last executing test programs:

7m1.664455647s ago: executing program 32 (id=179):
unshare(0x6a040000)
mmap(&(0x7f00002ad000/0xc00000)=nil, 0xc00000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$IPT_SO_GET_ENTRIES(r0, 0x0, 0x41, &(0x7f0000000700)={'nat\x00', 0x4, "dea50c52"}, &(0x7f0000001740)=0x2c)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(r1, &(0x7f0000003240)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, 0x0}}], 0x1, 0x4000800)

6m34.186190034s ago: executing program 33 (id=500):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00'})
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f00000021c0)={[{@dioread_nolock}, {@norecovery}, {@min_batch_time={'min_batch_time', 0x3d, 0x1}}, {@nojournal_checksum}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@errors_remount}, {@acl}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x343}}, {@jqfmt_vfsold}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@mblk_io_submit}, {@user_xattr}], [{@fowner_eq}, {@hash}, {@permit_directio}, {@subj_type={'subj_type', 0x3d, '/)/-:\x18\xa5\x15\xb7\xaf\xfd\xcd\xc6\xb3\xfe\xff\xff\xff\xff\xff\xff\xff)\x91\xdf\x9eJ\xad\x8dA\xde\xc6\xb5\xb2\xfb\x15\"\xe7\xd0^\x8c\xaa\xa28\'\'~\x9a\x8c\x86#I8\x89\xef\xbb+\xfb\xa0\x01\x12\x90\xe1\xc1\xed\xa5J\xd0\x9b\xaa'}}, {@rootcontext={'rootcontext', 0x3d, 'unconfined_u'}}, {@measure}]}, 0xfd, 0x573, &(0x7f0000000cc0)="$eJzs3V9rW+UfAPDvSZP9636/djCGeiGDXTgZS9fWPxOEzUvR4UDvZ2izMpouo0nHWgduF+7GGxmCiAPxBXjv5fAN+CoGOhgyil6IUDnpSZe1Sf8tNbH5fOBsz5Nzkud58pzvyfOck/QEMLBOpv/kIl6OiK+SiJGWdfnIVp5c3W756e2pdEliZeXj35O4sO61kuz/4SzzUkT8/EXEmdzGcmuLS7OlSqU8n+XH6nM3xmqLS2evzZVmyjPl6xOTk+ffnJx45+23utbW1y//+e1HD98//+Wp5W9+fHzsfhIX42i2Lm1XF4q405o5Wfo7SxXi4roNx7tQWD9Jel0BdmUoi/NCpMeAkRjKoh7Y/z6PiBVgQCXiHwZUcxzQnNt3aR78n/HkvdUJ0Mb251fPjcShxtzoyHLy3Mwone+OdqH8tIyffntwP11i8/MQh7fIA+zInbsRcS6f33j8S7Lj3+6da5w83tz6Mgbt8wd66WE6/knuRGyI/9za+CfajH+G28Tubmwd/7nHXSimo3T8927b8e/aoWt0KMv9rzHmKyRXr1XK5yLi/xFxOgoH0/xm13POLz9a6bSudfyXLmn5zbFgVo/H+YPPP2e6VC+9SJtbPbkb8Urb8W+y1v9Jm/5P34/L2yzjRPnBq53Wbd3+vbXyQ8Rrbfv/2RWtZPPrk2ON/WGsuVds9Me9E790Kr/X7U/7/8jm7R9NWq/X1nZexveH/ip3Wrfb/f9A8kkjfSB77FapXp8fjziQfJgfXv/4xLPnNvPN7dP2nz7VPv432//Tyden22z/veP3Om7aD/0/vaP+33ni0Qeffdep/O31/xuN1Onske0c/7ZbwRd57wAAAAAAAKDf5CLiaCS54lo6lysWV7/fcTyO5CrVWv3M1erC9elo/FZ2NAq55pXukZbvQ4xn34dt5ifW5Scj4lhEfD10uJEvTlUr071uPAAAAAAAAAAAAAAAAAAAAPSJ4Q6//0/9OtTr2gF7rnFjg4O9rgXQC1ve8r8bd3oC+tKW8Q/sWzuPf2cGYL/w+Q+DS/zD4BL/MLi2G/+FkT2uCPCv8/kPg0v8AwAAAAAAAAAAAAAAAAAAAAAAAAAAQFddvnQpXVaWn96eSvPTNxcXZqs3z06Xa7PFuYWp4lR1/kZxplqdqZSLU9W5rV6vUq3eGJ+IhVtj9XKtPlZbXLoyV124Xr9yba40U75SLvhjwwAAAAAAAAAAAAAAAAAAALBBbXFptlSplOclOiYuRF9UYy8buGpXT8/3Syskupro8YEJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFr8EwAA//8DDjNQ")
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
sendmmsg(r1, &(0x7f0000000440)=[{{&(0x7f0000000700)=@qipcrtr={0x2a, 0x2}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x1}], 0x1}}], 0x1, 0x49000)

6m33.164675308s ago: executing program 34 (id=874):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = getpid()
r2 = syz_pidfd_open(r1, 0x0)
setns(r2, 0x24020000)
mount_setattr(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x8000, &(0x7f0000001dc0)={0x0, 0x0, 0x20000}, 0x20)

5m51.320792641s ago: executing program 35 (id=2090):
r0 = fsopen(&(0x7f0000000180)='debugfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x82)
fchdir(r1)
r2 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents64(r2, &(0x7f0000000240)=""/182, 0x74)
lseek(r2, 0x3, 0x1)

5m29.27479487s ago: executing program 7 (id=2753):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
r2 = dup2(r0, r1)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
write$P9_RGETLOCK(r2, &(0x7f0000000140)=ANY=[@ANYBLOB='df', @ANYBLOB="e984916d"], 0x2c)
mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0, 0x12, r3, 0x0)

5m29.17197363s ago: executing program 7 (id=2762):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='kfree\x00', r2, 0x0, 0x10000001}, 0x18)
r3 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r3, 0x80045505, &(0x7f0000000040)=@usbdevfs_connect)

5m29.072880459s ago: executing program 7 (id=2766):
pipe(&(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@ipv4_newrule={0x24, 0x20, 0x301, 0xfffffffc, 0x0, {0x2, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x3}, [@FRA_GENERIC_POLICY=@FRA_PRIORITY={0x8, 0x6, 0x8001}]}, 0x24}}, 0x42094)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x8)

5m28.246345795s ago: executing program 7 (id=2792):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x100)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b1098, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2925099, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)

5m28.19388087s ago: executing program 7 (id=2794):
r0 = syz_io_uring_setup(0xb7f, &(0x7f0000000180)={0x0, 0x38ab, 0x80, 0x0, 0x1e6}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000600)=<r2=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, &(0x7f00000000c0)={&(0x7f0000001000)={[{0x0, 0x0, 0x4, 0xf4}, {&(0x7f0000000100)="6e6f82e5e8bf21ed4e1a02367f8b3cf61b4a16a146dfb1851626bda845094856f52489d817e92e5a8ecce42c451dca7457a66c467e", 0x35}]}, 0x2, 0x1}, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_DEL(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x20, 0x3, 0x7, 0x301, 0x0, 0x0, {0x5, 0x0, 0xd}, [@NFACCT_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x8000}, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x10, r3, 0x0, 0x0, 0x0, 0x322, 0x1, {0x1}})
io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0)

5m28.055804182s ago: executing program 7 (id=2796):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000c80)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0x9c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x6c, 0x2, {{}, [@TCA_NETEM_LOSS={0x30, 0x2, 0x0, 0x1, [@NETEM_LOSS_GE={0x18}, @NETEM_LOSS_GI={0x18}]}, @TCA_NETEM_RATE={0x4, 0xd}, @TCA_NETEM_CORRUPT={0xc, 0x2}]}}}]}, 0x9c}}, 0x0)

5m28.008979597s ago: executing program 36 (id=2796):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000c80)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0x9c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x6c, 0x2, {{}, [@TCA_NETEM_LOSS={0x30, 0x2, 0x0, 0x1, [@NETEM_LOSS_GE={0x18}, @NETEM_LOSS_GI={0x18}]}, @TCA_NETEM_RATE={0x4, 0xd}, @TCA_NETEM_CORRUPT={0xc, 0x2}]}}}]}, 0x9c}}, 0x0)

5m20.951021473s ago: executing program 2 (id=3015):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x120)
write$P9_RREADLINK(r1, &(0x7f0000000000)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab)
acct(&(0x7f0000000100)='./file1\x00')
acct(0x0)
acct(0x0)

5m20.586786867s ago: executing program 2 (id=3018):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000004a00)=ANY=[@ANYBLOB="fc000000190001000000000000000000ac1e0101000000000000000000000000ac1414aa00000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000a900000000000000070000000000000000000010000000000000000000000000ffffffffffffffff000000000000000000000000000000000000000000000000000a0000000000000000000000804000000000000000000800000000000000000000000000000000440005000a010100000000000000000000000000000000003c"], 0xfc}}, 0x20000088)
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="034886dd010000000000140000006000000003082f00fe88a43de1a400000000000000007d01ff020000000000000000000000000001"], 0xfdef)

5m20.409621523s ago: executing program 2 (id=3020):
r0 = syz_io_uring_setup(0x1370, &(0x7f00000000c0)={0x0, 0x49fa, 0x10, 0x0, 0x4e}, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f0000000300)=[0xffffffffffffffff], 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[0xffffffffffffffff], 0x1})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x12, r3, 0x0)
io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0)

5m20.349754388s ago: executing program 2 (id=3022):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x23e9c9e, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0/file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x28a5291, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x3000005, 0x0)

5m20.292780254s ago: executing program 2 (id=3024):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001780)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='rxrpc_recvmsg\x00', r1}, 0x18)
r2 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r2, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @loopback}}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000100)="a6", 0xfffffcf4}, {0x0}], 0x2, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x106)
recvmsg$kcm(r2, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x100)

5m20.128423069s ago: executing program 2 (id=3029):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x60, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff})
syz_open_procfs(0x0, &(0x7f00000000c0)='smaps_rollup\x00')
close_range(r2, 0xffffffffffffffff, 0x0)

5m20.10732546s ago: executing program 37 (id=3029):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x60, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff})
syz_open_procfs(0x0, &(0x7f00000000c0)='smaps_rollup\x00')
close_range(r2, 0xffffffffffffffff, 0x0)

5m14.87455374s ago: executing program 6 (id=3131):
r0 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
r1 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x9, 0x690bb, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x3, 0x6, 0x2, 0x0, 0x0, 0x0, 0x6}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x1)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x4, 0x40, 0x7fff0000}]})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000000)=@usbdevfs_driver={0x3, 0x81, 0x0})

5m14.76707368s ago: executing program 6 (id=3141):
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x12, 0x5, 0x4, 0x2}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x1e, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r3, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

5m14.712395415s ago: executing program 6 (id=3142):
socket$packet(0x11, 0xa, 0x300)
socket$packet(0x11, 0xa, 0x300)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0xb}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000003c0)='kmem_cache_free\x00', r1}, 0x18)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="219a53f271a76d2608004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), 0xffffffffffffffff)

5m14.43710402s ago: executing program 6 (id=3154):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)='./file0/../file0/../file0/../file0/file0\x00')

5m14.420284951s ago: executing program 6 (id=3155):
syz_mount_image$iso9660(&(0x7f0000000540), &(0x7f00000001c0)='./file1\x00', 0x14004, &(0x7f0000000480)=ANY=[@ANYRES32=0x0], 0x4, 0x70a, &(0x7f00000232c0)="$eJzs3V+P21gZBvDnJJkkk0JVAapWVbdzOmWlqRhSJ7NNFRUkjHOSMSRxZHtgRkJaFTqDRs0UaItEc9PODX+k5Qtwtzdc8CFW4oKr/RZwBdIKhIR2BUJGPraTTOJkJm3a2aXPb7Qb5/j18etjr896xj4GERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERQVgNw6gItO3uzq6czWq4Tif5ksXU/Ki2FdyMJm7OW+dKuF5AhP+gWMRbUfFbXxmFXA7/tY6r0berKIYfRQwuXL5098u5TLL8nIRfBBat8PHTwYN7/f7+ozPEZrFw9ecJmTMEtVTX9hy7Y7aUtD1H1ms149Z205NNu628Pc9XHWm5KuM7rtywbspKvb4lVXnP2em2GmZbJYV3vl41jJr8TiHa0QDKnrVtt9t2t6VjwtlhzB35/g+iAGV2pDw47O9vjeXzLK2Nw6BKSvKZ8eAwqHra5laNarVSqVYrtdv123cMIzdVYISEMYSpiKUftHSeMvHxusAiyzt5E72kjNX4j/FnAbRRRBc72IVM/bHQgAsHnRnzY0n//84tNXe94/1/0suvjGZfge7/r0Xfrs3q/2fkIiH1AmlzxIzyxX5WdEYSj/EUAzzAPfTRxz4eLaFuCbn20jXkjbgll5LPzJ8WFLqw4cGBjQ5MtPBFyLhEoo4aajDwHrbRhAeJJmy0oeBhDx58qPCIyoeZKpjw4cCFxAYs3IREBXXUsQUJhTL24GAHXbTQgIlPgiA4wKFu9604n+cpW40kqDJjIwrIJcfdPqpztnZW///DZ9HScf9vsP9/U0XHQSH6+GheDNFnQBBf/y9o7dVkQ0RERERERESvgtC/fRf6r/JvAwjQtNvKOBFTOLfsiIiIiIiIiGgZBIICrkJEd+XjbYjp638iIiIiIiIi+nwT+hk7AaCkb+oXo8elzvJLgOxrSJGIiIiIiIiIXpJ+8v9aHgj0Xf5rEAtd/xMRERERERHR58Cvx8bYz2XjMXaD5M/6GQBrfymID/9egLsijnu7XxVHZjjHPIpjpu4A8JtXxMV4oF79kQegv1nqqojXJoF/Jb99CH18kD7W//MgIoRwJxLIZ8crmJGACNdcy8Xf8D6uR4tcj8eZvz/IQM+JRhQuNe22KltO+24Fpnkx46td/+cPD38BuMPtPDjs75d/9JP+fZ3LcVh0fBRW+uxEOpn0xhjl8kSPt6CfuUgb3XgVzWSVv+l2SkKv10i2PwvzKDO+onk7oLYKRFv5S6xH+2w9iGJLg+GI+wJY04M/VMp6l53YendFjLKoTG552o6YseVFncWNKObGxo3oI2mTsJ6MKH4tC1TLk/sgTHQsi+p4Fqe3hfjHRPvPzwKiGLbFVpjFH8OKJtri+x9GC2/1dpPhMc6SxdRRQER0Xg5GvZAexHxqjP2ke0hOamfvd5AD4rPcjN59tJYg7j+S3v3J74Koh8oCufhvE+lrSfoVhGf0DaHryUcDuueupJzRjfKnQRCYF4sYP6P/NwiSDTIW6N2OgyCYPKP/YfQOpDjtqSz+HQTB3YruSX470at+EC7wwcz1eu1qFkUU8OTop/gkmb3/4/2H1epWzXjXMG5XsaL/VyH+yIJ9DxERTTn9HTs6IjMnQryL61Ed1+//7Z1o6kSP96X4lgLtFtDHfWwmrxBYS6+1hAN885/RbQib0VUrsF6KPksDefnS3fCqdhh7KHL6DS+bM6/qdGcZxerbG6rD2OS9Q5NXgKPYrVe8F4iIiF6v9Rn9MHCi/8fJ/r94ov/fxEYUsXEl9bq7NHZL4WZydTy8pB9cOE6NrZye/LeW3BhERERvCOV+LEr+r4Tr2r33KvV6xfS3lXQd67vStRstJe2ur1xr2+y2lOy5ju9YTlv2XBTsVeVJb6fXc1xfNh1X9hzP3tVvfpfxq9891TG7vm15vbYyPSUtp+ubli8btmfJ3s6327a3rVy9sNdTlt20LdO3na70nB3XUmUpPaXGAu2G6vp20w4nu7Ln2h3T3ZPfc9o7HSUbyrNcu+c7UYXJuuxu03E7utoygoVfdEhERPT/6PHTwYN7/f7+o8mJ1fDSPCo5xoyY6Yl8SoUcI4iIiOgzZtRdL7BQ8RUmREREREREREREREREREREREREREREREREU05/pG/BiZW0hwWBYcnPLsYleI7RI4ZT9Qi8bD6fun/SA/u9yOKZYYkAcIalkkciBg8+mhO8OixJmn885niRDHEJeOH2+esXgAu6BFFJbokHwPTzo0s/xtImvnEQteisGD0zdVZhuC9yy//PIZx4+PvpWSJs+SAIgvmLF062Yf7sx3MOwKP8nF2wesrx87rPRET0uv0vAAD//ySOL9Y=")
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x398fba87178c1956, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040), 0x401, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r2, 0xc0189374, &(0x7f0000000080)={{0x1, 0x1, 0x63, 0xffffffffffffffff, {0x4}}, './file1\x00'})

5m14.174126924s ago: executing program 6 (id=3171):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0xa041, 0xd)
close(r2)
lsetxattr$trusted_overlay_upper(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040), 0x0, 0x0, 0x1)
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0)

5m14.136819658s ago: executing program 38 (id=3171):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0xa041, 0xd)
close(r2)
lsetxattr$trusted_overlay_upper(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040), 0x0, 0x0, 0x1)
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0)

3m59.198965992s ago: executing program 3 (id=5371):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000240), 0x3af4701e)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28012, r0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
mbind(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x1, 0x0, 0x1ff, 0x3)
r1 = syz_clone(0x0, 0x0, 0x43, 0x0, 0x0, 0x0)
process_vm_writev(r1, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)

3m58.368397858s ago: executing program 3 (id=5384):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000100)='io_uring_register\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000100)='io_uring_register\x00', r2}, 0x10)
r3 = syz_io_uring_setup(0x371d, &(0x7f0000000440)={0x0, 0xc576, 0x400, 0xa, 0xffffff}, &(0x7f0000000040), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)

3m58.278481937s ago: executing program 3 (id=5387):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0xe, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0xfffffffffffff001}, 0x18)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0xff, 0x0, 0x7fff0026}]})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}, 0x0, 0x0, 0x16, 0x0, "0af5a212a1bd3bbda613efd9c8b4965dca66db42f66a86e5781cf86717055a7c1d1408407e5a774ef95f2fc1b947e00f000000123f2f1d34b0882e83d41b67cb9ff147c6d33a097d2269351b3ed300"}, 0xd8)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000200)={@in6={{0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x3d}}}, 0x0, 0x0, 0x11, 0x0, "a1c1dd75a68473ba07d945c3b03e10950cd4b347113e55eb4285bf274bca67efbff2fdf98328de9434031348589bf28046d14810000000e3ffffff00"}, 0xd8)
close_range(r2, 0xffffffffffffffff, 0x0)

3m58.233563811s ago: executing program 3 (id=5388):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="160000000000000004000000"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x94)
unshare(0x2c020400)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100003}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x8000000000000000}, 0x18)
r2 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="1400000033000b3387dad256094bc7c308920fd2", 0x14}], 0x1}, 0x0)
recvmsg(r2, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x62)

3m58.153118358s ago: executing program 3 (id=5391):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)

3m58.104095132s ago: executing program 3 (id=5392):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x3, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000140)=ANY=[@ANYRES32=0x1, @ANYRES32=r2, @ANYBLOB='.\x00'], 0x20)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000140)=ANY=[], 0x20)

3m43.024126294s ago: executing program 39 (id=5392):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x3, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000140)=ANY=[@ANYRES32=0x1, @ANYRES32=r2, @ANYBLOB='.\x00'], 0x20)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000140)=ANY=[], 0x20)

2m56.613703635s ago: executing program 8 (id=7048):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=ANY=[@ANYBLOB="14000000100001000c000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x44051}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000006000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc4c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000020000380100000800c00018006000100d10300000c000080080003400000000214000000110001"], 0xb0}}, 0x40)
close_range(r2, 0xffffffffffffffff, 0x0)

2m56.567097s ago: executing program 8 (id=7050):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff}, 0x18)
r0 = syz_io_uring_setup(0x74d, &(0x7f0000000100)={0x0, 0x1381, 0x10, 0x3, 0x5cc}, &(0x7f0000000300)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000040)=[{&(0x7f00000003c0)=""/193, 0xc1}], 0x1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_ACCEPT={0xd, 0xc, 0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x81800, 0x1})
io_uring_enter(r0, 0x749f, 0x4, 0x0, 0x0, 0xfffffffffffffef5)

2m56.436328762s ago: executing program 8 (id=7056):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = syz_open_procfs(0x0, &(0x7f00000042c0)='mounts\x00')
pread64(r2, &(0x7f0000002240)=""/237, 0xed, 0x619)

2m56.284677566s ago: executing program 8 (id=7059):
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000780)='./file0\x00', 0x0, &(0x7f00000000c0)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@bsdgroups}, {@resgid}, {@nouid32}, {@debug}, {@acl}]}, 0x1, 0x746, &(0x7f0000000f40)="$eJzs3c9rHGUfAPDvbJOmb9vXpODBimCgBwulG5vWUkGkogcpVop689Bud7ehZLdbspvShIpWFMGTSPHsj5M3/wFRBL15FDx7kkKRUi+CsDLb2bjt7jabNJtV9/OBCc8zM5tnvjszz/Mkz8NMAGNrNv2Ri9gfER8lEdPZ+iQiJlupiYiTd/e7c/taMV2SaDZf/y1p7ZPmo+MzqT1Z5rGI+O79iEO57nLrK6uLhUqlvJTl5xrVy3P1ldXDF6uFhfJC+dL88WePzp+Yf+bE/JbF+sd7r54/9dVLX9x498dfXnvr1JNJnIy92bbOOLbKbMxm38lk+hXe48WtLmzEklEfAJuS3po77t7lsT+mY0crBQD8l70dEU0AYMwk2n8AGDPt/wO0x/aGMQ72T3brhYjY1Sv+iWzMbldrHHT3neSekZEkIma2oPzZiLj65gdfp0sMaRwSoJd3rkfEuZnZ7vov6ZqzsFFPD7DP7H159R9sn2/T/s+JXv2f3Fr/J3r0f6Z63Lubsf79n7u5BcX0lfb/nuvZ/12btDazI8v9v9Xnm0wuXKyU07rtkYg4GJNTaf7IA8o49vHzP/Tb1tn/S5e0/HZfMDuOmxNT936mVGgUHibmTreuRzw+0Sv+ZO38J336v2cGLKPx/ROf99u2fvzD1fws4qme5//vGW1Jx/zEqeianzjXuh7m2ldFt/yH0/v6lT/q+NPzv/vB8c8knfM16xsv46dP/ny537bNXv87kzda6Z3ZuquFRmPpSMTO5JXu9R1TSNv59v5p/AcPPLj+63X9p38Tnhsw/sVPvzy/+fiHK42/tKHzv/HEgZ+/6R1PM5ttvO75P9ZKHczWDFL/DXqAD/PdAQAAAAAAAAAAAAAAAAAAAAAAAMCgchGxN5Jcfi2dy+Xzd9/h/WjszlVq9cahC7XlS6VovSt7JiZz7SddTnc8D/VI9jz8dn7+vvzRiNgXETem/tfK54u1SmnUwQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZk+f9/+nfp0a9dEBAEOza9QHAABsO+0/AIwf7T8AjB/tPwCMH+0/AIwf7T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABDdub06XRp/n77WjHNl66sLC/WrhwuleuL+epyMV+sLV3OL9RqC5Vyvlirrvf7KrXa5fnjsXx1rlGuN+bqK6tnq7XlS42zF6uFhfLZ8uS2RAUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG1NfWV0sVCrlJQkJCYm1xKhrJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB/h78CAAD//6LRHug=")
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x1ff)
r0 = syz_io_uring_setup(0xd1, &(0x7f0000000480)={0x0, 0x8, 0x1, 0xfffffffd}, &(0x7f0000000040)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, 0x14})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.dequeue\x00', 0x275a, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r3, 0x8004587d, &(0x7f0000000080))
io_uring_enter(r0, 0x47ba, 0x0, 0x0, 0x0, 0x0)

2m55.901026161s ago: executing program 8 (id=7069):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0xf1c38fa000000000}, 0x18)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x808003, &(0x7f0000000000), 0x3, 0x4ed, &(0x7f00000005c0)="$eJzs3d9rW28ZAPDnpM1st8526sUcuBVRtqFL2tVtxYttgujVQJ33XW3TUpo2pUm3tQzp8FoEERW90StvBP8AQfYniDDQ+yGiDNnmhRdq5CQnW79d0nYsafZtPx94+77nR87zvAk5yXvOaU4Ax9Z4RNyOiIGIuBwRo9n8XFZiu1nS9V6+eDSXliTq9bv/TCLJ5rW2lWT1qexhQxHxnW9GfC9JmjN2qG5uLc+Wy6X1bLpYW1krVje3riytzC6WFkurU1OT16dvTF+bnuhaX29+/W8//dFvvnHzD19+8GzmH5e+n+Y7ki3b2Y9uaj4n+cZz0TIYEeu9CNYHA1l/8gdZOel9PgAA7C39jv+piPh8RLz6Rb+zAQAAAHqhfmsk/pNE1AEAAIAjK9e4BjbJFbJrAUYilysUmtfwfiZuRblSrX1pobKxOt+8VnYs8rmFpXJpIrtWeCzySTo92Wi/mb66a3oqIs5ExE9GhxvThblKeb7fBz8AAADgmEjH+SO5Zjut/jXaHP8DAAAAR8xYvxMAAAAAes74HwAAAI6+t8f/480qGTz8ZAAAAIBu+9adO2mpt+5/PX9/c2O5cv/KfKm6XFjZmCvMVdbXCouVymLjN/tW9tteuVJZ+0qsbjws1krVWrG6uTWzUtlYrc007us9UzrQfaIBAACArjpz4clfkojY/upwo6ROZMuM1eFoy73b6kmv8gAO30C/EwD6xgW+cHwZ4wP7DeyHDikPAACgdy5+9vX5/+HYcf7/9DPHBuCoe8fz/8AR4vw/HF+7zv//ql95AIfPGB/Y7zhAx/P/f+x+LgAAQG+MNEqSK2RjgJHI5QqFiNON2wLkk4WlcmkiIj4ZEX8ezX8inZ7sd9IAAAAAAAAAAAAAAAAAAAAAAAAA8DFTrydRBwAAAI60iNzfk4hIYihi9Asju48PnEj+PdqoI+LBL+/+7OFsLSLupbNez6/9vDG/tn61DwcwAAAAgLe0xumN2o38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiyly8ezbXKYcZ9/rWIGGsXfzCGGvVQ5CPi5KskBnc8LomIgS7E334cEWfbxU/StGIsy2J3/FxEDPc5/qkuxIfj7Em6/7nd7v2Xi/FG3f79N5iV9/V8vNP+L/d6/zfQYf93ep9tn8jqc09/V+wY/3HEucH2+59W/OQ997/3vru11WlZ/dcRF9t+/iQfiVWsrawVq5tbV5ZWZhdLi6XVqanJ69M3pq9NTxQXlsql7G/bGD/+3O//t1f/T3aIP9ap/0kzp3q9/TYv7Jr+79OHLz7dbsUk4vkPs3ab1/9sp/jZc//F7HMgXX6x1d5utnc6/9s/nd+r//Md+r/f63+p00Z3ufztH/y12cof8BEAQC9VN7eWZ8vl0vpBG+mg98ArH2Ij7cwHkEYXG+MfRhoax7PR7z0TAADQbW++9Pc7EwAAAAAAAAAAAAAAAAAAADi+Wv//3/ot5178nNjOeEOtRpIcel8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPby/wAAAP//nXrOGw==")
r1 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x2, @perf_config_ext={0x40000000000, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000100), &(0x7f0000000140)=0xc)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0)

2m55.640690375s ago: executing program 8 (id=7077):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff}, 0x6)
setsockopt$bt_hci_HCI_FILTER(r0, 0x0, 0x2, &(0x7f0000000180)={0xfffc, [0x5, 0xffffffff], 0x9}, 0x10)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
setsockopt$bt_hci_HCI_DATA_DIR(r0, 0x0, 0x1, &(0x7f0000000000)=0x9, 0x4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)
recvmmsg(r0, &(0x7f000000b7c0)=[{{0x0, 0x0, 0x0}, 0x9}], 0x1, 0x10000, 0x0)

2m55.612470698s ago: executing program 40 (id=7077):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff}, 0x6)
setsockopt$bt_hci_HCI_FILTER(r0, 0x0, 0x2, &(0x7f0000000180)={0xfffc, [0x5, 0xffffffff], 0x9}, 0x10)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
setsockopt$bt_hci_HCI_DATA_DIR(r0, 0x0, 0x1, &(0x7f0000000000)=0x9, 0x4)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)
recvmmsg(r0, &(0x7f000000b7c0)=[{{0x0, 0x0, 0x0}, 0x9}], 0x1, 0x10000, 0x0)

2.72085384s ago: executing program 5 (id=11743):
socket$rds(0x15, 0x5, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="500000000206050000000000000000000000000005000400000000000900020073797a31000000000500010007000004050005000a00000015000300686173683a69702c706f72742c6e6574000000"], 0x50}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071000000850000000800000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x18)
ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0xc0c0128e, 0x0)

2.586602712s ago: executing program 4 (id=11745):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x3, 0x1d459d, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x183, 0x6}, 0x110cc0, 0x91d, 0xf, 0x0, 0x6, 0x1, 0x8001, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f0000000140)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = syz_io_uring_setup(0x121d, &(0x7f0000000500)={0x0, 0x7d10, 0x80, 0x3, 0x1000034e}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000580)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r3 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x23457})
io_uring_enter(r0, 0x498d, 0x3, 0x20, 0x0, 0x0)

2.381265581s ago: executing program 5 (id=11747):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmmsg$unix(r0, 0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r2}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$SEG6_CMD_SETHMAC(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="871000000000000000000100000008000300000001000500060000000000050005"], 0x30}, 0x1, 0x0, 0x0, 0x94}, 0x8808)

2.268781341s ago: executing program 5 (id=11748):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000007c0)={{r0}, &(0x7f0000000740), &(0x7f0000000780)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x0, 0x22c7, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = syz_clone(0x200000, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000900)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r2, 0x0, 0x20}, 0x18)
ptrace(0x4206, r1)

2.239046304s ago: executing program 4 (id=11750):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xe}, 0x0, 0x10000, 0x100, 0x6, 0x7, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x3000004, 0x3032, 0xffffffffffffffff, 0x0)
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000d40)=@newqdisc={0x3a8, 0x24, 0x3fe3aa0262d8c783, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x8}}, [@qdisc_kind_options=@q_choke={{0xa}, {0x378, 0x2, [@TCA_CHOKE_PARMS={0x14, 0x1, {0x0, 0x0, 0x0, 0x0, 0x2}}, @TCA_CHOKE_PARMS={0x14, 0x1, {0x64, 0x2, 0x3, 0x17, 0xd, 0x8, 0x1}}, @TCA_CHOKE_MAX_P={0x8, 0x3, 0x2}, @TCA_CHOKE_PARMS={0x14}, @TCA_CHOKE_MAX_P={0x8}, @TCA_CHOKE_STAB={0x104, 0x2, "dc542b4e237011fb38ddb228806571a8633206e26df63a43bbc516382325dedd79c1cf0a26379dfaf72cb5ab9ab7efe16f312ee9ab598d1ac0d7903ac69c51f1b6842ebecf00dec5deff737b59f0c1f0b57cc6c2b7b8c5b2c527aafa57222f4bd2355ccab39fa20d4033b6b687491532080101805feb9c6fa8a56a77186efcb394ce1a1cd7f2130835e3bf9e3ac25d0a102a808be13beb51f37da6d10046f131834545ee5013f43e41e91eb18a12c28540ab4106286e0f7568f6a9cd0c0da51df08e42848096b25d455ebec9adfd6e493d8c9725bc2d49bbbae0a5375b359f91d9dad20ed109ffbc52469cffd2cf5df7773f7a4c72ae167485315c326281efc4"}, @TCA_CHOKE_MAX_P={0x8}, @TCA_CHOKE_STAB={0x104, 0x2, "a2a88faa7ec665a571a9ad3d1f9512e3c591df4a4554c6c2e2cc6cb4d9aee4579684743ad4888f1522a47ddaff3d4f9450d288e8559bc4f795aa0d1bc74d926038adb808cba6e90535b2eb8ba3e8ff927207d17a86b10d604e77a459df67e7f0c842d463ca5977b7e2eb55fbb9881d15633717817c735da52a1da7d64bb22e58550d8ee20883e41ec2f119a6a6364d68900c1cce4a3b3225a9ce9e1e00b444e9e7bcd10e1dec202ce7786aa7cf10d4dd6bbcee586d7903a6239ff90b49cd7fddb0c67ddab326cdb2d0fa48a783f691be9ebaa1243b21afd04a372650aa7eb46a2675cc67ae12d3b99c9acb4d9fb7c78081d269b443affd86eededd4867311221"}, @TCA_CHOKE_PARMS={0x14, 0x1, {0x1ffff}}, @TCA_CHOKE_STAB={0x104, 0x2, "554b956aa3fcfbc4a187baf0437163b5d33108db016465f92a93480d2c246d90f03741da6ee916f7c9917dbd81da67d6150151679559af8402b932745d19fbfbd679c133c4714565f91cd05790d990818bac85598b6a844cb2c2d277aaca9a88ee0e6a834ba02b4e549f11fb13e9fe33730c55997f2d3b7e6469210db81587fc522295f49a78f4e08ddfb01172b12a19b303a0c47fa3500cdc3e6725a79dcd3731c37083c3bbe73c43e7e2ea82c72986a1499c677c565ea1cfc874e7e978e4ebe8d338f0b37807d40333ee570133982998623ec809826f1009856a9d9d8e839c65d3ead78c6b3cb8f7beee8e59f19de93d06628a2cdfa4333d96882b96c36cc3"}]}}]}, 0x3a8}}, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
getsockopt$bt_BT_FLUSHABLE(r3, 0x112, 0x8, 0x0, 0x0)
ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f0000000000)={0x8, 0x800})

2.133675354s ago: executing program 4 (id=11752):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x200000a, 0x13, r0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800f9df00000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x1f, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000003c0)='mm_page_alloc\x00', r2, 0x0, 0xffffffffffffffff}, 0x18)
r3 = gettid()
process_vm_writev(r3, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)

2.078379999s ago: executing program 1 (id=11754):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x18)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000180)='kfree\x00', r2}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000700)={{r1}, &(0x7f0000000680), &(0x7f00000006c0)}, 0x20)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f0000001440)=[{{&(0x7f0000000ac0)=@abs={0x1, 0x0, 0x4e21}, 0x6e, 0x0, 0x0, &(0x7f0000000f40)=[@rights={{0x18, 0x1, 0x1, [r3, r3]}}], 0x18, 0x80}}], 0x1, 0x20004000)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0)

1.937606502s ago: executing program 1 (id=11757):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x23, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x18)
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x44004010)
sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000b40)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a7c000000060a010400000000000000000a0000013c000480380001800a0001006d617463680000002800028010000300709c897c82b1095a67232d630800024000000001090001006d61726b000000000900020073797a32000000000900010073797a31"], 0xa4}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)

1.885630417s ago: executing program 4 (id=11758):
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x1, 0x800001, 0x0, 0x0, 0x0)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
r0 = socket$packet(0x11, 0x2, 0x300)
mmap(&(0x7f0000ff0000/0x10000)=nil, 0x10000, 0x2000008, 0x13012, r0, 0x0)
munmap(&(0x7f0000ff9000/0x2000)=nil, 0x2000)
mremap(&(0x7f0000ff8000/0x1000)=nil, 0x1000, 0x2000, 0x0, &(0x7f0000ff8000/0x2000)=nil)

1.881646287s ago: executing program 1 (id=11768):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, 0x0, 0x0)
getitimer(0x1, &(0x7f0000000200))
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x4}, &(0x7f0000000300)=<r2=>0x0, &(0x7f0000000580)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x49, 0x0, 0x0, 0x4, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x40, 0x1})
io_uring_enter(r1, 0x6e2, 0x3900, 0x43, 0x0, 0x0)
clock_nanosleep(0x2, 0x1000000, &(0x7f0000000040)={0x77359400}, 0x0)

1.450614327s ago: executing program 5 (id=11761):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x3, 0x1d459d, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x183, 0x6}, 0x110cc0, 0x91d, 0xf, 0x0, 0x6, 0x1, 0x8001, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f0000000140)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = syz_io_uring_setup(0x121d, &(0x7f0000000500)={0x0, 0x7d10, 0x80, 0x3, 0x1000034e}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000580)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r3 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x23457})
io_uring_enter(r0, 0x498d, 0x3, 0x20, 0x0, 0x0)

1.049193093s ago: executing program 5 (id=11764):
r0 = syz_io_uring_setup(0x5c8, &(0x7f0000000100)={0x0, 0x1, 0x0, 0x4, 0x95}, &(0x7f0000000300)=<r1=>0x0, &(0x7f0000000580)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x18, 0x0, 0x0, 0x4, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x40, 0x1})
io_uring_enter(r0, 0x6e2, 0x3900, 0x1, 0x0, 0xe00)
r3 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r3, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
r4 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x0, 0x2}, 0x10)
sendmsg$tipc(r4, &(0x7f0000000540)={&(0x7f0000000240)=@name={0x1e, 0x2, 0x3, {{}, 0x2}}, 0x10, 0x0}, 0x10)

980.21467ms ago: executing program 1 (id=11766):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000003000000000000000000000095"], &(0x7f00000001c0)='syzkaller\x00'}, 0x90)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'syz_tun\x00'})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x6a, &(0x7f0000000000)={@local, @local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x5c, 0x67, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x48, 0x0, @wg=@cookie={0x3, 0x0, "6d4dfdeb8cf7bbfe143803bec204cd32308cdd8dde0400", "c71cb8adfce542a4bc5a026c208fd0c45787e4aa384e3d26b21ea41cc128364c"}}}}}}, 0x0)

921.124665ms ago: executing program 0 (id=11770):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="4c00000002060101000000000000000000000000050005000a0000000500010007007c4505000400030000000900020073797a310000000011000300686173683a6e65742c6e6574"], 0x4c}, 0x1, 0x0, 0x0, 0x4040000}, 0x0)
sendmsg$IPSET_CMD_TEST(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="640000000906010800000000000000000600000505000100070000003c0007801800148014000240fc0000000000000000000000000000011800018014000240ff01000000000000000000000000000105000300070000000900020073797a31"], 0x64}}, 0x4800)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000007c0)=ANY=[@ANYBLOB="1c0000000306010200000000000000000700000a0500010007"], 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x40814)

882.589959ms ago: executing program 0 (id=11771):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
sendto$inet(r0, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @multicast1}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
sendto$inet(r0, &(0x7f0000000100)='J', 0xfdbe, 0x4004084, 0x0, 0x11000a00)

857.100671ms ago: executing program 0 (id=11773):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xe, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='kmem_cache_free\x00', r0, 0x0, 0x6}, 0x18)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
socketpair$tipc(0x1e, 0x1, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, 0x0)
r1 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r1, &(0x7f00008a5ff0)={0x2, 0x0, @loopback}, 0x10)
recvmmsg(r1, &(0x7f00000003c0)=[{{0x0, 0x0, 0x0}, 0x5800000}], 0x1, 0x60010020, 0x0)
sendto$inet(r1, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x2, 0x0, @loopback}, 0x10)

762.43096ms ago: executing program 0 (id=11774):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='kfree\x00', r0}, 0x18)
r1 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00')
openat$binfmt(0xffffffffffffff9c, r1, 0x42, 0x1ff)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x14, 0x4, 0x4, 0x22}, 0x50)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={<r2=>0xffffffffffffffff})
pipe2$9p(&(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@version_u}]}})
write$P9_RVERSION(r4, &(0x7f0000000000)=ANY=[@ANYBLOB="150000006bffff"], 0x15)

738.590332ms ago: executing program 4 (id=11775):
socket$inet_sctp(0x2, 0x5, 0x84)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, r0, 0x0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000080)='u', 0x1}], 0x1, &(0x7f0000000300)=ANY=[@ANYBLOB="b0f6"], 0xb0}, 0x0, 0x8400, 0x1})
r1 = syz_io_uring_setup(0x81f, &(0x7f0000000480)={0x0, 0xfe15, 0x10, 0x0, 0x30f}, &(0x7f00000000c0)=<r2=>0x0, &(0x7f0000000540)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x30, 0x0, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r1, 0x47bc, 0x0, 0x21, 0x0, 0x0)

662.030599ms ago: executing program 0 (id=11776):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd9b, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000240), &(0x7f0000010000)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_io_uring_setup(0x73d3, 0x0, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="58000000020601080000000000000000000000040900020073797a3100000000050004000000000011000300686173683a6e65742c6e6574000000000c000780080012400000000205000500020000000500010006"], 0x58}}, 0x0)
sync_file_range(0xffffffffffffffff, 0x7, 0x0, 0x7)

647.92266ms ago: executing program 9 (id=11777):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000001480)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b40)={&(0x7f0000000380)='kfree\x00', r0}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
r1 = syz_io_uring_setup(0x10d3, &(0x7f0000000000)={0x0, 0x7f36, 0x0, 0x0, 0x34f}, &(0x7f00000000c0)=<r2=>0x0, &(0x7f0000000080)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000002c0)={0x1, &(0x7f0000000200)=[{0x32, 0x0, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x8})
io_uring_enter(r1, 0x47bc, 0x0, 0x0, 0x0, 0x0)

588.271256ms ago: executing program 4 (id=11778):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socket$nl_audit(0x10, 0x3, 0x9)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r2}, 0x10)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x4}, 0x0, 0x0)

586.988206ms ago: executing program 0 (id=11788):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x42}}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='cdg', 0x3)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window={0x3, 0x7}, @mss={0x2, 0xfff}, @window={0x3, 0x0, 0x401}, @window], 0x20000000000000e4)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)

179.723043ms ago: executing program 5 (id=11779):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, 0x0, 0x0)
getitimer(0x1, &(0x7f0000000200))
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x4}, &(0x7f0000000300)=<r2=>0x0, &(0x7f0000000580)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x49, 0x0, 0x0, 0x4, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x40, 0x1})
io_uring_enter(r1, 0x6e2, 0x3900, 0x43, 0x0, 0x0)
clock_nanosleep(0x2, 0x1000000, &(0x7f0000000040)={0x77359400}, 0x0)

179.255634ms ago: executing program 9 (id=11790):
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000180)={'batadv_slave_0\x00', <r2=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
bind$xdp(r0, &(0x7f0000000100)={0x2c, 0x2, r2}, 0x10)

178.455374ms ago: executing program 1 (id=11780):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff47}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x40, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0x10d, &(0x7f0000000380)={0x0, 0x5885, 0x100, 0x0, 0xffeffc03}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000240)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_RENAMEAT={0x23, 0xc, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000500)='./file0\x00', 0xffffffffffffffff, 0x0, 0x1})
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x20048040)
io_uring_enter(r2, 0x351e, 0x483, 0x0, 0x0, 0x0)

117.730339ms ago: executing program 1 (id=11781):
socket$netlink(0x10, 0x3, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100))
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
ppoll(&(0x7f0000000300)=[{0xffffffffffffffff, 0x4236}], 0x1, 0x0, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000080), 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000300), 0x106, 0x8}}, 0x20)
writev(r0, &(0x7f0000000040)=[{&(0x7f0000000100), 0x86}], 0x2)

116.038899ms ago: executing program 9 (id=11793):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000008850000007600000095"], &(0x7f00000001c0)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xe468}, 0x94)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000340)=@newtaction={0x64, 0x30, 0xffffffffffffffff, 0x0, 0x0, {}, [{0x50, 0x1, [@m_bpf={0x4c, 0x1, 0x0, 0x0, {{0x8}, {0x24, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18, 0x2, {0x1, 0x0, 0x4, 0x0, 0x4}}, @TCA_ACT_BPF_FD={0x8, 0x5, r1}]}, {0xfffffffffffffe45}, {0xc}, {0xc}}}]}]}, 0x64}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000180a0102000000000000000002000003300003802c00038014000100776732000000000000000000000000001400010076657468315f746f5f627269576765000900020073797a30000000000900010073797a30"], 0x84}, 0x1, 0x0, 0x0, 0x40044}, 0x20008000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8923, &(0x7f0000000140)={'wg2\x00', @local})

52.633005ms ago: executing program 9 (id=11782):
r0 = syz_io_uring_setup(0x50a, &(0x7f0000000000)={0x0, 0xc2bf, 0x10, 0x9, 0x3a9}, &(0x7f00000003c0)=<r1=>0x0, &(0x7f0000000540)=<r2=>0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001d00)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000640)='kfree\x00', r4}, 0x18)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f00000002c0)=0x9, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_STATX={0x15, 0xa, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x80, 0x6000})
io_uring_enter(r0, 0x1c39, 0x106a, 0x22, 0x0, 0x0)

29.158187ms ago: executing program 9 (id=11783):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000000000001860000000000000e9ff00000400000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000001800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000700)='mm_lru_insertion\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='mm_lru_insertion\x00', r1, 0x0, 0xa3b}, 0xb)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r3, &(0x7f0000000180), 0x40010)

0s ago: executing program 9 (id=11784):
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000200)=@nat={'nat\x00', 0x19, 0x0, 0xc0, [0x200000000140, 0x0, 0x0, 0x200000000170, 0x2000000001a0], 0x0, 0x0, 0x0}, 0x138)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{}, 0x0, &(0x7f00000001c0)}, 0x20)
r0 = syz_io_uring_setup(0xa4d, &(0x7f0000000480)={0x0, 0x28ad, 0x80, 0x9, 0x200}, &(0x7f0000000680)=<r1=>0x0, &(0x7f0000000440)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2c, 0x0, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_OPENAT2={0x1c, 0x9, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x23456})
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

p=0x7f1d9f90f749 code=0x7ffc0000
[  380.926156][   T29] audit: type=1326 audit(380.763:15185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26270 comm="syz.5.9241" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  381.015136][   T29] audit: type=1326 audit(380.993:15186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26278 comm="syz.5.9246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  381.059693][   T29] audit: type=1326 audit(380.993:15187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26278 comm="syz.5.9246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  381.082914][   T29] audit: type=1326 audit(380.993:15188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26278 comm="syz.5.9246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  381.106119][   T29] audit: type=1326 audit(380.993:15189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26278 comm="syz.5.9246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  381.165546][T26283] netdevsim netdevsim9 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  381.236154][T26283] netdevsim netdevsim9 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  381.315630][T26283] netdevsim netdevsim9 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  381.356499][T26283] netdevsim netdevsim9 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  381.418303][ T3560] netdevsim netdevsim9 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  381.440288][ T3560] netdevsim netdevsim9 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  381.538937][ T3560] netdevsim netdevsim9 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  381.589780][ T3560] netdevsim netdevsim9 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  381.658167][T26325] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  381.896189][T26327] lo speed is unknown, defaulting to 1000
[  382.004552][T26353] loop0: detected capacity change from 0 to 512
[  382.014699][T26353] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  382.042264][T26353] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4215: comm syz.0.9273: Allocating blocks 41-42 which overlap fs metadata
[  382.093840][T26353] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4215: comm syz.0.9273: Allocating blocks 41-42 which overlap fs metadata
[  382.142192][T26353] EXT4-fs error (device loop0): ext4_acquire_dquot:6986: comm syz.0.9273: Failed to acquire dquot type 1
[  382.175031][T26353] EXT4-fs error (device loop0): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  382.236895][T26353] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #12: comm syz.0.9273: corrupted inode contents
[  382.278772][T26353] EXT4-fs error (device loop0): ext4_dirty_inode:6502: inode #12: comm syz.0.9273: mark_inode_dirty error
[  382.324588][T26353] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #12: comm syz.0.9273: corrupted inode contents
[  382.336801][T26353] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #12: comm syz.0.9273: mark_inode_dirty error
[  382.372077][T26353] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #12: comm syz.0.9273: corrupted inode contents
[  382.404175][T26353] EXT4-fs error (device loop0) in ext4_orphan_del:303: Corrupt filesystem
[  382.433572][T26353] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #12: comm syz.0.9273: corrupted inode contents
[  382.456440][T26353] EXT4-fs error (device loop0): ext4_truncate:4635: inode #12: comm syz.0.9273: mark_inode_dirty error
[  382.511682][T26353] EXT4-fs error (device loop0) in ext4_process_orphan:345: Corrupt filesystem
[  382.543903][T26353] EXT4-fs (loop0): 1 truncate cleaned up
[  382.558422][T26353] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  382.629602][T26353] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000.
[  382.665488][T21061] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  382.702358][T26384] netlink: 'syz.0.9285': attribute type 1 has an invalid length.
[  382.712189][   T53] bridge_slave_1: left allmulticast mode
[  382.717945][   T53] bridge_slave_1: left promiscuous mode
[  382.723803][   T53] bridge0: port 2(bridge_slave_1) entered disabled state
[  382.740737][   T53] bridge_slave_0: left allmulticast mode
[  382.746872][   T53] bridge_slave_0: left promiscuous mode
[  382.752661][   T53] bridge0: port 1(bridge_slave_0) entered disabled state
[  382.762324][T26386] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=26386 comm=syz.9.9287
[  382.943012][   T53] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  382.967536][   T53] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  382.995215][   T53] bond0 (unregistering): Released all slaves
[  383.005909][   T53] bond1 (unregistering): Released all slaves
[  383.044886][T26384] bond3: entered promiscuous mode
[  383.059774][T26384] 8021q: adding VLAN 0 to HW filter on device bond3
[  383.100233][T26393] bond3: (slave bridge2): making interface the new active one
[  383.107807][T26393] bridge2: entered promiscuous mode
[  383.136149][T26412] loop5: detected capacity change from 0 to 1024
[  383.158073][T26393] bridge2: left promiscuous mode
[  383.169528][T26412] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  383.183331][T26412] EXT4-fs error (device loop5): ext4_read_inline_dir:1486: inode #12: block 7: comm syz.5.9296: path /743/file1/file0: bad entry in directory: inode out of bounds - offset=24, inode=150994957, rec_len=16, size=80 fake=0
[  383.235799][T26415] vlan0: entered allmulticast mode
[  383.241008][T26415] bridge_slave_0: entered allmulticast mode
[  383.281186][T17648] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  383.365265][   T53] hsr_slave_0: left promiscuous mode
[  383.380352][   T53] hsr_slave_1: left promiscuous mode
[  383.403755][   T53] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  383.411232][   T53] batman_adv: batadv0: Removing interface: batadv_slave_0
[  383.429609][   T53] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  383.437166][   T53] batman_adv: batadv0: Removing interface: batadv_slave_1
[  383.457653][   T53] veth1_macvtap: left promiscuous mode
[  383.463307][   T53] veth0_macvtap: left promiscuous mode
[  383.469071][   T53] veth1_vlan: left promiscuous mode
[  383.578945][   T53] team0 (unregistering): Port device team_slave_1 removed
[  383.590415][   T53] team0 (unregistering): Port device team_slave_0 removed
[  383.860513][T26467] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  383.997938][T26477] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=26477 comm=syz.9.9323
[  384.856116][T26501] blktrace: Concurrent blktraces are not allowed on loop2
[  384.877101][T26503] netlink: 'syz.0.9336': attribute type 33 has an invalid length.
[  384.885025][T26503] netlink: 152 bytes leftover after parsing attributes in process `syz.0.9336'.
[  384.928156][T26497] loop5: detected capacity change from 0 to 512
[  384.928996][T26504] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9336'.
[  385.057869][T26497] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  385.114120][T17648] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  385.154416][T26516] ip6tnl1: entered promiscuous mode
[  385.237504][T26525] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=26525 comm=syz.9.9354
[  385.280242][T26528] IPVS: Unknown mcast interface: macvlan0
[  385.391010][T26537] netlink: 24 bytes leftover after parsing attributes in process `syz.9.9349'.
[  385.582352][T26553] netlink: 68 bytes leftover after parsing attributes in process `syz.9.9356'.
[  385.948345][T26566] loop0: detected capacity change from 0 to 32768
[  386.005515][T26566]  loop0: p1 p2 p3 < p5 p6 >
[  386.023633][T26566] loop0: p2 size 16775168 extends beyond EOD, truncated
[  386.060546][T26566] loop0: p5 start 4294970168 is beyond EOD, truncated
[  386.146583][   T29] kauditd_printk_skb: 83 callbacks suppressed
[  386.146624][   T29] audit: type=1400 audit(386.123:15269): avc:  denied  { map } for  pid=26576 comm="syz.1.9368" path="socket:[95214]" dev="sockfs" ino=95214 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=udp_socket permissive=1
[  386.253024][   T29] audit: type=1326 audit(386.223:15270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26582 comm="syz.0.9367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99265af749 code=0x7ffc0000
[  386.306616][   T29] audit: type=1326 audit(386.223:15271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26582 comm="syz.0.9367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f99265af749 code=0x7ffc0000
[  386.329798][   T29] audit: type=1326 audit(386.233:15272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26582 comm="syz.0.9367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99265af749 code=0x7ffc0000
[  386.353876][   T29] audit: type=1326 audit(386.233:15273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26582 comm="syz.0.9367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99265af749 code=0x7ffc0000
[  386.377137][   T29] audit: type=1326 audit(386.233:15274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26582 comm="syz.0.9367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7f99265af749 code=0x7ffc0000
[  386.401041][   T29] audit: type=1326 audit(386.233:15275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26582 comm="syz.0.9367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99265af749 code=0x7ffc0000
[  386.425047][   T29] audit: type=1326 audit(386.233:15276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26582 comm="syz.0.9367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99265af749 code=0x7ffc0000
[  386.448100][   T29] audit: type=1326 audit(386.233:15277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26582 comm="syz.0.9367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f99265af749 code=0x7ffc0000
[  386.472352][   T29] audit: type=1326 audit(386.233:15278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26582 comm="syz.0.9367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99265af749 code=0x7ffc0000
[  386.500892][T26593] netlink: 24 bytes leftover after parsing attributes in process `syz.1.9374'.
[  386.565482][T26594] xt_hashlimit: max too large, truncated to 1048576
[  386.677125][T26599] netlink: 4 bytes leftover after parsing attributes in process `syz.9.9377'.
[  386.762591][T26621] netlink: 168 bytes leftover after parsing attributes in process `syz.9.9386'.
[  386.836148][T26631] netlink: 8 bytes leftover after parsing attributes in process `syz.5.9391'.
[  387.140568][T26656] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9400'.
[  387.203889][T26659] netlink: 168 bytes leftover after parsing attributes in process `syz.4.9401'.
[  387.722327][T26636] syz.5.9392 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  387.736888][T26636] CPU: 1 UID: 0 PID: 26636 Comm: syz.5.9392 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  387.736931][T26636] Tainted: [W]=WARN
[  387.736940][T26636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  387.736955][T26636] Call Trace:
[  387.737026][T26636]  <TASK>
[  387.737040][T26636]  __dump_stack+0x1d/0x30
[  387.737066][T26636]  dump_stack_lvl+0x95/0xd0
[  387.737137][T26636]  dump_stack+0x15/0x1b
[  387.737160][T26636]  dump_header+0x81/0x240
[  387.737181][T26636]  oom_kill_process+0x295/0x350
[  387.737203][T26636]  out_of_memory+0x97b/0xb80
[  387.737304][T26636]  try_charge_memcg+0x610/0xa10
[  387.737362][T26636]  obj_cgroup_charge_pages+0xa6/0x150
[  387.737402][T26636]  __memcg_kmem_charge_page+0x9f/0x170
[  387.737497][T26636]  __alloc_frozen_pages_noprof+0x18f/0x360
[  387.737546][T26636]  alloc_pages_mpol+0xb3/0x260
[  387.737599][T26636]  alloc_pages_noprof+0x90/0x130
[  387.737672][T26636]  __vmalloc_node_range_noprof+0xa7b/0x1310
[  387.737730][T26636]  __kvmalloc_node_noprof+0x492/0x6b0
[  387.737765][T26636]  ? ip_set_alloc+0x24/0x30
[  387.737835][T26636]  ? ip_set_alloc+0x24/0x30
[  387.737871][T26636]  ? __kmalloc_cache_noprof+0x3e5/0x4c0
[  387.737905][T26636]  ip_set_alloc+0x24/0x30
[  387.737980][T26636]  hash_netiface_create+0x282/0x740
[  387.738023][T26636]  ? __pfx_hash_netiface_create+0x10/0x10
[  387.738108][T26636]  ip_set_create+0x3cc/0x970
[  387.738209][T26636]  ? __nla_parse+0x40/0x60
[  387.738238][T26636]  nfnetlink_rcv_msg+0x4c6/0x590
[  387.738299][T26636]  netlink_rcv_skb+0x123/0x220
[  387.738338][T26636]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  387.738371][T26636]  nfnetlink_rcv+0x167/0x16c0
[  387.738422][T26636]  ? __rcu_read_unlock+0x34/0x70
[  387.738446][T26636]  ? __rcu_read_unlock+0x34/0x70
[  387.738490][T26636]  ? is_bpf_text_address+0x141/0x160
[  387.738511][T26636]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  387.738544][T26636]  ? kernel_text_address+0x94/0xb0
[  387.738567][T26636]  ? __kernel_text_address+0xd/0x40
[  387.738595][T26636]  ? unwind_get_return_address+0x16/0x40
[  387.738616][T26636]  ? perf_callchain_kernel+0x2e9/0x350
[  387.738659][T26636]  ? bcmp+0x2e/0x90
[  387.738682][T26636]  ? should_fail_ex+0x30/0x280
[  387.738705][T26636]  ? selinux_nlmsg_lookup+0x99/0x890
[  387.738806][T26636]  ? __rcu_read_unlock+0x34/0x70
[  387.738830][T26636]  ? __netlink_lookup+0x266/0x2a0
[  387.738871][T26636]  netlink_unicast+0x5c0/0x690
[  387.738908][T26636]  netlink_sendmsg+0x58b/0x6b0
[  387.739019][T26636]  ? __pfx_netlink_sendmsg+0x10/0x10
[  387.739055][T26636]  __sock_sendmsg+0x145/0x180
[  387.739077][T26636]  ____sys_sendmsg+0x31e/0x4a0
[  387.739111][T26636]  ___sys_sendmsg+0x17b/0x1d0
[  387.739158][T26636]  __x64_sys_sendmsg+0xd4/0x160
[  387.739265][T26636]  x64_sys_call+0x17ba/0x3000
[  387.739295][T26636]  do_syscall_64+0xca/0x2b0
[  387.739378][T26636]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  387.739406][T26636] RIP: 0033:0x7f1d9f90f749
[  387.739426][T26636] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  387.739450][T26636] RSP: 002b:00007f1d9e377038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  387.739538][T26636] RAX: ffffffffffffffda RBX: 00007f1d9fb65fa0 RCX: 00007f1d9f90f749
[  387.739616][T26636] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003
[  387.739628][T26636] RBP: 00007f1d9f993f91 R08: 0000000000000000 R09: 0000000000000000
[  387.739642][T26636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  387.739663][T26636] R13: 00007f1d9fb66038 R14: 00007f1d9fb65fa0 R15: 00007ffcb25dcf18
[  387.739689][T26636]  </TASK>
[  387.739698][T26636] memory: usage 307200kB, limit 307200kB, failcnt 414
[  388.099810][T26636] memory+swap: usage 311372kB, limit 9007199254740988kB, failcnt 0
[  388.107859][T26636] kmem: usage 240280kB, limit 9007199254740988kB, failcnt 0
[  388.115246][T26636] Memory cgroup stats for /syz5:
[  388.115889][T26636] cache 68300800
[  388.125133][T26636] rss 184320
[  388.128423][T26636] shmem 68300800
[  388.131993][T26636] mapped_file 3309568
[  388.136050][T26636] dirty 0
[  388.139038][T26636] writeback 0
[  388.142375][T26636] workingset_refault_anon 211
[  388.147142][T26636] workingset_refault_file 0
[  388.151728][T26636] swap 4272128
[  388.155178][T26636] swapcached 24576
[  388.158964][T26636] pgpgin 242802
[  388.162437][T26636] pgpgout 226076
[  388.166172][T26636] pgfault 251386
[  388.169751][T26636] pgmajfault 40
[  388.173236][T26636] inactive_anon 64712704
[  388.177530][T26636] active_anon 3796992
[  388.181719][T26636] inactive_file 0
[  388.185480][T26636] active_file 0
[  388.188962][T26636] unevictable 0
[  388.192480][T26636] hierarchical_memory_limit 314572800
[  388.197935][T26636] hierarchical_memsw_limit 9223372036854771712
[  388.204141][T26636] total_cache 68300800
[  388.208244][T26636] total_rss 184320
[  388.211983][T26636] total_shmem 68300800
[  388.216224][T26636] total_mapped_file 3309568
[  388.220789][T26636] total_dirty 0
[  388.224320][T26636] total_writeback 0
[  388.228178][T26636] total_workingset_refault_anon 211
[  388.233405][T26636] total_workingset_refault_file 0
[  388.238542][T26636] total_swap 4272128
[  388.242464][T26636] total_swapcached 24576
[  388.246782][T26636] total_pgpgin 242802
[  388.250787][T26636] total_pgpgout 226076
[  388.254992][T26636] total_pgfault 251386
[  388.259096][T26636] total_pgmajfault 40
[  388.263104][T26636] total_inactive_anon 64712704
[  388.267954][T26636] total_active_anon 3796992
[  388.272484][T26636] total_inactive_file 0
[  388.276695][T26636] total_active_file 0
[  388.280791][T26636] total_unevictable 0
[  388.284850][T26636] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz5,task_memcg=/syz5,task=syz.5.9392,pid=26632,uid=0
[  388.299875][T26636] Memory cgroup out of memory: Killed process 26632 (syz.5.9392) total-vm:96148kB, anon-rss:1268kB, file-rss:22180kB, shmem-rss:3200kB, UID:0 pgtables:132kB oom_score_adj:1000
[  388.518370][T26720] loop5: detected capacity change from 0 to 512
[  388.536190][T26720] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  388.596708][T26720] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  388.631846][T26720] EXT4-fs error (device loop5): ext4_xattr_block_get:597: inode #15: comm syz.5.9418: corrupted xattr block 32: bad e_name length
[  388.654266][T26720] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop5 ino=15
[  388.667508][T26720] EXT4-fs error (device loop5): ext4_xattr_block_get:597: inode #15: comm syz.5.9418: corrupted xattr block 32: bad e_name length
[  388.682163][T26720] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop5 ino=15
[  388.746812][T17648] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  389.616920][T26887] bridge0: port 1(batadv4) entered blocking state
[  389.623432][T26887] bridge0: port 1(batadv4) entered disabled state
[  389.630119][T26887] batadv4: entered allmulticast mode
[  389.637030][T26887] batadv4: entered promiscuous mode
[  389.722688][T26896] pimreg: entered allmulticast mode
[  389.730490][T26896] pimreg: left allmulticast mode
[  390.050162][T26921] __nla_validate_parse: 1 callbacks suppressed
[  390.050177][T26921] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9461'.
[  390.123664][ T3554] batman_adv: batadv4: No IGMP Querier present - multicast optimizations disabled
[  390.133039][ T3554] batman_adv: batadv4: No MLD Querier present - multicast optimizations disabled
[  390.178936][T26925] loop0: detected capacity change from 0 to 1024
[  390.186956][T26927] netlink: 'syz.9.9463': attribute type 33 has an invalid length.
[  390.194946][T26927] netlink: 152 bytes leftover after parsing attributes in process `syz.9.9463'.
[  390.206087][T26925] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  390.237639][T26927] netlink: 4 bytes leftover after parsing attributes in process `syz.9.9463'.
[  390.270248][T26933] vlan0: entered allmulticast mode
[  390.308605][T26925] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  390.342778][T26925] EXT4-fs error (device loop0): ext4_xattr_inode_iget:441: inode #11: comm syz.0.9473: missing EA_INODE flag
[  390.355198][T26925] EXT4-fs (loop0): Remounting filesystem read-only
[  390.382692][T26939] netlink: 8 bytes leftover after parsing attributes in process `syz.9.9466'.
[  390.413198][T26941] blktrace: Concurrent blktraces are not allowed on loop8
[  390.422695][T26939] netlink: 8 bytes leftover after parsing attributes in process `syz.9.9466'.
[  390.479684][T21061] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  390.491801][T21061] Trying to write to read-only block-device loop0
[  390.875646][T26972] netlink: 28 bytes leftover after parsing attributes in process `syz.5.9483'.
[  391.161284][T26993] xt_hashlimit: max too large, truncated to 1048576
[  391.332162][T27003] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9495'.
[  391.419091][   T29] kauditd_printk_skb: 565 callbacks suppressed
[  391.419108][   T29] audit: type=1326 audit(391.393:15844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27005 comm="syz.1.9496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f175d61f749 code=0x7ffc0000
[  391.481469][   T29] audit: type=1326 audit(391.433:15845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27005 comm="syz.1.9496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f175d61f749 code=0x7ffc0000
[  391.504717][   T29] audit: type=1326 audit(391.433:15846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27005 comm="syz.1.9496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f175d61f749 code=0x7ffc0000
[  391.528085][   T29] audit: type=1326 audit(391.433:15847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27005 comm="syz.1.9496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f175d61f749 code=0x7ffc0000
[  391.551226][   T29] audit: type=1326 audit(391.443:15848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27005 comm="syz.1.9496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f175d61f749 code=0x7ffc0000
[  391.574622][   T29] audit: type=1326 audit(391.443:15849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27005 comm="syz.1.9496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f175d61f783 code=0x7ffc0000
[  391.597529][   T29] audit: type=1326 audit(391.443:15850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27005 comm="syz.1.9496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f175d61e1ff code=0x7ffc0000
[  391.620461][   T29] audit: type=1326 audit(391.443:15851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27005 comm="syz.1.9496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f175d61f7d7 code=0x7ffc0000
[  391.643401][   T29] audit: type=1326 audit(391.443:15852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27005 comm="syz.1.9496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f175d61df90 code=0x7ffc0000
[  391.666523][   T29] audit: type=1326 audit(391.443:15853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27005 comm="syz.1.9496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f175d61e3aa code=0x7ffc0000
[  391.840666][T27030] netlink: 24 bytes leftover after parsing attributes in process `syz.0.9507'.
[  391.858835][T27030] IPVS: Error connecting to the multicast addr
[  392.098625][T27058] syzkaller0: entered promiscuous mode
[  392.104224][T27058] syzkaller0: entered allmulticast mode
[  392.157640][T27073] netlink: 'syz.4.9524': attribute type 33 has an invalid length.
[  392.164880][   T31] failed while handling packet from 1:16384
[  392.165622][T27073] netlink: 152 bytes leftover after parsing attributes in process `syz.4.9524'.
[  392.213419][T27073] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9524'.
[  392.226303][T27079] atomic_op ffff88812d1e5d28 conn xmit_atomic 0000000000000000
[  392.871467][T27143] xt_hashlimit: max too large, truncated to 1048576
[  393.806252][T27199] vlan2: entered allmulticast mode
[  394.229320][T27235] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check.
[  394.838628][T27273] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=27273 comm=syz.4.9616
[  395.347701][T27295] infiniband syz!: set down
[  395.352570][T27295] infiniband syz!: added team_slave_0
[  395.390008][T27295] RDS/IB: syz!: added
[  395.404519][T27295] smc: adding ib device syz! with port count 1
[  395.410913][T27295] smc:    ib device syz! port 1 has no pnetid
[  395.568844][T27312] netlink: 'syz.4.9632': attribute type 83 has an invalid length.
[  395.665906][T27319] __nla_validate_parse: 13 callbacks suppressed
[  395.665925][T27319] netlink: 24 bytes leftover after parsing attributes in process `syz.4.9635'.
[  395.868957][T27333] ref_ctr_offset mismatch. inode: 0x2932 offset: 0x0 ref_ctr_offset(old): 0x24 ref_ctr_offset(new): 0x0
[  396.327606][T27360] IPv6: NLM_F_CREATE should be specified when creating new route
[  396.367000][T27366] delete_channel: no stack
[  396.414177][T27374] netlink: 63503 bytes leftover after parsing attributes in process `syz.5.9661'.
[  396.445130][   T29] kauditd_printk_skb: 678 callbacks suppressed
[  396.445148][   T29] audit: type=1326 audit(396.423:16532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27379 comm="syz.9.9664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  396.476614][   T29] audit: type=1326 audit(396.443:16533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27379 comm="syz.9.9664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  396.499778][   T29] audit: type=1326 audit(396.443:16534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27379 comm="syz.9.9664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  396.522832][   T29] audit: type=1326 audit(396.443:16535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27379 comm="syz.9.9664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  396.546794][   T29] audit: type=1326 audit(396.443:16536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27379 comm="syz.9.9664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  396.569989][   T29] audit: type=1326 audit(396.453:16537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27379 comm="syz.9.9664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  396.594088][   T29] audit: type=1326 audit(396.453:16538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27379 comm="syz.9.9664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  396.617148][   T29] audit: type=1326 audit(396.453:16539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27379 comm="syz.9.9664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f766a07f783 code=0x7ffc0000
[  396.640857][   T29] audit: type=1326 audit(396.463:16540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27379 comm="syz.9.9664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f766a07e1ff code=0x7ffc0000
[  396.664593][   T29] audit: type=1326 audit(396.473:16541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27379 comm="syz.9.9664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f766a07f7d7 code=0x7ffc0000
[  397.081314][T27441] loop5: detected capacity change from 0 to 512
[  397.104936][T27441] EXT4-fs error (device loop5): ext4_get_branch:178: inode #11: block 4294967295: comm syz.5.9691: invalid block
[  397.136756][T27441] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.9691: invalid indirect mapped block 4294967295 (level 1)
[  397.151295][T27441] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.9691: invalid indirect mapped block 4294967295 (level 1)
[  397.166937][T27441] EXT4-fs (loop5): 2 truncates cleaned up
[  397.173294][T27441] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  397.201657][T27441] EXT4-fs (loop5): shut down requested (1)
[  397.211260][T27441] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=15
[  397.250580][T27441] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=15
[  397.293092][T17648] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  397.403292][T27458] netlink: 28 bytes leftover after parsing attributes in process `syz.9.9695'.
[  397.413080][T27458] netlink: 32 bytes leftover after parsing attributes in process `syz.9.9695'.
[  397.422103][T27458] netlink: 28 bytes leftover after parsing attributes in process `syz.9.9695'.
[  397.437004][T27458] netlink: 32 bytes leftover after parsing attributes in process `syz.9.9695'.
[  397.612988][T27484] netlink: 'syz.9.9707': attribute type 29 has an invalid length.
[  397.622476][T27484] netlink: 'syz.9.9707': attribute type 29 has an invalid length.
[  397.631462][T27484] netlink: 500 bytes leftover after parsing attributes in process `syz.9.9707'.
[  397.682231][T27488] netlink: 'syz.9.9709': attribute type 3 has an invalid length.
[  397.690078][T27488] netlink: 'syz.9.9709': attribute type 1 has an invalid length.
[  397.697935][T27488] netlink: 181400 bytes leftover after parsing attributes in process `syz.9.9709'.
[  397.795552][T27496] netlink: 12 bytes leftover after parsing attributes in process `syz.9.9713'.
[  397.913193][T27507] netlink: 'syz.9.9718': attribute type 13 has an invalid length.
[  398.270759][T27544] netlink: 'syz.0.9743': attribute type 3 has an invalid length.
[  398.278640][T27544] netlink: 'syz.0.9743': attribute type 1 has an invalid length.
[  398.286455][T27544] netlink: 181400 bytes leftover after parsing attributes in process `syz.0.9743'.
[  398.360810][T27561] netem: change failed
[  398.391768][T27565] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=27565 comm=syz.0.9742
[  398.782944][T27613] netlink: 'syz.0.9764': attribute type 4 has an invalid length.
[  398.795533][T27613] netlink: 'syz.0.9764': attribute type 4 has an invalid length.
[  399.182241][T27644] batadv_slave_0: Caught tx_queue_len zero misconfig
[  399.275222][T27661] team0: Caught tx_queue_len zero misconfig
[  399.390444][T27672] loop0: detected capacity change from 0 to 512
[  399.432722][T27677] loop5: detected capacity change from 0 to 2048
[  399.456956][T27677] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  399.482684][T27687] loop0: detected capacity change from 0 to 256
[  399.491764][T17648] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  399.810610][T27710] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  399.843706][T27710] SELinux: failed to load policy
[  399.905372][T27719] loop5: detected capacity change from 0 to 1024
[  399.912838][T27719] EXT4-fs (loop5): stripe (4) is not aligned with cluster size (4096), stripe is disabled
[  399.926301][T27719] EXT4-fs error (device loop5): ext4_map_blocks:783: inode #3: block 2: comm syz.5.9808: lblock 2 mapped to illegal pblock 2 (length 1)
[  399.941360][T27719] EXT4-fs error (device loop5): ext4_map_blocks:783: inode #3: block 48: comm syz.5.9808: lblock 0 mapped to illegal pblock 48 (length 1)
[  399.957016][T27719] EXT4-fs error (device loop5): ext4_acquire_dquot:6986: comm syz.5.9808: Failed to acquire dquot type 0
[  399.969196][T27719] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6298: Corrupt filesystem
[  399.979102][T27719] EXT4-fs error (device loop5): ext4_evict_inode:253: inode #11: comm syz.5.9808: mark_inode_dirty error
[  399.991876][T27719] EXT4-fs warning (device loop5): ext4_evict_inode:256: couldn't mark inode dirty (err -117)
[  400.002526][T27719] EXT4-fs (loop5): 1 orphan inode deleted
[  400.010681][T27719] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  400.024140][ T3528] EXT4-fs error (device loop5): ext4_map_blocks:783: inode #3: block 1: comm kworker/u8:13: lblock 1 mapped to illegal pblock 1 (length 1)
[  400.038846][ T3528] EXT4-fs error (device loop5): ext4_release_dquot:7022: comm kworker/u8:13: Failed to release dquot type 0
[  400.057126][T27719] EXT4-fs error (device loop5): __ext4_get_inode_loc:4830: comm syz.5.9808: Invalid inode table block 1 in block_group 0
[  400.071019][T27719] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6298: Corrupt filesystem
[  400.080905][T27719] EXT4-fs error (device loop5): ext4_setattr:5877: inode #2: comm syz.5.9808: mark_inode_dirty error
[  400.121293][T17648] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  400.137919][ T3526] EXT4-fs error (device loop5): ext4_map_blocks:783: inode #3: block 1: comm kworker/u8:11: lblock 1 mapped to illegal pblock 1 (length 1)
[  400.193731][ T3526] EXT4-fs error (device loop5): ext4_release_dquot:7022: comm kworker/u8:11: Failed to release dquot type 0
[  400.214235][T17648] EXT4-fs error (device loop5): __ext4_get_inode_loc:4830: comm syz-executor: Invalid inode table block 1 in block_group 0
[  400.230712][T27737] pimreg: entered allmulticast mode
[  400.243630][T27737] pimreg: left allmulticast mode
[  400.248639][T17648] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6298: Corrupt filesystem
[  400.274085][T17648] EXT4-fs error (device loop5): ext4_quota_off:7270: inode #3: comm syz-executor: mark_inode_dirty error
[  400.374007][T27752] xt_CT: You must specify a L4 protocol and not use inversions on it
[  400.664872][T27785] validate_nla: 1 callbacks suppressed
[  400.664890][T27785] netlink: 'syz.1.9840': attribute type 1 has an invalid length.
[  400.704997][T27785] bond5: entered promiscuous mode
[  400.720444][T27785] 8021q: adding VLAN 0 to HW filter on device bond5
[  400.772873][T27785] 8021q: adding VLAN 0 to HW filter on device bond5
[  400.814455][T27785] bond5: (slave wireguard0): The slave device specified does not support setting the MAC address
[  400.825172][T27785] bond5: (slave wireguard0): Setting fail_over_mac to active for active-backup mode
[  400.871019][T27785] bond5: (slave wireguard0): making interface the new active one
[  400.879671][T27785] wireguard0: entered promiscuous mode
[  400.898213][T27785] bond5: (slave wireguard0): Enslaving as an active interface with an up link
[  400.920320][T27794] bond5: entered allmulticast mode
[  400.925557][T27794] wireguard0: entered allmulticast mode
[  400.932542][T27801] loop0: detected capacity change from 0 to 1024
[  400.948782][T27801] EXT4-fs: Ignoring removed orlov option
[  401.201171][T27819] netlink: 'syz.1.9854': attribute type 4 has an invalid length.
[  401.222995][T27819] netlink: 'syz.1.9854': attribute type 4 has an invalid length.
[  401.237768][T27819] __nla_validate_parse: 16 callbacks suppressed
[  401.237816][T27819] netlink: 24 bytes leftover after parsing attributes in process `syz.1.9854'.
[  401.437325][T27837] netlink: 24 bytes leftover after parsing attributes in process `syz.5.9860'.
[  401.629991][T27856] netlink: 24 bytes leftover after parsing attributes in process `syz.9.9869'.
[  401.644726][T27856] netlink: 24 bytes leftover after parsing attributes in process `syz.9.9869'.
[  401.687631][   T29] kauditd_printk_skb: 642 callbacks suppressed
[  401.687650][   T29] audit: type=1326 audit(401.663:17180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27862 comm="syz.9.9874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  401.691102][T27866] netlink: 'syz.4.9873': attribute type 4 has an invalid length.
[  401.693932][   T29] audit: type=1326 audit(401.663:17181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27862 comm="syz.9.9874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  401.748666][   T29] audit: type=1326 audit(401.733:17182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27862 comm="syz.9.9874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  401.757072][T27866] netlink: 'syz.4.9873': attribute type 4 has an invalid length.
[  401.774104][   T29] audit: type=1326 audit(401.733:17183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27862 comm="syz.9.9874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  401.795197][T27866] netlink: 24 bytes leftover after parsing attributes in process `syz.4.9873'.
[  401.880024][T27868] lo speed is unknown, defaulting to 1000
[  401.895206][T27871] ref_ctr_offset mismatch. inode: 0x1f8f offset: 0x0 ref_ctr_offset(old): 0x24 ref_ctr_offset(new): 0x0
[  401.928236][T27875] netlink: 24 bytes leftover after parsing attributes in process `syz.1.9877'.
[  401.930070][   T29] audit: type=1326 audit(401.733:17184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27862 comm="syz.9.9874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  401.961380][   T29] audit: type=1326 audit(401.793:17185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27862 comm="syz.9.9874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  401.985293][   T29] audit: type=1326 audit(401.793:17186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27862 comm="syz.9.9874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  402.008302][   T29] audit: type=1326 audit(401.793:17187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27862 comm="syz.9.9874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  402.032131][   T29] audit: type=1326 audit(401.793:17188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27862 comm="syz.9.9874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  402.056048][   T29] audit: type=1326 audit(401.803:17189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27862 comm="syz.9.9874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  402.173397][T27882] loop0: detected capacity change from 0 to 2048
[  402.263716][T27899] netlink: 12 bytes leftover after parsing attributes in process `syz.4.9888'.
[  402.321984][T27907] netlink: 4 bytes leftover after parsing attributes in process `syz.9.9891'.
[  402.353789][T27907] netlink: 24 bytes leftover after parsing attributes in process `syz.9.9891'.
[  402.404881][T27907] netlink: 12 bytes leftover after parsing attributes in process `syz.9.9891'.
[  402.457502][T27917] netlink: 'syz.5.9894': attribute type 4 has an invalid length.
[  402.481901][T27917] netlink: 'syz.5.9894': attribute type 4 has an invalid length.
[  402.499198][ T9791] lo speed is unknown, defaulting to 1000
[  402.505763][ T9791] syz2: Port: 1 Link ACTIVE
[  402.550964][ T9791] lo speed is unknown, defaulting to 1000
[  402.556889][ T9791] syz2: Port: 1 Link DOWN
[  402.701826][T27934] sch_fq: defrate 0 ignored.
[  402.771068][T27931] lo speed is unknown, defaulting to 1000
[  402.933697][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  402.996187][T27954] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=27954 comm=syz.1.9910
[  403.140490][T27972] ip6tnl2: entered promiscuous mode
[  403.146799][T27972] ip6tnl2: entered allmulticast mode
[  403.628952][T28024] loop0: detected capacity change from 0 to 1024
[  405.127335][T28059] syz.5.9951 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  405.141607][T28059] CPU: 0 UID: 0 PID: 28059 Comm: syz.5.9951 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  405.141691][T28059] Tainted: [W]=WARN
[  405.141698][T28059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  405.141711][T28059] Call Trace:
[  405.141748][T28059]  <TASK>
[  405.141756][T28059]  __dump_stack+0x1d/0x30
[  405.141800][T28059]  dump_stack_lvl+0x95/0xd0
[  405.141820][T28059]  dump_stack+0x15/0x1b
[  405.141838][T28059]  dump_header+0x81/0x240
[  405.141861][T28059]  oom_kill_process+0x295/0x350
[  405.141881][T28059]  out_of_memory+0x97b/0xb80
[  405.141928][T28059]  try_charge_memcg+0x610/0xa10
[  405.142043][T28059]  obj_cgroup_charge_pages+0xa6/0x150
[  405.142131][T28059]  __memcg_kmem_charge_page+0x9f/0x170
[  405.142158][T28059]  __alloc_frozen_pages_noprof+0x18f/0x360
[  405.142186][T28059]  alloc_pages_mpol+0xb3/0x260
[  405.142212][T28059]  alloc_pages_noprof+0x90/0x130
[  405.142240][T28059]  __vmalloc_node_range_noprof+0xa7b/0x1310
[  405.142275][T28059]  __kvmalloc_node_noprof+0x492/0x6b0
[  405.142297][T28059]  ? ip_set_alloc+0x24/0x30
[  405.142395][T28059]  ? ip_set_alloc+0x24/0x30
[  405.142450][T28059]  ? __kmalloc_cache_noprof+0x3e5/0x4c0
[  405.142472][T28059]  ip_set_alloc+0x24/0x30
[  405.142495][T28059]  hash_netiface_create+0x282/0x740
[  405.142593][T28059]  ? __pfx_hash_netiface_create+0x10/0x10
[  405.142632][T28059]  ip_set_create+0x3cc/0x970
[  405.142744][T28059]  ? __nla_parse+0x40/0x60
[  405.142782][T28059]  nfnetlink_rcv_msg+0x4c6/0x590
[  405.142826][T28059]  netlink_rcv_skb+0x123/0x220
[  405.142890][T28059]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  405.142919][T28059]  nfnetlink_rcv+0x167/0x16c0
[  405.142944][T28059]  ? rb_commit+0x3e9/0x420
[  405.143052][T28059]  ? ring_buffer_unlock_commit+0x324/0x370
[  405.143079][T28059]  ? trace_buffer_unlock_commit_regs+0x114/0x310
[  405.143141][T28059]  ? trace_event_buffer_commit+0x196/0x5c0
[  405.143211][T28059]  ? trace_event_raw_event_bpf_trace_printk+0xe6/0x160
[  405.143249][T28059]  ? should_fail_ex+0x30/0x280
[  405.143269][T28059]  ? selinux_nlmsg_lookup+0x99/0x890
[  405.143291][T28059]  ? __rcu_read_unlock+0x34/0x70
[  405.143308][T28059]  ? __netlink_lookup+0x266/0x2a0
[  405.143343][T28059]  netlink_unicast+0x5c0/0x690
[  405.143368][T28059]  netlink_sendmsg+0x58b/0x6b0
[  405.143477][T28059]  ? __pfx_netlink_sendmsg+0x10/0x10
[  405.143518][T28059]  __sock_sendmsg+0x145/0x180
[  405.143544][T28059]  ____sys_sendmsg+0x31e/0x4a0
[  405.143573][T28059]  ___sys_sendmsg+0x17b/0x1d0
[  405.143614][T28059]  __x64_sys_sendmsg+0xd4/0x160
[  405.143644][T28059]  x64_sys_call+0x17ba/0x3000
[  405.143726][T28059]  do_syscall_64+0xca/0x2b0
[  405.143772][T28059]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  405.143794][T28059] RIP: 0033:0x7f1d9f90f749
[  405.143809][T28059] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  405.143828][T28059] RSP: 002b:00007f1d9e377038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  405.143907][T28059] RAX: ffffffffffffffda RBX: 00007f1d9fb65fa0 RCX: 00007f1d9f90f749
[  405.143922][T28059] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000005
[  405.143940][T28059] RBP: 00007f1d9f993f91 R08: 0000000000000000 R09: 0000000000000000
[  405.143951][T28059] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  405.143961][T28059] R13: 00007f1d9fb66038 R14: 00007f1d9fb65fa0 R15: 00007ffcb25dcf18
[  405.143980][T28059]  </TASK>
[  405.478197][T28059] memory: usage 307200kB, limit 307200kB, failcnt 634
[  405.485033][T28059] memory+swap: usage 311328kB, limit 9007199254740988kB, failcnt 0
[  405.492923][T28059] kmem: usage 239672kB, limit 9007199254740988kB, failcnt 0
[  405.500349][T28059] Memory cgroup stats for /syz5:
[  405.503306][T28059] cache 64991232
[  405.512688][T28059] rss 4083712
[  405.516065][T28059] shmem 64991232
[  405.519635][T28059] mapped_file 0
[  405.523113][T28059] dirty 0
[  405.526064][T28059] writeback 0
[  405.529483][T28059] workingset_refault_anon 228
[  405.534897][T28059] workingset_refault_file 0
[  405.539395][T28059] swap 4227072
[  405.542760][T28059] swapcached 40960
[  405.546619][T28059] pgpgin 262082
[  405.550079][T28059] pgpgout 245208
[  405.553643][T28059] pgfault 277483
[  405.557209][T28059] pgmajfault 53
[  405.560665][T28059] inactive_anon 778240
[  405.565511][T28059] active_anon 64585728
[  405.569642][T28059] inactive_file 3751936
[  405.573840][T28059] active_file 0
[  405.577370][T28059] unevictable 0
[  405.580895][T28059] hierarchical_memory_limit 314572800
[  405.586328][T28059] hierarchical_memsw_limit 9223372036854771712
[  405.592477][T28059] total_cache 64991232
[  405.597190][T28059] total_rss 4083712
[  405.600994][T28059] total_shmem 64991232
[  405.605134][T28059] total_mapped_file 0
[  405.609194][T28059] total_dirty 0
[  405.612714][T28059] total_writeback 0
[  405.616541][T28059] total_workingset_refault_anon 228
[  405.621737][T28059] total_workingset_refault_file 0
[  405.627344][T28059] total_swap 4227072
[  405.631251][T28059] total_swapcached 40960
[  405.635537][T28059] total_pgpgin 262082
[  405.639678][T28059] total_pgpgout 245208
[  405.643765][T28059] total_pgfault 277483
[  405.647830][T28059] total_pgmajfault 53
[  405.651830][T28059] total_inactive_anon 778240
[  405.657027][T28059] total_active_anon 64585728
[  405.661615][T28059] total_inactive_file 3751936
[  405.666347][T28059] total_active_file 0
[  405.670491][T28059] total_unevictable 0
[  405.674537][T28059] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz5,task_memcg=/syz5,task=syz.5.9951,pid=28058,uid=0
[  405.689909][T28059] Memory cgroup out of memory: Killed process 28059 (syz.5.9951) total-vm:96016kB, anon-rss:4976kB, file-rss:22332kB, shmem-rss:0kB, UID:0 pgtables:148kB oom_score_adj:1000
[  405.877924][T28083] netlink: 'syz.5.9959': attribute type 1 has an invalid length.
[  405.936663][T28083] 8021q: adding VLAN 0 to HW filter on device bond7
[  405.979348][T28087] 8021q: adding VLAN 0 to HW filter on device batadv2
[  406.038527][T28087] bond7: (slave batadv2): making interface the new active one
[  406.048281][T28087] bond7: (slave batadv2): Enslaving as an active interface with an up link
[  406.086758][T28092] loop0: detected capacity change from 0 to 1024
[  406.093664][T28092] EXT4-fs: Ignoring removed bh option
[  406.157614][ T9796] hid_parser_main: 2 callbacks suppressed
[  406.157635][ T9796] hid-generic 0000:3000000:0000.0019: unknown main item tag 0x4
[  406.171236][ T9796] hid-generic 0000:3000000:0000.0019: unknown main item tag 0x2
[  406.184474][ T9796] hid-generic 0000:3000000:0000.0019: unknown main item tag 0x0
[  406.192301][ T9796] hid-generic 0000:3000000:0000.0019: unknown main item tag 0x0
[  406.200113][ T9796] hid-generic 0000:3000000:0000.0019: unknown main item tag 0x0
[  406.208728][ T9796] hid-generic 0000:3000000:0000.0019: unknown main item tag 0x0
[  406.216437][ T9796] hid-generic 0000:3000000:0000.0019: unknown main item tag 0x0
[  406.224210][ T9796] hid-generic 0000:3000000:0000.0019: unknown main item tag 0x0
[  406.231918][ T9796] hid-generic 0000:3000000:0000.0019: unknown main item tag 0x0
[  406.240390][ T9796] hid-generic 0000:3000000:0000.0019: unknown main item tag 0x0
[  406.248810][ T9796] hid-generic 0000:3000000:0000.0019: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  406.264410][T28098] pim6reg: entered allmulticast mode
[  406.279887][T28098] pim6reg: left allmulticast mode
[  406.377323][T28118] __nla_validate_parse: 24 callbacks suppressed
[  406.377342][T28118] netlink: 7 bytes leftover after parsing attributes in process `syz.9.9973'.
[  406.435633][T28127] netlink: 131740 bytes leftover after parsing attributes in process `syz.0.9976'.
[  406.452459][T28127] netlink: zone id is out of range
[  406.457734][T28127] netlink: zone id is out of range
[  406.462958][T28127] netlink: zone id is out of range
[  406.469241][T28127] netlink: zone id is out of range
[  406.475126][T28127] netlink: zone id is out of range
[  406.480493][T28129] netlink: 12 bytes leftover after parsing attributes in process `syz.9.9977'.
[  406.491937][T28131] 8021q: adding VLAN 0 to HW filter on device bond10
[  406.491940][T28134] netlink: 'syz.5.9981': attribute type 1 has an invalid length.
[  406.506998][T28127] netlink: del zone limit has 8 unknown bytes
[  406.528135][T28134] 8021q: adding VLAN 0 to HW filter on device bond8
[  406.553307][T28134] vlan2: entered allmulticast mode
[  406.559444][T28134] bond8: entered allmulticast mode
[  406.775484][T28169] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9994'.
[  406.786825][T28169] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9994'.
[  406.834737][T28147] lo speed is unknown, defaulting to 1000
[  407.053886][T28190] netlink: 'syz.9.10013': attribute type 1 has an invalid length.
[  407.140937][T28201] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10008'.
[  407.177702][T28201] netlink: 12 bytes leftover after parsing attributes in process `syz.4.10008'.
[  407.199067][T28201] netlink: 12 bytes leftover after parsing attributes in process `syz.4.10008'.
[  407.349087][   T29] kauditd_printk_skb: 85 callbacks suppressed
[  407.349101][   T29] audit: type=1326 audit(413.321:17275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28221 comm="syz.9.10019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  407.380159][T28223] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10018'.
[  407.409402][T28225] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10020'.
[  407.425867][T28225] syz_tun: entered promiscuous mode
[  407.431513][T28225] syz_tun: refused to change device tx_queue_len
[  407.446315][   T29] audit: type=1326 audit(413.351:17276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28221 comm="syz.9.10019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  407.469581][   T29] audit: type=1326 audit(413.351:17277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28221 comm="syz.9.10019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  407.492866][   T29] audit: type=1326 audit(413.351:17278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28221 comm="syz.9.10019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  407.517033][   T29] audit: type=1326 audit(413.351:17279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28221 comm="syz.9.10019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  407.540430][   T29] audit: type=1326 audit(413.371:17280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28221 comm="syz.9.10019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  407.564330][   T29] audit: type=1326 audit(413.371:17281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28221 comm="syz.9.10019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  407.587642][   T29] audit: type=1326 audit(413.371:17282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28221 comm="syz.9.10019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  407.611508][   T29] audit: type=1326 audit(413.371:17283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28221 comm="syz.9.10019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  407.635489][   T29] audit: type=1326 audit(413.371:17284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28221 comm="syz.9.10019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  407.831825][T28248] ALSA: seq fatal error: cannot create timer (-22)
[  407.875481][T28240] loop5: detected capacity change from 0 to 8192
[  407.924229][T28240]  loop5: p1 < > p2 < > p3 p4 < >
[  407.929306][T28240] loop5: partition table partially beyond EOD, truncated
[  407.967906][T28240] loop5: p1 start 67108864 is beyond EOD, truncated
[  407.989533][T28240] loop5: p3 start 100859904 is beyond EOD, truncated
[  408.165391][T28277] block device autoloading is deprecated and will be removed.
[  408.173039][T28277] FAT-fs (loop3): unable to read boot sector
[  408.369988][T28293] loop0: detected capacity change from 0 to 8192
[  408.380634][T28298] tipc: New replicast peer: 255.255.255.255
[  408.386822][T28298] tipc: Enabled bearer <udp:syz2>, priority 10
[  408.396524][T28298] tipc: Disabling bearer <udp:syz2>
[  408.455157][T28293]  loop0: p1 < > p2 < > p3 p4 < >
[  408.460299][T28293] loop0: partition table partially beyond EOD, truncated
[  408.475773][T28293] loop0: p1 start 67108864 is beyond EOD, truncated
[  408.493265][T28293] loop0: p3 start 100859904 is beyond EOD, truncated
[  408.770495][T28333] Falling back ldisc for ptm0.
[  408.898362][T28352] loop5: detected capacity change from 0 to 1024
[  408.918631][T28352] EXT4-fs: Ignoring removed orlov option
[  408.936522][T28352] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  409.287356][T17648] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  410.069478][T28425] netlink: 'syz.0.10109': attribute type 3 has an invalid length.
[  410.130109][T28430] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=28430 comm=syz.9.10112
[  410.418246][T28463] SELinux: failed to load policy
[  410.449057][T28470] loop5: detected capacity change from 0 to 512
[  410.468439][T28460] loop0: detected capacity change from 0 to 8192
[  410.485341][T28470] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  410.518153][T17648] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  410.742640][T28493] loop0: detected capacity change from 0 to 512
[  410.844176][T28508] netlink: 'syz.5.10143': attribute type 5 has an invalid length.
[  410.875686][T28510] lo: Caught tx_queue_len zero misconfig
[  411.387207][T28560] __nla_validate_parse: 11 callbacks suppressed
[  411.387256][T28560] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10167'.
[  411.421297][T28560] hsr_slave_1 (unregistering): left promiscuous mode
[  411.480620][T28570] netlink: 'syz.0.10172': attribute type 30 has an invalid length.
[  411.549459][T28578] netlink: 256 bytes leftover after parsing attributes in process `syz.5.10176'.
[  411.558703][T28578] netlink: 72 bytes leftover after parsing attributes in process `syz.5.10176'.
[  412.115266][T28627] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10198'.
[  412.126411][T28627] netlink: 32 bytes leftover after parsing attributes in process `syz.4.10198'.
[  412.173322][T28632] IPVS: Error connecting to the multicast addr
[  412.665532][T28656] netlink: 24 bytes leftover after parsing attributes in process `syz.5.10211'.
[  412.691722][T28656] IPVS: Error connecting to the multicast addr
[  412.770719][   T29] kauditd_printk_skb: 462 callbacks suppressed
[  412.770736][   T29] audit: type=1326 audit(418.741:17747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28665 comm="syz.9.10213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  412.806870][   T29] audit: type=1326 audit(418.781:17748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28665 comm="syz.9.10213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  412.830046][   T29] audit: type=1326 audit(418.781:17749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28665 comm="syz.9.10213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  412.853307][   T29] audit: type=1326 audit(418.781:17750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28665 comm="syz.9.10213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  412.876509][   T29] audit: type=1326 audit(418.781:17751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28665 comm="syz.9.10213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  412.899683][   T29] audit: type=1326 audit(418.781:17752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28665 comm="syz.9.10213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  412.922832][   T29] audit: type=1326 audit(418.781:17753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28665 comm="syz.9.10213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  412.946104][   T29] audit: type=1326 audit(418.781:17754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28665 comm="syz.9.10213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  412.978136][   T29] audit: type=1326 audit(418.951:17755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28665 comm="syz.9.10213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  413.001851][   T29] audit: type=1326 audit(418.971:17756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28665 comm="syz.9.10213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  413.043690][T28671] loop5: detected capacity change from 0 to 512
[  413.690604][T28740] netlink: 'syz.4.10246': attribute type 3 has an invalid length.
[  413.698670][T28740] netlink: 'syz.4.10246': attribute type 3 has an invalid length.
[  413.804395][T28753] netlink: 4 bytes leftover after parsing attributes in process `syz.9.10249'.
[  413.830418][T28753] netlink: 12 bytes leftover after parsing attributes in process `syz.9.10249'.
[  413.876787][T28760] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=28760 comm=syz.9.10252
[  414.675922][T28828] loop0: detected capacity change from 0 to 512
[  414.781073][T28834] netlink: 'syz.5.10282': attribute type 1 has an invalid length.
[  414.816556][T28834] bond9: entered promiscuous mode
[  414.843534][T28834] 8021q: adding VLAN 0 to HW filter on device bond9
[  414.887906][T28838] 8021q: adding VLAN 0 to HW filter on device bond9
[  414.999953][T28838] bond9: (slave wireguard0): The slave device specified does not support setting the MAC address
[  415.010593][T28838] bond9: (slave wireguard0): Setting fail_over_mac to active for active-backup mode
[  415.104215][T28838] bond9: (slave wireguard0): making interface the new active one
[  415.112022][T28838] wireguard0: entered promiscuous mode
[  415.169301][T28838] bond9: (slave wireguard0): Enslaving as an active interface with an up link
[  415.179327][T28834] bond9: entered allmulticast mode
[  415.185316][T28834] wireguard0: entered allmulticast mode
[  415.499864][T28860] netlink: 'syz.9.10292': attribute type 30 has an invalid length.
[  415.836379][T28845] lo speed is unknown, defaulting to 1000
[  415.994580][T28866] lo speed is unknown, defaulting to 1000
[  416.738673][T28892] netlink: 'syz.1.10305': attribute type 30 has an invalid length.
[  416.954610][T28902] netlink: 68 bytes leftover after parsing attributes in process `syz.1.10309'.
[  417.248884][T28920] tipc: New replicast peer: 255.255.255.255
[  417.255942][T28920] tipc: Enabled bearer <udp:s>, priority 10
[  417.675089][T28964] sch_fq: defrate 0 ignored.
[  417.688311][T28963] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10339'.
[  417.771627][T28958] lo speed is unknown, defaulting to 1000
[  417.847342][   T29] kauditd_printk_skb: 92 callbacks suppressed
[  417.847361][   T29] audit: type=1326 audit(423.821:17849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28975 comm="syz.5.10344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  417.877438][   T29] audit: type=1326 audit(423.821:17850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28975 comm="syz.5.10344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1d9f90df90 code=0x7ffc0000
[  417.901486][   T29] audit: type=1326 audit(423.821:17851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28975 comm="syz.5.10344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  417.925530][   T29] audit: type=1326 audit(423.821:17852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28975 comm="syz.5.10344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  417.948675][   T29] audit: type=1326 audit(423.821:17853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28975 comm="syz.5.10344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  417.974141][   T29] audit: type=1326 audit(423.831:17854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28975 comm="syz.5.10344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=208 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  418.001994][   T29] audit: type=1326 audit(423.951:17855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28975 comm="syz.5.10344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  418.025976][   T29] audit: type=1326 audit(423.951:17856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28975 comm="syz.5.10344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  418.127162][   T29] audit: type=1326 audit(424.081:17857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28985 comm="syz.1.10347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f175d61f749 code=0x7ffc0000
[  418.150467][   T29] audit: type=1326 audit(424.081:17858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28985 comm="syz.1.10347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f175d61f749 code=0x7ffc0000
[  418.261722][T29001] loop0: detected capacity change from 0 to 128
[  418.423083][T29003] lo speed is unknown, defaulting to 1000
[  418.465470][T29021] veth22: entered promiscuous mode
[  418.470639][T29021] veth22: entered allmulticast mode
[  418.480791][T29023] netlink: 24 bytes leftover after parsing attributes in process `syz.0.10362'.
[  418.584554][T29031] sch_fq: defrate 0 ignored.
[  418.610770][T29030] lo speed is unknown, defaulting to 1000
[  418.721148][T29034] syzkaller0: entered promiscuous mode
[  418.726834][T29034] syzkaller0: entered allmulticast mode
[  418.733869][T29034] PF_CAN: dropped non conform CAN FD skbuff: dev type 280, len 65487
[  418.760956][T29036] netlink: 28 bytes leftover after parsing attributes in process `syz.4.10368'.
[  418.794496][T29038] pimreg: entered allmulticast mode
[  418.801663][T29038] pimreg: left allmulticast mode
[  418.950895][T29052] netlink: 24 bytes leftover after parsing attributes in process `syz.4.10375'.
[  419.056714][T29059] syzkaller0: entered allmulticast mode
[  419.079634][T29059] syzkaller0 (unregistering): left allmulticast mode
[  419.410145][T29083] netlink: 24 bytes leftover after parsing attributes in process `syz.5.10388'.
[  419.701669][T29113] netlink: 'syz.9.10402': attribute type 1 has an invalid length.
[  419.764497][T29113] 8021q: adding VLAN 0 to HW filter on device bond10
[  420.282242][T29133] lo speed is unknown, defaulting to 1000
[  420.914321][T29189] netlink: 'syz.1.10431': attribute type 1 has an invalid length.
[  421.064598][T29207] netlink: 28 bytes leftover after parsing attributes in process `syz.1.10441'.
[  421.073794][T29207] netlink: 28 bytes leftover after parsing attributes in process `syz.1.10441'.
[  421.094640][T29211] netlink: 24 bytes leftover after parsing attributes in process `syz.0.10442'.
[  421.097702][T29207] netlink: 28 bytes leftover after parsing attributes in process `syz.1.10441'.
[  421.127604][T29213] loop5: detected capacity change from 0 to 512
[  421.136426][T29213] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  421.201688][T29213] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  421.372055][T17648] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  421.442192][T29250] loop5: detected capacity change from 0 to 2048
[  421.486462][T29250] Alternate GPT is invalid, using primary GPT.
[  421.492850][T29250]  loop5: p2 p3 p7
[  421.668540][T29268] bond0 (unregistering): Released all slaves
[  421.885717][T29272] lo speed is unknown, defaulting to 1000
[  422.013253][T29289] lo speed is unknown, defaulting to 1000
[  422.776932][T29347] __nla_validate_parse: 7 callbacks suppressed
[  422.776952][T29347] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10495'.
[  422.795444][T29347] hsr_slave_1 (unregistering): left promiscuous mode
[  422.866455][T29351] netlink: 12 bytes leftover after parsing attributes in process `syz.0.10497'.
[  422.876263][T29351] netlink: 12 bytes leftover after parsing attributes in process `syz.0.10497'.
[  423.320412][T29376] netlink: 12 bytes leftover after parsing attributes in process `syz.0.10517'.
[  423.558038][T29406] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10522'.
[  423.597899][T29406] hsr_slave_1 (unregistering): left promiscuous mode
[  423.607058][   T29] kauditd_printk_skb: 167 callbacks suppressed
[  423.607075][   T29] audit: type=1326 audit(429.581:18026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29408 comm="syz.5.10523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  423.670068][   T29] audit: type=1326 audit(429.611:18027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29408 comm="syz.5.10523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  423.693317][   T29] audit: type=1326 audit(429.611:18028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29408 comm="syz.5.10523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  423.717143][   T29] audit: type=1326 audit(429.611:18029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29408 comm="syz.5.10523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  423.740307][   T29] audit: type=1326 audit(429.611:18030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29408 comm="syz.5.10523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  423.764267][   T29] audit: type=1326 audit(429.611:18031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29408 comm="syz.5.10523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  423.787502][   T29] audit: type=1326 audit(429.611:18032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29408 comm="syz.5.10523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  423.811374][   T29] audit: type=1326 audit(429.611:18033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29408 comm="syz.5.10523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  423.835358][   T29] audit: type=1326 audit(429.611:18034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29408 comm="syz.5.10523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  423.858408][   T29] audit: type=1326 audit(429.611:18035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29408 comm="syz.5.10523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  423.920167][T29420] loop0: detected capacity change from 0 to 512
[  423.943409][T29420] EXT4-fs (loop0): write access unavailable, skipping orphan cleanup
[  423.972583][T29420] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  424.028925][T21061] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  424.263670][T29451] netlink: 24 bytes leftover after parsing attributes in process `syz.0.10550'.
[  424.685315][T29485] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=29485 comm=syz.0.10551
[  424.721080][T29489] loop5: detected capacity change from 0 to 512
[  424.742491][T29489] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  424.779272][T29489] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  424.810876][T17648] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  424.937932][T29501] lo speed is unknown, defaulting to 1000
[  425.068150][T29513] netlink: 24 bytes leftover after parsing attributes in process `syz.9.10564'.
[  425.094028][T29515] 9p: Bad value for 'rfdno'
[  425.157018][T29521] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10567'.
[  425.204854][ T3597] netdevsim netdevsim9 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  425.218630][T29521] netlink: 12 bytes leftover after parsing attributes in process `syz.4.10567'.
[  425.238288][ T3597] netdevsim netdevsim9 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  425.269182][ T3597] netdevsim netdevsim9 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  425.290706][ T3597] netdevsim netdevsim9 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  425.310476][T29528] netlink: 68 bytes leftover after parsing attributes in process `syz.9.10569'.
[  425.769792][T29583] loop5: detected capacity change from 0 to 128
[  425.803391][T29583] syz.5.10595: attempt to access beyond end of device
[  425.803391][T29583] loop5: rw=0, sector=121, nr_sectors = 920 limit=128
[  426.013673][T29604] lo speed is unknown, defaulting to 1000
[  426.555889][T29647] loop5: detected capacity change from 0 to 512
[  426.564747][T29647] EXT4-fs (loop5): orphan cleanup on readonly fs
[  426.565249][T29647] EXT4-fs error (device loop5): ext4_orphan_get:1417: comm syz.5.10618: bad orphan inode 13
[  426.565619][T29647] ext4_test_bit(bit=12, block=18) = 1
[  426.587509][T29647] is_bad_inode(inode)=0
[  426.591689][T29647] NEXT_ORPHAN(inode)=2130706432
[  426.596689][T29647] max_ino=32
[  426.599935][T29647] i_nlink=1
[  426.604128][T29647] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  426.653443][T17648] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  427.379225][T29684] loop0: detected capacity change from 0 to 512
[  427.599281][T29711] xt_hashlimit: max too large, truncated to 1048576
[  427.625708][T29717] netlink: 'syz.4.10646': attribute type 13 has an invalid length.
[  427.650534][T29719] IPVS: Error connecting to the multicast addr
[  427.731388][T29731] netlink: 'syz.1.10652': attribute type 30 has an invalid length.
[  427.931287][T29744] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=29744 comm=syz.1.10658
[  427.944791][T29744] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=29744 comm=syz.1.10658
[  428.392775][T29780] veth10: entered promiscuous mode
[  428.398007][T29780] veth10: entered allmulticast mode
[  428.427624][T29783] __nla_validate_parse: 9 callbacks suppressed
[  428.427643][T29783] netlink: 8 bytes leftover after parsing attributes in process `syz.9.10674'.
[  428.451997][T29783] netlink: 4 bytes leftover after parsing attributes in process `syz.9.10674'.
[  428.804476][T29810] netlink: 20 bytes leftover after parsing attributes in process `syz.5.10687'.
[  428.848363][T29812] netlink: 28 bytes leftover after parsing attributes in process `syz.9.10688'.
[  428.857567][T29812] netlink: 28 bytes leftover after parsing attributes in process `syz.9.10688'.
[  428.973700][   T29] kauditd_printk_skb: 180 callbacks suppressed
[  428.973717][   T29] audit: type=1326 audit(434.941:18216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29831 comm="syz.5.10697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  429.003231][   T29] audit: type=1326 audit(434.941:18217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29831 comm="syz.5.10697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  429.026501][   T29] audit: type=1326 audit(434.941:18218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29831 comm="syz.5.10697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  429.049774][   T29] audit: type=1326 audit(434.941:18219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29831 comm="syz.5.10697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  429.073132][   T29] audit: type=1326 audit(434.941:18220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29831 comm="syz.5.10697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  429.096228][   T29] audit: type=1326 audit(434.941:18221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29831 comm="syz.5.10697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  429.121298][   T29] audit: type=1326 audit(434.951:18222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29831 comm="syz.5.10697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  429.144561][   T29] audit: type=1326 audit(434.951:18223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29831 comm="syz.5.10697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  429.168011][   T29] audit: type=1326 audit(434.951:18224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29831 comm="syz.5.10697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  429.191203][   T29] audit: type=1326 audit(434.951:18225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29831 comm="syz.5.10697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  429.236533][T29834] pimreg: entered allmulticast mode
[  429.273590][T29834] pimreg: left allmulticast mode
[  429.334762][T29841] netlink: 96 bytes leftover after parsing attributes in process `syz.1.10701'.
[  430.103997][T29885] netlink: 4 bytes leftover after parsing attributes in process `syz.9.10719'.
[  430.113383][T29885] netlink: 4 bytes leftover after parsing attributes in process `syz.9.10719'.
[  430.477346][ T6273] IPVS: starting estimator thread 0...
[  430.499018][T29916] netlink: 12 bytes leftover after parsing attributes in process `syz.4.10732'.
[  430.593960][T29915] IPVS: using max 2304 ests per chain, 115200 per kthread
[  430.640188][T29925] bridge: RTM_NEWNEIGH with invalid ether address
[  430.676626][T29931] netlink: 96 bytes leftover after parsing attributes in process `syz.5.10739'.
[  431.285698][ T9810] hid_parser_main: 6 callbacks suppressed
[  431.285748][ T9810] hid-generic 0000:3000000:0000.001A: unknown main item tag 0x4
[  431.299311][ T9810] hid-generic 0000:3000000:0000.001A: unknown main item tag 0x2
[  431.308332][ T9810] hid-generic 0000:3000000:0000.001A: unknown main item tag 0x0
[  431.316156][ T9810] hid-generic 0000:3000000:0000.001A: unknown main item tag 0x0
[  431.323921][ T9810] hid-generic 0000:3000000:0000.001A: unknown main item tag 0x0
[  431.331614][ T9810] hid-generic 0000:3000000:0000.001A: unknown main item tag 0x0
[  431.339405][ T9810] hid-generic 0000:3000000:0000.001A: unknown main item tag 0x0
[  431.347119][ T9810] hid-generic 0000:3000000:0000.001A: unknown main item tag 0x0
[  431.354845][ T9810] hid-generic 0000:3000000:0000.001A: unknown main item tag 0x0
[  431.362550][ T9810] hid-generic 0000:3000000:0000.001A: unknown main item tag 0x0
[  431.371042][T29966] netlink: 'syz.4.10753': attribute type 1 has an invalid length.
[  431.371477][ T9810] hid-generic 0000:3000000:0000.001A: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  431.670385][T29997] netlink: 'syz.4.10767': attribute type 30 has an invalid length.
[  432.747537][T30113] lo speed is unknown, defaulting to 1000
[  433.893269][T30187] __nla_validate_parse: 2 callbacks suppressed
[  433.893288][T30187] netlink: 8 bytes leftover after parsing attributes in process `syz.5.10846'.
[  433.913835][T30187] ip6gre3: entered allmulticast mode
[  434.070414][T30198] netlink: 28 bytes leftover after parsing attributes in process `syz.4.10850'.
[  434.407366][T30208] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10853'.
[  434.417263][T30208] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10853'.
[  434.426390][T30208] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10853'.
[  434.435468][T30208] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10853'.
[  434.797228][T30248] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10871'.
[  434.819100][T30248] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10871'.
[  434.897810][   T29] kauditd_printk_skb: 451 callbacks suppressed
[  434.897830][   T29] audit: type=1326 audit(440.871:18677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30263 comm="syz.0.10878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99265af749 code=0x7ffc0000
[  434.975292][T30271] loop0: detected capacity change from 0 to 512
[  434.979401][   T29] audit: type=1326 audit(440.871:18678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30263 comm="syz.0.10878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f99265af749 code=0x7ffc0000
[  435.005512][   T29] audit: type=1326 audit(440.891:18679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30263 comm="syz.0.10878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99265af749 code=0x7ffc0000
[  435.028797][   T29] audit: type=1326 audit(440.891:18680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30263 comm="syz.0.10878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99265af749 code=0x7ffc0000
[  435.052871][   T29] audit: type=1326 audit(440.891:18681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30263 comm="syz.0.10878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f99265af749 code=0x7ffc0000
[  435.076978][   T29] audit: type=1326 audit(440.891:18682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30263 comm="syz.0.10878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99265af749 code=0x7ffc0000
[  435.100156][   T29] audit: type=1326 audit(440.891:18683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30263 comm="syz.0.10878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99265af749 code=0x7ffc0000
[  435.123597][   T29] audit: type=1326 audit(440.891:18684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30263 comm="syz.0.10878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f99265af749 code=0x7ffc0000
[  435.147683][   T29] audit: type=1326 audit(440.891:18685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30263 comm="syz.0.10878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99265af749 code=0x7ffc0000
[  435.171885][   T29] audit: type=1326 audit(440.891:18686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30263 comm="syz.0.10878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f99265af749 code=0x7ffc0000
[  435.396275][T30293] netlink: 28 bytes leftover after parsing attributes in process `syz.9.10888'.
[  435.406318][T30293] netlink: 'syz.9.10888': attribute type 7 has an invalid length.
[  435.414315][T30293] netlink: 'syz.9.10888': attribute type 8 has an invalid length.
[  435.422159][T30293] netlink: 4 bytes leftover after parsing attributes in process `syz.9.10888'.
[  435.730793][T30328] loop0: detected capacity change from 0 to 128
[  435.883125][T30328] rdma_op ffff8881537dc980 conn xmit_rdma 0000000000000000
[  437.582332][T30462] lo speed is unknown, defaulting to 1000
[  437.732970][T30464] lo speed is unknown, defaulting to 1000
[  438.453857][T30535] bridge: RTM_NEWNEIGH with invalid ether address
[  438.467208][T30502] Set syz1 is full, maxelem 65536 reached
[  438.867296][T30552] lo speed is unknown, defaulting to 1000
[  439.003550][T30576] __nla_validate_parse: 2 callbacks suppressed
[  439.003567][T30576] netlink: 24 bytes leftover after parsing attributes in process `syz.1.11004'.
[  439.521092][T30606] netlink: 24 bytes leftover after parsing attributes in process `syz.9.11018'.
[  439.620220][T30612] netlink: 24 bytes leftover after parsing attributes in process `syz.9.11022'.
[  439.636535][T30612] IPVS: Error connecting to the multicast addr
[  439.951090][T30641] xt_hashlimit: max too large, truncated to 1048576
[  440.086733][T30651] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=30651 comm=syz.0.11038
[  440.099609][T30651] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=30651 comm=syz.0.11038
[  440.278606][   T29] kauditd_printk_skb: 206 callbacks suppressed
[  440.278622][   T29] audit: type=1326 audit(446.251:18893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30656 comm="syz.5.11053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  440.315717][T30659] ref_ctr increment failed for inode: 0x1e6b offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff88815b99d7c0
[  440.343491][   T29] audit: type=1326 audit(446.281:18894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30656 comm="syz.5.11053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=264 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  440.366679][   T29] audit: type=1326 audit(446.281:18895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30656 comm="syz.5.11053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  440.389987][   T29] audit: type=1326 audit(446.281:18896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30656 comm="syz.5.11053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  440.413084][   T29] audit: type=1326 audit(446.281:18897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30656 comm="syz.5.11053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=188 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  440.436211][   T29] audit: type=1326 audit(446.281:18898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30656 comm="syz.5.11053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  440.459313][   T29] audit: type=1326 audit(446.281:18899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30656 comm="syz.5.11053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  440.482460][   T29] audit: type=1326 audit(446.281:18900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30656 comm="syz.5.11053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=189 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  440.505525][   T29] audit: type=1326 audit(446.281:18901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30656 comm="syz.5.11053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  440.528601][   T29] audit: type=1326 audit(446.281:18902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30656 comm="syz.5.11053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=192 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  440.554259][T30657] uprobe: syz.1.11041:30657 failed to unregister, leaking uprobe
[  440.562060][T30657] uprobe: syz.1.11041:30657 failed to unregister, leaking uprobe
[  440.637261][T30666] loop0: detected capacity change from 0 to 128
[  440.788740][T30675] veth16: entered promiscuous mode
[  440.788748][T30676] netlink: 28 bytes leftover after parsing attributes in process `syz.0.11061'.
[  440.802970][T30675] veth16: entered allmulticast mode
[  441.039412][T30711] netlink: 7 bytes leftover after parsing attributes in process `syz.0.11065'.
[  441.169332][T30721] rdma_op ffff8881537de980 conn xmit_rdma 0000000000000000
[  441.414085][T30752] netlink: 12 bytes leftover after parsing attributes in process `syz.5.11083'.
[  441.553041][T30766] loop0: detected capacity change from 0 to 128
[  441.565043][T30763] 8021q: adding VLAN 0 to HW filter on device bond10
[  441.610937][T30763] bond10: (slave dummy0): Enslaving as an active interface with an up link
[  441.673250][T30778] bond5: (slave wireguard0): Releasing backup interface
[  441.704409][T30778] wireguard0: left promiscuous mode
[  441.709747][T30778] wireguard0: left allmulticast mode
[  441.966158][T30809] netlink: 4 bytes leftover after parsing attributes in process `syz.4.11110'.
[  441.975760][T30809] netlink: 4 bytes leftover after parsing attributes in process `syz.4.11110'.
[  442.064877][T30817] netlink: 12 bytes leftover after parsing attributes in process `syz.0.11112'.
[  442.441188][T30836] pimreg: entered allmulticast mode
[  442.448981][T30836] pimreg: left allmulticast mode
[  442.562740][T30847] bridge: RTM_NEWNEIGH with invalid ether address
[  442.635052][T30861] netlink: 'syz.1.11133': attribute type 1 has an invalid length.
[  442.763367][T30878] loop0: detected capacity change from 0 to 128
[  442.784166][T30880] macsec0: entered promiscuous mode
[  442.789512][T30880] bridge0: entered promiscuous mode
[  442.795728][T30880] bridge0: port 1(macsec0) entered blocking state
[  442.796968][T30878] msdos: Unknown parameter '0x00000000000000030xffffffffffffffff'
[  442.802253][T30880] bridge0: port 1(macsec0) entered disabled state
[  442.822514][T30880] macsec0: entered allmulticast mode
[  442.827988][T30880] bridge0: entered allmulticast mode
[  442.834846][T30880] macsec0: left allmulticast mode
[  442.839929][T30880] bridge0: left allmulticast mode
[  442.846605][T30880] bridge0: left promiscuous mode
[  442.855240][T30882] netlink: 28 bytes leftover after parsing attributes in process `syz.4.11142'.
[  442.967388][T30894] 8021q: adding VLAN 0 to HW filter on device bond4
[  443.243729][T30921] netlink: 'syz.0.11158': attribute type 30 has an invalid length.
[  443.664588][T30972] $Hÿ (unregistering): Released all slaves
[  444.694490][T31042] __nla_validate_parse: 6 callbacks suppressed
[  444.694575][T31042] netlink: 12 bytes leftover after parsing attributes in process `syz.0.11207'.
[  445.324416][T31075] netlink: 8 bytes leftover after parsing attributes in process `syz.9.11223'.
[  445.372916][T31075] ip6gre1: entered allmulticast mode
[  445.499462][   T29] kauditd_printk_skb: 354 callbacks suppressed
[  445.499481][   T29] audit: type=1326 audit(707.478:19257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31086 comm="syz.9.11228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  445.528883][   T29] audit: type=1326 audit(707.478:19258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31086 comm="syz.9.11228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  445.579797][   T29] audit: type=1326 audit(707.558:19259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31086 comm="syz.9.11228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  445.606697][   T29] audit: type=1326 audit(707.558:19260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31086 comm="syz.9.11228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  445.629919][   T29] audit: type=1326 audit(707.558:19261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31086 comm="syz.9.11228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  445.653106][   T29] audit: type=1326 audit(707.588:19262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31086 comm="syz.9.11228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  445.676242][   T29] audit: type=1326 audit(707.588:19263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31086 comm="syz.9.11228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  445.699567][   T29] audit: type=1326 audit(707.588:19264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31086 comm="syz.9.11228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  445.722679][   T29] audit: type=1326 audit(707.588:19265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31086 comm="syz.9.11228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  445.745847][   T29] audit: type=1326 audit(707.588:19266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31086 comm="syz.9.11228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f766a07f749 code=0x7ffc0000
[  445.961865][T31101] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11234'.
[  445.971825][T31101] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11234'.
[  446.249630][T31116] loop0: detected capacity change from 0 to 1024
[  447.025539][T31151] netlink: 12 bytes leftover after parsing attributes in process `syz.4.11253'.
[  447.656633][T31175] netlink: 4 bytes leftover after parsing attributes in process `syz.4.11263'.
[  448.126908][T31187] netlink: 'syz.1.11268': attribute type 4 has an invalid length.
[  448.134960][T31187] netlink: 152 bytes leftover after parsing attributes in process `syz.1.11268'.
[  448.427139][T31218] netlink: 12 bytes leftover after parsing attributes in process `syz.1.11279'.
[  448.542296][T31226] netlink: 4 bytes leftover after parsing attributes in process `syz.9.11285'.
[  448.746562][T31247] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=31247 comm=syz.4.11294
[  449.011172][T31281] netlink: 'syz.0.11308': attribute type 1 has an invalid length.
[  449.027480][T31281] 8021q: adding VLAN 0 to HW filter on device bond5
[  449.047454][T31281] bond5: (slave veth13): Enslaving as an active interface with a down link
[  449.070293][T31281] 8021q: adding VLAN 0 to HW filter on device batadv3
[  449.084159][T31281] bond5: (slave batadv3): making interface the new active one
[  449.093779][T31281] batadv3: entered promiscuous mode
[  449.099480][T31281] bond5: (slave batadv3): Enslaving as an active interface with an up link
[  449.294011][T31304] lo speed is unknown, defaulting to 1000
[  449.694538][T31327] netlink: 28 bytes leftover after parsing attributes in process `syz.9.11337'.
[  449.703858][T31327] netlink: 28 bytes leftover after parsing attributes in process `syz.9.11337'.
[  449.713905][T31327] netlink: 28 bytes leftover after parsing attributes in process `syz.9.11337'.
[  449.723030][T31327] netlink: 28 bytes leftover after parsing attributes in process `syz.9.11337'.
[  449.772295][T31333] netlink: 'syz.9.11339': attribute type 13 has an invalid length.
[  449.978157][T31354] tipc: Enabling of bearer <eth:syzkaller0> rejected, max 3 bearers permitted
[  450.650818][T31393] ref_ctr increment failed for inode: 0xfa3 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff88815b9986c0
[  450.687837][T31392] uprobe: syz.0.11364:31392 failed to unregister, leaking uprobe
[  450.710709][T31392] uprobe: syz.0.11364:31392 failed to unregister, leaking uprobe
[  450.752514][T31391] lo speed is unknown, defaulting to 1000
[  450.754417][T31402] loop0: detected capacity change from 0 to 512
[  450.765213][T31402] EXT4-fs: Ignoring removed mblk_io_submit option
[  451.313110][T31441] xt_hashlimit: max too large, truncated to 1048576
[  451.320690][T31441] xt_CT: You must specify a L4 protocol and not use inversions on it
[  451.397803][   T29] kauditd_printk_skb: 167 callbacks suppressed
[  451.397894][   T29] audit: type=1326 audit(713.378:19434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31452 comm="syz.5.11381" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1d9f90f749 code=0x0
[  451.479254][T31450] lo speed is unknown, defaulting to 1000
[  451.585419][T31467] netlink: 'syz.0.11384': attribute type 13 has an invalid length.
[  452.127313][   T29] audit: type=1326 audit(714.108:19435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31491 comm="syz.0.11393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99265af749 code=0x7ffc0000
[  452.167923][   T29] audit: type=1326 audit(714.108:19436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31491 comm="syz.0.11393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99265af749 code=0x7ffc0000
[  452.191056][   T29] audit: type=1326 audit(714.108:19437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31491 comm="syz.0.11393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f99265af749 code=0x7ffc0000
[  452.214305][   T29] audit: type=1326 audit(714.108:19438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31491 comm="syz.0.11393" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f99265af749 code=0x0
[  452.875133][   T29] audit: type=1326 audit(714.858:19439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31524 comm="syz.4.11406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f994df6f749 code=0x7ffc0000
[  452.905779][   T29] audit: type=1326 audit(714.878:19440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31524 comm="syz.4.11406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f994df6f749 code=0x7ffc0000
[  452.929117][   T29] audit: type=1326 audit(714.878:19441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31524 comm="syz.4.11406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f994df6f749 code=0x7ffc0000
[  452.952247][   T29] audit: type=1326 audit(714.878:19442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31524 comm="syz.4.11406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f994df6f749 code=0x7ffc0000
[  452.975495][   T29] audit: type=1326 audit(714.878:19443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31524 comm="syz.4.11406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f994df6f749 code=0x7ffc0000
[  453.289581][T31545] lo speed is unknown, defaulting to 1000
[  453.575313][T31565] veth0: entered promiscuous mode
[  453.580540][T31565] veth0: entered allmulticast mode
[  453.987641][T31579] netlink: 'syz.1.11426': attribute type 3 has an invalid length.
[  453.995689][T31579] netlink: 'syz.1.11426': attribute type 1 has an invalid length.
[  454.003599][T31579] netlink: 181400 bytes leftover after parsing attributes in process `syz.1.11426'.
[  454.180528][T31592] netlink: 64 bytes leftover after parsing attributes in process `syz.4.11433'.
[  455.065296][T31639] tipc: New replicast peer: 255.255.255.83
[  455.071220][T31639] tipc: Enabled bearer <udp:£>, priority 10
[  455.548582][T31662] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  455.848598][T31679] uprobe: syz.5.11468:31679 failed to unregister, leaking uprobe
[  456.111172][T31695] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11474'.
[  456.120919][T31695] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11474'.
[  456.203978][ T9796] tipc: Node number set to 2886997007
[  456.739035][T31698] syz.0.11475 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=0
[  456.753134][T31698] CPU: 1 UID: 0 PID: 31698 Comm: syz.0.11475 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  456.753249][T31698] Tainted: [W]=WARN
[  456.753256][T31698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  456.753269][T31698] Call Trace:
[  456.753275][T31698]  <TASK>
[  456.753285][T31698]  __dump_stack+0x1d/0x30
[  456.753318][T31698]  dump_stack_lvl+0x95/0xd0
[  456.753348][T31698]  dump_stack+0x15/0x1b
[  456.753386][T31698]  dump_header+0x81/0x240
[  456.753407][T31698]  oom_kill_process+0x295/0x350
[  456.753467][T31698]  out_of_memory+0x97b/0xb80
[  456.753574][T31698]  try_charge_memcg+0x610/0xa10
[  456.753629][T31698]  obj_cgroup_charge_pages+0xa6/0x150
[  456.753667][T31698]  __memcg_kmem_charge_page+0x9f/0x170
[  456.753768][T31698]  __alloc_frozen_pages_noprof+0x18f/0x360
[  456.753812][T31698]  alloc_pages_mpol+0xb3/0x260
[  456.753849][T31698]  alloc_pages_noprof+0x90/0x130
[  456.753883][T31698]  __vmalloc_node_range_noprof+0xa7b/0x1310
[  456.753959][T31698]  __kvmalloc_node_noprof+0x492/0x6b0
[  456.754045][T31698]  ? ip_set_alloc+0x24/0x30
[  456.754155][T31698]  ? ip_set_alloc+0x24/0x30
[  456.754201][T31698]  ? __kmalloc_cache_noprof+0x3e5/0x4c0
[  456.754231][T31698]  ip_set_alloc+0x24/0x30
[  456.754266][T31698]  hash_netiface_create+0x282/0x740
[  456.754357][T31698]  ? __pfx_hash_netiface_create+0x10/0x10
[  456.754427][T31698]  ip_set_create+0x3cc/0x970
[  456.754480][T31698]  ? __nla_parse+0x40/0x60
[  456.754517][T31698]  nfnetlink_rcv_msg+0x4c6/0x590
[  456.754578][T31698]  netlink_rcv_skb+0x123/0x220
[  456.754675][T31698]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  456.754719][T31698]  nfnetlink_rcv+0x167/0x16c0
[  456.754818][T31698]  ? inat_get_opcode_attribute+0xc/0x20
[  456.754889][T31698]  ? insn_get_opcode+0x7dd/0x890
[  456.754929][T31698]  ? __free_frozen_pages+0x288/0x510
[  456.754967][T31698]  ? insn_get_modrm+0x367/0x390
[  456.755082][T31698]  ? _raw_spin_lock+0x52/0xa0
[  456.755111][T31698]  ? __pte_offset_map_lock+0x1d9/0x240
[  456.755148][T31698]  ? do_sync_core+0x39/0x60
[  456.755178][T31698]  ? smp_call_function_many_cond+0x7f8/0xc40
[  456.755270][T31698]  ? __pfx_do_sync_core+0x10/0x10
[  456.755342][T31698]  ? should_fail_ex+0x30/0x280
[  456.755374][T31698]  ? selinux_nlmsg_lookup+0x99/0x890
[  456.755408][T31698]  ? __rcu_read_unlock+0x34/0x70
[  456.755429][T31698]  ? __netlink_lookup+0x266/0x2a0
[  456.755496][T31698]  netlink_unicast+0x5c0/0x690
[  456.755533][T31698]  netlink_sendmsg+0x58b/0x6b0
[  456.755574][T31698]  ? __pfx_netlink_sendmsg+0x10/0x10
[  456.755640][T31698]  __sock_sendmsg+0x145/0x180
[  456.755660][T31698]  ____sys_sendmsg+0x31e/0x4a0
[  456.755693][T31698]  ___sys_sendmsg+0x17b/0x1d0
[  456.755751][T31698]  __x64_sys_sendmsg+0xd4/0x160
[  456.755831][T31698]  x64_sys_call+0x17ba/0x3000
[  456.755865][T31698]  do_syscall_64+0xca/0x2b0
[  456.755912][T31698]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  456.755941][T31698] RIP: 0033:0x7f99265af749
[  456.756027][T31698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  456.756052][T31698] RSP: 002b:00007f992500f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  456.756078][T31698] RAX: ffffffffffffffda RBX: 00007f9926805fa0 RCX: 00007f99265af749
[  456.756096][T31698] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000006
[  456.756113][T31698] RBP: 00007f9926633f91 R08: 0000000000000000 R09: 0000000000000000
[  456.756131][T31698] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  456.756179][T31698] R13: 00007f9926806038 R14: 00007f9926805fa0 R15: 00007ffcc6f4a9c8
[  456.756206][T31698]  </TASK>
[  457.106688][T31698] memory: usage 307200kB, limit 307200kB, failcnt 462
[  457.113551][T31698] memory+swap: usage 307200kB, limit 9007199254740988kB, failcnt 0
[  457.121464][T31698] kmem: usage 239188kB, limit 9007199254740988kB, failcnt 0
[  457.128833][T31698] Memory cgroup stats for /syz0:
[  457.159693][T31698] cache 69251072
[  457.168422][T31698] rss 389120
[  457.171662][T31698] shmem 69251072
[  457.175357][T31698] mapped_file 0
[  457.178878][T31698] dirty 0
[  457.181881][T31698] writeback 0
[  457.185280][T31698] workingset_refault_anon 1474
[  457.190143][T31698] workingset_refault_file 3645
[  457.194946][T31698] swap 0
[  457.197923][T31698] swapcached 0
[  457.201353][T31698] pgpgin 361704
[  457.204853][T31698] pgpgout 344701
[  457.208417][T31698] pgfault 371759
[  457.212057][T31698] pgmajfault 265
[  457.215663][T31698] inactive_anon 69632000
[  457.220338][T31698] active_anon 8192
[  457.224149][T31698] inactive_file 4096
[  457.228073][T31698] active_file 0
[  457.231632][T31698] unevictable 0
[  457.235209][T31698] hierarchical_memory_limit 314572800
[  457.240623][T31698] hierarchical_memsw_limit 9223372036854771712
[  457.246835][T31698] total_cache 69251072
[  457.250951][T31698] total_rss 389120
[  457.254791][T31698] total_shmem 69251072
[  457.258902][T31698] total_mapped_file 0
[  457.262907][T31698] total_dirty 0
[  457.266600][T31698] total_writeback 0
[  457.270569][T31698] total_workingset_refault_anon 1474
[  457.275907][T31698] total_workingset_refault_file 3645
[  457.281555][T31698] total_swap 0
[  457.285060][T31698] total_swapcached 0
[  457.288974][T31698] total_pgpgin 361704
[  457.292972][T31698] total_pgpgout 344701
[  457.297081][T31698] total_pgfault 371762
[  457.301188][T31698] total_pgmajfault 265
[  457.305369][T31698] total_inactive_anon 69632000
[  457.310157][T31698] total_active_anon 8192
[  457.314439][T31698] total_inactive_file 4096
[  457.318890][T31698] total_active_file 0
[  457.322898][T31698] total_unevictable 0
[  457.327030][T31698] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.8650,pid=24859,uid=0
[  457.341864][T31698] Memory cgroup out of memory: Killed process 24859 (syz.0.8650) total-vm:95884kB, anon-rss:1300kB, file-rss:20388kB, shmem-rss:0kB, UID:0 pgtables:96kB oom_score_adj:1000
[  457.440161][T31713] bond11: entered allmulticast mode
[  457.459185][T21061] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  457.470199][T21061] CPU: 0 UID: 0 PID: 21061 Comm: syz-executor Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  457.470241][T21061] Tainted: [W]=WARN
[  457.470251][T21061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  457.470268][T21061] Call Trace:
[  457.470276][T21061]  <TASK>
[  457.470325][T21061]  __dump_stack+0x1d/0x30
[  457.470406][T21061]  dump_stack_lvl+0x95/0xd0
[  457.470429][T21061]  dump_stack+0x15/0x1b
[  457.470456][T21061]  dump_header+0x81/0x240
[  457.470481][T21061]  oom_kill_process+0x295/0x350
[  457.470533][T21061]  out_of_memory+0x97b/0xb80
[  457.470584][T21061]  try_charge_memcg+0x610/0xa10
[  457.470718][T21061]  charge_memcg+0x51/0xc0
[  457.470800][T21061]  __mem_cgroup_charge+0x28/0xb0
[  457.470880][T21061]  filemap_add_folio+0x111/0x360
[  457.470903][T21061]  __filemap_get_folio_mpol+0x326/0x650
[  457.470930][T21061]  filemap_fault+0x44d/0xb70
[  457.470960][T21061]  __do_fault+0xbc/0x200
[  457.471023][T21061]  handle_mm_fault+0xfab/0x2c60
[  457.471077][T21061]  do_user_addr_fault+0x630/0x1080
[  457.471117][T21061]  exc_page_fault+0x62/0xa0
[  457.471144][T21061]  asm_exc_page_fault+0x26/0x30
[  457.471237][T21061] RIP: 0033:0x7f9926485fd4
[  457.471257][T21061] Code: 85 ed 09 00 00 48 b8 db 34 b6 d7 82 de 1b 43 48 f7 a4 24 98 00 00 00 48 8b 05 c8 f7 ea 00 48 69 8c 24 90 00 00 00 e8 03 00 00 <8b> 78 08 48 8b 44 24 18 48 c1 ea 12 4c 8b 0d d9 f6 ea 00 48 01 d1
[  457.471278][T21061] RSP: 002b:00007ffcc6f4ad50 EFLAGS: 00010206
[  457.471298][T21061] RAX: 0000001b31024000 RBX: 0000000000000728 RCX: 000000000006f928
[  457.471314][T21061] RDX: 00000000066c9de4 RSI: 00007ffcc6f4ade0 RDI: 0000000000000001
[  457.471330][T21061] RBP: 00007ffcc6f4ad8c R08: 000000001881b711 R09: 7fffffffffffffff
[  457.471346][T21061] R10: 3fffffffffffffff R11: 0000000000000202 R12: 0000000000001388
[  457.471411][T21061] R13: 00000000000927c0 R14: 000000000006f612 R15: 00007ffcc6f4ade0
[  457.471432][T21061]  </TASK>
[  457.471439][T21061] memory: usage 307200kB, limit 307200kB, failcnt 625
[  457.627917][T31713] ip6gretap0: entered allmulticast mode
[  457.630428][T21061] memory+swap: usage 307200kB, limit 9007199254740988kB, failcnt 0
[  457.677939][T21061] kmem: usage 239360kB, limit 9007199254740988kB, failcnt 0
[  457.685388][T21061] Memory cgroup stats for /syz0:
[  457.685849][T31713] bond11: (slave ip6gretap0): Enslaving as an active interface with an up link
[  457.700608][T21061] cache 69255168
[  457.704241][T21061] rss 208896
[  457.707481][T21061] shmem 69251072
[  457.711046][T21061] mapped_file 0
[  457.714551][T21061] dirty 0
[  457.717591][T21061] writeback 0
[  457.720889][T21061] workingset_refault_anon 1474
[  457.725713][T21061] workingset_refault_file 3649
[  457.730624][T21061] swap 0
[  457.733530][T21061] swapcached 0
[  457.737061][T21061] pgpgin 361708
[  457.740689][T21061] pgpgout 344748
[  457.744284][T21061] pgfault 371764
[  457.747841][T21061] pgmajfault 268
[  457.751401][T21061] inactive_anon 8192
[  457.755339][T21061] active_anon 69451776
[  457.759426][T21061] inactive_file 0
[  457.763076][T21061] active_file 8192
[  457.766850][T21061] unevictable 0
[  457.770329][T21061] hierarchical_memory_limit 314572800
[  457.775755][T21061] hierarchical_memsw_limit 9223372036854771712
[  457.781929][T21061] total_cache 69255168
[  457.786103][T21061] total_rss 208896
[  457.789840][T21061] total_shmem 69251072
[  457.793947][T21061] total_mapped_file 0
[  457.798096][T21061] total_dirty 0
[  457.801572][T21061] total_writeback 0
[  457.805467][T21061] total_workingset_refault_anon 1474
[  457.810778][T21061] total_workingset_refault_file 3649
[  457.816233][T21061] total_swap 0
[  457.819703][T21061] total_swapcached 0
[  457.823643][T21061] total_pgpgin 361708
[  457.827696][T21061] total_pgpgout 344748
[  457.831777][T21061] total_pgfault 371767
[  457.835886][T21061] total_pgmajfault 268
[  457.840044][T21061] total_inactive_anon 8192
[  457.844494][T21061] total_active_anon 69451776
[  457.849118][T21061] total_inactive_file 0
[  457.853306][T21061] total_active_file 8192
[  457.857598][T21061] total_unevictable 0
[  457.861643][T21061] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.11475,pid=31697,uid=0
[  457.876599][T21061] Memory cgroup out of memory: Killed process 31697 (syz.0.11475) total-vm:93968kB, anon-rss:1268kB, file-rss:22248kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:0
[  458.050542][T31745] netlink: 8 bytes leftover after parsing attributes in process `syz.5.11495'.
[  458.062750][T31745] ip6gre4: entered allmulticast mode
[  458.088147][T31749] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  458.169042][   T29] kauditd_printk_skb: 126 callbacks suppressed
[  458.169060][   T29] audit: type=1326 audit(720.148:19570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31757 comm="syz.0.11498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99265af749 code=0x7ffc0000
[  458.253583][   T29] audit: type=1326 audit(720.178:19571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31757 comm="syz.0.11498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f99265af749 code=0x7ffc0000
[  458.276746][   T29] audit: type=1326 audit(720.178:19572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31757 comm="syz.0.11498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99265af749 code=0x7ffc0000
[  458.299980][   T29] audit: type=1326 audit(720.178:19573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31757 comm="syz.0.11498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f99265af749 code=0x7ffc0000
[  458.323046][   T29] audit: type=1326 audit(720.178:19574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31757 comm="syz.0.11498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99265af749 code=0x7ffc0000
[  458.346180][   T29] audit: type=1326 audit(720.178:19575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31757 comm="syz.0.11498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7f99265af749 code=0x7ffc0000
[  458.369311][   T29] audit: type=1326 audit(720.178:19576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31757 comm="syz.0.11498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99265af749 code=0x7ffc0000
[  458.392470][   T29] audit: type=1326 audit(720.178:19577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31757 comm="syz.0.11498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f99265af749 code=0x7ffc0000
[  458.415675][   T29] audit: type=1326 audit(720.178:19578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31757 comm="syz.0.11498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99265af749 code=0x7ffc0000
[  458.427271][T31756] cgroup: fork rejected by pids controller in /syz5
[  458.481904][T31797] netlink: 'syz.0.11512': attribute type 1 has an invalid length.
[  458.529581][T31797] 8021q: adding VLAN 0 to HW filter on device bond6
[  458.564316][T32541] bond6: (slave veth15): Enslaving as an active interface with a down link
[  458.611942][T31797] bond6 (unregistering): (slave veth15): Releasing active interface
[  458.628708][T31797] bond6 (unregistering): Released all slaves
[  458.777714][   T29] audit: type=1326 audit(720.758:19579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1557 comm="syz.4.11505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f994df6f749 code=0x7ffc0000
[  459.093637][ T3255] uprobe: syz.0.11509:3255 failed to unregister, leaking uprobe
[  459.472610][ T3258] netlink: 'syz.5.11522': attribute type 10 has an invalid length.
[  459.480638][ T3258] netlink: 40 bytes leftover after parsing attributes in process `syz.5.11522'.
[  459.495546][ T3258] dummy0: entered promiscuous mode
[  459.502144][ T3258] bond10: (slave dummy0): Releasing backup interface
[  459.512207][ T3258] bridge0: port 1(dummy0) entered blocking state
[  459.518731][ T3258] bridge0: port 1(dummy0) entered disabled state
[  459.585957][ T3273] netlink: 24 bytes leftover after parsing attributes in process `syz.9.11516'.
[  459.619789][ T3276] netlink: 204 bytes leftover after parsing attributes in process `syz.0.11517'.
[  460.377375][ T3297] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11527'.
[  460.386479][ T3297] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11527'.
[  460.395493][ T3297] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11527'.
[  460.421622][ T3297] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11527'.
[  460.566065][  T167] batadv3: left promiscuous mode
[  462.296675][ T3437] netlink: 'syz.1.11582': attribute type 30 has an invalid length.
[  462.634917][ T3458] netlink: 'syz.9.11590': attribute type 27 has an invalid length.
[  462.644484][ T3458] wg2: left promiscuous mode
[  462.649141][ T3458] wg2: left allmulticast mode
[  462.656593][ T3458] bond2: left promiscuous mode
[  462.663246][ T3458] bond9: left promiscuous mode
[  462.669146][ T3458] veth16: left promiscuous mode
[  462.674130][ T3458] veth16: left allmulticast mode
[  462.703650][ T3458] ip6gre1: left allmulticast mode
[  462.754498][ T3458] 8021q: adding VLAN 0 to HW filter on device bond0
[  462.762972][ T3458] 8021q: adding VLAN 0 to HW filter on device team0
[  462.773718][ T3458] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  463.145478][ T3510] netlink: 'syz.4.11612': attribute type 1 has an invalid length.
[  463.173861][   T29] kauditd_printk_skb: 324 callbacks suppressed
[  463.173881][   T29] audit: type=1326 audit(725.158:19904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3493 comm="syz.0.11606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=219 compat=0 ip=0x7f99265af749 code=0x7ffc0000
[  463.225805][   T29] audit: type=1326 audit(725.188:19905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3493 comm="syz.0.11606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=219 compat=0 ip=0x7f99265af749 code=0x7ffc0000
[  463.249146][   T29] audit: type=1326 audit(725.198:19906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3493 comm="syz.0.11606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=219 compat=0 ip=0x7f99265af749 code=0x7ffc0000
[  463.272548][   T29] audit: type=1326 audit(725.248:19907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3493 comm="syz.0.11606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=219 compat=0 ip=0x7f99265af749 code=0x7ffc0000
[  463.296837][   T29] audit: type=1326 audit(725.278:19908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3493 comm="syz.0.11606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=219 compat=0 ip=0x7f99265af749 code=0x7ffc0000
[  463.320374][   T29] audit: type=1326 audit(725.298:19909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3493 comm="syz.0.11606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=219 compat=0 ip=0x7f99265af749 code=0x7ffc0000
[  463.343621][   T29] audit: type=1326 audit(725.328:19910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3493 comm="syz.0.11606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=219 compat=0 ip=0x7f99265af749 code=0x7ffc0000
[  463.369156][   T29] audit: type=1326 audit(725.348:19911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3514 comm="syz.5.11614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d9f90f749 code=0x7fc00000
[  463.392959][   T29] audit: type=1326 audit(725.348:19912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3514 comm="syz.5.11614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1d9f90f749 code=0x7fc00000
[  463.415989][   T29] audit: type=1326 audit(725.348:19913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3493 comm="syz.0.11606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=219 compat=0 ip=0x7f99265af749 code=0x7ffc0000
[  463.764570][ T3532] __nla_validate_parse: 12 callbacks suppressed
[  463.764662][ T3532] netlink: 12 bytes leftover after parsing attributes in process `syz.9.11618'.
[  464.231304][ T3615] lo: Caught tx_queue_len zero misconfig
[  464.380188][  T175] netdevsim netdevsim6 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  464.390040][  T175] netdevsim netdevsim6 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  464.435783][  T175] netdevsim netdevsim6 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  464.445647][  T175] netdevsim netdevsim6 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  464.475904][  T175] netdevsim netdevsim6 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  464.485796][  T175] netdevsim netdevsim6 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  464.566133][  T175] netdevsim netdevsim6 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  464.575984][  T175] netdevsim netdevsim6 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  464.666932][  T175] erspan0: left allmulticast mode
[  464.672152][  T175] erspan0: left promiscuous mode
[  464.677317][  T175] bridge0: port 3(erspan0) entered disabled state
[  464.689980][  T175] bridge_slave_1: left allmulticast mode
[  464.695751][  T175] bridge_slave_1: left promiscuous mode
[  464.701531][  T175] bridge0: port 2(bridge_slave_1) entered disabled state
[  464.711451][  T175] bridge_slave_0: left promiscuous mode
[  464.717293][  T175] bridge0: port 1(bridge_slave_0) entered disabled state
[  464.726434][  T175] bridge_slave_1: left allmulticast mode
[  464.732108][  T175] bridge_slave_1: left promiscuous mode
[  464.738076][  T175] bridge0: port 2(bridge_slave_1) entered disabled state
[  464.762284][  T175] bridge_slave_0: left allmulticast mode
[  464.768042][  T175] bridge_slave_0: left promiscuous mode
[  464.774022][  T175] bridge0: port 1(bridge_slave_0) entered disabled state
[  465.038324][ T3634] netlink: 8 bytes leftover after parsing attributes in process `syz.5.11633'.
[  465.047404][ T3634] netlink: 8 bytes leftover after parsing attributes in process `syz.5.11633'.
[  465.056459][ T3634] netlink: 8 bytes leftover after parsing attributes in process `syz.5.11633'.
[  465.091486][ T3634] netlink: 8 bytes leftover after parsing attributes in process `syz.5.11633'.
[  465.100597][ T3634] netlink: 8 bytes leftover after parsing attributes in process `syz.5.11633'.
[  465.109694][ T3634] netlink: 8 bytes leftover after parsing attributes in process `syz.5.11633'.
[  465.141076][ T3634] netlink: 8 bytes leftover after parsing attributes in process `syz.5.11633'.
[  465.150322][ T3634] netlink: 8 bytes leftover after parsing attributes in process `syz.5.11633'.
[  465.159329][ T3634] netlink: 8 bytes leftover after parsing attributes in process `syz.5.11633'.
[  465.178190][  T175] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  465.194289][  T175] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  465.205717][  T175] bond0 (unregistering): Released all slaves
[  465.333080][  T175] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  465.349727][  T175] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  465.374626][  T175] bond0 (unregistering): Released all slaves
[  465.389295][ T6273] syz1: Port: 1 Link DOWN
[  465.411341][ T3658] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8192 sclass=netlink_route_socket pid=3658 comm=syz.0.11643
[  465.589209][  T175] hsr_slave_0: left promiscuous mode
[  465.596231][  T175] hsr_slave_1: left promiscuous mode
[  465.603331][  T175] hsr_slave_0: left promiscuous mode
[  465.616639][  T175] veth1_macvtap: left promiscuous mode
[  465.622432][  T175] veth0_macvtap: left promiscuous mode
[  465.629254][  T175] veth1_vlan: left promiscuous mode
[  465.634681][  T175] veth0_vlan: left promiscuous mode
[  465.640648][  T175] veth0_macvtap: left promiscuous mode
[  465.646243][  T175] veth1_vlan: left promiscuous mode
[  465.651652][  T175] veth0_vlan: left promiscuous mode
[  465.754952][  T175] team0 (unregistering): Port device team_slave_1 removed
[  465.765232][  T175] team0 (unregistering): Port device team_slave_0 removed
[  465.780296][  T335] smc: removing ib device syz1
[  465.823229][  T175] team0 (unregistering): Port device team_slave_1 removed
[  465.833759][  T175] team0 (unregistering): Port device team_slave_0 removed
[  466.958053][ T3699] netlink: 'syz.5.11659': attribute type 1 has an invalid length.
[  466.973844][ T3699] bond11: entered promiscuous mode
[  466.979442][ T3699] 8021q: adding VLAN 0 to HW filter on device bond11
[  467.007681][ T3699] bond11: (slave bridge7): making interface the new active one
[  467.015553][ T3699] bridge7: entered promiscuous mode
[  467.024095][ T3699] bond11: (slave bridge7): Enslaving as an active interface with an up link
[  467.126627][ T3708] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  467.158801][ T3709] ref_ctr_offset mismatch. inode: 0x18b1 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x200000000100
[  467.344441][ T3729] lo: Caught tx_queue_len zero misconfig
[  467.435164][ T3743] ref_ctr_offset mismatch. inode: 0x20a4 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x200000000100
[  468.321936][   T29] kauditd_printk_skb: 250 callbacks suppressed
[  468.321952][   T29] audit: type=1326 audit(730.298:20164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3776 comm="syz.5.11693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1d9f9065e7 code=0x7ffc0000
[  468.393262][   T29] audit: type=1326 audit(730.298:20165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3776 comm="syz.5.11693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1d9f8ab829 code=0x7ffc0000
[  468.416389][   T29] audit: type=1326 audit(730.298:20166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3776 comm="syz.5.11693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1d9f9065e7 code=0x7ffc0000
[  468.439343][   T29] audit: type=1326 audit(730.298:20167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3776 comm="syz.5.11693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1d9f8ab829 code=0x7ffc0000
[  468.462279][   T29] audit: type=1326 audit(730.298:20168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3776 comm="syz.5.11693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  468.485394][   T29] audit: type=1326 audit(730.298:20169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3776 comm="syz.5.11693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  468.508519][   T29] audit: type=1326 audit(730.348:20170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3776 comm="syz.5.11693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  468.531541][   T29] audit: type=1326 audit(730.348:20171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3776 comm="syz.5.11693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  468.554620][   T29] audit: type=1326 audit(730.348:20172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3776 comm="syz.5.11693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  468.577618][   T29] audit: type=1326 audit(730.348:20173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3776 comm="syz.5.11693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1d9f90f749 code=0x7ffc0000
[  468.848106][ T3803] ref_ctr_offset mismatch. inode: 0x329a offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x200000000100
[  469.107406][ T3829] tipc: New replicast peer: 255.255.255.83
[  469.113323][ T3829] tipc: Enabled bearer <udp:syz2>, priority 10
[  469.128692][ T3831] __nla_validate_parse: 4 callbacks suppressed
[  469.128710][ T3831] netlink: 64 bytes leftover after parsing attributes in process `syz.1.11716'.
[  469.212158][ T3839] ref_ctr_offset mismatch. inode: 0x267d offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x200000000100
[  469.300272][ T3848] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=3848 comm=syz.4.11723
[  469.723028][ T3878] ref_ctr_offset mismatch. inode: 0x10e3 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x200000000100
[  470.224364][ T3900] netlink: 4 bytes leftover after parsing attributes in process `syz.9.11746'.
[  470.284966][ T3903] netlink: 4 bytes leftover after parsing attributes in process `syz.5.11747'.
[  470.541302][ T3912] lo speed is unknown, defaulting to 1000
[  470.716988][ T3926] netlink: 20 bytes leftover after parsing attributes in process `syz.1.11757'.
[  471.058766][ T3939] netlink: 12 bytes leftover after parsing attributes in process `syz.9.11760'.
[  471.075620][ T3939] 8021q: adding VLAN 0 to HW filter on device bond11
[  471.093370][ T3939] macvlan0: entered promiscuous mode
[  471.098927][ T3939] macvlan0: entered allmulticast mode
[  471.105680][ T3939] bond11: (slave macvlan0): Opening slave failed
[  472.539682][ T3996] netlink: 28 bytes leftover after parsing attributes in process `syz.9.11793'.
[  472.548971][ T3996] netlink: 28 bytes leftover after parsing attributes in process `syz.9.11793'.
[  472.566644][ T3996] ªªªªªª: renamed from wg2
[  472.680695][ T4011] ==================================================================
[  472.688843][ T4011] BUG: KCSAN: data-race in __dentry_kill / fast_dput
[  472.695579][ T4011] 
[  472.697922][ T4011] write to 0xffff88811adb5cd0 of 8 bytes by task 4010 on cpu 0:
[  472.705572][ T4011]  __dentry_kill+0x142/0x4b0
[  472.710215][ T4011]  finish_dput+0x2b/0x200
[  472.714580][ T4011]  dput+0x52/0x60
[  472.718245][ T4011]  step_into_slowpath+0x36b/0x480
[  472.723314][ T4011]  path_lookupat+0x330/0x500
[  472.727942][ T4011]  filename_lookup+0x147/0x340
[  472.732740][ T4011]  filename_getxattr+0x54/0x180
[  472.737657][ T4011]  io_getxattr+0x50/0xe0
[  472.741945][ T4011]  __io_issue_sqe+0xfe/0x2e0
[  472.746586][ T4011]  io_issue_sqe+0x56/0xa80
[  472.751044][ T4011]  io_wq_submit_work+0x3f7/0x5f0
[  472.756023][ T4011]  io_worker_handle_work+0x44e/0x9b0
[  472.761339][ T4011]  io_wq_worker+0x22e/0x860
[  472.765870][ T4011]  ret_from_fork+0x149/0x290
[  472.770498][ T4011]  ret_from_fork_asm+0x1a/0x30
[  472.775303][ T4011] 
[  472.777652][ T4011] read to 0xffff88811adb5cd0 of 8 bytes by task 4011 on cpu 1:
[  472.785216][ T4011]  fast_dput+0x5f/0x2c0
[  472.789408][ T4011]  dput+0x24/0x60
[  472.793073][ T4011]  step_into_slowpath+0x36b/0x480
[  472.798179][ T4011]  path_lookupat+0x330/0x500
[  472.802808][ T4011]  filename_lookup+0x147/0x340
[  472.807610][ T4011]  filename_getxattr+0x54/0x180
[  472.812507][ T4011]  io_getxattr+0x50/0xe0
[  472.816785][ T4011]  __io_issue_sqe+0xfe/0x2e0
[  472.821420][ T4011]  io_issue_sqe+0x56/0xa80
[  472.825870][ T4011]  io_wq_submit_work+0x3f7/0x5f0
[  472.830850][ T4011]  io_worker_handle_work+0x44e/0x9b0
[  472.836164][ T4011]  io_wq_worker+0x22e/0x860
[  472.840728][ T4011]  ret_from_fork+0x149/0x290
[  472.845358][ T4011]  ret_from_fork_asm+0x1a/0x30
[  472.850153][ T4011] 
[  472.852499][ T4011] value changed: 0xffff8882377c9548 -> 0x0000000000000000
[  472.859623][ T4011] 
[  472.861969][ T4011] Reported by Kernel Concurrency Sanitizer on:
[  472.868147][ T4011] CPU: 1 UID: 0 PID: 4011 Comm: iou-wrk-4006 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  472.879641][ T4011] Tainted: [W]=WARN
[  472.883459][ T4011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  472.893545][ T4011] ==================================================================