attribute type 10 has an invalid length.
[  403.268761][T26639] netlink: 40 bytes leftover after parsing attributes in process `syz.2.7431'.
[  403.666240][T26664] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7440'.
[  403.902992][T26668] netlink: 24 bytes leftover after parsing attributes in process `syz.0.7442'.
[  403.912664][T26668] IPVS: Unknown mcast interface: ipvlan1
[  404.135611][T26680] bridge11: entered promiscuous mode
[  404.141182][T26680] bridge11: entered allmulticast mode
[  404.149384][T26680] team0: Port device bridge11 added
[  404.186905][T26680] bridge0: left allmulticast mode
[  404.202406][T26680] bridge0: port 1(team0) entered blocking state
[  404.208826][T26680] bridge0: port 1(team0) entered disabled state
[  404.248674][T26680] team0: entered allmulticast mode
[  404.253913][T26680] bridge0: entered allmulticast mode
[  404.279518][T26680] team0: left allmulticast mode
[  404.284528][T26680] bridge0: left allmulticast mode
[  404.742523][T26706] loop8: detected capacity change from 0 to 128
[  404.996718][T26706] syz.8.7456: attempt to access beyond end of device
[  404.996718][T26706] loop8: rw=2049, sector=169, nr_sectors = 8 limit=128
[  405.010347][T26706] syz.8.7456: attempt to access beyond end of device
[  405.010347][T26706] loop8: rw=2049, sector=185, nr_sectors = 16 limit=128
[  405.024537][T26706] syz.8.7456: attempt to access beyond end of device
[  405.024537][T26706] loop8: rw=2049, sector=209, nr_sectors = 8 limit=128
[  405.038659][T26706] syz.8.7456: attempt to access beyond end of device
[  405.038659][T26706] loop8: rw=2049, sector=225, nr_sectors = 8 limit=128
[  405.052564][T26706] syz.8.7456: attempt to access beyond end of device
[  405.052564][T26706] loop8: rw=2049, sector=241, nr_sectors = 8 limit=128
[  405.066501][T26706] syz.8.7456: attempt to access beyond end of device
[  405.066501][T26706] loop8: rw=2049, sector=257, nr_sectors = 8 limit=128
[  405.081190][T26706] syz.8.7456: attempt to access beyond end of device
[  405.081190][T26706] loop8: rw=2049, sector=273, nr_sectors = 8 limit=128
[  405.099980][T26706] syz.8.7456: attempt to access beyond end of device
[  405.099980][T26706] loop8: rw=2049, sector=289, nr_sectors = 8 limit=128
[  405.114067][T26706] syz.8.7456: attempt to access beyond end of device
[  405.114067][T26706] loop8: rw=2049, sector=305, nr_sectors = 8 limit=128
[  405.130333][T26706] syz.8.7456: attempt to access beyond end of device
[  405.130333][T26706] loop8: rw=2049, sector=321, nr_sectors = 8 limit=128
[  405.304576][T26729] ref_ctr_offset mismatch. inode: 0x1f21 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x300000018
[  405.368454][T26732] netlink: 12 bytes leftover after parsing attributes in process `syz.6.7465'.
[  405.382676][ T5178] batadv1: left allmulticast mode
[  405.387780][ T5178] batadv1: left promiscuous mode
[  405.392936][ T5178] bridge0: port 1(batadv1) entered disabled state
[  405.669269][T26751] netlink: 24 bytes leftover after parsing attributes in process `gtp'.
[  405.679639][ T5178] bond0 (unregistering): Released all slaves
[  405.688088][ T5178] bond1 (unregistering): (slave bond2): Releasing backup interface
[  405.696150][ T5178] bond2 (unregistering): left promiscuous mode
[  405.703721][ T5178] bond1 (unregistering): Released all slaves
[  405.713575][ T5178] bond2 (unregistering): Released all slaves
[  405.747124][T26746] syzkaller0: entered allmulticast mode
[  405.762125][ T5178] tipc: Disabling bearer <udp:syz2>
[  405.767943][ T5178] tipc: Left network mode
[  405.776690][T26746] syzkaller0: entered promiscuous mode
[  405.785015][T26746] syzkaller0 (unregistering): left allmulticast mode
[  405.791816][T26746] syzkaller0 (unregistering): left promiscuous mode
[  405.825838][   T29] kauditd_printk_skb: 78 callbacks suppressed
[  405.825855][   T29] audit: type=1326 audit(398.656:23776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26762 comm="syz.2.7476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe83e7ff749 code=0x7ffc0000
[  405.856554][   T29] audit: type=1326 audit(398.656:23777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26762 comm="syz.2.7476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe83e7ff749 code=0x7ffc0000
[  405.879899][   T29] audit: type=1326 audit(398.666:23778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26762 comm="syz.2.7476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe83e7ff749 code=0x7ffc0000
[  405.903065][   T29] audit: type=1326 audit(398.666:23779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26762 comm="syz.2.7476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe83e7fdf90 code=0x7ffc0000
[  405.926213][   T29] audit: type=1326 audit(398.666:23780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26762 comm="syz.2.7476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe83e7fdf90 code=0x7ffc0000
[  405.949468][   T29] audit: type=1326 audit(398.666:23782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26762 comm="syz.2.7476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe83e7ff749 code=0x7ffc0000
[  405.972701][   T29] audit: type=1326 audit(398.666:23783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26762 comm="syz.2.7476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe83e7ff749 code=0x7ffc0000
[  405.995733][   T29] audit: type=1326 audit(398.666:23781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26762 comm="syz.2.7476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe83e7ff749 code=0x7ffc0000
[  406.018869][   T29] audit: type=1326 audit(398.666:23784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26762 comm="syz.2.7476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fe83e7ff749 code=0x7ffc0000
[  406.042135][   T29] audit: type=1326 audit(398.666:23785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26762 comm="syz.2.7476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe83e7ff749 code=0x7ffc0000
[  406.095296][T26770] netlink: 28 bytes leftover after parsing attributes in process `syz.2.7479'.
[  406.193831][T26776] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7490'.
[  406.244539][ T5178] hsr_slave_0: left promiscuous mode
[  406.250437][ T5178] hsr_slave_1: left promiscuous mode
[  406.256870][ T5178] batman_adv: batadv0: Removing interface: dummy0
[  406.461249][T26787] sch_tbf: peakrate 7 is lower than or equals to rate 19 !
[  406.486136][T26789] netlink: 28 bytes leftover after parsing attributes in process `syz.2.7497'.
[  406.709848][T26807] SELinux: failed to load policy
[  406.904147][T26822] netlink: 64 bytes leftover after parsing attributes in process `syz.2.7500'.
[  407.279311][T26850] netlink: 'syz.6.7515': attribute type 29 has an invalid length.
[  407.288476][T26850] netlink: 'syz.6.7515': attribute type 29 has an invalid length.
[  407.427417][T26866] IPVS: lblc: FWM 3 0x00000003 - no destination available
[  407.872232][T26890] sch_fq: defrate 4294967295 ignored.
[  408.446622][T26922] netlink: 'syz.0.7543': attribute type 7 has an invalid length.
[  408.683727][T26935] __nla_validate_parse: 9 callbacks suppressed
[  408.683746][T26935] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7548'.
[  408.700431][T26935] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7548'.
[  408.710815][T26935] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7548'.
[  408.727251][T26935] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7548'.
[  408.744816][T26935] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7548'.
[  408.922161][T26957] netlink: 64 bytes leftover after parsing attributes in process `syz.6.7557'.
[  409.454537][T26972] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7563'.
[  409.605397][T26975] netlink: 28 bytes leftover after parsing attributes in process `syz.0.7564'.
[  409.614526][T26975] netlink: 28 bytes leftover after parsing attributes in process `syz.0.7564'.
[  410.573368][T27012] loop8: detected capacity change from 0 to 2048
[  410.601372][T27012] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  410.714533][T14355] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  410.950946][T27026] lo speed is unknown, defaulting to 1000
[  410.986540][T27033] rdma_op ffff8881009dd980 conn xmit_rdma 0000000000000000
[  411.325993][T27048] netlink: 40 bytes leftover after parsing attributes in process `syz.0.7591'.
[  411.730472][T27066] batman_adv: batadv0: Interface deactivated: veth1_vlan
[  412.060421][   T29] kauditd_printk_skb: 185 callbacks suppressed
[  412.060440][   T29] audit: type=1326 audit(404.494:23971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27078 comm="syz.6.7602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f0b61f749 code=0x7ffc0000
[  412.135103][   T29] audit: type=1326 audit(404.522:23972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27078 comm="syz.6.7602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f0b61f749 code=0x7ffc0000
[  412.158383][   T29] audit: type=1326 audit(404.522:23973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27078 comm="syz.6.7602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3f0b61f749 code=0x7ffc0000
[  412.181779][   T29] audit: type=1326 audit(404.522:23974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27078 comm="syz.6.7602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f0b61f749 code=0x7ffc0000
[  412.205027][   T29] audit: type=1326 audit(404.522:23975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27078 comm="syz.6.7602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f0b61f749 code=0x7ffc0000
[  412.228039][   T29] audit: type=1326 audit(404.522:23976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27078 comm="syz.6.7602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3f0b61f749 code=0x7ffc0000
[  412.251703][   T29] audit: type=1326 audit(404.522:23977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27078 comm="syz.6.7602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f0b61f749 code=0x7ffc0000
[  412.274790][   T29] audit: type=1326 audit(404.522:23978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27078 comm="syz.6.7602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f0b61f749 code=0x7ffc0000
[  412.297900][   T29] audit: type=1326 audit(404.522:23979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27078 comm="syz.6.7602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3f0b61f749 code=0x7ffc0000
[  412.320926][   T29] audit: type=1326 audit(404.522:23980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27078 comm="syz.6.7602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f0b61f749 code=0x7ffc0000
[  412.755432][T27107] loop8: detected capacity change from 0 to 512
[  412.769984][T27109] netlink: 'syz.6.7612': attribute type 13 has an invalid length.
[  412.792933][T27109] 8021q: adding VLAN 0 to HW filter on device bond0
[  412.803180][T27109] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  412.845436][T27113] netlink: 'syz.2.7614': attribute type 13 has an invalid length.
[  413.685433][T27172] lo speed is unknown, defaulting to 1000
[  414.164046][ T5138] batadv0: left promiscuous mode
[  414.342422][T27205] __nla_validate_parse: 6 callbacks suppressed
[  414.342440][T27205] netlink: 28 bytes leftover after parsing attributes in process `syz.0.7645'.
[  414.748827][T27216] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  415.203079][T27209] syz.6.7648 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=0
[  415.217119][T27209] CPU: 1 UID: 0 PID: 27209 Comm: syz.6.7648 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  415.217246][T27209] Tainted: [W]=WARN
[  415.217254][T27209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  415.217267][T27209] Call Trace:
[  415.217273][T27209]  <TASK>
[  415.217303][T27209]  __dump_stack+0x1d/0x30
[  415.217337][T27209]  dump_stack_lvl+0x95/0xd0
[  415.217434][T27209]  dump_stack+0x15/0x1b
[  415.217457][T27209]  dump_header+0x81/0x240
[  415.217478][T27209]  oom_kill_process+0x295/0x350
[  415.217506][T27209]  out_of_memory+0x97b/0xb80
[  415.217530][T27209]  try_charge_memcg+0x610/0xa10
[  415.217595][T27209]  obj_cgroup_charge_pages+0xa6/0x150
[  415.217747][T27209]  __memcg_kmem_charge_page+0x9f/0x170
[  415.217786][T27209]  __alloc_frozen_pages_noprof+0x18f/0x360
[  415.217902][T27209]  alloc_pages_mpol+0xb3/0x260
[  415.217948][T27209]  alloc_pages_noprof+0x90/0x130
[  415.217980][T27209]  __vmalloc_node_range_noprof+0xa7b/0x1310
[  415.218057][T27209]  __kvmalloc_node_noprof+0x492/0x6b0
[  415.218082][T27209]  ? ip_set_alloc+0x24/0x30
[  415.218125][T27209]  ? ip_set_alloc+0x24/0x30
[  415.218163][T27209]  ip_set_alloc+0x24/0x30
[  415.218211][T27209]  hash_netiface_create+0x282/0x740
[  415.218365][T27209]  ? __pfx_hash_netiface_create+0x10/0x10
[  415.218472][T27209]  ip_set_create+0x3cc/0x970
[  415.218493][T27209]  ? _raw_spin_unlock+0x26/0x50
[  415.218582][T27209]  nfnetlink_rcv_msg+0x4c6/0x590
[  415.218630][T27209]  netlink_rcv_skb+0x123/0x220
[  415.218668][T27209]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  415.218751][T27209]  nfnetlink_rcv+0x167/0x16c0
[  415.218782][T27209]  ? kmem_cache_free+0xe3/0x3a0
[  415.218813][T27209]  ? __kfree_skb+0x109/0x150
[  415.218839][T27209]  ? nlmon_xmit+0x4f/0x60
[  415.218874][T27209]  ? consume_skb+0x49/0x150
[  415.218902][T27209]  ? nlmon_xmit+0x4f/0x60
[  415.218924][T27209]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  415.218980][T27209]  ? __dev_queue_xmit+0x138d/0x1ec0
[  415.219008][T27209]  ? __dev_queue_xmit+0x148/0x1ec0
[  415.219041][T27209]  ? ref_tracker_free+0x37d/0x3e0
[  415.219145][T27209]  ? __netlink_deliver_tap+0x4dc/0x500
[  415.219182][T27209]  netlink_unicast+0x5c0/0x690
[  415.219260][T27209]  netlink_sendmsg+0x58b/0x6b0
[  415.219295][T27209]  ? __pfx_netlink_sendmsg+0x10/0x10
[  415.219387][T27209]  __sock_sendmsg+0x145/0x180
[  415.219412][T27209]  ____sys_sendmsg+0x31e/0x4a0
[  415.219450][T27209]  ___sys_sendmsg+0x17b/0x1d0
[  415.219496][T27209]  __x64_sys_sendmsg+0xd4/0x160
[  415.219609][T27209]  x64_sys_call+0x17ba/0x3000
[  415.219638][T27209]  do_syscall_64+0xca/0x2b0
[  415.219692][T27209]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  415.219722][T27209] RIP: 0033:0x7f3f0b61f749
[  415.219744][T27209] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  415.219768][T27209] RSP: 002b:00007f3f0a07f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  415.219796][T27209] RAX: ffffffffffffffda RBX: 00007f3f0b875fa0 RCX: 00007f3f0b61f749
[  415.219891][T27209] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000004
[  415.219905][T27209] RBP: 00007f3f0b6a3f91 R08: 0000000000000000 R09: 0000000000000000
[  415.219956][T27209] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  415.219973][T27209] R13: 00007f3f0b876038 R14: 00007f3f0b875fa0 R15: 00007ffcce6e8168
[  415.220025][T27209]  </TASK>
[  415.220035][T27209] memory: usage 307200kB, limit 307200kB, failcnt 334
[  415.236948][T27236] netlink: 'syz.3.7657': attribute type 13 has an invalid length.
[  415.246069][T27209] memory+swap: usage 307200kB, limit 9007199254740988kB, failcnt 0
[  415.347764][T27242] netlink: 664 bytes leftover after parsing attributes in process `syz.8.7659'.
[  415.351856][T27209] kmem: usage 293544kB, limit 9007199254740988kB, failcnt 0
[  415.351878][T27209] Memory cgroup stats for /syz6:
[  415.352184][T27209] cache 13549568
[  415.352197][T27209] rss 417792
[  415.352206][T27209] shmem 13549568
[  415.352215][T27209] mapped_file 0
[  415.352224][T27209] dirty 0
[  415.352304][T27209] writeback 0
[  415.352313][T27209] workingset_refault_anon 2053
[  415.352369][T27209] workingset_refault_file 0
[  415.352379][T27209] swap 0
[  415.352438][T27209] swapcached 0
[  415.352446][T27209] pgpgin 290737
[  415.352454][T27209] pgpgout 287323
[  415.352461][T27209] pgfault 353235
[  415.352471][T27209] pgmajfault 273
[  415.352522][T27209] inactive_anon 0
[  415.352531][T27209] active_anon 13983744
[  415.653369][T27209] inactive_file 0
[  415.656986][T27209] active_file 0
[  415.660468][T27209] unevictable 0
[  415.663920][T27209] hierarchical_memory_limit 314572800
[  415.669391][T27209] hierarchical_memsw_limit 9223372036854771712
[  415.675554][T27209] total_cache 13549568
[  415.679605][T27209] total_rss 417792
[  415.683385][T27209] total_shmem 13549568
[  415.687443][T27209] total_mapped_file 0
[  415.691430][T27209] total_dirty 0
[  415.694990][T27209] total_writeback 0
[  415.698785][T27209] total_workingset_refault_anon 2053
[  415.704163][T27209] total_workingset_refault_file 0
[  415.709235][T27209] total_swap 0
[  415.712719][T27209] total_swapcached 0
[  415.716606][T27209] total_pgpgin 290737
[  415.720609][T27209] total_pgpgout 287323
[  415.724674][T27209] total_pgfault 353235
[  415.728744][T27209] total_pgmajfault 273
[  415.732877][T27209] total_inactive_anon 0
[  415.737070][T27209] total_active_anon 13983744
[  415.741639][T27209] total_inactive_file 0
[  415.745795][T27209] total_active_file 0
[  415.749775][T27209] total_unevictable 0
[  415.753734][T27209] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz6,task_memcg=/syz6,task=syz.6.7648,pid=27208,uid=0
[  415.768618][T27209] Memory cgroup out of memory: Killed process 27209 (syz.6.7648) total-vm:96148kB, anon-rss:1264kB, file-rss:22348kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:0
[  416.021994][T27251] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7663'.
[  416.154170][T27251] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7663'.
[  416.610184][T27273] loop8: detected capacity change from 0 to 2048
[  416.641774][T27273] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  416.661445][T27277] netlink: 'syz.2.7672': attribute type 13 has an invalid length.
[  416.723825][T27277] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  416.739473][ T3504] lo speed is unknown, defaulting to 1000
[  416.745285][ T3504] syz2: Port: 1 Link ACTIVE
[  416.769864][T27273] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  416.824923][T27273] EXT4-fs (loop8): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 448 with error 28
[  416.837435][T27273] EXT4-fs (loop8): This should not happen!! Data will be lost
[  416.837435][T27273] 
[  416.847217][T27273] EXT4-fs (loop8): Total free blocks count 0
[  416.853216][T27273] EXT4-fs (loop8): Free/Dirty block details
[  416.859414][T27273] EXT4-fs (loop8): free_blocks=2415919104
[  416.865151][T27273] EXT4-fs (loop8): dirty_blocks=464
[  416.870448][T27273] EXT4-fs (loop8): Block reservation details
[  416.876634][T27273] EXT4-fs (loop8): i_reserved_data_blocks=29
[  417.019371][T27293] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7678'.
[  417.114107][T27293] 8021q: adding VLAN 0 to HW filter on device bond4
[  417.142953][ T5175] EXT4-fs (loop8): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 448 with error 28
[  417.277726][T27303] netlink: 28 bytes leftover after parsing attributes in process `syz.8.7681'.
[  417.286874][T27303] netlink: 108 bytes leftover after parsing attributes in process `syz.8.7681'.
[  417.297379][T27303] netlink: 28 bytes leftover after parsing attributes in process `syz.8.7681'.
[  417.306452][T27303] netlink: 108 bytes leftover after parsing attributes in process `syz.8.7681'.
[  417.315529][T27303] netlink: 84 bytes leftover after parsing attributes in process `syz.8.7681'.
[  418.155700][T27332] netlink: 'syz.0.7687': attribute type 13 has an invalid length.
[  418.272909][T27332] 8021q: adding VLAN 0 to HW filter on device .`
[  418.340113][T27332] 8021q: adding VLAN 0 to HW filter on device team0
[  418.480610][T27332] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  418.499874][   T29] kauditd_printk_skb: 340 callbacks suppressed
[  418.499895][   T29] audit: type=1326 audit(410.519:24321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27366 comm="syz.8.7694" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26608df749 code=0x7ffc0000
[  418.592655][   T29] audit: type=1326 audit(410.519:24322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27366 comm="syz.8.7694" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26608df749 code=0x7ffc0000
[  418.616075][   T29] audit: type=1326 audit(410.547:24323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27366 comm="syz.8.7694" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26608df749 code=0x7ffc0000
[  418.639354][   T29] audit: type=1326 audit(410.547:24324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27366 comm="syz.8.7694" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f26608df749 code=0x7ffc0000
[  418.662736][   T29] audit: type=1326 audit(410.547:24325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27366 comm="syz.8.7694" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26608df749 code=0x7ffc0000
[  418.686519][   T29] audit: type=1326 audit(410.547:24326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27366 comm="syz.8.7694" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26608df749 code=0x7ffc0000
[  418.709718][   T29] audit: type=1326 audit(410.547:24327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27366 comm="syz.8.7694" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26608df749 code=0x7ffc0000
[  418.732841][   T29] audit: type=1326 audit(410.547:24328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27366 comm="syz.8.7694" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26608df749 code=0x7ffc0000
[  418.755978][   T29] audit: type=1326 audit(410.547:24329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27366 comm="syz.8.7694" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f26608df749 code=0x7ffc0000
[  418.779013][   T29] audit: type=1326 audit(410.547:24330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27366 comm="syz.8.7694" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26608df749 code=0x7ffc0000
[  418.880211][T27380] netlink: 'syz.2.7700': attribute type 1 has an invalid length.
[  418.923311][T27380] 8021q: adding VLAN 0 to HW filter on device bond2
[  418.976084][T27387] bond2 (unregistering): Released all slaves
[  420.126290][T27431] rdma_rxe: rxe_newlink: failed to add lo
[  420.439828][T27436] __nla_validate_parse: 3 callbacks suppressed
[  420.439847][T27436] netlink: 4 bytes leftover after parsing attributes in process `syz.8.7719'.
[  420.595364][T27438] netlink: 'syz.8.7720': attribute type 21 has an invalid length.
[  420.628778][T27438] netlink: 132 bytes leftover after parsing attributes in process `syz.8.7720'.
[  420.987543][T27455] netlink: 188 bytes leftover after parsing attributes in process `syz.3.7727'.
[  421.010823][T27457] netlink: 76 bytes leftover after parsing attributes in process `syz.6.7728'.
[  421.083673][T27460] batadv_slave_0: entered promiscuous mode
[  422.041303][T27487] netlink: 'syz.0.7738': attribute type 13 has an invalid length.
[  422.056913][T27489] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=257 sclass=netlink_route_socket pid=27489 comm=syz.8.7739
[  422.097163][T27487] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  422.734847][T27551] lo speed is unknown, defaulting to 1000
[  422.896699][T27560] 9pnet: p9_errstr2errno: server reported unknown error 0x0000000000
[  423.244719][T27582] bridge0: port 3(gretap0) entered blocking state
[  423.251755][T27582] bridge0: port 3(gretap0) entered disabled state
[  423.288971][T27582] gretap0: entered allmulticast mode
[  423.311747][T27582] gretap0: entered promiscuous mode
[  423.323864][T27584] gretap0: left allmulticast mode
[  423.328994][T27584] gretap0: left promiscuous mode
[  423.334221][T27584] bridge0: port 3(gretap0) entered disabled state
[  423.392074][T27587] netlink: 'syz.2.7774': attribute type 83 has an invalid length.
[  423.509041][T27591] netlink: 28 bytes leftover after parsing attributes in process `syz.6.7776'.
[  423.527584][T27595] loop8: detected capacity change from 0 to 2048
[  423.557958][T27597] netlink: 20 bytes leftover after parsing attributes in process `syz.2.7779'.
[  423.596244][T27595] Alternate GPT is invalid, using primary GPT.
[  423.602775][T27595]  loop8: p2 p3 p7
[  423.774696][T27607] netlink: 'syz.2.7782': attribute type 29 has an invalid length.
[  423.814427][T27607] netlink: 'syz.2.7782': attribute type 29 has an invalid length.
[  423.846265][T27607] netlink: 500 bytes leftover after parsing attributes in process `syz.2.7782'.
[  423.869748][T27561] ==================================================================
[  423.877978][T27561] BUG: KCSAN: data-race in atime_needs_update / touch_atime
[  423.885304][T27561] 
[  423.887657][T27561] write to 0xffff888187891830 of 4 bytes by task 27557 on cpu 0:
[  423.895396][T27561]  touch_atime+0x1e8/0x340
[  423.899853][T27561]  shmem_file_read_iter+0x477/0x540
[  423.905090][T27561]  copy_splice_read+0x442/0x660
[  423.909997][T27561]  splice_direct_to_actor+0x290/0x680
[  423.915446][T27561]  do_splice_direct+0xda/0x150
[  423.920239][T27561]  do_sendfile+0x380/0x650
[  423.924692][T27561]  __x64_sys_sendfile64+0x105/0x150
[  423.929924][T27561]  x64_sys_call+0x2db1/0x3000
[  423.934667][T27561]  do_syscall_64+0xca/0x2b0
[  423.939212][T27561]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  423.945146][T27561] 
[  423.947492][T27561] read to 0xffff888187891830 of 4 bytes by task 27561 on cpu 1:
[  423.955141][T27561]  atime_needs_update+0x25f/0x3e0
[  423.960212][T27561]  touch_atime+0x4a/0x340
[  423.964583][T27561]  shmem_file_read_iter+0x477/0x540
[  423.969812][T27561]  copy_splice_read+0x442/0x660
[  423.974687][T27561]  splice_direct_to_actor+0x290/0x680
[  423.980092][T27561]  do_splice_direct+0xda/0x150
[  423.984886][T27561]  do_sendfile+0x380/0x650
[  423.989422][T27561]  __x64_sys_sendfile64+0x105/0x150
[  423.994646][T27561]  x64_sys_call+0x2db1/0x3000
[  423.999361][T27561]  do_syscall_64+0xca/0x2b0
[  424.003911][T27561]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  424.009841][T27561] 
[  424.012191][T27561] value changed: 0x1fcfb10b -> 0x205e70bc
[  424.017919][T27561] 
[  424.020262][T27561] Reported by Kernel Concurrency Sanitizer on:
[  424.026523][T27561] CPU: 1 UID: 0 PID: 27561 Comm: syz.0.7763 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  424.037923][T27561] Tainted: [W]=WARN
[  424.041762][T27561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  424.051850][T27561] ==================================================================