last executing test programs:

6m4.352528007s ago: executing program 0 (id=88):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
close(0x3)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000000700000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r1}, &(0x7f0000000080), &(0x7f0000000200)=r2}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x14, &(0x7f0000000880)=ANY=[@ANYBLOB="1800000003000000000000000040000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000005000000850000000600000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000003c0)={r3}, 0xc)

6m4.278625401s ago: executing program 0 (id=91):
r0 = socket$tipc(0x1e, 0x5, 0x0)
connect$tipc(r0, &(0x7f0000000080)=@id={0x1e, 0x3, 0x2, {0x4e22}}, 0x10)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41, 0x0, 0x4000000}}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000040)=0x7ff, 0x4)
sendmsg$tipc(r1, &(0x7f0000000240)={&(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x41}}}, 0x10, 0x0}, 0x20001)
close(r1)

6m4.164196927s ago: executing program 0 (id=92):
openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xe8001, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x2c, 0x2}, 0x10)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c0003800800014000000000080002400000000010000380140001007465616d3000000000000000000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c00038014"], 0xfc}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000002300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x4000000}, [@NFT_MSG_DELTABLE={0x14, 0x2, 0xa, 0x9}], {0x14}}, 0x3c}}, 0x0)

6m4.10067401s ago: executing program 0 (id=93):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0xc, &(0x7f0000000440), 0x3, 0x44b, &(0x7f0000001a40)="$eJzs3MtvG8UfAPDv2kn7Sx+/hKo8mhYaKIiIR9KkpfTABQQSB5CQ4FCOIUmrULdBTZBoFUFAqBxRJe6IIxJ/ASe4IOCExBUkjqhShXJp4WS09m5iO44b5+UUfz7SJjO7Y898vTv2zE6cALrWUPojiTgQEb9FRH81W19gqPrrztLC5N9LC5NJlMtv/pVUyt1eWpjMi+aP259neiIKnyZxtEm9c1evXZwolaavZPnR+Uvvjc5dvfbszKWJC9MXpi+Pnz17+tTY82fGn9uSONO4bg9+OHvsyKtv33h98tyNd376Jsnjb4ijhT/aqHKo1cEnyuU2nmr3O1iTTno62BDaUqx20+it9P/+KMbKyeuPVz7paOOAbVUul8sPrH14sQz8hyXR6RYAnZF/0Kfz33zboaHHrnDrxeoEKI37TrZVj/REISvT2zC/3UpDEXFu8Z8v0y3Wfx8CAGDDvkvHP880G/8Vova+0P+zNZSBiLgvIg5FxJmIOBwR90dUyj4YEQ+1WX/jIsnq8U/hZl32jTYruIt0/PdCtrZVP/7LR38xUMxyByvx9ybnZ0rTJ7PXZDh696b5sRZ1fP/yr5+vdax2/Jduaf35WDBrx82evfWPmZqYn9hMzLVufRwx2NMs/mR5JSCJiCMRMbjeJ204qTNPfX2sVdHW8bewBetM5a8inqye/8VoiD+XtF6fHP1flKZPjuZXxWo//3J9zat2U/FvgfT872t6/S/HP5DUrtfOtV/H9d8/W3NOs9Hrf0/yVt2+Dybm56+MRexJXqs2unb/eEO58ZXyafzDJ5r3/0Ox8kocjYj0In44Ih6JiONZ2x+NiMci4kSL+H986fF3Nx7/9krjn2rr/K8k9kTjnuaJ4sUfvq2rdKCd+NPzf7qSGs72rOf9bz3t2tjVDAAAAPeeQkQciKQwspwuFEZGqn/Dfzj2FUqzc/NPn599//JU9TsCA9FbyO909dfcDx3LpvV5frwhfyq7b/xFsa+SH5mcLU11OnjocvvX6P+pP4udbh2w7XxfC7qX/g/dS/+H7qX/Q/dq0v/7OtEOYOc1+/z/aF2PTBr/XRhwj2no/02W/RZ3rC3AzjL/h+6l/0P30v+hK831xd2/JC8hsSoRhV3RjN2WOL47mrH5RKffmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALbGvwEAAP//dtjoWw==")
r0 = creat(&(0x7f0000000380)='./bus\x00', 0x0)
io_setup(0x202, &(0x7f0000000200)=<r1=>0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x139)
ioctl$LOOP_SET_STATUS64(r2, 0x4c04, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x8]})
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0xe7030003, 0x2, 0x1, 0x0, r0, &(0x7f0000000000), 0x100000, 0x80000}])

6m3.68089141s ago: executing program 0 (id=99):
r0 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040), 0x10)
listen(r0, 0x0)
r1 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080), 0x10)
setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000140)={0x1, 0xffffffff}, 0x8)
close(r1)

6m3.361054076s ago: executing program 0 (id=102):
pipe2(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r2, 0x0, r1, 0x0, 0x6, 0x0)
fcntl$setpipe(r1, 0x407, 0xb)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x80, &(0x7f0000000380)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])
sendmsg$NFNL_MSG_CTHELPER_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000010901"], 0x14}}, 0x0)

6m3.360904676s ago: executing program 32 (id=102):
pipe2(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r2, 0x0, r1, 0x0, 0x6, 0x0)
fcntl$setpipe(r1, 0x407, 0xb)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x80, &(0x7f0000000380)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])
sendmsg$NFNL_MSG_CTHELPER_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000010901"], 0x14}}, 0x0)

5m44.043171605s ago: executing program 1 (id=403):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f00000000c0)=@ccm_128={{0x305}, '\x00', "03e08b113c0af5000000000000008000", '\x00', "b08068ebce17ab00"}, 0x28)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000100)=0x1, 0x4)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x5c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36)
connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x4000, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000), 0x4)

5m44.025011396s ago: executing program 1 (id=404):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000240)={r1}, 0xc)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0xfca804a0, 0x0, 0x0, 0x0, 0x0, 0xa00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

5m43.960364179s ago: executing program 1 (id=408):
r0 = socket$kcm(0x2b, 0x1, 0x0)
r1 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xa43d, 0x80, 0x2, 0x3b9}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000000c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0x47f6, 0x0, 0x2, 0x0, 0x0)
sendmsg$inet(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x2, 0x4003, @loopback}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x2000c08d)
shutdown(r0, 0x1)

5m43.797141287s ago: executing program 1 (id=414):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000f80)={[{@grpquota}, {}, {@nombcache}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@noblock_validity}, {@noauto_da_alloc}]}, 0xfe, 0x54c, &(0x7f0000000400)="$eJzs3d9rW1UcAPDvTdv91nUwhvoghT04mUvX1h8TfJiPosOBvs/Q3pXRZBlNOtY6cHtwL77IEEQciH+A7z4O/wH/ioEOhoyiD75EbnrTZWvSZm22Zubzgduec+9Nzz0593t6Tk5CAhhaE9mPQsSrEfFtEnG47dho5Acn1s5bfXh9NtuSaDQ++yuJJN/XOj/Jfx/MM69ExG9fR5wsbCy3tryyUCqX08U8P1mvXJmsLa+culQpzafz6eXpmZkz78xMv//eu32r65vn//nh07sfnfnm+Or3v9w/cjuJs3EoP9Zejx240Z6ZiIn8ORmLs0+cONWHwgZJstsXwLaM5HE+FlkfcDhG8qgH/v++iogGMKQS8Q9DqjUOaM3t+zQPfmE8+HBtArSx/qNrr43Evubc6MBq8tjMKJvvjveh/KyMX/+8czvbon+vQwBs6cbNiDg9Orqx/0vy/m/7TvdwzpNl6P/g+bmbjX/e6jT+KayPf6LD+Odgh9jdjq3jv3C/D8V0lY3/Pug4/l1ftBofyXMvNcd8Y8nFS+U069tejogTMbY3y2+2nnNm9V6j27H28V+2ZeW3xoL5ddwf3fv4Y+ZK9dJO6tzuwc2I1zqOf5P19k86tH/2fJzvsYxj6Z3Xux3buv7PVuPniDc6tv+jFa1k8/XJyeb9MNm6Kzb6+9ax37uVv9v1z9r/wOb1H0/a12trT1/GT/v+Tbsd2+79vyf5vJnek++7VqrXF6ci9iSfbNw//eixrXzr/Kz+J45v3v91uv/3R8QXPdb/1tFbXU8dhPafe6r2f/rEvY+//LFb+b21/9vN1Il8Ty/9X68XuJPnDgAAAAAAAAZNISIORVIorqcLhWJx7f0dR+NAoVyt1U9erC5dnovmZ2XHY6zQWuk+3PZ+iKn8/bCt/PQT+ZmIOBIR343sb+aLs9Xy3G5XHgAAAAAAAAAAAAAAAAAAAAbEwS6f/8/8MbLbVwc8c77yG4bXlvHfj296AgaS//8wvMQ/DC/xD8NL/MPwEv8wvMQ/DC/xD8NL/AMAAAAAAAAAAAAAAAAAAAAAAAAAAEBfnT93Ltsaqw+vz2b5uavLSwvVq6fm0tpCsbI0W5ytLl4pzler8+W0OFutbPX3ytXqlanpWLo2WU9r9cna8sqFSnXpcv3CpUppPr2Qjj2XWgEAAAAAAAAAAAAAAAAAAMCLpba8slAql9NFCYltJUYH4zIk+pzY7Z4JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB75LwAA///MUDi3")
chdir(&(0x7f0000000140)='./file0\x00')
creat(&(0x7f0000000380)='./bus\x00', 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x139)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x1, 0x4, 0x0, 0x0, 0x19, 0xd, "ef359f413bb93852f7d6a4ae5c70f20ff8ee09e737ff0edf1139c2eb4b68c660e677df7019051caafa00afaaf755a314a10400", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a323ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000522100000001", [0x8, 0x100]})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)

5m43.54110473s ago: executing program 1 (id=418):
timer_create(0xb, 0x0, &(0x7f00000000c0)=<r0=>0x0)
r1 = timerfd_create(0x0, 0x0)
timerfd_settime(r1, 0x1, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r2=>0x0, <r3=>0x0})
timer_settime(r0, 0x0, &(0x7f0000000040)={{}, {r2, r3+60000000}}, 0x0)
timerfd_gettime(r1, 0x0)
clock_adjtime(0x0, &(0x7f00000001c0)={0x8b8d, 0xf, 0x3, 0x0, 0x2000000000, 0xfffffffffffffffd, 0xe00, 0xffffffffffffffff, 0x0, 0x6, 0x45, 0x7, 0x0, 0x3cf2a278, 0x0, 0x0, 0x0, 0x4, 0x67})

5m42.789104247s ago: executing program 1 (id=432):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x4, 0x400, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc097, 0x2, @perf_config_ext={0x288}, 0xa216, 0x6, 0x11000, 0x4, 0x9484, 0x2001, 0x400, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x3)
ioctl$AUTOFS_IOC_PROTOVER(r0, 0x80049363, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000003000/0x4000)=nil, 0x4000)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000000)={'syz_tun\x00', &(0x7f0000002fc0)=@ethtool_link_settings={0x4c, 0x33, 0xf7, 0x3, 0x80, 0x7, 0xc2, 0xc, 0x66, 0x4, [0x20040, 0x9, 0x10, 0x40, 0x6, 0x8, 0xfffffeff, 0x2174]}})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3)

5m42.788959427s ago: executing program 33 (id=432):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x4, 0x400, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc097, 0x2, @perf_config_ext={0x288}, 0xa216, 0x6, 0x11000, 0x4, 0x9484, 0x2001, 0x400, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x3)
ioctl$AUTOFS_IOC_PROTOVER(r0, 0x80049363, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000003000/0x4000)=nil, 0x4000)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000000)={'syz_tun\x00', &(0x7f0000002fc0)=@ethtool_link_settings={0x4c, 0x33, 0xf7, 0x3, 0x80, 0x7, 0xc2, 0xc, 0x66, 0x4, [0x20040, 0x9, 0x10, 0x40, 0x6, 0x8, 0xfffffeff, 0x2174]}})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3)

3.468862839s ago: executing program 4 (id=5647):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
io_uring_enter(0xffffffffffffffff, 0xcf, 0xbfad, 0x15, &(0x7f00000001c0)={[0x7]}, 0x8)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f00000000c0)={'team0\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'bridge0\x00', <r5=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=@setlink={0x28, 0x13, 0x1, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r5, 0x1020, 0x409}, [@IFLA_MASTER={0x8, 0xa, r3}]}, 0x28}, 0x1, 0x0, 0x0, 0x24004000}, 0x8804)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14080, 0x42510}, [@IFLA_OPERSTATE={0x5, 0x10, 0x5}, @IFLA_GROUP={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000040}, 0x0)

3.290825918s ago: executing program 4 (id=5652):
syz_open_dev$tty1(0xc, 0x4, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x9}, 0x0, 0x400000, 0x0, 0x0, 0x5, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x4, &(0x7f00000002c0)={[{@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x7f}}]}, 0x1, 0x4c0, &(0x7f0000000f00)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7WimlTpS56HmqVGTmdnMaoZFJUQlNiCVkLghxImj2ClN1EUCuy5YIBBIiAV7/gI2dEWFhFjDHrFARVCCBEhIRvfabhM3DhakMc39/aTbnPuwv3NifafnHt+bG0BmnU3+yUUMRsRHEXG0vrr9gLP1H5t3b0wnSy5qtctf5tLjkvXmoc3XHYmI9Yjoi4gn/hfxbO7BuJXVtfmpUqm43Fgfri4sDVdW1y7MLUzNFmeLi6MTFycnJ0bGxyb3rK03X37+5qV3H+t959uX7tx+5f33kmoNNvZtbcdeqje9J45v2XYoIv7zMIJ1QaHRnv5uV4SfJfn8fhcR59L8PxqF9NMEsqBWq9V+qB1ut3u9BhxY+XQMnMsPRUS9nM8PDdXH8L+PgXypXKn+42p5ZXGmPlY+Fj35q3Ol4kjjXOFY9OSS9dG0fH99rGV9PCIdA79a6E/Xh6bLpZn97eqAFkda8v+bQj3/gYxwyg/ZJf8hu+Q/ZJf8h+yS/5Bd8h+yS/5Ddsl/yC75D9lV6HYFgK7x/z9k0uOXLiVLrXn/+8y11ZX58rULM8XK/NDCyvTQdHl5aWi2XJ5N79lZ+Kn3K5XLS6P/jJXrw9VipTpcWV27slBeWaxeSe/rv1Ls2ZdWAZ04fubWJ7mIWP9Xf7okehv75CocbLVaLrp9DzLQHab+ILtM/UF2OccHWv9Eb+u4oK/dC5fuzxcCj5Z8tysAdM35U77/g6wy/w/ZZf4fsssYH9jhEX3b7Db/DzyazP9Ddg22ef7Xb7Y8u2skIn4bER8Xeg43n/UFHAT5z3ON8f/5o38ZbN3bm/su/YqgNyJeePPy69enqtXl0WT7V/e2V99obB/b8sK2JwxAtzTztJnHAEB2bd69Md1c9jPuF/+tX4TwYPxDjbnJvvQ7yoHN3LZrFXJ7dO3C+kZEnNwpfq7xvPP6iczAZuGB+CcaP3P1t0jreyh9bvr+xD+1Jf6ft8Q//Yt/K5ANt5L+Z2Sn/MunOR338m97/zO4R9dOtO//8vf6v0Kb/u9MhzGee+vFz9rG34g4vWP8Zry+NFZr/KRu5zuMf+fpJ//Qbl/t7fr77BS/KSkNVxeWhiuraxfmFjZmi7PFxdGJi5OTEyPjY5PDV+dKxT8daR//3yc/vL1b+wca8Xui8/Yn2/7WYfu//+MHT53dJf5fz+38+Z/YJX5/RPy9w/hfj336TLt9SfyZNr///C7xk23jHcavvPb/wx0eCgDsg8rq2vxUqVRcVlBQ6Eph49dRjZZCt3sm4GGrrCan5knSd7smAAAAAAAAAAAAQKf243LibrcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAg+DEAAP//KbnRCQ==")
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000100)='./file1\x00', 0x2800050, &(0x7f0000003240)=ANY=[], 0x6, 0x342, &(0x7f0000000680)="$eJzs3E1rK1UYwPEnk5cmKW2yEEVBetCNboY2uhaDtCAGLG0jtoIwbScaMiYlE1oixbYrt+LeleCidNldQf0C3bjTjRt33Qgu7ELvXOatnby1aW5K7m3/Pyhzcs55kjNzTsozQ2YuPv3uq1rF1itGS7S0kpiIyKVIXjQJxYKt5pVTEnUoiaD0UbFUWlxRaqm49k5BKTU79/PefiZoPJuS8/znF38X/jp/+fzViydrX1ZtVbVVvdFShtps/NkyNi1TbVftmq7UsmUatqmqddts+u0Nv71iNXZ22sqob89kd5qmbSuj3lY1s61aDdVqtpXxhVGtK13X1UxWcJvy8cqKURwxeGvMg8E9aTaLRlxEMj0t5eOJDAgAAExUd/6vuSn9nfL/t6f/+f311fUNmfXyf7ezn/8nZW//5I1fW9OfnM4G+f9Zql/+/+4f/nt15P9pERkl//9B7pD/92ZEj0v5ODnpIeBZzaV6qmIdr9z8Pxt8fz1Hn53MewXyfwAAAAAAAAAAAAAAAAAAAAAAXgSXjpNzHCcXbsO/61sIgtd4kAbN/5SIpN3Zd5j/h2x1fUPS3o177hxb3+6Wd8v+1m393/GJKfOSk/+89RDWieOEdx4pV15+sQ6C+IPdctxrKVakKpaYsiA5yXfHO87Sh6XFBeUL4q9uU8pG4wuSk5f6xxc644PPT8lbb0bidcnJb1vSEEu2vXV9Hf/NglIffFzqis94/QAAAAAAeAh0daXv+buuD2r3nzJSrHiXiQZcH/DPr+f7np8ncq8lJr33AAAAAAA8Dnb765phWWbzhkJGbu8zeiExXOdUV03yps7xyB4OO56UdyFDZFCfeJ8jpkm0j9taM34c8qh2FMIfUnQ0pYPK0Q5vuP9jm6/DaI0mQ0Qlugc/51aoO376UbAjVzXhZaPUgOMsy73vo3WshM6jmhzben7l+5/+Hd8X5L3TcAXc3vkoUpMces1blpnuXnVe4YbHQmtj+K8DAAAAYBKuk/6w5v1oc2wigwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4JG5l0f6dRUmvY8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA8+JpAAAA///vv/C6")
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_int(r2, 0x29, 0x1, 0x0, &(0x7f0000000040))
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101842, 0x11)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40)
pwritev2(r3, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x15, 0x5405, 0x0, 0x0)

3.234660461s ago: executing program 4 (id=5654):
perf_event_open(0x0, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x11, 0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x0, 0x0, 0x0, 0x6, 0xa8, &(0x7f0000001ec0)=""/168, 0x40f00, 0x1, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xb}, 0x94)
r0 = socket$kcm(0xa, 0x5, 0x0)
setsockopt$sock_attach_bpf(r0, 0x29, 0x6, &(0x7f0000000040), 0x4)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x402, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3efd7ab4c41335d9, @perf_bp={0x0}, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000000)={r1, &(0x7f0000000140), &(0x7f0000000200)=""/221}, 0x20)
sendmsg(r0, &(0x7f0000002500)={&(0x7f0000000080)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x44}}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="ec", 0x1}], 0x1}, 0x80)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x40000004, 0xa021, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_config_ext={0xd040, 0x10000}, 0x14403, 0xfffc, 0x0, 0x5, 0x582, 0x20005, 0x8, 0x0, 0x0, 0x0, 0x80000001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_clone(0x8000600, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$sock_attach_bpf(r0, 0x29, 0x6, 0x0, 0x0)

2.281886018s ago: executing program 4 (id=5677):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x22, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x2})
clock_gettime(0x0, 0x0)
mkdir(&(0x7f0000000340)='./file\x00', 0x0)
rmdir(&(0x7f0000000000)='./file/file0/..//file0\x00')
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x11c0, 0x80000)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file4\x00', &(0x7f0000000380)={0x8a001, 0x0, 0x12}, 0x18)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000003c0)='./file1\x00', 0x0, &(0x7f0000000280), 0x1, 0x78f, &(0x7f00000007c0)="$eJzs3c9rXNUeAPDvnSRNk/a95MGD9/pWgQcaKJ2YGlsFF3ElgoWCrm3DZBpqJpmSmZQmZNEightBxYWgm679UXdu/bFwo/+FC2mpmhYrLiRy50czTWbSSZqZCeTzgZs55/7IOd8595577sxlbgCH1lj6JxNxIiLeSyJGavOTiBiopPojpqvrPVhfy6VTEhsbr/2aVNa5v76Wi4ZtUsdqmf9GxLdvR5zMbC+3tLI6P1Mo5Jdq+YnywpWJ0srqqcsLM3P5ufzimcmpqdNnnzt7Zv9i/f3H1eN33n/56S+m/3zrP7fe/S6J6TheW9YYx34Zi7HaezKQvoWbRva7pN5Lel0B9iQ9NPuqR3mciJHoq6RaGOpmzQCATtkAAA6hxBgAAA6Z+ucA99fXcvWpt59IdNfdlyLiaDX++veb1SX9MR2DlYUDETF8P3nkm5EkIkb3ofyxiPjkqzc+S6eotYPv0oBuuH4jIi6Ojm3v/5NH71nYg2d2WrgxWHkZ2zL7sJ1/oJe+Tsc/zzcb/2Vqx//Ryt+t45/BJsfuXjz++M/c3rrN96/vQ8E16fjvxYZ72x40xF8z2lfL/aMy5htILl0u5NO+7Z8RMR4Dg2l+srJq85Hb+L2/7rUqv3H899sHb36alp++bq6Rud0/+Og2szPlmSeNu+7ujYj/9TeLP3nY/kmL8e/5Nst45YV3Pm61LI0/jbc+bY+/szZuRjzVtP032zLZ8f7EicruMFHfKZr48qePhluV39j+6ZSWX78W6Ia0/Yd3jn80abxfs7T7Mn64OfJNq2WPj7/5/n8kqXYCR2rzrs2Uy0uTEUeSV7fPP725bT1fXz+Nf/z/zY//arHN9//0mvBim/H33/nl873H31lp/LO7av/dJ249mO9rVX577T9VSY3X5rTT/7VbwSd57wAAAAAAAAAAAAAAAAAAAAAAAACgXZmIOB5JJvswnclks9VneP87hjOFYql88lJxeXE2Ks/KHo2BTP2nLkcafg91svZ7+PX86S35ZyPiXxHx4eBQJZ/NFQuzvQ4eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGqOtXj+f+rnwV7XDgDomKO9rgAA0HXO/wBw+Ozu/D/UsXoAAN3j+h8ADp+2z/8XO1sPAKB7XP8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQYefPnUunjT/W13JpfvbqyvJ88eqp2XxpPruwnMvmiktXsnPF4lwhn80VF1r+o+vVl0KxeGUqFpevTZTzpfJEaWX1wkJxebF84fLCzFz+Qn6ga5EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQPtKK6vzM4VCfklix8TQwajGgUn0x4GohkTHEo29xFDvOigAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA+7vAAAA//9oei8M")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000001f40)={0x0, 0x2904c, 0x29, 0x10003, '\x00', [{0x0, 0x5, 0x0, 0xffffffffffffffff, 0x0, 0x9500}, {0xffffffff, 0x0, 0x9, 0xa}]})

1.305048686s ago: executing program 4 (id=5686):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_setup(0x47a8, &(0x7f0000000740)={0x0, 0x46b6, 0x8, 0x80000, 0x200}, &(0x7f0000000180), 0x0)
io_setup(0x239f, &(0x7f0000000380))
syz_io_uring_setup(0x7676, &(0x7f0000000100)={0x0, 0xdf67, 0x2, 0x0, 0x10f}, 0x0, 0x0)
syz_io_uring_setup(0x10278e, &(0x7f0000000000)={0x0, 0x4c1f, 0x10, 0x0, 0x200004}, &(0x7f0000000200), &(0x7f00000000c0))

1.171116153s ago: executing program 2 (id=5694):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000002540)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_config_ext={0x100000001, 0xdd5}, 0x0, 0x0, 0x0, 0x9, 0x2, 0x80000001}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={0xffffffffffffffff, 0x0, &(0x7f0000001700)=""/53}, 0x20)
mq_open(0x0, 0x80, 0x20, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4000)
r1 = memfd_create(&(0x7f0000000000)='\xf3e\t\x9f\x918\xc0y\x01c\x1fnux\x00sV\ad\xb0l \xfd\xd7\x8e\x7f\x89\xb8\xc5;~\x04\x03~K\xfbP\x84=\xfa\x81\f\x1et\x10\x0e\xcf^9\xbe\\', 0x0)
pwrite64(r1, &(0x7f00000008c0)='/', 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x4, 0x8001, 0x0, 0xb49, 0x200000000002, 0x5, 0x8, 0x3}, 0x0)
lseek(r1, 0x0, 0x4)
sendfile(r1, r1, &(0x7f00000001c0), 0x7fa)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0)

1.061121318s ago: executing program 5 (id=5701):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
listen(r0, 0x0)
r1 = syz_io_uring_setup(0x88d, &(0x7f0000000300)={0x0, 0xd54b, 0x8, 0xfefffffd, 0x1a6}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000040)=0xfffffffc, 0x0, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r5, 0x40042408, r4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0x47f6, 0x0, 0x4, 0x0, 0x0)
r6 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_type(r6, 0x0, 0x2, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)

1.021822509s ago: executing program 5 (id=5703):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_clone(0x2a801400, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = dup(0xffffffffffffffff)
r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000140)={[0x200000000000001]}, 0x8, 0x800)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
unshare(0x22020600)
signalfd4(r1, &(0x7f0000000340)={[0x1]}, 0x8, 0x80800)
r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$UHID_CREATE2(r2, 0x0, 0x118)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
setreuid(0xffffffffffffffff, 0x0)
mount$9p_fd(0x0, 0x0, 0x0, 0xc0000, 0x0)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, 0x0, 0x0)

1.01260071s ago: executing program 2 (id=5705):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4)
bind$inet(r0, &(0x7f0000000240)={0x2, 0x0, @local}, 0x6f)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x300)
setsockopt$inet_int(r0, 0x0, 0x14, &(0x7f0000000100)=0x3, 0x4)
process_vm_writev(0x0, &(0x7f0000000240)=[{0x0}, {0x0}, {&(0x7f0000000400)=""/150, 0x96}], 0x3, 0x0, 0x0, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r1 = io_uring_setup(0x1562, &(0x7f0000000040)={0x0, 0x36d, 0xc000, 0xc, 0xa0002f5})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0xfffffffffffffda2, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x24, &(0x7f0000000000)=0xa, 0x4)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)

921.096104ms ago: executing program 2 (id=5708):
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x482, 0x0)
pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd\x00')
r2 = getpid()
r3 = syz_pidfd_open(r2, 0x0)
setns(r3, 0x24020000)
umount2(&(0x7f0000000040)='.\x00', 0x2)
r4 = memfd_create(&(0x7f0000000380)='D\xa3\xd5Wj\x00\x00x0\xc1\xac*\x1a\vG\xa9~vB\xbc\t\x00\x00\x00VoA\xaa\xbc\xee[\xe1\xa2\xe0\xff\x04\x00\x00\x00\\i\xcf\t\xb0\xa9 +H/\x1a\xe7\x95\xce\"\"\xbd\xf9\xd0\xc0\xa9\b\x98\xfc:\x1b\xc4\x80!\xfd\xa4\xcaN\x84\xadS\x8bqE\x99\x01t\xb1\x1f|\x99PL\x92\x8f\xc2\xf9\xcd\x8cj\x03X\x05\x17mwI\xf0\x01\xe5z\xcdJ)\xc7\xfa)\xaa}\xef\xbb\xf5\xcd\xb1o5\x18\xd6\v\x85q\x98\x9bB\xb9\xea\xe7\xff\x7f\x00\x00T\xc0\xd2\t?\bpBl\xf4*8\xc6\xe5\x06P\xc11\f^\x7f\x8e\xc1\xd1Wra\x19)\xe3\x8f\xd9\x9f\x15\x1e\xf2\x18\r\xad\b\xe0\x96NH\x85\r+\xfc\xb3\xdd\xddhg \x03\xa7\x92\xff\x00+h\xb7@#K\x9cMY\xd3\x9b\b-G\xb1\xdaS\x81\xb2\x93\xb83\x8a\x94*\x8d\\\b\xff/\xa1\xc0\xf9&\xd3M\xf6\n\xff\x83k\xe6\rDa\x16\xbd\x00\x02\xdf\b~\xd5)\xa4\x80\xad\x97\'\x1b\xfd}\x96&\xd2\x0eGp\x8e\x1a\x19o\xf1\x14\xe2]J\xf2\xb5h\x9bt*\xd2\xfbT\x01ci\x87\x18\xc9\x13=\x1b\xadl;}\x9d\xbe\x9a\xee\x1a\xfc\x96 \x93\x12@\x19|f\x98\xdc,\x82SlA\x19\xcb\xfe\xccSKO}\xb2U\xd6\xc5\xa7=\xf8s\x1dp\xe0\x14\xe5\x92\xfd)\bB\xcd\xc2\xb6\x85$%nV\xd3*\x00`OE\x8e\xf0\xf9\xd2!KZ%\xad\xa1\x92b\x1e%\x9f!\xd8mV$\x1d?\xc2\f\xcc\xc5x\x9fJ#\xce\x90\xc5\x82\xfb\x97\xd2\xb7\xb5\xed\xb5\'J\xfc\xf4Z.\rS\x88\f\xd0zK\xc7\x81\xbe\xd5\xc2\xce\x89\xbc\x1e\xb78\xf6Z\xd5\x1b\xf1\x9bMD\f\xf6\xc5V\xe1\x12j\xdfW\x87\xf09\n\x1e\x1b\f\xe5p\xab\x9e\xe5}\x96\x9b\xea\x86\x0f\xca\xcf\x16\x96\x0e6\x8d\x11\xd2&\"eKKV\x8b?]<\xa7]\x93\xad\x1d\xfe\x13\xee\xca\xdc\x97\xa9\a\b\xac\xdd\xa0\xfe\x97\xa1?\xa2F\xae\xb7f\x85\xda', 0x0)
write(r4, &(0x7f00000000c0)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r4, 0x0)
r5 = dup3(r1, r0, 0x0)
fchdir(r5)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)

920.714354ms ago: executing program 6 (id=5709):
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x2, 0x4, 0x6, 0xbaa, 0x80c}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0xa, 0x4, 0x2, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x12, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x4, 0x1, 0x13}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9}, 0x94)
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000d40)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000000000005fdb2971dfa2bff372df8cdbeb318ab2bec8fc36903c0ec359ca9daf3c914019395cc154010c693709800000000000000016a85adef34bf78c76e6222337923e1bea6ef682cc4375f594425d408ccc58187feb0e3d43347f989007a7c63f6dae682acb4af936461f34a8a32a50bbbb69ec85168947b86df9f2609bf93f7a1be259621818c3c75da30000bce645451b851111dd98ac4d8da9317c2c082020e0b2d6340809000000000000008e053645cc413790faf7e229c782845b5bb774f7f154263178151ea93ff2cac4b181332c9c9a1c7d85616c8100000000000000d8300d19d585000000fc005774b56a7142047326f940e95b8489e1c5650f5c61299a295f39c88456521cffdef93e29f10f4a11f0cfbfc0ff976b20fe"], &(0x7f0000000080)='GPL\x00', 0x0, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @fallback, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x1, 0x0, 0xffffffffffffffff, 0xf5010000}, 0x6d)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00'], 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB='\x00'/14], 0x22)
bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r1, &(0x7f0000000000), &(0x7f0000000040)=""/73}, 0x70)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000001000)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf20000000000000070000000f0000003d030100000000009500ffb1000000006926000000000000bf6700000000000036000b000fff52004507000015300000d60600000ee60000bf050000000000003d63000000000000650700000200000007070000fbffffff1f75000000000000bf54000000000000070000000410f900bd430100000000009500000000000000050000000000000095000000000000001c15a3ce747c693a74b62fd0758b15f09429c09074bc4b2bd2dc480dd7a064b8673e2060162cc43bcba1060999eef9d60bb39d0af449deaa27ea949e8f9000d885deea2783835e29eba8546fc020c1966f8b5f32b095f566edf66b7751828da9dbd5b996b9e8d897e461c01c697671d100000000400036c17fb01dde179c1f26cac1c7b21bde7d1a55d6ebe700b3be005e47ef55e0dd81244b18590e000000000000356d82e43407a6d7fa94b21002f06cd247b126b6349ab62d7b07ba0a71a72145edade9941f49f300a8c8913e0e4ea9e4c77740ab3312edee62a4dc2fc85755d387d8a1bc8eb71fbe11b2216cc8d1f0160c237d929b49d828724b95555b459f4763c6222175c974be2f76fb5f330b015a68587a75c013000000000000000000000003000000000000d6ddc46e58eff8f4fbadfc6a3af8123b7f4240713a4c0cdc9d7820c4eb67cc0f8b5fe9258eeacb5776aebbab3d5c55020000006082778366dadfc36029633e0514cbcee1f3928970bde148c940434f33acd377cbad17673b2d30b6339255c98eba97efb4e9ac1f11be815dd6045592edcbee7f253ec74c7c1313505bd7ff8fd58b3a6569c91dbdef1df585aeaea7346a2a65caee5c85f9eddeeeee3c8a2e523c864ac430eb47cb4d0c8767b9d4125661b5a1a170c04b64da3a99ddb93bf14fae3ca2d1e882375b8dbac83978e136c34f90b33cc0eeb57debcfe26589efc08125d5d62a7e593c9738a50171adf051ea4f07e7e7e770c2016eeacbe8511afffffbea75759a1ea5404f5453c0b5c46c9700808c096cf8cf5223f341cbea3841b5cd224c1b381d56afebe9f99a00e3cd94dc0bb7af9e8709db487cc4d9b3b96723d69d512ddd57b0dee9b9f6ae80a502cce352098603e77f9ecced07fa25e99e9e415414c91f8bfd1c150570512f26c4ee34a64c131dce3800000000000000006c86287945bd8d258442870e000000000000000000000000f7e6a10de4bf7369b0d5b5373829b09bf5b7b34099b27ac7770fca449d4c4ca15f88b588b2429af2e1d1a4e1fa44cb80fcfae6e50d7e5b4675d7e0be706224f34e6eed553b"], &(0x7f0000000100)='GPL\x00'}, 0x94)

918.800714ms ago: executing program 6 (id=5710):
r0 = gettid()
timer_create(0x1, &(0x7f0000000800)={0x0, 0x21, 0x4, @tid=r0}, &(0x7f0000000000))
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x3ed4, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9)
timer_settime(0x0, 0x1, &(0x7f0000000040), 0x0)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)
r1 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x1, 0x1)
fchdir(r2)
r3 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
getdents64(r3, &(0x7f00000000c0)=""/58, 0x3a)
getdents64(r3, 0xfffffffffffffffe, 0x29)

912.907015ms ago: executing program 2 (id=5711):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_open_procfs(0x0, &(0x7f00000006c0)='net/igmp\x00')
pread64(r3, &(0x7f0000000280)=""/86, 0x56, 0x4000000000000f3)

876.939777ms ago: executing program 6 (id=5712):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000006c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x10}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x8}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000b80)=@newtfilter={0x44, 0x2c, 0xd27, 0x170bd2b, 0x3, {0x0, 0x0, 0x0, r6, {0x0, 0x10}, {}, {0x8, 0x4}}, [@filter_kind_options=@f_flow={{0x9}, {0x14, 0x2, [@TCA_FLOW_MODE={0x8, 0x2, 0x1}, @TCA_FLOW_KEYS={0x8, 0x1, 0x1e3a9}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0xc804}, 0x2)
r7 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000c40)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd2b, 0x2, {0x0, 0x0, 0x0, r8, {0x0, 0x10}, {}, {0x0, 0x4}}, [@filter_kind_options=@f_flow={{0x9}, {0xc, 0x2, [@TCA_FLOW_MODE={0x8, 0x2, 0x7ffffffe}]}}]}, 0x3c}}, 0x2)

797.00207ms ago: executing program 6 (id=5713):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='blkio.bfq.time\x00', 0x26e1, 0x0)
close(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg$unix(r1, &(0x7f0000001140)={0x0, 0x2, &(0x7f0000001040)=[{&(0x7f00000015c0)=""/4096, 0x7ffff000}], 0x1, 0x0, 0x0, 0x808e}, 0x40000100)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x5452, &(0x7f0000000000)='lo\x00\x96o\xd6Q\xb4Y\xa9\xc87,%\x81\xfe\x00\xd2\xd1|\x00\x00\x00\x00\x00\x00\xe3\xd8Yk\xdf\x85\xaac{\x8c\x8ffp`-\xcd\xd9\xd5\xf4\xe68\xe6O\xc2\xf1V0\x8b\t\xed\x13q2\xdd\xcc\xeeR\xf2/\xba\fE>k\a\xe7>t7\x8e(\xf0\x87d\xaf\x93\xfa`\xa6,o\x81.\x1cR\xa5\t\x00\x00\x00\x00\x00\x00\x00|pT\x15\xbc\f*d\xcb\xc2\xcd\x8f\x98\xdf\x00\x00\x1cM\x9c\xa5\xe0\xa8\x00\x00\x00\x80V\xf6\x80\x06\xd9$H!w\xa6m\xd8\x7f\xc6\x837\x83/\x9a\xdf\x01\xf2\x9e\xbb\xca\x04\x00\x05\xeb\xb8{7[\xf9\xe9\x15\xdc0]\x89\x9b~\x04\xb4\xa5\xad\v.\xd0*%`\xb0\x03\x00\x00\x00\x00\x00\x00\x00\xab\xf4\xa7\x83r\xa4\x80|\x03C\x9c\x00\xac\xba\xcb\xa4h\x86w_Eu\xbfy%,\xe5\n\xc1\xb3\xa4g\xa3P\x0f\x11\x93\xc7\xf3\xcf\x17\xf5\x86\xae\xa5\xea?\xc5E\x00\xb2e\xa8\xf1<\xb2\xc82\xbf=o\x00\x00\x00\x00E\x00\xc6X\x92\x0e[\x19\xaa?\x06\xe5\x9d\xd1\x87\x922A\x95\x8e\xbc\xc8<s,\xb023Z{\x9f\xc2\x94+e?\x87\x95\x8e\r\t\x0er\x92\xe2\t\xc4S\xd4\xd2\x87.&`\x95\'=0\r\xd2n\xf5\xcd\x9b\x15Oo\xd8Nj0\xe2\xe5A\xb2\xc3\xf7\xc8\xe7 \"+\xd6\x9e\x18\xec\xb7H\xf9\vd\xebE\x9dtI\xe5\xb5\x8e3\x19<\xdeS\xf4\xe6\xba\x0er\xfc]\xcbd@\xe8R#(u\xe1\x9b\xb7\xd5\x82\xab;\xdb\xa2\x9e\xe8W;\x86\x89\x99\xa1\x99\x1b\xbd\xaf\x11\xcf\x1d\xb5n\xe3&\x1b Z|\x18\n/\xe4\x83\xb5\xdd\xed\xd8\xba\xe8\x8d{@\xd1\x00'/432)
perf_event_open(&(0x7f0000000680)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5a1c, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
write$cgroup_devices(r0, &(0x7f00000005c0)=ANY=[], 0xfffffeff)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route_sched_retired(0xffffffffffffffff, 0x0, 0x4)
socket$packet(0x11, 0x3, 0x300)

532.497194ms ago: executing program 4 (id=5714):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000000)={[{@max_batch_time={'max_batch_time', 0x3d, 0x101}}, {@debug}, {@journal_dev={'journal_dev', 0x3d, 0x7}}]}, 0x1, 0x5fd, &(0x7f00000006c0)="$eJzs3c9vFFUcAPDv7LalpWALMSoepIkxkCgtLWCI8QBXYxr8ES9erLQgoUDT1mjRhJLgxcR4McbEkwfxv1AiV0960YMXT4aEqOFo4prZ7vTnbH8s7Q4wn0+y7My8ebw3LN++t6/vzQRQWgPpH5WIAxExlUT0JfOLaR3RSBxYOO/ePx+fTV9J1Gpv/JVE0jiWnZ803nsbmbsj4ucfk9hfXVvuzNzVi2OTkxPTjf2h2UtTQzNzV49cuDR2fuL8xOWRF0dOnjh+4uTw0Zau69raQ2l1Puj7dPTtb7/+Nxn+7vfRJE7FK40Tl1/HdhmIgfq/SbI2qffkdhdWkGrj/8nyjzjpKLBCbEn2+XVGxJPRF9VY+vD64pPXCq0csKNqSUQNKKlE/ENJZf2A7Lv96u/BlUJ6JUA73D29MACwNv47FsYGo7s+NrD7XhLLh3WSiGhtZG6lPRHx0+3RG+duj96Y3rsz43BAvvnrEfHUsvjvylKSevz3R3f01+O/siL+037BmcZ7evz1FstfPVQs/qF9FuK/O6f9X4r/aBL/7yyL/3dbLH9gafO9nhXx39PqJQEAAAAAAEBp3TodES/kzf+pLM7/iZz5P70RcWobyh9Ytb/29/+VO9tQDJDj7umIl3Pn/1aiujD7t7/a+D3/3vp8gM7k3IXJiaMR8VhEHI7OXen+8DplHPls/1fN0gYa8/+yV1p++r50RuVOx66VecbHZsfu97qBiLvXI57Onf+bLLb/SU77n/48mNpkGfufu3mmWdrG8Q/slNo3EYdy2/+lu1Yk69+fY6jeHxjKegVrPfPR5983K7/V+HeLCbh/afu/e/3470+W369nZutlHJvrqDVLa7X/35W8Wb/lTLZc4cOx2dnp4Yie5NVqenTF8ZGt1xkeRVk8ZPGSxv/hZ9cf/8vr//dExPyqvzv5e+Wa4swT//X+0aw++v9QnDT+x7fU/jfdSOYjcpNGbvb/0Kz8zbX/x+tt/eHGEeN/sODLLEy7Vh7PCdCOvKR21xcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgWViNgTSWVwcbtSGRyM6I2Ix2N3ZfLKzOzz5668f3k8Tas//7+SPem3b2E/yZ7/379sf2TV/rGI2BcRX1R76vuDZ69Mjhd98QAAAAAAAAAAAAAAAAAAAPCA6G2y/j/1Z7Xo2gE7rqPoCgCFyYn/X4qoB9B+2n8oL/EP5SX+obzEP5SX+IfyEv9QXuIfykv8AwAAAADAI2XfwVu/JREx/1JP/ZXqaqR1FlozYKdViq4AUBi3+IHyMvUHyst3fCDZIL27aaaNcjbLnJo6u3FmAAAAAAAAAAAAACBz6ID1/1BW1v9DeVn/D+WVrf8/WHA9gPZr+Tt+0zW9wMNovZX8zcN9E+v/AQAAAAAAAAAAAIBtMTN39eLY5OTEdPs2fm089Cv3nJ6IaHN9so23iii02I1arXat/lE8IPV5yDeyqfCbz9WdHwU7s5Gt9dtcroJ+IAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGv8HwAA//+xpBxA")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./bus\x00', 0x4040, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r2, &(0x7f0000004200)='t', 0x1)
sendfile(r2, r1, 0x0, 0x3ffff)
sendfile(r2, r1, 0x0, 0x7ffff000)
socket$inet_sctp(0x2, 0x5, 0x84)

372.122111ms ago: executing program 3 (id=5715):
pipe2$9p(0x0, 0x800)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x42082, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x200103, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0xfc}, 0x1, 0x0, 0x0, 0x2000c010}, 0x0)
close(r1)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f00000000c0)=ANY=[@ANYBLOB="000003"])
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
r4 = socket$packet(0x11, 0x2, 0x300)
sendto$packet(r4, 0x0, 0x0, 0x2004c860, &(0x7f00000001c0)={0x11, 0x3, r3, 0x1, 0x3}, 0x14)

300.992655ms ago: executing program 3 (id=5716):
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket$kcm(0x11, 0x3, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r3)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x5, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000006c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdc01, {0x0, 0x0, 0x0, r5, {0x0, 0xd}, {0xffff, 0xb}, {0xffff, 0xffe0}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x14, 0x2, [@TCA_FQ_CODEL_CE_THRESHOLD={0x8, 0x7, 0xfffffff9}, @TCA_FQ_CODEL_CE_THRESHOLD_MASK={0x5, 0xb, 0x11}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x240040e0}, 0x4890)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$kcm(r2, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x8, r6, 0x3a}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000840)='\'', 0x30}], 0x1}, 0x894)

300.442535ms ago: executing program 3 (id=5717):
r0 = socket$l2tp(0x2, 0x2, 0x73)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44060}, 0x98)
connect$inet(r0, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r3 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r3, 0x0, 0x0)
listen(r3, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)

252.613067ms ago: executing program 3 (id=5718):
socketpair(0x1, 0x1, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xffffffff, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x94}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(0xffffffffffffffff, 0x0, 0x4000840)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000011000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa20000000000000702"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x2, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x8000}, [@call={0x85, 0x0, 0x0, 0x75}]}, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100}, 0x94)
r2 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x6200, 0x3ffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000040900010073797a300000000040000000030a01080000000000000000010000000900030073797a320000000014000480080002400000000008000140000000000900010073797a300000000050000000060a010400000000000000000100000008000b40000000000900010073797a30000000002800048024000180090001006d657461000000001400028008000140000000120800024000000019140000001100"], 0xd8}}, 0x80)

198.08612ms ago: executing program 3 (id=5719):
r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffffb, 0x1, @perf_config_ext={0x3fffffffc, 0xfffffffffffffffd}, 0x0, 0x3, 0x80, 0x3, 0xfff, 0x8001, 0x7fff}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x4, @perf_bp={0x0, 0x8}, 0x4, 0x0, 0x10000, 0x8, 0x2, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x1)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = creat(&(0x7f0000000200)='./file1\x00', 0x12e)
close(r1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000000)={0x6, 0x3, &(0x7f0000000580)=@framed={{0x18, 0x0, 0x0, 0x0, 0x354, 0x0, 0x0, 0x0, 0x1}}, &(0x7f0000000380)='syzkaller\x00', 0x3, 0x0, 0x0, 0x40f00, 0x63, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r2 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r2, &(0x7f0000003000)=@file={0x1}, 0xc)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000040), 0x200000, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}})
socket$nl_xfrm(0x10, 0x3, 0x6)
newfstatat(0xffffffffffffff9c, 0x0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, <r3=>0x0}, 0x800)
fsetxattr$security_capability(r0, &(0x7f0000000000), &(0x7f0000000140)=@v3={0x3000000, [{0x81, 0xfffffe00}, {0x3ff, 0x3}], r3}, 0x18, 0x1)

137.464143ms ago: executing program 3 (id=5720):
socket$inet6_tcp(0xa, 0x1, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r2 = io_uring_setup(0x1562, &(0x7f0000000040)={0x0, 0x36d, 0xc000, 0xc, 0xa0002f5})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0xfffffffffffffda2, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x24, &(0x7f0000000000)=0xa, 0x4)
io_uring_enter(r2, 0x2219, 0x7721, 0x16, 0x0, 0x0)

136.972443ms ago: executing program 6 (id=5721):
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000000c0))
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_SET_CCA_ED_LEVEL(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x21081002}, 0xc, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x40}, 0x8001)
syz_genetlink_get_family_id$nfc(&(0x7f0000000280), r0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x520, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_config_ext={0xa98, 0x3}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x2000000020000003}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$inet_udp(0x2, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r3=>0x0})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r5=>0x0})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="380000005400e50100000000fdffffff07000000", @ANYRES32=r3, @ANYBLOB="20000100", @ANYRES32=r5, @ANYBLOB="0101fe0f7f"], 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x0)

80.760036ms ago: executing program 5 (id=5722):
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
read$char_usb(0xffffffffffffffff, &(0x7f0000000000)=""/156, 0x9c)
setsockopt$bt_l2cap_L2CAP_CONNINFO(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000500)={0xfff8, "fda90d"}, 0x6)
socket$nl_rdma(0x10, 0x3, 0x14)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1, @perf_config_ext={0x8, 0x2}, 0x6000, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0)
syz_open_dev$sg(&(0x7f0000000040), 0x4, 0x400)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f0000000940)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000900)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="480000001000370400000000ffdbdf2500000000", @ANYRES32=r4, @ANYBLOB="01f10500000000001800128008000100677470000c00028008", @ANYRES32], 0x48}, 0x1, 0x0, 0x0, 0x4011}, 0x40004)

80.365916ms ago: executing program 6 (id=5723):
r0 = perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0xf6103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24000000, 0x0, @perf_bp={0x0, 0xe}, 0x0, 0x1, 0x0, 0x0, 0x7}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000100000000000000000000850000007500000095"], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x2, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x8000}, [@call={0x85, 0x0, 0x0, 0x75}]}, 0x0, 0x7}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r2 = perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0xf6103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, @perf_bp={0x0, 0x8}, 0x40, 0x0, 0x0, 0x0, 0x7, 0x0, 0xffff}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
syz_clone(0x80001000, 0x0, 0x0, 0x0, 0x0, 0x0)

79.330296ms ago: executing program 5 (id=5724):
socket$kcm(0x2, 0x5, 0x84)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="070000000400000018"], 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r4}, &(0x7f0000000280), &(0x7f0000000240)=r1}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001801000000082c2500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f00000000c0)=r5, 0x4)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000004c0), &(0x7f0000000580), 0xaec, r0}, 0x38)
sendmsg$inet(r3, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)

75.428076ms ago: executing program 2 (id=5725):
r0 = fsopen(&(0x7f0000000380)='configfs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000004c0)='j\x95\'\x8aC\x16\xca\\', &(0x7f0000000c40)='\xe6usek\v\xf6u%\x9b\x00\x00\xad\xeb\x00\x00\x00\x00\x01\x80\x00\x00\xcf\x9b\x9f\b\xb6\xfe\xc8\xda~-\xf5S>\xb8\x86\xfc\x9cVR\x82\x9a\xbdp\xbd\x83w\xf9Z\xd2\xcb\xcdF\xd0#N7\x17\xfc\x1e\xf1\x97\xffxi\xe0KE}]\x8e\xca\xe3+\xc8\x98\x03\x91\x88(\bn\x7f\x0e\x85\xa5\xb4\n?_\xc9\xef\xe0Q\xdb\xb6\xa5\x81t\x06\xda\x95\x935\xf1\x18\xac\x00\xf0\xff\xff\xbd\xb5\xa1\x06\xfd\x01\x00\x00\x00\x0f\xf8\xe3\x8a\x1f\x9c\xf3\xc5\x1f\xf9\xbf[\xd13\xb3\xd3j\r6\x7f', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000003c0)='\x00', &(0x7f0000000400)='(!\xef(.(\\-]\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000200)='^](*\r\\!\x00', &(0x7f0000000500)='{:\'@-\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f00000001c0)='\xe6\xd2=(L\x9f\x1c&\xda\xfa\xf3}\x18\xdckL<\xa5-#\xc8\xb7\x98\f\x87\xcf', &(0x7f0000000540)="82", 0x1)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000003200)='\xe0\"\xef\xb1\xea\xe6\x9c\xe6\xc8M\xdb\x86\xb3\x8b\xbe\xd5\xbdB\x92\xa0\x19-+a\x13qQ\xd5f39hSr\xafbB\xe2\xe8\xcd\x1bf\x18\x7f\xf27E#\"\xab\x99\xec\x88\x8d\xd8C\x0f\x95\xff\xfeG\xf9t\xb1 \xcc\xc5\xbb\x88\xb6\xd2\xf2Jwq\xf8oG<v\xb8\x18\x80\xe1Kf\xf8R\xdd\x06\xe8\xfbl\v\xb0\xdd\x05\x05\xd8\xdb\xfd`\xf9\xf8\x915\b\x8c\xad\xc8\x9d=\xfeN\x8b\x1eR\x1e\xf8\x9dn\x19H\xd2aE\xa0\x06\xb0Yv\xf9^\x8c\x8f\xc3\xa5\x985\x85U\x8cZ/\'\xbd\xe2\xdc\xe3\xb9\x8e$Z\xef\xa8\xe5(Mt\xd3\xd9\xf6X\x1a\x9b\t$N\xd0U\xe2z\xeb\x01\x80!0\xe8\xc3\xce\xf8\x03\xde\x92s\xf9', &(0x7f0000000ac0)='fuseblk\x00M\x13k\x92#\x05z)\xe0c\\35\xdf%\xa3\xac!zoO\xf8\xcex\xb3\f\xad@\x853o\x0f0\x1a\xc0\"\xf7\x11Z\x01\xc1\xd9\x9fbJ7\xd1\xad\xe1\xed\x87\xae\x11-s\xb4\xbd\x1e\x9a\xd7\xc1crt\x88%\x92\x8fL\x8d\xb3-\xb60O \xc5\xd1q\xcc\x97\xe0\xe8\xb0\n\v\xa9V\xfa\xeb\x1e|M\x98W\x81\xa2@{_\xba^\xa2\x82k\x10G\xfc\xd4\x99Pl\xfa\xe8\x7f\xc9 h\xd0\xfd\x04\x95\x8c\xb1\xe7', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000d00)='V,/\x00@!\\\x1c2\x91G\xd2\xbe\xe5\x8b\xfbHp\x06\x9a\t\x03Mh\xb6\x8a\x1c\xfd\x97\xe2\xc0\xed\x91\x85\x91\x10\xf1f-{A-\xf81s\xc3\xa5r\x8a\x06\x11m\x82jHfh81\x9c\xfa}\x03\xe2%\xd7q\xd6\'\x82@$7\x1c\'\xcc}\x12hC\xc9g\xdb\x11\xbcWS\x12\xfb\xff\x98b!\x97`#\x96\x85\xe1\xa1\xaa\x06\xc3\xa9-\x17upm\xa9\n\x00\xc4L\x1f`\xe8\xbf\xe9\xb4\xb6@\xc4h\xf49\x9bx\x90l\xe3\xee^k\xd7\xecd\xde\xc8\x7f\xd3\xa4.\xa1p\xdf\xd3\x12-\x8cY\xef\xb0\x93UiK\x82\xb51\x81\x96,\xcf\x8a)t\x1e4\xa7x\x85\xa4?f\xef\x15\x89\xe5\xd1\xbfP\xbd\x8d\xe2\xbbr\xa2C\xb0\x9a\xd1\xa4\xf2\x88t\xdd\xfe)\xcb\x9e7\xe2\xa67\xa6U\x80\x97>\x10L\xab5\xb3\x04(\b\xcd0H-i\x8d\f\xb5\x1f1=\x87$C\xc2\xbb\x92\x0e\x06\xcb\xd4\x83a-\x82\x90\x93\x95\x00Q4\xff!\xfc\xb7\xcaG@\x96\x04\xed\x9f\xe9\x9e\xf9\xfb\xe4)\xc5\xa4\xca\xc1`x\xf4\xf6zX\x1b\xb3\x13\xa4W[E\x8a\x7f\x06\n\xd2\x1b\xce\xe2\xbd4\x93\xff \xb06\"\xbf\x1d\xfda\x00Z\xfb\xfe_I\xb8\xfc1\xdf\x82a\x93tx3\xda\xdeY\xc1\xdd\xdd\x84D\x1dy:\x9a%<\xd3X\xd9s\xe5r\xbdA9\x7f\b\x8fL\xa6=nJ\x16\x82\xd8\xb4X`\x03vY\xe3}\xae\t=pX\xc4\xb3\x8aTdv\x1a\a\xa1\xaeP\x8f\xfd\x03\xc5b\x80\xae\xdc\x99\xa4z\xbc\xe3Pz\xf5\xcf\x99u#\"[\'\xa3G\xf1\x18ls\x89D\xce\xd5\xbc\xff\x8b\x05\x1f\x14\xcf\x96Vu\xb93\x9d\x8bX\x16o !\xb8\xc9I\x8f\x9ei\xf5\xc1\xed\x97x\x01?\xa6~\x9c\xb5u\xe0r1I\xa67Q\xc9\a\x84\xe6\x1b\xebo\x85\x98\x9cib\xa7\x80U\xc8%\xa7\x11=\xa3\x02\x15\xe6\x85\xbf\x03vQ\xfe&\xf3\xb7\xdc3\b\xc0\'\x03\x97\xf9\xbf1\x03\x93\xff\x16\xb0\xf6\x97\x97\x80JO\x81\x97\x0f\x96\x93n\x95!\xff\xa52\"\nf\xe0h\xf6+5\xb6\x12\x14\xce\xdb?\x1a\xa5\x93\xca\xa0b\'\x04\xac\xc9*-;-\t(\xfd\x9e\xd8J9\xfa\xf8\xe3\x1a\xe9\x8f\xe5\xda\xc8\xed\xc7\x88\xc2\xa0\x02]noRVv\xc8\x81\x94\xb3\x10\xa6\x8b\xd0q\xddZ\x95\x16\x94\x94@\x0f\"\xc7\xde\x87\x16;\xd0\xc1\x04=\t\xba\xe5', &(0x7f0000000a80)='\x1e\x04\x00\x00\x00\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000280)='\x1c@\\\x00', &(0x7f00000002c0)='\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='\xe6usek\v\xf6u%\x9b\x00\x00\xad\xeb\x00\x00\x00\x00\x01\x80\x00\x00\xcf\x9b\x9f\b\xb6\xfe\xc8\xda~-\xf5S>\xb8\x86\xfc\x9cVR\x82\x9a\xbdp\xbd\x83w\xf9Z\xd2\xcb\xcdF\xd0#N7\x17\xfc\x1e\xf1\x97\xffxi\xe0KE}]\x8e\xca\xe3+\xc8\x98\x03\x91\x88(\bn\x7f\x0e\x85\xa5\xb4\n?_\xc9\xef\xe0Q\xdb\xb6\xa5\x81t\x06\xda\x95\x935\xf1\x18\xac\x00\xf0\xff\xff\xbd\xb5\xa1\x06\xfd\x01\x00\x00\x00\x0f\xf8\xe3\x8a\x1f\x9c\xf3\xc5\x1f\xf9\xbf[\xd13\xb3\xd3j\r6\x7f', &(0x7f0000000640)='y', 0x1)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000300)='(\xed\xef(.(\\-]\x00', &(0x7f0000000340)="0f", 0x1)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='(\xed\xef(.(\\-]\x00', &(0x7f00000000c0)='f\xf0p\xce\x97\xbb\xd2dH\xdf\xbd\x18\x9baE\xef\x90\x90\x057g\x85\xf4\xf0\xba\xb0\xb1\x06\xa6q\xef\x03H\xda\"`\xd6', 0x0)
read(r0, 0x0, 0xfffffea1)
close(r0)

42.006647ms ago: executing program 5 (id=5726):
r0 = socket$xdp(0x2c, 0x3, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00', <r2=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f00000001c0)=0x100, 0x4)
setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r3, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
setsockopt$XDP_RX_RING(r3, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f0000000440)=0x400, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r3, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
bind$xdp(r3, &(0x7f0000000100)={0x2c, 0xa, r2, 0x1}, 0x10)
bind$xdp(r0, &(0x7f0000000240)={0x2c, 0x1, r2, 0x1000002, r3}, 0x10)

383.01µs ago: executing program 2 (id=5727):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f00000002c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000000d7c0d6eb00000000", @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
r4 = socket(0x10, 0x803, 0x0)
r5 = socket(0x10, 0x803, 0x2)
sendmsg$IPCTNL_MSG_TIMEOUT_DELETE(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={0x0, 0x20}, 0x1, 0x0, 0x0, 0x4014}, 0x10)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r6, @ANYRES16], 0x3c}, 0x1, 0x0, 0x0, 0x40020c1}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=@gettfilter={0x24, 0x25, 0x6ce324a938346939, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xffff}, {0x0, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x2004c004}, 0x0)

0s ago: executing program 5 (id=5728):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000500)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0xf241f1a146326c4, 0x2, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x8, 0x40008, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x9, 0x2}, 0x4580, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x15, 0xe, 0x0, &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000000c0), 0x10}, 0x94)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000580)=@newlink={0x34, 0x10, 0x1, 0x170bd27, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2100}, [@IFLA_GROUP={0x8}, @IFLA_AF_SPEC={0xc, 0x1a, 0x0, 0x1, [@AF_INET={0x8, 0x2, 0x0, 0x1, {0x4}}]}]}, 0x34}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

kernel console output (not intermixed with test programs):

7844][T15141] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  298.897859][T15141] R13: 00007f3394596038 R14: 00007f3394595fa0 R15: 00007ffc66f57af8
[  298.897878][T15141]  </TASK>
[  298.897890][T15141] memory: usage 307200kB, limit 307200kB, failcnt 19716
[  299.247486][T15141] memory+swap: usage 375440kB, limit 9007199254740988kB, failcnt 0
[  299.255460][T15141] kmem: usage 307012kB, limit 9007199254740988kB, failcnt 0
[  299.262877][T15141] Memory cgroup stats for /syz6:
[  299.263217][T15141] cache 0
[  299.271165][T15141] rss 143360
[  299.274385][T15141] shmem 0
[  299.277534][T15141] mapped_file 0
[  299.281000][T15141] dirty 0
[  299.283971][T15141] writeback 0
[  299.287245][T15141] workingset_refault_anon 3775
[  299.292038][T15141] workingset_refault_file 0
[  299.296570][T15141] swap 69877760
[  299.300045][T15141] swapcached 96391168
[  299.304139][T15141] pgpgin 245305
[  299.307591][T15141] pgpgout 245266
[  299.311122][T15141] pgfault 230423
[  299.314813][T15141] pgmajfault 673
[  299.318355][T15141] inactive_anon 147456
[  299.322590][T15141] active_anon 12288
[  299.326387][T15141] inactive_file 0
[  299.330008][T15141] active_file 0
[  299.333580][T15141] unevictable 0
[  299.337042][T15141] hierarchical_memory_limit 314572800
[  299.342468][T15141] hierarchical_memsw_limit 9223372036854771712
[  299.348680][T15141] total_cache 0
[  299.352243][T15141] total_rss 143360
[  299.356135][T15141] total_shmem 0
[  299.359579][T15141] total_mapped_file 0
[  299.363646][T15141] total_dirty 0
[  299.367182][T15141] total_writeback 0
[  299.370979][T15141] total_workingset_refault_anon 3775
[  299.376293][T15141] total_workingset_refault_file 0
[  299.381416][T15141] total_swap 69877760
[  299.385430][T15141] total_swapcached 96391168
[  299.389923][T15141] total_pgpgin 245305
[  299.393953][T15141] total_pgpgout 245266
[  299.398018][T15141] total_pgfault 230423
[  299.402105][T15141] total_pgmajfault 673
[  299.406326][T15141] total_inactive_anon 147456
[  299.410892][T15141] total_active_anon 12288
[  299.415264][T15141] total_inactive_file 0
[  299.419407][T15141] total_active_file 0
[  299.423434][T15141] total_unevictable 0
[  299.427405][T15141] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz6,task_memcg=/syz6,task=syz.6.4107,pid=15137,uid=0
[  299.442190][T15141] Memory cgroup out of memory: Killed process 15141 (syz.6.4107) total-vm:94164kB, anon-rss:1368kB, file-rss:22284kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:0
[  299.545938][   T28] kauditd_printk_skb: 17 callbacks suppressed
[  299.545952][   T28] audit: type=1400 audit(1773736903.852:18042): avc:  denied  { mount } for  pid=15153 comm="syz.2.4113" name="/" dev="hugetlbfs" ino=88619 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  299.607700][T15162] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4114'.
[  300.038463][T15163] syz.6.4112 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  300.081475][T15163] CPU: 0 UID: 0 PID: 15163 Comm: syz.6.4112 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  300.081513][T15163] Tainted: [W]=WARN
[  300.081522][T15163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  300.081571][T15163] Call Trace:
[  300.081578][T15163]  <TASK>
[  300.081586][T15163]  __dump_stack+0x1d/0x30
[  300.081620][T15163]  dump_stack_lvl+0x95/0xd0
[  300.081649][T15163]  dump_stack+0x15/0x1b
[  300.081722][T15163]  dump_header+0x80/0x240
[  300.081780][T15163]  oom_kill_process+0x295/0x350
[  300.081862][T15163]  out_of_memory+0x97d/0xb80
[  300.081888][T15163]  try_charge_memcg+0x62e/0xa10
[  300.082003][T15163]  __mem_cgroup_charge+0x65/0x150
[  300.082045][T15163]  shmem_get_folio_gfp+0x47b/0xd60
[  300.082079][T15163]  shmem_fallocate+0x628/0x920
[  300.082204][T15163]  vfs_fallocate+0x3b6/0x450
[  300.082224][T15163]  __x64_sys_fallocate+0x7a/0xd0
[  300.082310][T15163]  x64_sys_call+0x298e/0x3020
[  300.082342][T15163]  do_syscall_64+0x12c/0x370
[  300.082366][T15163]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  300.082437][T15163] RIP: 0033:0x7f339431c799
[  300.082515][T15163] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  300.082532][T15163] RSP: 002b:00007f3392d56028 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[  300.082552][T15163] RAX: ffffffffffffffda RBX: 00007f3394596090 RCX: 00007f339431c799
[  300.082625][T15163] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[  300.082681][T15163] RBP: 00007f33943b2c99 R08: 0000000000000000 R09: 0000000000000000
[  300.082705][T15163] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000000
[  300.082721][T15163] R13: 00007f3394596128 R14: 00007f3394596090 R15: 00007ffc66f57af8
[  300.082745][T15163]  </TASK>
[  300.082806][T15163] memory: usage 306032kB, limit 307200kB, failcnt 19851
[  300.310708][T15163] memory+swap: usage 314888kB, limit 9007199254740988kB, failcnt 0
[  300.371449][T15163] kmem: usage 230756kB, limit 9007199254740988kB, failcnt 0
[  300.393395][T15163] Memory cgroup stats for /syz6:
[  300.393628][T15163] cache 1765376
[  300.431494][T15163] rss 196608
[  300.461885][T15169] batman_adv: batadv0: Removing interface: dummy0
[  300.481420][T15163] shmem 1765376
[  300.495490][T15169] bridge_slave_0: left promiscuous mode
[  300.502242][T15169] bridge0: port 1(bridge_slave_0) entered disabled state
[  300.511851][T15163] mapped_file 12288
[  300.517516][T15169] bond0: (slave bridge_slave_1): Releasing backup interface
[  300.539342][T15163] dirty 0
[  300.551188][T15169] bond0: (slave bond_slave_0): Releasing backup interface
[  300.562206][T15163] writeback 0
[  300.565509][T15163] workingset_refault_anon 3783
[  300.587011][T15169] bond0: (slave bond_slave_1): Releasing backup interface
[  300.601972][T15169] batman_adv: batadv0: Removing interface: batadv_slave_0
[  300.602101][T15178] loop2: detected capacity change from 0 to 512
[  300.622970][T15169] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  300.650302][T15163] workingset_refault_file 0
[  300.660087][T15178] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  300.672069][T15163] swap 69828608
[  300.676142][T15163] swapcached 96337920
[  300.682227][T15178] ext4 filesystem being mounted at /452/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  300.708611][T15163] pgpgin 246811
[  300.718545][T15163] pgpgout 246332
[  300.726670][T15163] pgfault 231565
[  300.730337][T15163] pgmajfault 681
[  300.738687][   T28] audit: type=1400 audit(1773736905.042:18043): avc:  denied  { append } for  pid=15170 comm="syz.2.4127" name="file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  300.739824][T15163] inactive_anon 4096
[  300.765491][T15163] active_anon 1949696
[  300.769475][T15163] inactive_file 0
[  300.773126][T15163] active_file 0
[  300.776711][T15163] unevictable 0
[  300.780154][T15163] hierarchical_memory_limit 314572800
[  300.785617][T15163] hierarchical_memsw_limit 9223372036854771712
[  300.791962][T15163] total_cache 1765376
[  300.795945][T15163] total_rss 196608
[  300.799658][T15163] total_shmem 1765376
[  300.804158][T15163] total_mapped_file 12288
[  300.808967][T15163] total_dirty 0
[  300.811947][ T8689] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  300.812875][T15163] total_writeback 0
[  300.825585][T15163] total_workingset_refault_anon 3783
[  300.831476][T15163] total_workingset_refault_file 0
[  300.836792][T15163] total_swap 69828608
[  300.841059][T15163] total_swapcached 96337920
[  300.871068][T15163] total_pgpgin 246811
[  300.875751][T15163] total_pgpgout 246332
[  300.881205][T15163] total_pgfault 231565
[  300.900619][   T28] audit: type=1326 audit(1773736905.202:18044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15189 comm="syz.5.4124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0be495c799 code=0x7ffc0000
[  300.930540][T15163] total_pgmajfault 681
[  300.935354][T15163] total_inactive_anon 4096
[  300.939832][T15163] total_active_anon 1949696
[  300.944730][T15163] total_inactive_file 0
[  300.948929][T15163] total_active_file 0
[  300.954845][   T28] audit: type=1326 audit(1773736905.202:18045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15189 comm="syz.5.4124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0be495c799 code=0x7ffc0000
[  300.982154][T15163] total_unevictable 0
[  300.992430][T15163] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz6,task_memcg=/syz6,task=syz.6.4112,pid=15156,uid=0
[  301.016755][T15163] Memory cgroup out of memory: Killed process 15163 (syz.6.4112) total-vm:96344kB, anon-rss:1416kB, file-rss:22428kB, shmem-rss:12kB, UID:0 pgtables:128kB oom_score_adj:0
[  301.034203][   T28] audit: type=1326 audit(1773736905.202:18046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15189 comm="syz.5.4124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0be495c799 code=0x7ffc0000
[  301.059585][T15197] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4126'.
[  301.073969][   T28] audit: type=1326 audit(1773736905.202:18047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15189 comm="syz.5.4124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0be495c799 code=0x7ffc0000
[  301.161196][   T28] audit: type=1326 audit(1773736905.202:18048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15189 comm="syz.5.4124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f0be495c799 code=0x7ffc0000
[  301.205917][   T28] audit: type=1326 audit(1773736905.262:18049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15189 comm="syz.5.4124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0be495c799 code=0x7ffc0000
[  301.293837][T15214] IPVS: sync thread started: state = BACKUP, mcast_ifn = dummy0, syncid = 2, id = 0
[  301.317324][   T28] audit: type=1326 audit(1773736905.262:18050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15189 comm="syz.5.4124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0be495c799 code=0x7ffc0000
[  301.351300][   T28] audit: type=1326 audit(1773736905.262:18051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15189 comm="syz.5.4124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0be495c799 code=0x7ffc0000
[  301.467963][T15219] bond0: (slave bond_slave_0): Releasing backup interface
[  301.508518][T15219] bond0: (slave bond_slave_1): Releasing backup interface
[  301.530387][T15219] team0: Failed to send options change via netlink (err -105)
[  301.552390][T15219] team0: Failed to send port change of device team_slave_0 via netlink (err -105)
[  301.605500][T15219] team0: Port device team_slave_0 removed
[  301.637233][T15219] team0: Failed to send options change via netlink (err -105)
[  301.645949][T15219] team0: Failed to send port change of device team_slave_1 via netlink (err -105)
[  301.675798][T15219] team0: Port device team_slave_1 removed
[  301.719434][T15219] bond2: (slave veth11): Releasing active interface
[  301.726547][T15219] bond2: (slave veth11): the permanent HWaddr of slave - 66:2f:36:dd:5b:d7 - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[  301.774330][T15219] bond2: (slave batadv0): Releasing active interface
[  301.781318][T15219] batadv0: left promiscuous mode
[  301.799575][T15221] team0: Failed to send options change via netlink (err -105)
[  301.858276][T15221] team0: Mode changed to "activebackup"
[  302.263915][T15240] delete_channel: no stack
[  303.006955][T15274] lo speed is unknown, defaulting to 1000
[  303.036032][T15278] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2 sclass=netlink_route_socket pid=15278 comm=syz.6.4155
[  304.046865][ T3391] kernel read not supported for file bpf-prog (pid: 3391 comm: kworker/1:3)
[  305.143641][T15395] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4178'.
[  309.532726][T15494] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4217'.
[  309.542281][T15494] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4217'.
[  309.678936][   T28] kauditd_printk_skb: 46 callbacks suppressed
[  309.678959][   T28] audit: type=1326 audit(1773736913.982:18098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15498 comm="syz.5.4219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0be495c799 code=0x7ffc0000
[  309.765863][   T28] audit: type=1326 audit(1773736913.982:18099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15498 comm="syz.5.4219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0be495c799 code=0x7ffc0000
[  309.806936][   T28] audit: type=1326 audit(1773736914.012:18100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15498 comm="syz.5.4219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0x7f0be495c799 code=0x7ffc0000
[  309.908343][T15514] tipc: Failed to remove unknown binding: 66,0,0/0:1713461876/1713461877
[  309.942547][T15514] tipc: Failed to remove unknown binding: 66,0,0/0:1713461876/1713461877
[  309.997020][   T28] audit: type=1326 audit(1773736914.012:18101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15498 comm="syz.5.4219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0be495c799 code=0x7ffc0000
[  310.037564][T15519] netlink: 'syz.4.4230': attribute type 5 has an invalid length.
[  310.071554][   T28] audit: type=1326 audit(1773736914.012:18102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15498 comm="syz.5.4219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0be495c799 code=0x7ffc0000
[  310.250306][   T28] audit: type=1326 audit(1773736914.012:18103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15498 comm="syz.5.4219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0be495c799 code=0x7ffc0000
[  310.300685][   T28] audit: type=1326 audit(1773736914.012:18104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15498 comm="syz.5.4219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0be495c799 code=0x7ffc0000
[  310.324560][   T28] audit: type=1326 audit(1773736914.012:18105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15498 comm="syz.5.4219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0be495c799 code=0x7ffc0000
[  310.349720][   T28] audit: type=1326 audit(1773736914.022:18106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15498 comm="syz.5.4219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7f0be495c799 code=0x7ffc0000
[  310.374029][   T28] audit: type=1326 audit(1773736914.022:18107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15498 comm="syz.5.4219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0be495c799 code=0x7ffc0000
[  310.861782][T15538] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4237'.
[  311.324888][T15575] netlink: 'syz.3.4249': attribute type 5 has an invalid length.
[  311.981430][T15583] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  312.007595][T15583] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  312.065182][T15554] syz.4.4242 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=0
[  312.085520][T15554] CPU: 1 UID: 0 PID: 15554 Comm: syz.4.4242 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  312.085555][T15554] Tainted: [W]=WARN
[  312.085562][T15554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  312.085576][T15554] Call Trace:
[  312.085649][T15554]  <TASK>
[  312.085657][T15554]  __dump_stack+0x1d/0x30
[  312.085687][T15554]  dump_stack_lvl+0x95/0xd0
[  312.085713][T15554]  dump_stack+0x15/0x1b
[  312.085910][T15554]  dump_header+0x80/0x240
[  312.085939][T15554]  oom_kill_process+0x295/0x350
[  312.085966][T15554]  out_of_memory+0x97d/0xb80
[  312.085993][T15554]  try_charge_memcg+0x62e/0xa10
[  312.086116][T15554]  obj_cgroup_charge_pages+0x23/0xc0
[  312.086217][T15554]  __memcg_kmem_charge_page+0x9e/0x170
[  312.086249][T15554]  __alloc_frozen_pages_noprof+0x18a/0x360
[  312.086285][T15554]  alloc_pages_mpol+0xb3/0x260
[  312.086320][T15554]  alloc_pages_noprof+0x8f/0x130
[  312.086410][T15554]  __vmalloc_node_range_noprof+0xa46/0x12b0
[  312.086453][T15554]  __kvmalloc_node_noprof+0x3d4/0x650
[  312.086482][T15554]  ? ip_set_alloc+0x24/0x30
[  312.086562][T15554]  ? ip_set_alloc+0x24/0x30
[  312.086662][T15554]  ? __kmalloc_cache_noprof+0x18a/0x410
[  312.086691][T15554]  ip_set_alloc+0x24/0x30
[  312.086722][T15554]  hash_netiface_create+0x282/0x740
[  312.086813][T15554]  ? __pfx_hash_netiface_create+0x10/0x10
[  312.086840][T15554]  ip_set_create+0x3cf/0x970
[  312.086945][T15554]  ? __mutex_lock_slowpath+0xa/0x10
[  312.087083][T15554]  nfnetlink_rcv_msg+0x509/0x5d0
[  312.087133][T15554]  netlink_rcv_skb+0x123/0x220
[  312.087236][T15554]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  312.087270][T15554]  nfnetlink_rcv+0x167/0x1720
[  312.087339][T15554]  ? vm_area_free+0x71/0xb0
[  312.087366][T15554]  ? kmem_cache_free+0x237/0x380
[  312.087462][T15554]  ? percpu_counter_add_batch+0xb6/0x130
[  312.087491][T15554]  ? uprobe_mmap+0x8b8/0xf80
[  312.087519][T15554]  ? vms_complete_munmap_vmas+0x57b/0x5e0
[  312.087613][T15554]  ? inode_to_bdi+0x47/0xa0
[  312.087632][T15554]  ? vma_wants_writenotify+0x148/0x1a0
[  312.087651][T15554]  ? vma_set_page_prot+0xc3/0xf0
[  312.087739][T15554]  ? __mmap_complete+0x1f2/0x220
[  312.087795][T15554]  ? mmap_region+0x1d1b/0x2050
[  312.087833][T15554]  ? _raw_spin_lock_bh+0x56/0xb0
[  312.087864][T15554]  ? _raw_spin_unlock_bh+0x18/0x20
[  312.087896][T15554]  ? selinux_nlmsg_lookup+0x99/0x890
[  312.087941][T15554]  ? __rcu_read_unlock+0x33/0x70
[  312.087962][T15554]  ? __netlink_lookup+0x276/0x2b0
[  312.088017][T15554]  netlink_unicast+0x5c0/0x690
[  312.088050][T15554]  netlink_sendmsg+0x5c8/0x6f0
[  312.088172][T15554]  ? __pfx_netlink_sendmsg+0x10/0x10
[  312.088203][T15554]  ____sys_sendmsg+0x563/0x5b0
[  312.088245][T15554]  ___sys_sendmsg+0x195/0x1e0
[  312.088295][T15554]  __x64_sys_sendmsg+0xd4/0x160
[  312.088376][T15554]  x64_sys_call+0x194c/0x3020
[  312.088403][T15554]  do_syscall_64+0x12c/0x370
[  312.088427][T15554]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  312.088529][T15554] RIP: 0033:0x7fe20b74c799
[  312.088548][T15554] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  312.088569][T15554] RSP: 002b:00007fe20a1a7028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  312.088591][T15554] RAX: ffffffffffffffda RBX: 00007fe20b9c5fa0 RCX: 00007fe20b74c799
[  312.088659][T15554] RDX: 0000000000000880 RSI: 0000200000000040 RDI: 0000000000000003
[  312.088675][T15554] RBP: 00007fe20b7e2c99 R08: 0000000000000000 R09: 0000000000000000
[  312.088690][T15554] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  312.088702][T15554] R13: 00007fe20b9c6038 R14: 00007fe20b9c5fa0 R15: 00007ffe538c10b8
[  312.088721][T15554]  </TASK>
[  312.088919][T15554] memory: usage 307200kB, limit 307200kB, failcnt 258
[  312.458121][T15554] memory+swap: usage 307200kB, limit 9007199254740988kB, failcnt 0
[  312.466176][T15554] kmem: usage 198292kB, limit 9007199254740988kB, failcnt 0
[  312.473512][T15554] Memory cgroup stats for /syz4:
[  312.473815][T15554] cache 111194112
[  312.483002][T15554] rss 311296
[  312.486257][T15554] shmem 111194112
[  312.489884][T15554] mapped_file 12288
[  312.493823][T15554] dirty 0
[  312.496757][T15554] writeback 0
[  312.500047][T15554] workingset_refault_anon 1319
[  312.504890][T15554] workingset_refault_file 10235
[  312.509824][T15554] swap 0
[  312.513221][T15554] swapcached 737280
[  312.517051][T15554] pgpgin 402124
[  312.520578][T15554] pgpgout 374897
[  312.524220][T15554] pgfault 281313
[  312.527788][T15554] pgmajfault 180
[  312.531329][T15554] inactive_anon 111374336
[  312.535668][T15554] active_anon 143360
[  312.539557][T15554] inactive_file 0
[  312.543669][T15554] active_file 4096
[  312.547407][T15554] unevictable 0
[  312.550906][T15554] hierarchical_memory_limit 314572800
[  312.556327][T15554] hierarchical_memsw_limit 9223372036854771712
[  312.569026][T15554] total_cache 111194112
[  312.574049][T15554] total_rss 311296
[  312.577774][T15554] total_shmem 111194112
[  312.581967][T15554] total_mapped_file 12288
[  312.586283][T15554] total_dirty 0
[  312.589772][T15554] total_writeback 0
[  312.593643][T15554] total_workingset_refault_anon 1319
[  312.598913][T15554] total_workingset_refault_file 10235
[  312.604968][T15554] total_swap 0
[  312.608339][T15554] total_swapcached 737280
[  312.612832][T15554] total_pgpgin 402124
[  312.616803][T15554] total_pgpgout 374897
[  312.620862][T15554] total_pgfault 281313
[  312.625213][T15554] total_pgmajfault 180
[  312.629269][T15554] total_inactive_anon 111374336
[  312.634998][T15554] total_active_anon 143360
[  312.639464][T15554] total_inactive_file 0
[  312.643999][T15554] total_active_file 4096
[  312.648262][T15554] total_unevictable 0
[  312.652440][T15554] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.1023,pid=6851,uid=0
[  312.668065][T15554] Memory cgroup out of memory: Killed process 6851 (syz.4.1023) total-vm:96212kB, anon-rss:1336kB, file-rss:20800kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[  312.685282][T15566] syz.4.4242 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  312.699613][T15566] CPU: 1 UID: 0 PID: 15566 Comm: syz.4.4242 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  312.699677][T15566] Tainted: [W]=WARN
[  312.699685][T15566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  312.699700][T15566] Call Trace:
[  312.699788][T15566]  <TASK>
[  312.699798][T15566]  __dump_stack+0x1d/0x30
[  312.699830][T15566]  dump_stack_lvl+0x95/0xd0
[  312.699875][T15566]  dump_stack+0x15/0x1b
[  312.699897][T15566]  dump_header+0x80/0x240
[  312.699924][T15566]  oom_kill_process+0x295/0x350
[  312.699951][T15566]  out_of_memory+0x97d/0xb80
[  312.699988][T15566]  try_charge_memcg+0x62e/0xa10
[  312.700035][T15566]  __mem_cgroup_charge+0x65/0x150
[  312.700157][T15566]  shmem_get_folio_gfp+0x47b/0xd60
[  312.700189][T15566]  shmem_fallocate+0x628/0x920
[  312.700227][T15566]  vfs_fallocate+0x3b6/0x450
[  312.700326][T15566]  __x64_sys_fallocate+0x7a/0xd0
[  312.700347][T15566]  x64_sys_call+0x298e/0x3020
[  312.700377][T15566]  do_syscall_64+0x12c/0x370
[  312.700407][T15566]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  312.700450][T15566] RIP: 0033:0x7fe20b74c799
[  312.700471][T15566] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  312.700488][T15566] RSP: 002b:00007fe20a186028 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[  312.700508][T15566] RAX: ffffffffffffffda RBX: 00007fe20b9c6090 RCX: 00007fe20b74c799
[  312.700523][T15566] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[  312.700594][T15566] RBP: 00007fe20b7e2c99 R08: 0000000000000000 R09: 0000000000000000
[  312.700687][T15566] R10: 0000000008800000 R11: 0000000000000246 R12: 0000000000000000
[  312.700708][T15566] R13: 00007fe20b9c6128 R14: 00007fe20b9c6090 R15: 00007ffe538c10b8
[  312.700730][T15566]  </TASK>
[  312.700738][T15566] memory: usage 307200kB, limit 307200kB, failcnt 282
[  313.005791][T15566] memory+swap: usage 307200kB, limit 9007199254740988kB, failcnt 0
[  313.030386][T15566] kmem: usage 198316kB, limit 9007199254740988kB, failcnt 0
[  313.076777][T15566] Memory cgroup stats for /syz4:
[  313.077760][T15566] cache 111185920
[  313.111499][T15566] rss 204800
[  313.126145][T15566] shmem 111185920
[  313.150663][T15566] mapped_file 12288
[  313.167761][T15566] dirty 0
[  313.184284][T15566] writeback 0
[  313.197988][T15566] workingset_refault_anon 1319
[  313.216157][T15566] workingset_refault_file 10235
[  313.240137][T15566] swap 0
[  313.256508][T15566] swapcached 737280
[  313.263605][T15566] pgpgin 402124
[  313.267117][T15566] pgpgout 374925
[  313.270693][T15566] pgfault 281313
[  313.274904][T15566] pgmajfault 180
[  313.278452][T15566] inactive_anon 111374336
[  313.282875][T15566] active_anon 28672
[  313.286679][T15566] inactive_file 0
[  313.290314][T15566] active_file 4096
[  313.294175][T15566] unevictable 0
[  313.297636][T15566] hierarchical_memory_limit 314572800
[  313.303722][T15566] hierarchical_memsw_limit 9223372036854771712
[  313.310007][T15566] total_cache 111185920
[  313.314295][T15566] total_rss 204800
[  313.318169][T15566] total_shmem 111185920
[  313.322398][T15566] total_mapped_file 12288
[  313.326785][T15566] total_dirty 0
[  313.330235][T15566] total_writeback 0
[  313.334871][T15566] total_workingset_refault_anon 1319
[  313.340156][T15566] total_workingset_refault_file 10235
[  313.345586][T15566] total_swap 0
[  313.348953][T15566] total_swapcached 737280
[  313.353436][T15566] total_pgpgin 402124
[  313.357566][T15566] total_pgpgout 374925
[  313.362655][T15566] total_pgfault 281313
[  313.366805][T15566] total_pgmajfault 180
[  313.370947][T15566] total_inactive_anon 111374336
[  313.376057][T15566] total_active_anon 28672
[  313.380471][T15566] total_inactive_file 0
[  313.384920][T15566] total_active_file 4096
[  313.389193][T15566] total_unevictable 0
[  313.401088][T15566] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.4242,pid=15553,uid=0
[  313.431550][T15566] Memory cgroup out of memory: Killed process 15553 (syz.4.4242) total-vm:96344kB, anon-rss:1420kB, file-rss:22360kB, shmem-rss:12kB, UID:0 pgtables:124kB oom_score_adj:0
[  313.582804][T15620] loop2: detected capacity change from 0 to 164
[  313.637807][T15620] iso9660: Corrupted directory entry in block 2 of inode 1792
[  314.328478][T15655] ------------[ cut here ]------------
[  314.334020][T15655] verifier bug: REG INVARIANTS VIOLATION (true_reg2): range bounds violation u64=[0x0, 0x7800000000] s64=[0x0, 0xffffffffffffffff] u32=[0x80000000, 0x0] s32=[0x0, 0xffffffff] var_off=(0x0, 0x7800000000)
[  314.353811][T15655] WARNING: kernel/bpf/verifier.c:2823 at reg_bounds_sanity_check+0x15b/0x660, CPU#0: syz.4.4277/15655
[  314.364834][T15655] Modules linked in:
[  314.368809][T15655] CPU: 0 UID: 0 PID: 15655 Comm: syz.4.4277 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  314.379822][T15655] Tainted: [W]=WARN
[  314.383681][T15655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  314.393862][T15655] RIP: 0010:reg_bounds_sanity_check+0x27d/0x660
[  314.400370][T15655] Code: 24 78 4c 8b 44 24 70 4c 8b 4c 24 60 41 ff 74 24 20 41 55 53 ff 74 24 68 ff 74 24 78 ff b4 24 90 00 00 00 ff b4 24 b0 00 00 00 <67> 48 0f b9 3a 48 83 c4 38 4c 8b ac 24 98 00 00 00 49 8d 85 80 08
[  314.420238][T15655] RSP: 0018:ffffc900023f3370 EFLAGS: 00010246
[  314.426553][T15655] RAX: ffff88810b0ecdc8 RBX: 00000000ffffffff RCX: 0000000000000000
[  314.434635][T15655] RDX: ffffffff86818b19 RSI: ffffffff8682d07d RDI: ffffffff871d2040
[  314.442614][T15655] RBP: ffff888116a77840 R08: 0000007800000000 R09: 0000000000000000
[  314.450587][T15655] R10: 00000000000000d0 R11: 0000000000000002 R12: ffff888116a77800
[  314.458583][T15655] R13: 0000000000000000 R14: ffff888116a7784c R15: ffff888116a77838
[  314.466678][T15655] FS:  00007fe20a1656c0(0000) GS:ffff8882ae8db000(0000) knlGS:0000000000000000
[  314.475710][T15655] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  314.482305][T15655] CR2: 00007fe20a164ff8 CR3: 000000015cdf4000 CR4: 00000000003506f0
[  314.490275][T15655] DR0: 0000200000000300 DR1: 0000200000000300 DR2: 0000000000000000
[  314.498339][T15655] DR3: 0000000000000000 DR6: 00000000ffff0ff3 DR7: 0000000000000600
[  314.506409][T15655] Call Trace:
[  314.509685][T15655]  <TASK>
[  314.512643][T15655]  reg_set_min_max+0x1f2/0x260
[  314.517499][T15655]  check_cond_jmp_op+0x13b2/0x1a80
[  314.522856][T15655]  do_check+0x4a9b/0x9860
[  314.527210][T15655]  do_check_common+0xd0b/0x1630
[  314.532089][T15655]  bpf_check+0x2f78/0xcc30
[  314.536613][T15655]  ? _raw_spin_unlock+0x9/0x30
[  314.541428][T15655]  ? finish_task_switch+0x7d/0x280
[  314.546544][T15655]  ? __schedule+0x93c/0xd40
[  314.551109][T15655]  ? preempt_schedule_irq+0x2d/0x50
[  314.556432][T15655]  ? raw_irqentry_exit_cond_resched+0x4b/0x60
[  314.562526][T15655]  ? __list_del_entry_valid_or_report+0x65/0x130
[  314.568887][T15655]  ? _raw_spin_unlock_irqrestore+0x9/0x30
[  314.574625][T15655]  ? rcu_preempt_deferred_qs_irqrestore+0x3dd/0x5c0
[  314.581250][T15655]  ? __rcu_read_unlock+0x6b/0x70
[  314.586305][T15655]  ? avc_has_perm_noaudit+0xab/0x130
[  314.591717][T15655]  ? avc_has_perm+0x101/0x190
[  314.596458][T15655]  ? selinux_bpf_prog_load+0x197/0x1c0
[  314.601962][T15655]  ? security_bpf_prog_load+0x9e/0x140
[  314.607441][T15655]  bpf_prog_load+0xf76/0x1140
[  314.612143][T15655]  ? security_bpf+0x2b/0x90
[  314.616659][T15655]  __sys_bpf+0x505/0x7e0
[  314.621188][T15655]  __x64_sys_bpf+0x41/0x50
[  314.625675][T15655]  x64_sys_call+0x10cb/0x3020
[  314.630428][T15655]  do_syscall_64+0x12c/0x370
[  314.635130][T15655]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  314.641403][T15655] RIP: 0033:0x7fe20b74c799
[  314.646088][T15655] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  314.666047][T15655] RSP: 002b:00007fe20a165028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  314.674577][T15655] RAX: ffffffffffffffda RBX: 00007fe20b9c6180 RCX: 00007fe20b74c799
[  314.682580][T15655] RDX: 0000000000000048 RSI: 00002000000054c0 RDI: 0000000000000005
[  314.690767][T15655] RBP: 00007fe20b7e2c99 R08: 0000000000000000 R09: 0000000000000000
[  314.698959][T15655] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  314.706987][T15655] R13: 00007fe20b9c6218 R14: 00007fe20b9c6180 R15: 00007ffe538c10b8
[  314.715031][T15655]  </TASK>
[  314.718387][T15655] ---[ end trace 0000000000000000 ]---
[  314.892925][T15667] veth1_to_team: entered allmulticast mode
[  315.159622][T15681] netlink: 'syz.2.4284': attribute type 11 has an invalid length.
[  315.577696][T15689] syzkaller0: entered promiscuous mode
[  315.592323][T15689] syzkaller0: entered allmulticast mode
[  315.922679][T15711] netlink: 'syz.5.4299': attribute type 5 has an invalid length.
[  316.134320][   T28] kauditd_printk_skb: 23 callbacks suppressed
[  316.134346][   T28] audit: type=1400 audit(1773736920.442:18131): avc:  denied  { read } for  pid=15725 comm="syz.2.4305" name="file2" dev="tmpfs" ino=2546 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  317.428704][   T28] audit: type=1400 audit(1773736921.732:18132): avc:  denied  { write } for  pid=15753 comm="syz.3.4315" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  317.512295][T15759] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4317'.
[  317.539367][T15764] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  317.547276][T15759] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4317'.
[  318.142173][T15770] syz.3.4321 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=0
[  318.156230][T15770] CPU: 1 UID: 0 PID: 15770 Comm: syz.3.4321 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  318.156265][T15770] Tainted: [W]=WARN
[  318.156273][T15770] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  318.156335][T15770] Call Trace:
[  318.156341][T15770]  <TASK>
[  318.156348][T15770]  __dump_stack+0x1d/0x30
[  318.156375][T15770]  dump_stack_lvl+0x95/0xd0
[  318.156401][T15770]  dump_stack+0x15/0x1b
[  318.156426][T15770]  dump_header+0x80/0x240
[  318.156502][T15770]  oom_kill_process+0x295/0x350
[  318.156525][T15770]  out_of_memory+0x97d/0xb80
[  318.156546][T15770]  try_charge_memcg+0x62e/0xa10
[  318.156586][T15770]  obj_cgroup_charge_pages+0x23/0xc0
[  318.156619][T15770]  __memcg_kmem_charge_page+0x9e/0x170
[  318.156724][T15770]  __alloc_frozen_pages_noprof+0x18a/0x360
[  318.156758][T15770]  alloc_pages_mpol+0xb3/0x260
[  318.156789][T15770]  alloc_pages_noprof+0x8f/0x130
[  318.156882][T15770]  __vmalloc_node_range_noprof+0xa46/0x12b0
[  318.156918][T15770]  __kvmalloc_node_noprof+0x3d4/0x650
[  318.156965][T15770]  ? ip_set_alloc+0x24/0x30
[  318.156997][T15770]  ? ip_set_alloc+0x24/0x30
[  318.157022][T15770]  ? __kmalloc_cache_noprof+0x18a/0x410
[  318.157137][T15770]  ip_set_alloc+0x24/0x30
[  318.157165][T15770]  hash_netiface_create+0x282/0x740
[  318.157295][T15770]  ? __pfx_hash_netiface_create+0x10/0x10
[  318.157324][T15770]  ip_set_create+0x3cf/0x970
[  318.157366][T15770]  ? __nla_parse+0x40/0x60
[  318.157400][T15770]  nfnetlink_rcv_msg+0x509/0x5d0
[  318.157483][T15770]  netlink_rcv_skb+0x123/0x220
[  318.157560][T15770]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  318.157599][T15770]  nfnetlink_rcv+0x167/0x1720
[  318.157710][T15770]  ? arch_scale_cpu_capacity+0x15/0x70
[  318.157751][T15770]  ? sched_balance_rq+0x77d/0x1e70
[  318.157798][T15770]  ? __list_del_entry_valid_or_report+0x65/0x130
[  318.157870][T15770]  ? _raw_spin_lock_bh+0x56/0xb0
[  318.157899][T15770]  ? _raw_spin_unlock_bh+0x18/0x20
[  318.157946][T15770]  ? selinux_nlmsg_lookup+0x99/0x890
[  318.158058][T15770]  ? __rcu_read_unlock+0x33/0x70
[  318.158139][T15770]  ? __netlink_lookup+0x276/0x2b0
[  318.158163][T15770]  netlink_unicast+0x5c0/0x690
[  318.158196][T15770]  netlink_sendmsg+0x5c8/0x6f0
[  318.158273][T15770]  ? __pfx_netlink_sendmsg+0x10/0x10
[  318.158334][T15770]  ____sys_sendmsg+0x563/0x5b0
[  318.158375][T15770]  ___sys_sendmsg+0x195/0x1e0
[  318.158441][T15770]  __x64_sys_sendmsg+0xd4/0x160
[  318.158473][T15770]  x64_sys_call+0x194c/0x3020
[  318.158509][T15770]  do_syscall_64+0x12c/0x370
[  318.158617][T15770]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  318.158643][T15770] RIP: 0033:0x7f8f1f13c799
[  318.158662][T15770] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  318.158721][T15770] RSP: 002b:00007f8f1db8f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  318.158746][T15770] RAX: ffffffffffffffda RBX: 00007f8f1f3b5fa0 RCX: 00007f8f1f13c799
[  318.158762][T15770] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003
[  318.158775][T15770] RBP: 00007f8f1f1d2c99 R08: 0000000000000000 R09: 0000000000000000
[  318.158790][T15770] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  318.158805][T15770] R13: 00007f8f1f3b6038 R14: 00007f8f1f3b5fa0 R15: 00007ffe8bd2a778
[  318.158840][T15770]  </TASK>
[  318.158878][T15770] memory: usage 307200kB, limit 307200kB, failcnt 17382
[  318.525626][T15770] memory+swap: usage 293292kB, limit 9007199254740988kB, failcnt 0
[  318.561427][T15770] kmem: usage 189336kB, limit 9007199254740988kB, failcnt 0
[  318.568872][T15770] Memory cgroup stats for /syz3:
[  318.569205][T15770] cache 11882496
[  318.598404][T15770] rss 212992
[  318.603072][T15770] shmem 11882496
[  318.606864][T15770] mapped_file 0
[  318.610562][T15770] dirty 0
[  318.614500][T15770] writeback 0
[  318.617785][T15770] workingset_refault_anon 1513
[  318.622766][T15770] workingset_refault_file 5340
[  318.627636][T15770] swap 53383168
[  318.631157][T15770] swapcached 97394688
[  318.635559][T15770] pgpgin 358284
[  318.639055][T15770] pgpgout 354212
[  318.643555][T15770] pgfault 280878
[  318.647273][T15770] pgmajfault 210
[  318.650860][T15770] inactive_anon 4161536
[  318.655168][T15770] active_anon 12496896
[  318.659348][T15770] inactive_file 0
[  318.663195][T15770] active_file 20480
[  318.667085][T15770] unevictable 0
[  318.670575][T15770] hierarchical_memory_limit 314572800
[  318.676994][T15770] hierarchical_memsw_limit 9223372036854771712
[  318.683374][T15770] total_cache 11882496
[  318.687464][T15770] total_rss 212992
[  318.691261][T15770] total_shmem 11882496
[  318.695485][T15770] total_mapped_file 0
[  318.699507][T15770] total_dirty 0
[  318.703849][T15770] total_writeback 0
[  318.707729][T15770] total_workingset_refault_anon 1513
[  318.713417][T15770] total_workingset_refault_file 5340
[  318.718865][T15770] total_swap 53383168
[  318.722975][T15770] total_swapcached 97394688
[  318.727493][T15770] total_pgpgin 358284
[  318.733573][T15770] total_pgpgout 354212
[  318.737672][T15770] total_pgfault 280878
[  318.741873][T15770] total_pgmajfault 210
[  318.746022][T15770] total_inactive_anon 4161536
[  318.750701][T15770] total_active_anon 12496896
[  318.750843][T15807] netlink: 'syz.6.4334': attribute type 5 has an invalid length.
[  318.755478][T15770] total_inactive_file 0
[  318.755492][T15770] total_active_file 20480
[  318.755502][T15770] total_unevictable 0
[  318.755512][T15770] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.2443,pid=10685,uid=0
[  318.755635][T15770] Memory cgroup out of memory: Killed process 10685 (syz.3.2443) total-vm:96212kB, anon-rss:1232kB, file-rss:20800kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000
[  319.341470][   T28] audit: type=1400 audit(1773736923.642:18133): avc:  denied  { write } for  pid=15835 comm="syz.5.4345" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  319.377691][T15842] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4356'.
[  319.404304][T15842] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=15842 comm=syz.5.4356
[  319.763896][T15849] netlink: 'syz.2.4347': attribute type 5 has an invalid length.
[  319.864383][   T28] audit: type=1400 audit(1773736924.172:18134): avc:  denied  { unmount } for  pid=8689 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  320.211232][T15865] netlink: 132 bytes leftover after parsing attributes in process `syz.3.4352'.
[  320.498121][T15868] 9pnet: p9_errstr2errno: server reported unknown error 0x00000000
[  320.584707][T15877] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4360'.
[  320.658993][T15877] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=15877 comm=syz.3.4360
[  321.211752][T15901] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4370'.
[  321.244453][T15901] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4370'.
[  321.378416][T15920] veth1_to_team: entered allmulticast mode
[  322.101799][T15945] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4386'.
[  322.134392][T15949] netlink: 40 bytes leftover after parsing attributes in process `syz.6.4388'.
[  322.286654][T15961] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4394'.
[  322.862717][T15947] syz.4.4387 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=0
[  322.877453][T15947] CPU: 1 UID: 0 PID: 15947 Comm: syz.4.4387 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  322.877491][T15947] Tainted: [W]=WARN
[  322.877499][T15947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  322.877573][T15947] Call Trace:
[  322.877581][T15947]  <TASK>
[  322.877590][T15947]  __dump_stack+0x1d/0x30
[  322.877618][T15947]  dump_stack_lvl+0x95/0xd0
[  322.877641][T15947]  dump_stack+0x15/0x1b
[  322.877661][T15947]  dump_header+0x80/0x240
[  322.877714][T15947]  oom_kill_process+0x295/0x350
[  322.877810][T15947]  out_of_memory+0x97d/0xb80
[  322.877837][T15947]  try_charge_memcg+0x62e/0xa10
[  322.877876][T15947]  obj_cgroup_charge_pages+0x23/0xc0
[  322.877957][T15947]  __memcg_kmem_charge_page+0x9e/0x170
[  322.877985][T15947]  __alloc_frozen_pages_noprof+0x18a/0x360
[  322.878035][T15947]  alloc_pages_mpol+0xb3/0x260
[  322.878065][T15947]  alloc_pages_noprof+0x8f/0x130
[  322.878187][T15947]  __vmalloc_node_range_noprof+0xa46/0x12b0
[  322.878225][T15947]  __kvmalloc_node_noprof+0x3d4/0x650
[  322.878295][T15947]  ? ip_set_alloc+0x24/0x30
[  322.878324][T15947]  ? ip_set_alloc+0x24/0x30
[  322.878351][T15947]  ? __kmalloc_cache_noprof+0x18a/0x410
[  322.878392][T15947]  ip_set_alloc+0x24/0x30
[  322.878423][T15947]  hash_netiface_create+0x282/0x740
[  322.878452][T15947]  ? __pfx_hash_netiface_create+0x10/0x10
[  322.878484][T15947]  ip_set_create+0x3cf/0x970
[  322.878530][T15947]  ? __nla_parse+0x40/0x60
[  322.878560][T15947]  nfnetlink_rcv_msg+0x509/0x5d0
[  322.878627][T15947]  netlink_rcv_skb+0x123/0x220
[  322.878694][T15947]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  322.878726][T15947]  nfnetlink_rcv+0x167/0x1720
[  322.878759][T15947]  ? _raw_spin_lock_irqsave+0x57/0xb0
[  322.878885][T15947]  ? __list_del_entry_valid_or_report+0x65/0x130
[  322.878936][T15947]  ? __rmqueue_pcplist+0x9b0/0xb70
[  322.878966][T15947]  ? _raw_spin_lock_bh+0x56/0xb0
[  322.878993][T15947]  ? _raw_spin_unlock_bh+0x18/0x20
[  322.879047][T15947]  ? selinux_nlmsg_lookup+0x99/0x890
[  322.879082][T15947]  ? __rcu_read_unlock+0x33/0x70
[  322.879104][T15947]  ? __netlink_lookup+0x276/0x2b0
[  322.879125][T15947]  netlink_unicast+0x5c0/0x690
[  322.879229][T15947]  netlink_sendmsg+0x5c8/0x6f0
[  322.879335][T15947]  ? __pfx_netlink_sendmsg+0x10/0x10
[  322.879436][T15947]  ____sys_sendmsg+0x563/0x5b0
[  322.879471][T15947]  ___sys_sendmsg+0x195/0x1e0
[  322.879514][T15947]  __x64_sys_sendmsg+0xd4/0x160
[  322.879667][T15947]  x64_sys_call+0x194c/0x3020
[  322.879694][T15947]  do_syscall_64+0x12c/0x370
[  322.879719][T15947]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  322.879774][T15947] RIP: 0033:0x7fe20b74c799
[  322.879790][T15947] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  322.879838][T15947] RSP: 002b:00007fe20a1a7028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  322.879860][T15947] RAX: ffffffffffffffda RBX: 00007fe20b9c5fa0 RCX: 00007fe20b74c799
[  322.879874][T15947] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003
[  322.879948][T15947] RBP: 00007fe20b7e2c99 R08: 0000000000000000 R09: 0000000000000000
[  322.879962][T15947] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  322.879975][T15947] R13: 00007fe20b9c6038 R14: 00007fe20b9c5fa0 R15: 00007ffe538c10b8
[  322.880005][T15947]  </TASK>
[  322.880043][T15947] memory: usage 307200kB, limit 307200kB, failcnt 464
[  323.221235][T15947] memory+swap: usage 307232kB, limit 9007199254740988kB, failcnt 0
[  323.229312][T15947] kmem: usage 241364kB, limit 9007199254740988kB, failcnt 0
[  323.236834][T15947] Memory cgroup stats for /syz4:
[  323.237124][T15947] cache 66965504
[  323.246649][T15947] rss 98304
[  323.249755][T15947] shmem 66965504
[  323.253472][T15947] mapped_file 0
[  323.256930][T15947] dirty 0
[  323.259868][T15947] writeback 0
[  323.264403][T15947] workingset_refault_anon 1319
[  323.269276][T15947] workingset_refault_file 10365
[  323.275085][T15947] swap 32768
[  323.278421][T15947] swapcached 1105920
[  323.282692][T15947] pgpgin 406296
[  323.286273][T15947] pgpgout 389837
[  323.289866][T15947] pgfault 286574
[  323.296532][T15947] pgmajfault 182
[  323.300180][T15947] inactive_anon 66306048
[  323.305255][T15947] active_anon 1105920
[  323.309478][T15947] inactive_file 0
[  323.313168][T15947] active_file 4096
[  323.316924][T15947] unevictable 0
[  323.320438][T15947] hierarchical_memory_limit 314572800
[  323.325924][T15947] hierarchical_memsw_limit 9223372036854771712
[  323.332931][T15947] total_cache 66965504
[  323.337326][T15947] total_rss 98304
[  323.341028][T15947] total_shmem 66965504
[  323.345161][T15947] total_mapped_file 0
[  323.349257][T15947] total_dirty 0
[  323.352949][T15947] total_writeback 0
[  323.356953][T15947] total_workingset_refault_anon 1319
[  323.363285][T15947] total_workingset_refault_file 10365
[  323.368791][T15947] total_swap 32768
[  323.372577][T15947] total_swapcached 1105920
[  323.377037][T15947] total_pgpgin 406296
[  323.387294][T15947] total_pgpgout 389837
[  323.392935][T15947] total_pgfault 286574
[  323.397088][T15947] total_pgmajfault 182
[  323.401204][T15947] total_inactive_anon 66306048
[  323.432558][T15947] total_active_anon 1105920
[  323.437269][T15947] total_inactive_file 0
[  323.441656][T15947] total_active_file 4096
[  323.445889][T15947] total_unevictable 0
[  323.449948][T15947] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.4387,pid=15946,uid=0
[  323.467075][T15947] Memory cgroup out of memory: Killed process 15946 (syz.4.4387) total-vm:96212kB, anon-rss:1316kB, file-rss:22152kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:0
[  324.610347][   T28] audit: type=1326 audit(1773736928.912:18135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16022 comm="syz.6.4419" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f339431c799 code=0x0
[  324.662575][T16031] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16031 comm=syz.3.4422
[  324.693292][T16031] netlink: 'syz.3.4422': attribute type 1 has an invalid length.
[  324.743202][T16031] bond4: (slave gretap1): making interface the new active one
[  324.751331][T16031] bond4: (slave gretap1): Enslaving as an active interface with an up link
[  324.769175][T16031] vlan2: entered allmulticast mode
[  324.774469][T16031] bond4: entered allmulticast mode
[  324.801576][T16031] gretap1: entered allmulticast mode
[  324.807702][T16031] bond4: (slave vlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  324.983212][T16038] cgroup: Setting release_agent not allowed
[  325.516125][T16058] openvswitch: netlink: Missing key (keys=40, expected=100)
[  325.865151][T16066] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4435'.
[  325.984127][   T28] audit: type=1400 audit(1773736930.282:18136): avc:  denied  { bind } for  pid=16067 comm="syz.2.4436" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  326.037738][   T28] audit: type=1400 audit(1773736930.282:18137): avc:  denied  { node_bind } for  pid=16067 comm="syz.2.4436" saddr=4.0.0.0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[  327.077422][T16108] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4451'.
[  327.201610][T16110] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16110 comm=syz.2.4451
[  328.025136][   T28] audit: type=1400 audit(1773736932.332:18138): avc:  denied  { read } for  pid=16134 comm="syz.2.4461" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  328.105000][    C1] sd 0:0:1:0: [sda] tag#318 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  328.115473][    C1] sd 0:0:1:0: [sda] tag#318 CDB: Read(6) 08 00 00 00 00 00
[  328.123420][    C1] sd 0:0:1:0: [sda] tag#319 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  328.133894][    C1] sd 0:0:1:0: [sda] tag#319 CDB: Read(6) 08 00 00 00 00 00
[  328.141250][    C1] sd 0:0:1:0: [sda] tag#256 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  328.151710][    C1] sd 0:0:1:0: [sda] tag#256 CDB: Read(6) 08 00 00 00 00 00
[  328.158978][    C1] sd 0:0:1:0: [sda] tag#257 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  328.169361][    C1] sd 0:0:1:0: [sda] tag#257 CDB: Read(6) 08 00 00 00 00 00
[  328.176618][    C1] sd 0:0:1:0: [sda] tag#258 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  328.187099][    C1] sd 0:0:1:0: [sda] tag#258 CDB: Read(6) 08 00 00 00 00 00
[  328.194447][    C1] sd 0:0:1:0: [sda] tag#259 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  328.205171][    C1] sd 0:0:1:0: [sda] tag#259 CDB: Read(6) 08 00 00 00 00 00
[  328.212448][    C1] sd 0:0:1:0: [sda] tag#260 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  328.222816][    C1] sd 0:0:1:0: [sda] tag#260 CDB: Read(6) 08 00 00 00 00 00
[  328.230050][    C1] sd 0:0:1:0: [sda] tag#261 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  328.240332][    C1] sd 0:0:1:0: [sda] tag#261 CDB: Read(6) 08 00 00 00 00 00
[  328.247578][    C1] sd 0:0:1:0: [sda] tag#262 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  328.257964][    C1] sd 0:0:1:0: [sda] tag#262 CDB: Read(6) 08 00 00 00 00 00
[  328.265313][    C1] sd 0:0:1:0: [sda] tag#263 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  328.275608][    C1] sd 0:0:1:0: [sda] tag#263 CDB: Read(6) 08 00 00 00 00 00
[  328.534282][T16143] syzkaller0: entered promiscuous mode
[  328.551711][T16143] syzkaller0: entered allmulticast mode
[  329.794299][T16171] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4472'.
[  331.176786][T16232] netlink: 'syz.5.4494': attribute type 21 has an invalid length.
[  332.102451][T16268] loop2: detected capacity change from 0 to 164
[  332.109828][T16268] Unable to read rock-ridge attributes
[  332.117578][T16268] Unable to read rock-ridge attributes
[  332.118841][   T28] audit: type=1400 audit(1773736936.422:18139): avc:  denied  { setopt } for  pid=16267 comm="syz.2.4502" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  333.843994][   T28] audit: type=1400 audit(1773736938.122:18140): avc:  denied  { getopt } for  pid=16315 comm="syz.6.4523" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  334.298690][T16329] loop2: detected capacity change from 0 to 512
[  334.367389][T16327] lo speed is unknown, defaulting to 1000
[  334.375744][T16329] EXT4-fs (loop2): 1 orphan inode deleted
[  334.401915][T16329] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  334.559114][ T8689] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  334.938298][T16349] loop2: detected capacity change from 0 to 512
[  335.008328][T16349] EXT4-fs: Ignoring removed nomblk_io_submit option
[  335.088392][T16349] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  335.118688][T16349] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=c040e119, mo2=0002]
[  335.253033][T16349] EXT4-fs (loop2): orphan cleanup on readonly fs
[  335.302269][T16349] Quota error (device loop2): v2_read_header: Failed header read: expected=8 got=0
[  335.448372][T16349] EXT4-fs warning (device loop2): ext4_enable_quotas:7236: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  335.538552][T16361] syz.6.4537 invoked oom-killer: gfp_mask=0x400cc0(GFP_KERNEL_ACCOUNT), order=0, oom_score_adj=0
[  335.559386][T16349] EXT4-fs (loop2): Cannot turn on quotas: error -22
[  335.584659][T16349] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.4533: bg 0: block 40: padding at end of block bitmap is not set
[  335.609898][T16361] CPU: 0 UID: 0 PID: 16361 Comm: syz.6.4537 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  335.609991][T16361] Tainted: [W]=WARN
[  335.610000][T16361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  335.610015][T16361] Call Trace:
[  335.610023][T16361]  <TASK>
[  335.610033][T16361]  __dump_stack+0x1d/0x30
[  335.610132][T16361]  dump_stack_lvl+0x95/0xd0
[  335.610192][T16361]  dump_stack+0x15/0x1b
[  335.610213][T16361]  dump_header+0x80/0x240
[  335.610240][T16361]  oom_kill_process+0x295/0x350
[  335.610346][T16361]  out_of_memory+0x97d/0xb80
[  335.610374][T16361]  try_charge_memcg+0x62e/0xa10
[  335.610444][T16361]  obj_cgroup_charge_pages+0x23/0xc0
[  335.610478][T16361]  __memcg_kmem_charge_page+0x9e/0x170
[  335.610583][T16361]  __alloc_frozen_pages_noprof+0x18a/0x360
[  335.610616][T16361]  alloc_pages_mpol+0xb3/0x260
[  335.610647][T16361]  alloc_pages_noprof+0x8f/0x130
[  335.610680][T16361]  alloc_skb_with_frags+0x193/0x470
[  335.610782][T16361]  sock_alloc_send_pskb+0x44d/0x500
[  335.610927][T16361]  ? __rcu_read_unlock+0x4e/0x70
[  335.610990][T16361]  unix_stream_sendmsg+0x40a/0xbb0
[  335.611024][T16361]  ? __pfx_unix_stream_sendmsg+0x10/0x10
[  335.611091][T16361]  ____sys_sendmsg+0x563/0x5b0
[  335.611132][T16361]  ___sys_sendmsg+0x195/0x1e0
[  335.611177][T16361]  __x64_sys_sendmsg+0xd4/0x160
[  335.611264][T16361]  x64_sys_call+0x194c/0x3020
[  335.611292][T16361]  do_syscall_64+0x12c/0x370
[  335.611397][T16361]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  335.611423][T16361] RIP: 0033:0x7f339431c799
[  335.611442][T16361] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  335.611540][T16361] RSP: 002b:00007f3392d56028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  335.611565][T16361] RAX: ffffffffffffffda RBX: 00007f3394596090 RCX: 00007f339431c799
[  335.611583][T16361] RDX: 0000000000000000 RSI: 0000200000001580 RDI: 0000000000000004
[  335.611599][T16361] RBP: 00007f33943b2c99 R08: 0000000000000000 R09: 0000000000000000
[  335.611615][T16361] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  335.611629][T16361] R13: 00007f3394596128 R14: 00007f3394596090 R15: 00007ffc66f57af8
[  335.611648][T16361]  </TASK>
[  335.901412][T16361] memory: usage 200916kB, limit 307200kB, failcnt 20110
[  335.929125][T16361] memory+swap: usage 267628kB, limit 9007199254740988kB, failcnt 0
[  335.953754][T16361] kmem: usage 222476kB, limit 9007199254740988kB, failcnt 0
[  335.961416][T16349] loop2: lost filesystem error report for type 5 error -117
[  335.962590][T16349] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6685: Corrupt filesystem
[  335.978647][    C0] EXT4-fs (loop2): error count since last fsck: 1
[  335.978671][    C0] EXT4-fs (loop2): initial error at time 1773736940: ext4_validate_block_bitmap:441
[  335.978696][    C0] EXT4-fs (loop2): last error at time 1773736940: ext4_validate_block_bitmap:441
[  336.005331][T16361] Memory cgroup stats for /syz6:
[  336.005526][T16361] cache 0
[  336.029129][T16361] rss 1642496
[  336.044959][T16361] shmem 0
[  336.076120][T16361] mapped_file 0
[  336.098850][T16361] dirty 0
[  336.104494][T16349] loop2: lost filesystem error report for type 5 error -117
[  336.104641][T16349] EXT4-fs (loop2): 1 truncate cleaned up
[  336.128637][T16361] writeback 0
[  336.134181][T16361] workingset_refault_anon 3799
[  336.144071][T16349] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  336.163315][T16361] workingset_refault_file 0
[  336.173340][T16361] swap 70160384
[  336.176812][T16361] swapcached 96739328
[  336.191183][T16361] pgpgin 283413
[  336.201184][T16361] pgpgout 282995
[  336.212169][T16361] pgfault 276515
[  336.221099][T16361] pgmajfault 681
[  336.232329][T16361] inactive_anon 909312
[  336.244490][T16361] active_anon 802816
[  336.259818][T16361] inactive_file 0
[  336.274635][T16361] active_file 0
[  336.282525][T16361] unevictable 0
[  336.297552][T16361] hierarchical_memory_limit 314572800
[  336.330001][T16361] hierarchical_memsw_limit 9223372036854771712
[  336.333651][T16382] lo speed is unknown, defaulting to 1000
[  336.341405][T16361] total_cache 0
[  336.348677][T16361] total_rss 1642496
[  336.359288][T16361] total_shmem 0
[  336.367413][T16361] total_mapped_file 0
[  336.377679][T16361] total_dirty 0
[  336.388731][T16361] total_writeback 0
[  336.389144][ T8689] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  336.392650][T16361] total_workingset_refault_anon 3799
[  336.406923][T16361] total_workingset_refault_file 0
[  336.412853][T16361] total_swap 70160384
[  336.416855][T16361] total_swapcached 96739328
[  336.421494][T16361] total_pgpgin 283413
[  336.426179][T16361] total_pgpgout 282995
[  336.430524][T16361] total_pgfault 276515
[  336.437009][T16361] total_pgmajfault 681
[  336.441178][T16361] total_inactive_anon 909312
[  336.454803][T16361] total_active_anon 802816
[  336.459647][T16361] total_inactive_file 0
[  336.463984][T16361] total_active_file 0
[  336.468150][T16361] total_unevictable 0
[  336.472892][T16361] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz6,task_memcg=/syz6,task=syz.6.4537,pid=16357,uid=0
[  336.520038][T16396] netlink: 'syz.5.4549': attribute type 1 has an invalid length.
[  336.539210][T16396] 8021q: adding VLAN 0 to HW filter on device bond6
[  336.553263][T16396] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4549'.
[  336.563662][T16396] bond6: up delay (136) is not a multiple of miimon (100), value rounded to 100 ms
[  336.606422][T16361] Memory cgroup out of memory: Killed process 16361 (syz.6.4537) total-vm:98532kB, anon-rss:2840kB, file-rss:26444kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:0
[  336.626020][T16396] bond6: entered allmulticast mode
[  336.655392][T16398] bond6: (slave ip6gretap1): Enslaving as an active interface with an up link
[  336.679240][T16400] lo speed is unknown, defaulting to 1000
[  338.131055][T16446] lo speed is unknown, defaulting to 1000
[  338.447296][   T28] audit: type=1326 audit(1773736942.752:18141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16460 comm="syz.3.4572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f1f13c799 code=0x7ffc0000
[  338.501448][   T28] audit: type=1326 audit(1773736942.752:18142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16460 comm="syz.3.4572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8f1f13c799 code=0x7ffc0000
[  338.525243][   T28] audit: type=1326 audit(1773736942.752:18143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16460 comm="syz.3.4572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f1f13c799 code=0x7ffc0000
[  338.550156][   T28] audit: type=1326 audit(1773736942.782:18144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16460 comm="syz.3.4572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=51 compat=0 ip=0x7f8f1f13c799 code=0x7ffc0000
[  338.622886][T16472] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4577'.
[  338.630517][T16474] netlink: 'syz.6.4578': attribute type 83 has an invalid length.
[  338.640170][   T28] audit: type=1326 audit(1773736942.782:18145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16460 comm="syz.3.4572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f1f13c799 code=0x7ffc0000
[  338.707510][   T28] audit: type=1326 audit(1773736942.782:18146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16460 comm="syz.3.4572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f8f1f0fcfce code=0x7ffc0000
[  338.731784][T16472] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16472 comm=syz.3.4577
[  338.770956][   T28] audit: type=1326 audit(1773736942.782:18147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16460 comm="syz.3.4572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f1f13c799 code=0x7ffc0000
[  338.846137][   T28] audit: type=1326 audit(1773736942.782:18148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16460 comm="syz.3.4572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8f1f13c799 code=0x7ffc0000
[  338.960701][   T28] audit: type=1326 audit(1773736942.782:18149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16460 comm="syz.3.4572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f1f13c799 code=0x7ffc0000
[  339.011845][   T28] audit: type=1326 audit(1773736942.782:18150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16460 comm="syz.3.4572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f8f1f13c799 code=0x7ffc0000
[  339.281220][T16510] netlink: 'syz.3.4592': attribute type 4 has an invalid length.
[  339.588359][T16538] sctp: [Deprecated]: syz.4.4599 (pid 16538) Use of struct sctp_assoc_value in delayed_ack socket option.
[  339.588359][T16538] Use struct sctp_sack_info instead
[  339.621257][T16539] lo speed is unknown, defaulting to 1000
[  340.294732][T16550] netlink: 'syz.3.4602': attribute type 3 has an invalid length.
[  340.303216][T16550] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4602'.
[  340.312600][T16550] ------------[ cut here ]------------
[  340.318090][T16550] memcpy: detected field-spanning write (size 32) of single field "&new->sel" at net/sched/cls_u32.c:855 (size 16)
[  340.331012][T16550] WARNING: net/sched/cls_u32.c:855 at u32_change+0x144c/0x14d0, CPU#1: syz.3.4602/16550
[  340.340826][T16550] Modules linked in:
[  340.344917][T16550] CPU: 1 UID: 0 PID: 16550 Comm: syz.3.4602 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  340.356793][T16550] Tainted: [W]=WARN
[  340.360673][T16550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  340.371134][T16550] RIP: 0010:u32_change+0x1463/0x14d0
[  340.376559][T16550] Code: 31 ed e9 96 fe ff ff e8 8b 0a c2 fc 48 8d 3d 44 3d 89 02 b9 10 00 00 00 4d 89 f7 4c 8b 74 24 18 4c 89 f6 48 c7 c2 37 92 7e 86 <67> 48 0f b9 3a 4c 89 f2 4d 89 fe 4c 8b 7c 24 28 e9 36 f1 ff ff e8
[  340.397033][T16550] RSP: 0018:ffffc900025b75e0 EFLAGS: 00010287
[  340.403142][T16550] RAX: ffffffff849753f5 RBX: ffffc900025b77f0 RCX: 0000000000000010
[  340.411151][T16550] RDX: ffffffff867e9237 RSI: 0000000000000020 RDI: ffffffff87209140
[  340.419169][T16550] RBP: ffffc900025b76e8 R08: 0001888154f25587 R09: 0000000000000000
[  340.428026][T16550] R10: ffffc900025b70d8 R11: 0001c900025b70d8 R12: ffff88815b0a5f00
[  340.436072][T16550] R13: 0000000000000001 R14: 0000000000000020 R15: ffff88815b0a5fc0
[  340.437746][T16556] netlink: 'syz.4.4604': attribute type 2 has an invalid length.
[  340.444074][T16550] FS:  00007f8f1db8f6c0(0000) GS:ffff8882ae9db000(0000) knlGS:0000000000000000
[  340.444099][T16550] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  340.444143][T16550] CR2: 0000001b2f322ff8 CR3: 0000000117e24000 CR4: 00000000003506f0
[  340.452063][T16556] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4604'.
[  340.460782][T16550] DR0: fffffffffffffffe DR1: 0000000000000000 DR2: 0000000000000000
[  340.460802][T16550] DR3: 0000200000000300 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  340.501972][T16550] Call Trace:
[  340.505251][T16550]  <TASK>
[  340.508262][T16550]  tc_new_tfilter+0xfc0/0x1200
[  340.513230][T16550]  ? ns_capable+0x7c/0xb0
[  340.517682][T16550]  ? __pfx_tc_new_tfilter+0x10/0x10
[  340.523548][T16550]  rtnetlink_rcv_msg+0x64b/0x720
[  340.528498][T16550]  ? avc_has_perm_noaudit+0xab/0x130
[  340.533885][T16550]  netlink_rcv_skb+0x123/0x220
[  340.539113][T16550]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  340.544703][T16550]  rtnetlink_rcv+0x1c/0x30
[  340.549132][T16550]  netlink_unicast+0x5c0/0x690
[  340.554745][T16550]  netlink_sendmsg+0x5c8/0x6f0
[  340.559639][T16550]  ? __pfx_netlink_sendmsg+0x10/0x10
[  340.564968][T16550]  ____sys_sendmsg+0x563/0x5b0
[  340.569824][T16550]  ___sys_sendmsg+0x195/0x1e0
[  340.574571][T16550]  __sys_sendmmsg+0x185/0x320
[  340.579441][T16550]  __x64_sys_sendmmsg+0x57/0x70
[  340.584999][T16550]  x64_sys_call+0x27aa/0x3020
[  340.589837][T16550]  do_syscall_64+0x12c/0x370
[  340.594498][T16550]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  340.600406][T16550] RIP: 0033:0x7f8f1f13c799
[  340.604886][T16550] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  340.625222][T16550] RSP: 002b:00007f8f1db8f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  340.633812][T16550] RAX: ffffffffffffffda RBX: 00007f8f1f3b5fa0 RCX: 00007f8f1f13c799
[  340.641894][T16550] RDX: 04000000000001f2 RSI: 0000200000000000 RDI: 0000000000000005
[  340.649947][T16550] RBP: 00007f8f1f1d2c99 R08: 0000000000000000 R09: 0000000000000000
[  340.658577][T16550] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  340.666711][T16550] R13: 00007f8f1f3b6038 R14: 00007f8f1f3b5fa0 R15: 00007ffe8bd2a778
[  340.675057][T16550]  </TASK>
[  340.678083][T16550] ---[ end trace 0000000000000000 ]---
[  340.765810][T16559] xfrm0: entered promiscuous mode
[  341.591712][T16603] 8021q: adding VLAN 0 to HW filter on device bond0
[  341.614850][T16603] 8021q: adding VLAN 0 to HW filter on device team0
[  341.796187][T16603] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  341.893118][T16608] netlink: 'syz.6.4622': attribute type 2 has an invalid length.
[  341.999091][T16614] lo speed is unknown, defaulting to 1000
[  342.041871][T16618] lo speed is unknown, defaulting to 1000
[  342.087955][T16619] lo speed is unknown, defaulting to 1000
[  342.314206][T16635] bridge0: port 1(gretap0) entered blocking state
[  342.320932][T16635] bridge0: port 1(gretap0) entered disabled state
[  342.341826][T16635] gretap0: entered allmulticast mode
[  342.369334][T16635] gretap0: entered promiscuous mode
[  343.066583][T16666] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4645'.
[  343.082980][T16666] netlink: 'syz.5.4645': attribute type 30 has an invalid length.
[  343.109940][   T50] netdevsim netdevsim5 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  343.125721][   T50] netdevsim netdevsim5 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  343.134395][   T50] netdevsim netdevsim5 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  343.142947][   T50] netdevsim netdevsim5 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  344.043986][T16687] tipc: Failed to remove unknown binding: 66,0,0/0:3723255429/3723255430
[  344.099268][   T28] kauditd_printk_skb: 34 callbacks suppressed
[  344.099282][   T28] audit: type=1326 audit(1773736948.402:18185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16690 comm="syz.5.4656" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0be495c799 code=0x0
[  344.316312][T16701] syzkaller0: entered promiscuous mode
[  344.322003][T16701] syzkaller0: entered allmulticast mode
[  345.270347][T16718] netlink: 24 bytes leftover after parsing attributes in process `syz.6.4666'.
[  345.375368][T16718] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16718 comm=syz.6.4666
[  345.404527][T16733] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2560 sclass=netlink_route_socket pid=16733 comm=syz.5.4672
[  345.426664][T16733] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2563 sclass=netlink_route_socket pid=16733 comm=syz.5.4672
[  345.462184][T16733] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4672'.
[  345.619471][T16750] netlink: 80 bytes leftover after parsing attributes in process `syz.2.4675'.
[  345.714459][T16757] netlink: 'syz.2.4678': attribute type 2 has an invalid length.
[  345.756624][T16752] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4676'.
[  346.294468][T16778] xfrm0: entered promiscuous mode
[  346.448841][T16786] netlink: 'syz.6.4686': attribute type 29 has an invalid length.
[  346.483729][T16786] netlink: 'syz.6.4686': attribute type 29 has an invalid length.
[  346.537220][T16787] netlink: 500 bytes leftover after parsing attributes in process `syz.6.4686'.
[  346.604684][T16785] delete_channel: no stack
[  346.690789][T16777] lo speed is unknown, defaulting to 1000
[  346.740746][   T28] audit: type=1326 audit(1773736951.042:18186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16790 comm="syz.2.4689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dda0dc799 code=0x7ffc0000
[  346.771034][   T28] audit: type=1326 audit(1773736951.042:18187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16790 comm="syz.2.4689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dda0dc799 code=0x7ffc0000
[  346.817757][T16795] loop2: detected capacity change from 0 to 764
[  346.833937][T16795] Symlink component flag not implemented
[  346.840022][T16795] Symlink component flag not implemented (116)
[  346.876197][   T28] audit: type=1326 audit(1773736951.042:18188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16790 comm="syz.2.4689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dda0dc799 code=0x7ffc0000
[  346.991881][   T28] audit: type=1326 audit(1773736951.042:18189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16790 comm="syz.2.4689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f3dda0dc799 code=0x7ffc0000
[  347.090888][   T28] audit: type=1326 audit(1773736951.042:18190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16790 comm="syz.2.4689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dda0dc799 code=0x7ffc0000
[  347.403601][   T28] audit: type=1326 audit(1773736951.042:18191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16790 comm="syz.2.4689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dda0dc799 code=0x7ffc0000
[  347.564383][   T28] audit: type=1326 audit(1773736951.042:18192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16790 comm="syz.2.4689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dda0dc799 code=0x7ffc0000
[  347.719108][   T28] audit: type=1326 audit(1773736951.042:18193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16790 comm="syz.2.4689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3dda0dc799 code=0x7ffc0000
[  347.819073][   T28] audit: type=1326 audit(1773736951.042:18194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16790 comm="syz.2.4689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3dda0dc799 code=0x7ffc0000
[  348.404235][T16808] netlink: 763 bytes leftover after parsing attributes in process `syz.2.4695'.
[  348.420141][T16811] vlan0: entered promiscuous mode
[  348.425511][T16811] bridge0: entered promiscuous mode
[  349.476504][T16852] loop2: detected capacity change from 0 to 1024
[  349.606306][T16852] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e040c01c, mo2=0002]
[  349.637575][T16852] System zones: 0-1, 3-36
[  349.652900][T16852] EXT4-fs error (device loop2): ext4_orphan_get:1417: comm syz.2.4709: bad orphan inode 134217728
[  349.666358][T16852] loop2: lost filesystem error report for type 5 error -117
[  349.675908][T16852] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  349.809594][T16885] bond0: (slave team0): Releasing backup interface
[  349.826906][T16885] bridge_slave_0: left promiscuous mode
[  349.835473][T16885] bridge0: port 1(bridge_slave_0) entered disabled state
[  349.867334][T16891] netlink: 'syz.5.4734': attribute type 27 has an invalid length.
[  349.898678][T16885] bridge_slave_1: left allmulticast mode
[  349.909150][T16893] netlink: 80 bytes leftover after parsing attributes in process `syz.4.4722'.
[  349.919519][T16885] bridge_slave_1: left promiscuous mode
[  349.932552][T16885] bridge0: port 2(bridge_slave_1) entered disabled state
[  349.959406][T16885] bond0: (slave bond_slave_0): Releasing backup interface
[  349.977745][T16885] bond0: (slave bond_slave_1): Releasing backup interface
[  349.996010][T16885] team0: Port device team_slave_0 removed
[  350.004197][T16885] team0: Port device team_slave_1 removed
[  350.010314][T16885] batman_adv: batadv0: Removing interface: batadv_slave_0
[  350.028509][T16885] batman_adv: batadv0: Removing interface: batadv_slave_1
[  350.040184][T16885] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  350.061414][T16891] xfrm0: left promiscuous mode
[  350.079912][T16891] bond4: left promiscuous mode
[  350.123210][T16891] bond6: left allmulticast mode
[  350.167004][T16894] 8021q: adding VLAN 0 to HW filter on device bond0
[  350.177626][T16894] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  350.229906][ T1914] netdevsim netdevsim5 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  350.239867][ T1914] netdevsim netdevsim5 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  350.291416][T16897] lo speed is unknown, defaulting to 1000
[  350.294542][ T1914] netdevsim netdevsim5 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  350.310648][ T8689] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  350.354175][ T1914] netdevsim netdevsim5 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  350.971592][T16925] netlink: 'syz.4.4735': attribute type 16 has an invalid length.
[  350.995884][T16925] netlink: 'syz.4.4735': attribute type 17 has an invalid length.
[  351.053893][T16925] 8021q: adding VLAN 0 to HW filter on device bond0
[  351.075940][T16925] 8021q: adding VLAN 0 to HW filter on device team0
[  351.096368][T16925] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  351.112584][ T5420] lo speed is unknown, defaulting to 1000
[  351.131487][ T5420] syz2: Port: 1 Link ACTIVE
[  351.132066][T16933] bond6: (slave ip6gretap1): Releasing active interface
[  351.154674][T16934] netlink: 80 bytes leftover after parsing attributes in process `syz.5.4738'.
[  352.361987][T16972] lo speed is unknown, defaulting to 1000
[  352.588899][   T28] kauditd_printk_skb: 63 callbacks suppressed
[  352.588916][   T28] audit: type=1400 audit(1773736956.892:18258): avc:  denied  { write } for  pid=16968 comm="syz.2.4751" path="socket:[114912]" dev="sockfs" ino=114912 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  352.663533][T16982] gretap0: left allmulticast mode
[  352.668774][T16982] gretap0: left promiscuous mode
[  352.679075][T16982] bridge0: port 1(gretap0) entered disabled state
[  352.690538][T16982] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  352.711815][T16982] netlink: 80 bytes leftover after parsing attributes in process `syz.3.4754'.
[  352.735266][T16957] syz.4.4747 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=0
[  352.749929][T16957] CPU: 0 UID: 0 PID: 16957 Comm: syz.4.4747 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  352.749962][T16957] Tainted: [W]=WARN
[  352.749970][T16957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  352.749983][T16957] Call Trace:
[  352.750010][T16957]  <TASK>
[  352.750018][T16957]  __dump_stack+0x1d/0x30
[  352.750049][T16957]  dump_stack_lvl+0x95/0xd0
[  352.750128][T16957]  dump_stack+0x15/0x1b
[  352.750203][T16957]  dump_header+0x80/0x240
[  352.750231][T16957]  oom_kill_process+0x295/0x350
[  352.750259][T16957]  out_of_memory+0x97d/0xb80
[  352.750300][T16957]  try_charge_memcg+0x62e/0xa10
[  352.750346][T16957]  obj_cgroup_charge_pages+0x23/0xc0
[  352.750408][T16957]  __memcg_kmem_charge_page+0x9e/0x170
[  352.750440][T16957]  __alloc_frozen_pages_noprof+0x18a/0x360
[  352.750477][T16957]  alloc_pages_mpol+0xb3/0x260
[  352.750541][T16957]  alloc_pages_noprof+0x8f/0x130
[  352.750575][T16957]  __vmalloc_node_range_noprof+0xa46/0x12b0
[  352.750619][T16957]  __kvmalloc_node_noprof+0x3d4/0x650
[  352.750650][T16957]  ? ip_set_alloc+0x24/0x30
[  352.750708][T16957]  ? ip_set_alloc+0x24/0x30
[  352.750740][T16957]  ? __kmalloc_cache_noprof+0x18a/0x410
[  352.750792][T16957]  ip_set_alloc+0x24/0x30
[  352.750824][T16957]  hash_netiface_create+0x282/0x740
[  352.750859][T16957]  ? __pfx_hash_netiface_create+0x10/0x10
[  352.750945][T16957]  ip_set_create+0x3cf/0x970
[  352.750992][T16957]  ? __nla_parse+0x40/0x60
[  352.751026][T16957]  nfnetlink_rcv_msg+0x509/0x5d0
[  352.751111][T16957]  netlink_rcv_skb+0x123/0x220
[  352.751148][T16957]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  352.751234][T16957]  nfnetlink_rcv+0x167/0x1720
[  352.751343][T16957]  ? __kfree_skb+0x109/0x150
[  352.751385][T16957]  ? nlmon_xmit+0x4f/0x60
[  352.751407][T16957]  ? consume_skb+0x4b/0x160
[  352.751512][T16957]  ? nlmon_xmit+0x4f/0x60
[  352.751536][T16957]  ? dev_hard_start_xmit+0x3b9/0x3f0
[  352.751575][T16957]  ? __dev_queue_xmit+0x136c/0x1f20
[  352.751635][T16957]  ? __dev_queue_xmit+0x148/0x1f20
[  352.751727][T16957]  ? ref_tracker_free+0x37d/0x3e0
[  352.751760][T16957]  ? __netlink_deliver_tap+0x4dc/0x500
[  352.751798][T16957]  netlink_unicast+0x5c0/0x690
[  352.751881][T16957]  netlink_sendmsg+0x5c8/0x6f0
[  352.751972][T16957]  ? __pfx_netlink_sendmsg+0x10/0x10
[  352.752006][T16957]  ____sys_sendmsg+0x563/0x5b0
[  352.752044][T16957]  ___sys_sendmsg+0x195/0x1e0
[  352.752169][T16957]  __x64_sys_sendmsg+0xd4/0x160
[  352.752255][T16957]  x64_sys_call+0x194c/0x3020
[  352.752282][T16957]  do_syscall_64+0x12c/0x370
[  352.752310][T16957]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  352.752396][T16957] RIP: 0033:0x7fe20b74c799
[  352.752472][T16957] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  352.752532][T16957] RSP: 002b:00007fe20a1a7028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  352.752552][T16957] RAX: ffffffffffffffda RBX: 00007fe20b9c5fa0 RCX: 00007fe20b74c799
[  352.752568][T16957] RDX: 0000000000000880 RSI: 0000200000000040 RDI: 0000000000000003
[  352.752588][T16957] RBP: 00007fe20b7e2c99 R08: 0000000000000000 R09: 0000000000000000
[  352.752600][T16957] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  352.752613][T16957] R13: 00007fe20b9c6038 R14: 00007fe20b9c5fa0 R15: 00007ffe538c10b8
[  352.752636][T16957]  </TASK>
[  353.076526][T16957] memory: usage 307200kB, limit 307200kB, failcnt 1590
[  353.100795][T16957] memory+swap: usage 307532kB, limit 9007199254740988kB, failcnt 0
[  353.108769][T16957] kmem: usage 225052kB, limit 9007199254740988kB, failcnt 0
[  353.175300][T16957] Memory cgroup stats for /syz4:
[  353.175572][T16957] cache 67350528
[  353.207840][T16957] rss 16748544
[  353.211243][T16957] shmem 67346432
[  353.222494][T16957] mapped_file 0
[  353.227140][T16957] dirty 0
[  353.230232][T16957] writeback 0
[  353.234496][T16957] workingset_refault_anon 1320
[  353.234572][T17002] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4761'.
[  353.248527][T16957] workingset_refault_file 12943
[  353.253427][T16957] swap 339968
[  353.256729][T16957] swapcached 1118208
[  353.260707][T16957] pgpgin 458861
[  353.266243][T16957] pgpgout 438324
[  353.272854][T16957] pgfault 328742
[  353.278472][T16957] pgmajfault 193
[  353.282400][T16957] inactive_anon 82026496
[  353.287120][T16957] active_anon 2084864
[  353.288687][T17002] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17002 comm=syz.2.4761
[  353.291131][T16957] inactive_file 4096
[  353.308930][T16957] active_file 4096
[  353.312696][T16957] unevictable 0
[  353.316221][T16957] hierarchical_memory_limit 314572800
[  353.321861][T16957] hierarchical_memsw_limit 9223372036854771712
[  353.328105][T16957] total_cache 67350528
[  353.332497][T16957] total_rss 16748544
[  353.336488][T16957] total_shmem 67346432
[  353.376890][T16957] total_mapped_file 0
[  353.381059][T16957] total_dirty 0
[  353.387940][T17010] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2560 sclass=netlink_route_socket pid=17010 comm=syz.3.4763
[  353.391452][T16957] total_writeback 0
[  353.402719][T17010] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2563 sclass=netlink_route_socket pid=17010 comm=syz.3.4763
[  353.417280][T16957] total_workingset_refault_anon 1320
[  353.417338][T16957] total_workingset_refault_file 12943
[  353.417347][T16957] total_swap 339968
[  353.417356][T16957] total_swapcached 1118208
[  353.417365][T16957] total_pgpgin 458861
[  353.417374][T16957] total_pgpgout 438324
[  353.417383][T16957] total_pgfault 328742
[  353.417391][T16957] total_pgmajfault 193
[  353.417417][T16957] total_inactive_anon 82026496
[  353.417427][T16957] total_active_anon 2084864
[  353.417435][T16957] total_inactive_file 4096
[  353.417443][T16957] total_active_file 4096
[  353.417451][T16957] total_unevictable 0
[  353.417460][T16957] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.4747,pid=16956,uid=0
[  353.417554][T16957] Memory cgroup out of memory: Killed process 16956 (syz.4.4747) total-vm:100580kB, anon-rss:17476kB, file-rss:26344kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:0
[  353.509981][T17013] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4763'.
[  353.938095][T17025] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4768'.
[  353.963958][T17025] bond5: entered promiscuous mode
[  353.969370][T17025] 8021q: adding VLAN 0 to HW filter on device bond5
[  353.987606][T17025] 8021q: adding VLAN 0 to HW filter on device bond5
[  353.997848][T17025] bond5: (slave sit1): The slave device specified does not support setting the MAC address
[  354.008907][T17025] bond5: (slave sit1): Error -95 calling set_mac_address
[  354.084060][T17030] bridge_slave_0: left promiscuous mode
[  354.091692][T17030] bridge0: port 1(bridge_slave_0) entered disabled state
[  354.120674][T17030] bridge_slave_1: left allmulticast mode
[  354.132659][T17030] bridge_slave_1: left promiscuous mode
[  354.138344][T17030] bridge0: port 2(bridge_slave_1) entered disabled state
[  354.147388][T17039] netlink: 80 bytes leftover after parsing attributes in process `syz.6.4769'.
[  354.159208][T17030] team0: Port device team_slave_0 removed
[  354.166765][T17030] team0: Port device team_slave_1 removed
[  354.174011][T17030] batman_adv: batadv0: Removing interface: batadv_slave_0
[  354.191294][T17030] batman_adv: batadv0: Removing interface: batadv_slave_1
[  354.199244][T17030] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  356.344843][T17097] tipc: Failed to remove unknown binding: 66,0,0/0:3259361052/3259361054
[  356.381320][T17097] tipc: Failed to remove unknown binding: 66,0,0/0:3259361052/3259361053
[  356.395576][T17097] tipc: Failed to remove unknown binding: 66,0,0/0:3259361052/3259361054
[  356.414499][T17097] tipc: Failed to remove unknown binding: 66,0,0/0:3259361052/3259361053
[  356.981862][   T28] audit: type=1326 audit(1773736961.282:18259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17127 comm="syz.4.4800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe20b74c799 code=0x7ffc0000
[  357.014684][   T28] audit: type=1326 audit(1773736961.282:18260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17127 comm="syz.4.4800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe20b74c799 code=0x7ffc0000
[  357.065067][   T28] audit: type=1326 audit(1773736961.282:18261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17127 comm="syz.4.4800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe20b74c799 code=0x7ffc0000
[  357.119504][   T28] audit: type=1326 audit(1773736961.282:18262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17127 comm="syz.4.4800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe20b74c799 code=0x7ffc0000
[  357.165334][   T28] audit: type=1326 audit(1773736961.282:18263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17127 comm="syz.4.4800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=268 compat=0 ip=0x7fe20b74c799 code=0x7ffc0000
[  357.260545][   T28] audit: type=1326 audit(1773736961.282:18264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17127 comm="syz.4.4800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe20b74c799 code=0x7ffc0000
[  357.291338][   T28] audit: type=1326 audit(1773736961.282:18265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17127 comm="syz.4.4800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe20b74c799 code=0x7ffc0000
[  357.346179][   T28] audit: type=1326 audit(1773736961.282:18266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17127 comm="syz.4.4800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe20b74c799 code=0x7ffc0000
[  357.370546][   T28] audit: type=1326 audit(1773736961.282:18267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17127 comm="syz.4.4800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe20b74c799 code=0x7ffc0000
[  357.594139][   T28] kauditd_printk_skb: 42 callbacks suppressed
[  357.594196][   T28] audit: type=1400 audit(1773736961.902:18310): avc:  denied  { open } for  pid=17138 comm="syz.2.4805" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=0
[  357.620653][   T28] audit: type=1400 audit(1773736961.902:18311): avc:  denied  { allowed } for  pid=17138 comm="syz.2.4805" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=0
[  357.671517][   T28] audit: type=1400 audit(1773736961.902:18312): avc:  denied  { read write } for  pid=8689 comm="syz-executor" name="loop2" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  357.715074][   T28] audit: type=1400 audit(1773736961.982:18313): avc:  denied  { read write } for  pid=8689 comm="syz-executor" name="loop2" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  357.748273][   T28] audit: type=1400 audit(1773736962.022:18314): avc:  denied  { create } for  pid=17150 comm="syz.2.4809" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=0
[  357.799432][   T28] audit: type=1400 audit(1773736962.052:18315): avc:  denied  { create } for  pid=17150 comm="syz.2.4809" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=0
[  357.819770][   T28] audit: type=1400 audit(1773736962.052:18316): avc:  denied  { create } for  pid=17150 comm="syz.2.4809" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=0
[  357.840473][T17156] wg2: entered allmulticast mode
[  357.876977][   T28] audit: type=1400 audit(1773736962.102:18317): avc:  denied  { read write } for  pid=8689 comm="syz-executor" name="loop2" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  357.971212][   T28] audit: type=1400 audit(1773736962.102:18318): avc:  denied  { open } for  pid=17155 comm="syz.2.4811" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=0
[  357.991324][   T28] audit: type=1400 audit(1773736962.102:18319): avc:  denied  { prog_load } for  pid=17155 comm="syz.2.4811" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  358.070025][T17159] lo speed is unknown, defaulting to 1000
[  358.222023][T17182] lo speed is unknown, defaulting to 1000
[  358.441149][T17203] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4833'.
[  358.452798][T17203] ip6gre1: entered promiscuous mode
[  358.458042][T17203] ip6gre1: entered allmulticast mode
[  358.563869][T17222] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4843'.
[  358.578370][T17222] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4843'.
[  358.591743][T17222] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4843'.
[  358.606358][T17222] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4843'.
[  358.621220][T17222] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4843'.
[  358.644947][T17222] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4843'.
[  358.667463][T17230] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17230 comm=syz.3.4845
[  358.706937][T17234] lo speed is unknown, defaulting to 1000
[  358.903321][T17262] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4860'.
[  358.924137][T17262] 8021q: adding VLAN 0 to HW filter on device bond0
[  359.638992][T17295] lo speed is unknown, defaulting to 1000
[  359.719107][T17302] lo speed is unknown, defaulting to 1000
[  359.823722][T17311] netlink: 'syz.2.4877': attribute type 1 has an invalid length.
[  359.866663][T17311] 8021q: adding VLAN 0 to HW filter on device bond6
[  359.874530][T17311] bond5: (slave bond6): making interface the new active one
[  359.883064][T17311] bond5: (slave bond6): Enslaving as an active interface with an up link
[  359.972359][T17311] bond5: (slave gretap1): Enslaving as a backup interface with an up link
[  360.181044][T17324] lo speed is unknown, defaulting to 1000
[  360.363850][T17342] bridge_slave_0: invalid flags given to default FDB implementation
[  360.563766][T17349] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4894'.
[  360.580280][T17351] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4895'.
[  361.849335][T17437] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4930'.
[  362.163292][T17474] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17474 comm=syz.6.4947
[  362.189059][T17478] lo speed is unknown, defaulting to 1000
[  362.890462][   T28] kauditd_printk_skb: 428 callbacks suppressed
[  362.890483][   T28] audit: type=1400 audit(1773736967.132:18748): avc:  denied  { map_create } for  pid=17503 comm="syz.5.4963" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  362.934242][   T28] audit: type=1400 audit(1773736967.132:18749): avc:  denied  { prog_load } for  pid=17503 comm="syz.5.4963" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  362.958597][   T28] audit: type=1400 audit(1773736967.132:18750): avc:  denied  { prog_load } for  pid=17503 comm="syz.5.4963" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  362.980737][   T28] audit: type=1400 audit(1773736967.132:18751): avc:  denied  { map_create } for  pid=17503 comm="syz.5.4963" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  363.001205][   T28] audit: type=1400 audit(1773736967.132:18752): avc:  denied  { prog_load } for  pid=17503 comm="syz.5.4963" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  363.020970][   T28] audit: type=1400 audit(1773736967.152:18753): avc:  denied  { prog_load } for  pid=17505 comm="syz.4.4962" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  363.041288][   T28] audit: type=1400 audit(1773736967.152:18754): avc:  denied  { prog_load } for  pid=17505 comm="syz.4.4962" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  363.118157][   T28] audit: type=1400 audit(1773736967.152:18755): avc:  denied  { prog_load } for  pid=17505 comm="syz.4.4962" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  363.138887][   T28] audit: type=1400 audit(1773736967.182:18756): avc:  denied  { create } for  pid=17509 comm="syz.4.4965" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=0
[  363.159176][   T28] audit: type=1400 audit(1773736967.182:18757): avc:  denied  { execmem } for  pid=17509 comm="syz.4.4965" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=0
[  363.931710][T17579] bond5: option mode: unable to set because the bond device has slaves
[  363.953100][T17579] vlan0: entered allmulticast mode
[  363.964817][T17579] bond5: entered allmulticast mode
[  363.970282][T17579] ip6gretap1: entered allmulticast mode
[  364.098290][T17588] __nla_validate_parse: 3 callbacks suppressed
[  364.098382][T17588] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4997'.
[  364.162001][T17588] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17588 comm=syz.4.4997
[  364.250467][T17594] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5000'.
[  364.275698][T17594] 8021q: adding VLAN 0 to HW filter on device team1
[  364.291005][T17594] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5000'.
[  364.333919][T17594] 8021q: adding VLAN 0 to HW filter on device team2
[  364.546787][T17602] bond7: (slave veth9): Enslaving as an active interface with a down link
[  364.572706][T17602] bond7: (slave veth11): Enslaving as an active interface with a down link
[  364.763847][T17627] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5016'.
[  364.812868][T17630] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5017'.
[  364.843429][T17630] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5017'.
[  364.900051][T17630] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5017'.
[  364.913748][T17630] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5017'.
[  364.960008][T17630] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5017'.
[  365.256720][T17656] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  365.256720][T17656] The task syz.6.5027 (17656) triggered the difference, watch for misbehavior.
[  365.346732][T17658] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5028'.
[  365.683659][T17690] netlink: 'syz.4.5043': attribute type 10 has an invalid length.
[  365.722194][T17690] team0: Port device wg1 added
[  365.935884][T17712] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=17712 comm=syz.3.5054
[  366.148237][T17735] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check.
[  366.310832][T17743] lo: Caught tx_queue_len zero misconfig
[  367.912976][   T28] kauditd_printk_skb: 1154 callbacks suppressed
[  367.912991][   T28] audit: type=1400 audit(1773736972.222:19912): avc:  denied  { nlmsg_write } for  pid=17833 comm="syz.4.5104" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=0
[  367.957710][   T28] audit: type=1400 audit(1773736972.262:19913): avc:  denied  { prog_load } for  pid=17835 comm="syz.4.5105" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  367.995824][   T28] audit: type=1400 audit(1773736972.262:19914): avc:  denied  { create } for  pid=17835 comm="syz.4.5105" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=0
[  368.035777][   T28] audit: type=1400 audit(1773736972.282:19915): avc:  denied  { prog_load } for  pid=17835 comm="syz.4.5105" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  368.083562][   T28] audit: type=1400 audit(1773736972.282:19916): avc:  denied  { prog_load } for  pid=17835 comm="syz.4.5105" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  368.123249][   T28] audit: type=1400 audit(1773736972.292:19917): avc:  denied  { open } for  pid=17835 comm="syz.4.5105" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=0
[  368.164024][   T28] audit: type=1400 audit(1773736972.362:19918): avc:  denied  { open } for  pid=17837 comm="syz.4.5106" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=0
[  368.200079][   T28] audit: type=1400 audit(1773736972.362:19919): avc:  denied  { prog_load } for  pid=17837 comm="syz.4.5106" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  368.243267][   T28] audit: type=1400 audit(1773736972.362:19920): avc:  denied  { create } for  pid=17837 comm="syz.4.5106" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[  368.283651][   T28] audit: type=1400 audit(1773736972.362:19921): avc:  denied  { create } for  pid=17837 comm="syz.4.5106" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=0
[  369.680336][T17918] __nla_validate_parse: 4 callbacks suppressed
[  369.680352][T17918] netlink: 14590 bytes leftover after parsing attributes in process `syz.6.5141'.
[  369.732372][T17931] netlink: 24 bytes leftover after parsing attributes in process `syz.6.5146'.
[  369.753049][T17931] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17931 comm=syz.6.5146
[  371.087684][T18010] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5180'.
[  371.374864][T18041] netlink: 27 bytes leftover after parsing attributes in process `syz.5.5194'.
[  371.604256][T18053] lo speed is unknown, defaulting to 1000
[  371.653405][T18057] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5199'.
[  371.662926][T18057] netlink: 20 bytes leftover after parsing attributes in process `syz.5.5199'.
[  371.672605][T18057] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5199'.
[  371.682783][T18057] netlink: 20 bytes leftover after parsing attributes in process `syz.5.5199'.
[  372.189746][T18115] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5223'.
[  372.216554][T18115] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5223'.
[  372.388553][T18124] lo speed is unknown, defaulting to 1000
[  372.537205][T18135] netlink: 'syz.2.5233': attribute type 1 has an invalid length.
[  372.580636][T18135] 8021q: adding VLAN 0 to HW filter on device bond8
[  372.933891][   T28] kauditd_printk_skb: 422 callbacks suppressed
[  372.933905][   T28] audit: type=1400 audit(1773736977.242:20344): avc:  denied  { open } for  pid=18181 comm="syz.4.5255" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=0
[  372.989091][   T28] audit: type=1400 audit(1773736977.282:20345): avc:  denied  { create } for  pid=18179 comm="syz.2.5254" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[  373.027687][ T1914] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  373.041394][ T1914] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  373.051390][   T28] audit: type=1400 audit(1773736977.282:20346): avc:  denied  { create } for  pid=18179 comm="syz.2.5254" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=0
[  373.072142][   T28] audit: type=1400 audit(1773736977.282:20347): avc:  denied  { name_bind } for  pid=18183 comm="syz.3.5256" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=0
[  373.095462][   T28] audit: type=1400 audit(1773736977.282:20348): avc:  denied  { allowed } for  pid=18183 comm="syz.3.5256" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=0
[  373.124414][ T1914] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  373.135716][ T1914] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  373.178865][   T28] audit: type=1400 audit(1773736977.282:20349): avc:  denied  { prog_load } for  pid=18183 comm="syz.3.5256" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  373.381564][T18215] tunl0: Caught tx_queue_len zero misconfig
[  373.450441][   T28] audit: type=1400 audit(1773736977.292:20350): avc:  denied  { read write } for  pid=8689 comm="syz-executor" name="loop2" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  373.536657][   T28] audit: type=1400 audit(1773736977.302:20351): avc:  denied  { module_request } for  pid=18186 comm="syz.3.5259" kmod="netdev-syzkaller0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=0
[  373.613163][   T28] audit: type=1400 audit(1773736977.302:20352): avc:  denied  { sys_module } for  pid=18186 comm="syz.3.5259" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=0
[  373.675754][   T28] audit: type=1400 audit(1773736977.302:20353): avc:  denied  { module_request } for  pid=18186 comm="syz.3.5259" kmod="netdev-syzkaller0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=0
[  374.943418][T18306] __nla_validate_parse: 11 callbacks suppressed
[  374.943438][T18306] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5306'.
[  374.958996][T18306] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5306'.
[  374.969269][T18306] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5306'.
[  374.978293][T18306] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5306'.
[  375.554305][T18328] netlink: 'syz.6.5315': attribute type 4 has an invalid length.
[  375.639942][T18332] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5316'.
[  376.349422][T18359] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=18359 comm=syz.6.5329
[  376.402448][T18364] batadv_slave_0: Caught tx_queue_len zero misconfig
[  376.551442][T18378] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5335'.
[  377.308875][T18414] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5358'.
[  377.475825][T18430] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5356'.
[  377.493755][T18430] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5356'.
[  377.878491][T18455] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5367'.
[  377.948716][   T28] kauditd_printk_skb: 420 callbacks suppressed
[  377.948730][   T28] audit: type=1400 audit(1773736982.252:20774): avc:  denied  { create } for  pid=18462 comm="syz.3.5371" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[  377.996351][   T28] audit: type=1400 audit(1773736982.302:20775): avc:  denied  { create } for  pid=18464 comm="syz.5.5372" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=0
[  378.022840][   T28] audit: type=1400 audit(1773736982.302:20776): avc:  denied  { allowed } for  pid=18464 comm="syz.5.5372" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=0
[  378.043573][   T28] audit: type=1400 audit(1773736982.302:20777): avc:  denied  { prog_load } for  pid=18464 comm="syz.5.5372" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  378.065556][   T28] audit: type=1400 audit(1773736982.302:20778): avc:  denied  { prog_load } for  pid=18464 comm="syz.5.5372" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  378.072195][T18469] sch_fq: defrate 4294967295 ignored.
[  378.091454][   T28] audit: type=1400 audit(1773736982.302:20779): avc:  denied  { open } for  pid=18464 comm="syz.5.5372" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=0
[  378.112059][   T28] audit: type=1400 audit(1773736982.332:20780): avc:  denied  { prog_load } for  pid=18466 comm="syz.3.5373" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  378.131597][   T28] audit: type=1400 audit(1773736982.332:20781): avc:  denied  { map_create } for  pid=18466 comm="syz.3.5373" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  378.152812][   T28] audit: type=1400 audit(1773736982.332:20782): avc:  denied  { prog_load } for  pid=18466 comm="syz.3.5373" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  378.184258][   T28] audit: type=1400 audit(1773736982.332:20783): avc:  denied  { open } for  pid=18466 comm="syz.3.5373" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=0
[  378.223284][T18477] syzkaller0: entered promiscuous mode
[  378.230872][T18477] syzkaller0: entered allmulticast mode
[  379.247650][T18541] netlink: 'syz.5.5401': attribute type 21 has an invalid length.
[  380.910857][T18604] netlink: 'syz.3.5429': attribute type 13 has an invalid length.
[  380.929891][T18604] gretap0: refused to change device tx_queue_len
[  380.954160][T18604] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  381.032236][T18617] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=18617 comm=syz.4.5433
[  382.952001][   T28] kauditd_printk_skb: 354 callbacks suppressed
[  382.952016][   T28] audit: type=1400 audit(1773737243.253:21138): avc:  denied  { read write } for  pid=8689 comm="syz-executor" name="loop2" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  382.997743][   T28] audit: type=1400 audit(1773737243.303:21139): avc:  denied  { open } for  pid=18695 comm="syz.2.5463" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=0
[  383.087078][   T28] audit: type=1400 audit(1773737243.303:21140): avc:  denied  { prog_load } for  pid=18695 comm="syz.2.5463" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  383.115662][   T28] audit: type=1400 audit(1773737243.303:21141): avc:  denied  { prog_load } for  pid=18695 comm="syz.2.5463" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  383.137859][T18708] audit: audit_backlog=65 > audit_backlog_limit=64
[  383.144586][T18710] audit: audit_backlog=65 > audit_backlog_limit=64
[  383.151172][T18708] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64
[  383.159405][T18710] audit: audit_lost=2 audit_rate_limit=0 audit_backlog_limit=64
[  383.167891][T18708] audit: backlog limit exceeded
[  383.172944][   T28] audit: type=1400 audit(1773737243.303:21142): avc:  denied  { open } for  pid=18695 comm="syz.2.5463" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=0
[  383.240693][T18716] lo speed is unknown, defaulting to 1000
[  384.035652][T18730] netlink: 'syz.4.5477': attribute type 10 has an invalid length.
[  384.046910][T18730] team0 (unregistering): Port device wg1 removed
[  384.116706][T18733] netlink: 'syz.6.5478': attribute type 4 has an invalid length.
[  384.142049][T18733] netlink: 'syz.6.5478': attribute type 4 has an invalid length.
[  384.183571][T18737] __nla_validate_parse: 4 callbacks suppressed
[  384.183591][T18737] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5480'.
[  384.250040][T18737] bond9: entered promiscuous mode
[  384.411873][T18737] 8021q: adding VLAN 0 to HW filter on device bond9
[  384.431613][T18739] bridge15: entered promiscuous mode
[  384.437719][T18739] bond9: (slave bridge15): Enslaving as an active interface with an up link
[  385.491926][T18770] netlink: 'syz.2.5491': attribute type 1 has an invalid length.
[  385.518808][T18770] bond9: entered promiscuous mode
[  385.532228][T18770] 8021q: adding VLAN 0 to HW filter on device bond9
[  385.872041][T18785] bond7: (slave veth19): Enslaving as an active interface with a down link
[  385.892507][T18772] bond9: (slave bridge10): making interface the new active one
[  385.900151][T18772] bridge10: entered promiscuous mode
[  385.910573][T18772] bond9: (slave bridge10): Enslaving as an active interface with an up link
[  385.931466][T18788] bond7: (slave veth21): Enslaving as an active interface with a down link
[  386.156820][T18796] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5499'.
[  386.181882][T18796] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5499'.
[  386.201772][T18796] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5499'.
[  386.214940][T18796] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5499'.
[  386.226173][T18796] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5499'.
[  386.237204][T18796] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5499'.
[  386.265126][T18801] lo speed is unknown, defaulting to 1000
[  386.681927][T18817] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5506'.
[  386.760334][T18817] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5506'.
[  386.840791][T18834] syzkaller0: entered promiscuous mode
[  386.856722][T18834] syzkaller0: entered allmulticast mode
[  387.155930][T18860] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  387.653814][T18869] ipip0: entered promiscuous mode
[  387.822640][T18884] netlink: 40 bytes leftover after parsing attributes in process `syz.5.5537'.
[  387.857497][T18884] ip6gre2: entered promiscuous mode
[  387.880318][T18884] ip6gre2: entered allmulticast mode
[  387.912803][T18896] netlink: 'syz.2.5540': attribute type 1 has an invalid length.
[  387.936288][T18898] ipip0: left promiscuous mode
[  387.941848][T18898] ip6gre2: left promiscuous mode
[  387.973534][   T28] kauditd_printk_skb: 395 callbacks suppressed
[  387.973548][   T28] audit: type=1400 audit(1773737248.283:21525): avc:  denied  { create } for  pid=18901 comm="syz.5.5543" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=0
[  387.993154][T18896] bond10: entered promiscuous mode
[  388.011400][   T28] audit: type=1400 audit(1773737248.313:21526): avc:  denied  { create } for  pid=18894 comm="syz.2.5540" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[  388.031741][T18896] 8021q: adding VLAN 0 to HW filter on device bond10
[  388.056362][   T28] audit: type=1400 audit(1773737248.363:21527): avc:  denied  { prog_load } for  pid=18903 comm="syz.5.5545" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  388.091039][   T28] audit: type=1400 audit(1773737248.383:21528): avc:  denied  { prog_load } for  pid=18903 comm="syz.5.5545" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  388.111737][   T28] audit: type=1400 audit(1773737248.383:21529): avc:  denied  { open } for  pid=18903 comm="syz.5.5545" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=0
[  388.131683][   T28] audit: type=1400 audit(1773737248.383:21530): avc:  denied  { map_create } for  pid=18903 comm="syz.5.5545" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  388.151811][   T28] audit: type=1400 audit(1773737248.383:21531): avc:  denied  { prog_load } for  pid=18903 comm="syz.5.5545" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  388.171900][   T28] audit: type=1400 audit(1773737248.383:21532): avc:  denied  { prog_load } for  pid=18903 comm="syz.5.5545" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  388.184539][T18896] bond10: (slave bridge11): making interface the new active one
[  388.191499][   T28] audit: type=1400 audit(1773737248.433:21533): avc:  denied  { open } for  pid=18905 comm="syz.5.5546" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=0
[  388.220324][T18896] bridge11: entered promiscuous mode
[  388.241120][T18896] bond10: (slave bridge11): Enslaving as an active interface with an up link
[  388.248495][   T28] audit: type=1400 audit(1773737248.433:21534): avc:  denied  { prog_load } for  pid=18905 comm="syz.5.5546" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  388.291705][T18908] bridge0: entered promiscuous mode
[  388.297939][T18908] bridge0: port 1(macsec1) entered blocking state
[  388.304728][T18908] bridge0: port 1(macsec1) entered disabled state
[  388.311450][T18908] macsec1: entered allmulticast mode
[  388.317079][T18908] bridge0: entered allmulticast mode
[  388.325891][T18908] macsec1: left allmulticast mode
[  388.338695][T18908] bridge0: left allmulticast mode
[  388.350748][T18908] bridge0: left promiscuous mode
[  388.366622][T18915] bridge9: trying to set multicast query interval above maximum, setting to 8640000 (86400000ms)
[  388.391268][T18915] bridge9: entered promiscuous mode
[  388.406502][T18915] bridge9: entered allmulticast mode
[  389.177362][T18931] syz.4.5556 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=0
[  389.230780][T18931] CPU: 0 UID: 0 PID: 18931 Comm: syz.4.5556 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  389.230820][T18931] Tainted: [W]=WARN
[  389.230837][T18931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  389.230853][T18931] Call Trace:
[  389.230860][T18931]  <TASK>
[  389.230868][T18931]  __dump_stack+0x1d/0x30
[  389.230894][T18931]  dump_stack_lvl+0x95/0xd0
[  389.230916][T18931]  dump_stack+0x15/0x1b
[  389.231018][T18931]  dump_header+0x80/0x240
[  389.231042][T18931]  oom_kill_process+0x295/0x350
[  389.231067][T18931]  out_of_memory+0x97d/0xb80
[  389.231089][T18931]  try_charge_memcg+0x62e/0xa10
[  389.231164][T18931]  obj_cgroup_charge_pages+0x23/0xc0
[  389.231194][T18931]  __memcg_kmem_charge_page+0x9e/0x170
[  389.231331][T18931]  __alloc_frozen_pages_noprof+0x18a/0x360
[  389.231364][T18931]  alloc_pages_mpol+0xb3/0x260
[  389.231499][T18931]  alloc_pages_noprof+0x8f/0x130
[  389.231525][T18931]  __vmalloc_node_range_noprof+0xa46/0x12b0
[  389.231563][T18931]  __kvmalloc_node_noprof+0x3d4/0x650
[  389.231651][T18931]  ? futex_hash_allocate+0x190/0x9d0
[  389.231762][T18931]  ? futex_hash_allocate+0x190/0x9d0
[  389.231790][T18931]  futex_hash_allocate+0x190/0x9d0
[  389.231887][T18931]  ? cap_task_prctl+0x13f/0x6e0
[  389.231918][T18931]  futex_hash_prctl+0xd8/0xf0
[  389.232053][T18931]  __se_sys_prctl+0xa3d/0x13f0
[  389.232138][T18931]  __x64_sys_prctl+0x67/0x80
[  389.232169][T18931]  x64_sys_call+0x2533/0x3020
[  389.232201][T18931]  do_syscall_64+0x12c/0x370
[  389.232230][T18931]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  389.232252][T18931] RIP: 0033:0x7fe20b74c799
[  389.232331][T18931] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  389.232352][T18931] RSP: 002b:00007fe20a1a7028 EFLAGS: 00000246 ORIG_RAX: 000000000000009d
[  389.232372][T18931] RAX: ffffffffffffffda RBX: 00007fe20b9c5fa0 RCX: 00007fe20b74c799
[  389.232448][T18931] RDX: 0000000001000000 RSI: 0000000000000001 RDI: 000000000000004e
[  389.232462][T18931] RBP: 00007fe20b7e2c99 R08: 0000000000000000 R09: 0000000000000000
[  389.232551][T18931] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  389.232565][T18931] R13: 00007fe20b9c6038 R14: 00007fe20b9c5fa0 R15: 00007ffe538c10b8
[  389.232588][T18931]  </TASK>
[  389.462258][T18931] memory: usage 307200kB, limit 307200kB, failcnt 1820
[  389.469123][T18931] memory+swap: usage 307212kB, limit 9007199254740988kB, failcnt 0
[  389.479411][T18931] kmem: usage 229360kB, limit 9007199254740988kB, failcnt 0
[  389.483566][T18961] netlink: 'syz.5.5566': attribute type 10 has an invalid length.
[  389.487328][T18931] Memory cgroup stats for /syz4:
[  389.495634][T18931] cache 78839808
[  389.504468][T18931] rss 598016
[  389.507709][T18931] shmem 78839808
[  389.511244][T18931] mapped_file 0
[  389.516232][T18931] dirty 0
[  389.519169][T18931] writeback 0
[  389.523226][T18931] workingset_refault_anon 1320
[  389.528116][T18931] workingset_refault_file 13456
[  389.532983][T18931] swap 12288
[  389.536169][T18931] swapcached 1785856
[  389.540157][T18931] pgpgin 535141
[  389.543680][T18931] pgpgout 515681
[  389.547260][T18931] pgfault 388927
[  389.550896][T18931] pgmajfault 199
[  389.556365][T18931] inactive_anon 12533760
[  389.560610][T18931] active_anon 67170304
[  389.566313][T18931] inactive_file 0
[  389.569952][T18931] active_file 4096
[  389.575448][T18968] netlink: 'syz.2.5570': attribute type 10 has an invalid length.
[  389.590536][T18931] unevictable 0
[  389.599163][T18931] hierarchical_memory_limit 314572800
[  389.609237][T18971] netlink: 'syz.6.5571': attribute type 1 has an invalid length.
[  389.611081][T18973] __nla_validate_parse: 1 callbacks suppressed
[  389.611094][T18973] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5572'.
[  389.628907][T18931] hierarchical_memsw_limit 9223372036854771712
[  389.643600][T18931] total_cache 78839808
[  389.644144][T18968] team0: Port device wg1 added
[  389.649838][T18931] total_rss 598016
[  389.656954][T18931] total_shmem 78839808
[  389.668231][T18971] 8021q: adding VLAN 0 to HW filter on device bond3
[  389.676624][T18931] total_mapped_file 0
[  389.681747][T18931] total_dirty 0
[  389.687137][T18931] total_writeback 0
[  389.690953][T18931] total_workingset_refault_anon 1320
[  389.697341][T18931] total_workingset_refault_file 13456
[  389.703847][T18931] total_swap 12288
[  389.707646][T18931] total_swapcached 1785856
[  389.712419][T18931] total_pgpgin 535141
[  389.716311][T18971] macvlan3: entered promiscuous mode
[  389.716427][T18931] total_pgpgout 515681
[  389.726144][T18931] total_pgfault 388927
[  389.726407][T18971] bond3: entered promiscuous mode
[  389.730197][T18931] total_pgmajfault 199
[  389.730207][T18931] total_inactive_anon 12533760
[  389.730216][T18931] total_active_anon 67170304
[  389.749502][T18931] total_inactive_file 0
[  389.753989][T18931] total_active_file 4096
[  389.758281][T18931] total_unevictable 0
[  389.763031][T18931] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.5556,pid=18930,uid=0
[  389.777887][T18931] Memory cgroup out of memory: Killed process 18930 (syz.4.5556) total-vm:85972kB, anon-rss:1420kB, file-rss:22296kB, shmem-rss:0kB, UID:0 pgtables:120kB oom_score_adj:0
[  389.795659][T18971] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  389.822769][T18971] bond3: left promiscuous mode
[  390.050133][T19015] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5589'.
[  390.078049][T19015] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5589'.
[  390.107755][T19015] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5589'.
[  390.137460][T19015] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5589'.
[  390.169019][T19015] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5589'.
[  390.191034][T19015] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5589'.
[  391.216406][T19045] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5611'.
[  391.228794][T19047] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5601'.
[  391.239398][T19047] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5601'.
[  391.281873][T19045] bond4: entered promiscuous mode
[  391.287091][T19045] 8021q: adding VLAN 0 to HW filter on device bond4
[  391.300346][T19051] bridge7: entered promiscuous mode
[  391.306644][T19051] bond4: (slave bridge7): Enslaving as an active interface with an up link
[  392.325231][T19095] netlink: 'syz.5.5620': attribute type 1 has an invalid length.
[  392.339349][T19098] netlink: 'syz.3.5622': attribute type 1 has an invalid length.
[  392.347968][T19095] bond8: entered promiscuous mode
[  392.353249][T19095] 8021q: adding VLAN 0 to HW filter on device bond8
[  392.381251][T19095] bond8: (slave bridge12): making interface the new active one
[  392.390488][T19095] bridge12: entered promiscuous mode
[  392.397212][T19095] bond8: (slave bridge12): Enslaving as an active interface with an up link
[  392.424285][T19098] 8021q: adding VLAN 0 to HW filter on device bond7
[  392.442312][T19098] bond6: (slave bond7): making interface the new active one
[  392.450010][T19098] bond6: (slave bond7): Enslaving as an active interface with an up link
[  392.476543][T19103] bond6: (slave gretap2): Enslaving as a backup interface with an up link
[  392.532811][T19098] bond6: entered promiscuous mode
[  392.539884][T19098] bond7: entered promiscuous mode
[  392.561747][T19098] bond6: entered allmulticast mode
[  392.566930][T19098] bond7: entered allmulticast mode
[  392.582067][T19098] 8021q: adding VLAN 0 to HW filter on device bond6
[  392.984604][   T28] kauditd_printk_skb: 363 callbacks suppressed
[  392.984685][   T28] audit: type=1400 audit(1773737253.293:21898): avc:  denied  { read write } for  pid=8689 comm="syz-executor" name="loop2" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  393.097723][   T28] audit: type=1400 audit(1773737253.343:21899): avc:  denied  { prog_load } for  pid=19132 comm="syz.2.5635" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  393.211418][   T28] audit: type=1400 audit(1773737253.343:21900): avc:  denied  { open } for  pid=19132 comm="syz.2.5635" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=0
[  393.263117][T19135] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=19135 comm=syz.4.5636
[  393.367069][   T28] audit: type=1400 audit(1773737253.673:21901): avc:  denied  { prog_load } for  pid=19137 comm="syz.4.5637" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  393.441435][   T28] audit: type=1400 audit(1773737253.673:21902): avc:  denied  { prog_load } for  pid=19137 comm="syz.4.5637" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  393.489648][   T28] audit: type=1400 audit(1773737253.673:21903): avc:  denied  { open } for  pid=19137 comm="syz.4.5637" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=0
[  393.550912][   T28] audit: type=1400 audit(1773737253.673:21904): avc:  denied  { allowed } for  pid=19137 comm="syz.4.5637" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=0
[  393.611190][   T28] audit: type=1400 audit(1773737253.673:21905): avc:  denied  { prog_load } for  pid=19137 comm="syz.4.5637" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  393.686127][   T28] audit: type=1400 audit(1773737253.693:21906): avc:  denied  { prog_load } for  pid=19139 comm="syz.4.5638" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  393.751419][   T28] audit: type=1400 audit(1773737253.693:21907): avc:  denied  { create } for  pid=19139 comm="syz.4.5638" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=0
[  393.791157][T19162] ipip1: entered promiscuous mode
[  393.878106][T19166] bridge12: left promiscuous mode
[  393.894981][T19166] bond9: left promiscuous mode
[  393.910082][T19166] bridge15: left promiscuous mode
[  393.935777][T19166] ipip1: left promiscuous mode
[  394.279976][T19196] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=19196 comm=syz.6.5659
[  394.418825][T19203] netlink: 'syz.6.5661': attribute type 1 has an invalid length.
[  394.528594][T19203] 8021q: adding VLAN 0 to HW filter on device bond5
[  394.753733][T19215] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=19215 comm=syz.6.5666
[  394.795163][T19215] netlink: 'syz.6.5666': attribute type 1 has an invalid length.
[  394.846590][T19215] 8021q: adding VLAN 0 to HW filter on device bond6
[  394.965401][T19233] lo speed is unknown, defaulting to 1000
[  395.169279][T19255] netlink: 'syz.3.5680': attribute type 1 has an invalid length.
[  395.198562][T19255] bond8: entered promiscuous mode
[  395.211316][T19255] 8021q: adding VLAN 0 to HW filter on device bond8
[  395.240667][T19255] bond8: (slave bridge9): making interface the new active one
[  395.249428][T19255] bridge9: entered promiscuous mode
[  395.256086][T19255] bond8: (slave bridge9): Enslaving as an active interface with an up link
[  395.296115][T19259] netlink: 'syz.3.5681': attribute type 1 has an invalid length.
[  395.527777][T19259] 8021q: adding VLAN 0 to HW filter on device bond9
[  395.855621][T19268] __nla_validate_parse: 11 callbacks suppressed
[  395.855638][T19268] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5684'.
[  395.892991][T19268] 8021q: adding VLAN 0 to HW filter on device bond10
[  396.043026][T19281] netlink: 60 bytes leftover after parsing attributes in process `syz.5.5689'.
[  396.056059][T19281] bridge13: trying to set multicast query interval above maximum, setting to 8640000 (86400000ms)
[  396.068456][T19281] bridge13: entered promiscuous mode
[  396.074445][T19281] bridge13: entered allmulticast mode
[  396.133124][T19283] bond0: Device is already in use.
[  396.315273][T19316] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  397.202594][T19359] netlink: 16 bytes leftover after parsing attributes in process `syz.5.5722'.
[  397.212604][T19359] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5722'.
[  397.291555][T19371] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5727'.
[  397.328557][T19371] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5727'.
[  397.341567][T19341] ==================================================================
[  397.349666][T19341] BUG: KCSAN: data-race in touch_atime / touch_atime
[  397.356348][T19341] 
[  397.358664][T19341] write to 0xffff888167bc4c90 of 4 bytes by task 19342 on cpu 1:
[  397.366378][T19341]  touch_atime+0x1d7/0x330
[  397.370813][T19341]  shmem_file_read_iter+0x477/0x540
[  397.376122][T19341]  copy_splice_read+0x471/0x6c0
[  397.381027][T19341]  splice_direct_to_actor+0x28f/0x670
[  397.386398][T19341]  do_splice_direct+0x119/0x1a0
[  397.391247][T19341]  do_sendfile+0x382/0x650
[  397.395749][T19341]  __x64_sys_sendfile64+0x105/0x150
[  397.400941][T19341]  x64_sys_call+0x2dc4/0x3020
[  397.405719][T19341]  do_syscall_64+0x12c/0x370
[  397.410328][T19341]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  397.416312][T19341] 
[  397.418804][T19341] read to 0xffff888167bc4c90 of 4 bytes by task 19341 on cpu 0:
[  397.426512][T19341]  touch_atime+0x16c/0x330
[  397.431203][T19341]  shmem_file_read_iter+0x477/0x540
[  397.436408][T19341]  copy_splice_read+0x471/0x6c0
[  397.441251][T19341]  splice_direct_to_actor+0x28f/0x670
[  397.446619][T19341]  do_splice_direct+0x119/0x1a0
[  397.451556][T19341]  do_sendfile+0x382/0x650
[  397.455969][T19341]  __x64_sys_sendfile64+0x105/0x150
[  397.461168][T19341]  x64_sys_call+0x2dc4/0x3020
[  397.465856][T19341]  do_syscall_64+0x12c/0x370
[  397.470451][T19341]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  397.476432][T19341] 
[  397.478747][T19341] value changed: 0x25c22c0c -> 0x26f3590c
[  397.484459][T19341] 
[  397.486764][T19341] Reported by Kernel Concurrency Sanitizer on:
[  397.492921][T19341] CPU: 0 UID: 0 PID: 19341 Comm: syz.4.5714 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  397.503859][T19341] Tainted: [W]=WARN
[  397.507653][T19341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  397.517880][T19341] ==================================================================
[  397.597776][T19375] bond8: left promiscuous mode
[  397.611449][T19375] bridge12: left promiscuous mode