last executing test programs:

1.888975315s ago: executing program 1 (id=13816):
syz_emit_ethernet(0x36, &(0x7f0000000280)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaaaa86dd6003000000002cfffe8000000000000000000000000000bbfe8000"], 0x0)

1.871815225s ago: executing program 1 (id=13817):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r1}, &(0x7f0000000000), &(0x7f0000000040)=r2}, 0x20)
fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3, 0x0, 0x7fff}, 0x18)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000000c0)={<r5=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000180)={0xe, 0x18, 0xfa00, @ib_path={0x0, r5, 0x1, 0x2}}, 0x20)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff9)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r6 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000280)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000080)={@val={0x0, 0x6003}, @void, @eth={@broadcast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x4000, 0x0, 0x3, 0x2f, 0x0, @private=0x1fe1, @multicast1}, {0xa000, 0x6558, 0xc, 0x0, @gue={{0x1, 0x0, 0x1, 0x9, 0x0, @void}}}}}}}}, 0x32)

1.823090046s ago: executing program 3 (id=13818):
r0 = fsopen(&(0x7f0000000400)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000240)=',-\x10*\x00', &(0x7f0000000380)='$\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000540)='\x00', &(0x7f0000001c80)='n', 0x1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b7040000000000008500000057"], 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
close(r0)

1.524405851s ago: executing program 1 (id=13821):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
close(r0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0xf, 0x4, 0x4, 0x12}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r4}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20)
recvmsg$unix(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)=""/179, 0xb3}], 0x1, 0x0, 0x0, 0x14}, 0x0)
sendmsg$inet(r3, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NET_DM_CMD_STOP(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x200408d4)
openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001bc0)={0xffffffffffffffff, 0x0, 0x4000, 0xdc0, &(0x7f0000001cc0)="633268f83ca3000000a2029e3815bb2fa117d8326687688b2c969fd7267d546214af00d1ca2524d00f9e4d9555f3ab381b5d44fd6bda8c509e66101d296f10c805252e7c5d48d9814f46db8f07441878734b13270fe47fba418b7358984b9a61c2bbf964a520459fd0d90590b46cf1677d580a26933b6e35aee75996b73a15a25aa8ae2f1f9bc9699a505c0dc4050ab2255fc35f508ccc52f10ac12febf28652fe36f725714868675ca2a7042ab4b26904b2f000589694f69ab0b22a5aec72c5036ce1c8974690045e4ab412a70336b4c65b2dfc8121af4143c2e10a0e5632bcd44e0b000029da424d86f298656822dae2c002e289fbfa6fe0dfb2fd57713a7684dc166c628dc45027ac174c5db54f22e409eb4e94263dbc9919f90f1af3290918b9824c3e0268b300bf69cc2eb3fc58f655439bdbe2b905", &(0x7f0000001c40)=""/76, 0x0, 0x0, 0x47, 0x50, &(0x7f0000001ac0)="9c01bd6f9a6028c80d7364240fd78867d9d62eca43c565f2c5ac65dd4a0fadceb6c65dcb07f2421e69087e0f17b4eb709e4805f2722709c46bef17c4cb9aed9fb1c342179ea349", &(0x7f0000001a40)="408fd0050dc7945b483103067eca9bd26ffbe35abf0f88a103f6893dc2b1d1cdc2195d4ae89abc04ff5fe5d2466892c81015df835a7d47be4f852161bc4015e7564b08584290fe1762f943a653008ac5", 0x1, 0x0, 0x13}, 0x22)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')

1.477911812s ago: executing program 1 (id=13822):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYRESOCT=r0, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x7, 0x0, 0x0, 0x41100}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = fsopen(&(0x7f0000000080)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x18)
symlinkat(&(0x7f0000000000)='.\x00', r3, &(0x7f0000000140)='./file0\x00')
openat2(r3, &(0x7f00000003c0)='./file0/../file0\x00', &(0x7f0000000380)={0x0, 0x0, 0x8}, 0x18)
inotify_add_watch(r3, &(0x7f0000000380)='./file0\x00', 0x502)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r4, &(0x7f0000001580)={0x0, 0xffffffffffffff3c, &(0x7f0000000300)=[{&(0x7f0000000080)="3bfdd75fa5717852d59a9367444a2130e72cd4dabc8854532cca0c32a5b9f844a4610c7525650ce3d3b76b15026d93e6dee896115e9364066aa3d14e33ef732b4681335c576902153114bdb9c74b538a71115fb1d1a63d1b04129661b29aab89d0be999a6b7c9bea755adedbf305a79f70b71d3d4c98577b49db4963ce89b0def5e840f459659cb6f86d56b069a5de11d601d348ff88ca6e5e2cfe40176880b33e9e8dbc32ba2e6a99b1b50276dc4f06166000d7069a3cc76f", 0xb9}, {&(0x7f0000000180)="892950e2405ee8629d9384a91c16d1706a3e61f305119f95cac0f1927f4c205b971eb41147cb1f86883d6910e68ac3996551800b3ec64b77f8444b18345a2c8b178eeeba0cde7319a5a46bfe7f5770e019efd9d52069edcced33a758c4e657f3a792dc193a1911040000000000000003c851a8", 0x73}, {&(0x7f0000000200)="a68cde0d56b170df7710b54f17d9a39c4f98f3547190", 0x20000216}, {&(0x7f0000000240)="45e04400f2b383517a08c397dd0a76e67ecfc8e74573c24dedd3a48fb62458c1412fdcd15e888cb0f5d02e77bfecefda6b064c0bb2b66a9a522e63873dde02330510255eec7dfa1af708cdab59fb71eca786a359a2c3b0cbad35144ec5b069c53f90e43339845dc7fd140c55b0149ab38eb27c140f374bcc2c95b0b121d1a9302f3a01b888243b3fc0d46f0de0", 0x8d}, {&(0x7f00000025c0)="87fb74cf4d67adbbd062637f514c1f5eb18d7b442e6457a356c6cb1f71a43dfae773c8489cce5145f92615d4bdb13ef54d6ae90ec7733180fcf5adf3e13fdb05b57b748bd14eda042a97fdd84498304a504a0a159b972e8200c2d0f536a3465ec498ed12b924bd134057df36129d3ebe3dd3ce9f0671e5278143e4afa3d43f444681de1b5f9725fca34fa357fe2154981666fb9dc202fc17a0199eb1c25bdd1005e590e84783ee9894c888998dc25a83c14aeee31d114acfa0bcd235d571cd765f4b9259ba43e6fc30291d8a642146c4771898030b736aeee6b247abb0784b154e104e7dcda401f9b1736fea30a41a4153fe6a9a525bd0a3487571f914f05b590e242341ade289d8f5b842c6be4a93c2755dfd47174def782a2f8f61c068b5a012f02c0801601e860def788121e8808c01fed4c920a3698d0d684920918c95b17f76bbcb4f265c931d8f79560ff8114b70f4dd6791e2ed70cfeb89905791b88be26efe1c5c66b7b50b3d2be0dbc066dfc31618f9507f6f340b85a2f76a6dcac9d6ccc289ace5e5fecd25afe22ffa451f5e365ab33cc985f2e9d7f7fb1be4794740a94215d7db14b0ffcec19e5e3c5ae0d8578ef3b65d2a7a77a11e390a6c3a6b391061c886b961e3c2f42d62047bfe1356a44b840d3d956105f4c0fa95db08c4933f00de77cdc057c28b41fecfc8398c442be1ad065954f6c9dfeb2fd7207e8548a00a1d50bdf522d2abfdafd71723616a34830fbfa8fc81e0c2639cc12f363a4919b7a00ac8189dad3e7e54122a2ef430f623658d5e281c9a19442995bb9b0e3f7d13e3016b6f9523be196bf23bbcc5ec802f43ef8b651d688d9d5a44f35c9847e4c32bce3e9ebed2326adadc76f06a195db32c80b3090d7cd65c9d8518ba4e528c5eb5c7a1c5695b21595fa8a8621734bfda8afddd65e1f37a1990220a00fa9bd2c22b0117ceb08ae6af3c944c2eca924abfddad065d1472d0c3f742a49b1e78c669471873706ad157d831d7482b773f07b0673a6ce1e227a7a4d13744bf459434c0ab1c323a38b1a84cbf1ce9741f2b8fdcc2e073e56171603d035aacd83e71d5132831f4f1e8bf517979f132a33fd03783272e9b8c96dfa4e1d320a58d82acfc8d3d53a5a52daafe4dc8be08f4ad53e11cc21374b6ff4ff5ea2ecc5d3f7c057f74f0098e57d990090475cdaffdef0da917653ed10fb70b94b72e5b4d95cbea0fc1dd2579635ad6ab545ba4d7b6d2f5442bdb78beb6c8ed62942a439117025b4566b48d9f3a17fdf4577e8606a4bc4c26557e58312fd2d1a541ebec3e5ae28eef8b2ab0597083716dd12889335570ee7839530eee879d9b137606cd4dd7103991671b4464bb68529eb19fb7a8845e3491bfbac688a87cf0744f429ea112014402915c4c1f6bae08d689d3cb7d641d7befe8fc74a2242310a9a367a39531b4c86da5b39df524e52f33ff9c40b48cb196ffc9ca855b6e698ade8a83e52b9ddc5031ff09e1907e4f8b0d07e64e1fb8e427f8819a7be907aa216bf8e2a4c7cc87ed53bf9490d4cc788b91f3b9f705e984a7e62c7a495e8421b97c39dc954b35468f17c6682334f4e16308448f457faeffff6d1f818522fa441d3a48168bdb12ffebace436a3915b63076cb6a655718647f87eaaf313b5bbd430421eed3a2215e439600a56eac8c65291eb103326a8034662bd337ab51577d9110ec7151be5cc9c54b2a30891acac5ad006ed537dbeb8f16eecbde7cf4e71373faf3c36b772f6d7ea9346875c8cf1049d49d4f8eb01b946c11e8c8e3ab2015f282167acddcc77fff03e1be9134252af0abfe538b4d25fc4ff874b52b9fb0996b5f32b4141dbd30578ff46e13ef6c63fc1620f62cb11a3dce401993976c272a5f62fde3f2a0e654d19e7a39dcdb622b9526d2a15cc18e6f817c916a00775353dd9c8954e66d0445b59bb0f5e6e3b46447232f52a0e398b057d123ef503afcbd48544db6434d2025bfc8dab72262a4fa5426a03061e7f8966e0086ff8ab5a91ab59f19b830394ee8bc76d6fb4816b8f4cde35b7eb9d3811228d51c54828f97fd1e648196c81bc73ed56249a59f318704e84656a6cedd2b8c1e1808d1cc648749abc643131e494c01336d4a14b8609656f2c972dc23c5c2e43fe40119fb88b5ec2aade35c03646e347354c493de8ab3672ccf94af0df333c6678299129d79be0eec281c5b3858ce3995566a390b674635b356692e3e9c53a089638ba0d69e772b7b410a5ae03de12e7de755ee559e1707b7b8003aabc8e2ce03c01e3183ff2d93262f6d5ceaafecdae66bc7cb3952c5a6571d864d502f281db5a228695badca5d022fdb6da56ab15dc377d1c1f8581ff56e28c2b2a84edb629547d28275c2ed571103b4ca7cdeb0776ba9f9dffcd78d21c3d4caa9289ed199672f4e7b912068c49c817114c37d37ea03954bae87d1ddae3da2ad85feb2fbb735b75a51f7bee5c8d88cc7bf64700d1a46ec6b631ae22ac7b06730a86a26bdcb992e1c7b50142de96b14a8468e4514068a30896fc677fddefaebb125c693a8d460469c7fe535f844781940f66d6abd091191c3122d584f5b0f5b0d443713d7d5186124d73de28aca30b719d4a55e09d259bddbf16995aeb1000880890afbd24d4066b0398985a40999de22ce176348e1c1f57eaf75b92a1e4f1482e89a00ac2cc36b20e36af9ec310599c19a5b1d6f8fadba104c58c801c6633315f82ebfa88faddd0b693e2f827f586c1cc5538e93bcf10f81af6dd7ee727df3b5018c0b4e31e40d040a47503b6ace4d29a1162ce487351825255f5584aff7cbd421f85c3d9fbb3784abd9848f16028b68f0d32ed8bb80106e8cc4acb939ff88bd39976d166b2addebf628b3fcd056da2f60e1b90f7a32702954921908ebccb683622a1f574ceba6951bef5e751c338c8279318dc28e36b9fc2bb17c3ad08aceb00fc388e6db112a738f86a4a1eb11526e1b9d73250b326285ed47c4398d93a3933d9a784249b65ad7d78a1f81d96ef36493ed693045a2150a8eb43cecc0c93e7d20b15b39a0646b081c2923b816365b7fbb41683a41732d942c5aa12faf876ec7f036becde8f3295af6dacff38d076d8e06260fee167703bb610745374a2758a6b88e465ca77d1f3105ae8b6b04a1eb509fb178d6249dbbc84d5d1d069278449a89d03e4a9a395d8170c329a296cfc329798cb9b9f1078d098cf3f989fd4ec53e013fbe917df35292d44fb1f3da4da4432a1847d4721514ade8cda5e5c0b51183580fc35266a970ebba74faeda56d4dcb56df51f96ad237452cedbd0cb2bee112713c3d450835811bf3da9745136d428e148fd0932dc77c8d8e61a16c625241fad8425b4ece394eedd5f165bd94923bfa1172be8edc8a4fcaae5f77ee8cc510192b27964da09c3e84efb4bc7154da1a24da8b7e544b42278d2574687ec76143afa6cf193d52a2a7f4c20ee57b6056a1337d5e408117a6cf1ab49c8980f39597f69902085d3e8d374d44e6ab4ed1185a26be2bc7281e9cfbbeb6bed899aa1924d3faa06d95999fbeaf2337494e0c2c39eef5a73fcde84459a9ea48d4e015d9e5bb5839354967ce02f637bc8678d2595b9a918fc36b927d7501f0ac2e3471ce02b5df355689c87f191ef5390900a41deec29984e45a878ece964b0009aad561316fc3b30ce1b49266d32eb17cd30f3e17e1f59014e8c518940dd0a093d1349c1a7c2581963bbe0ba372b6426e81c33c71b2ec8141c5713e52a37fff0a417a5b259e1420d9fb6a731f5baa0cc494221947895aa8fa14745a986a366bff9d0c239a19f85372497565b5b703da16439019df5f3d29f4247fb528854c9648630f03e9dedde5a08a47728ea6a4d42e62eff6fa3bd402325e0f4387b60171c37c180f958ad80955779c899517e7ea76eed00598e01552eaaf08b723daf9d466e8c57af43a15a46528b1119f5074aa3c51f77357ebe158275bc06b89640d7ce3c0a03af01418d7dc6ae8a1be8ab08c1722d66d1e9277480b8b178447667c024f9b78f8a878a2d7cf8e83e5104f6964b2907a989abafc7d7d0df941abf3d7283b6a11d46c2911a42182ec27ab785d92946e1ee8ef44846d561850d2a98c305c382f36d4cfc9b2bfd3b86ef21a0d187adcafbec8268c7d662a34dda1c83c4967097743133bc8c587edf249f5668c34ddb112fa4eb1bea9c8f6a000f1f34428b54688a5e214a7919868b25dbe930e86a243ecf54afe0b518c647d04873d2cf62cb2ab27f00015537a4fd2ea3dc8777abdf3284622347016566da0b9c406ca8c40694e4013a53fbf2e803d51b0bbe5e9df5fc74f66be618856357ccf803c53ed0e3b3fe79f69f0ede9b565d8f7a8ce5aa8cbb4e8fa61be3fd00ffb07e45065498925c14c0b311942d4ed951ad6237aadb5405bc7b2d79e1fd295b7c2ed8efa883e44c86a5053e2f421c6d4dc0c47d3a05d911db37d6efdb8e50fb3f06139ac147bc7162c21aece79eaf72e9779f19eb5395cec3d15a7594ea70a6b373d98651d2215b210f037ea3f8a57ded74474f6fdb64a08b56af52168da70b30aee03472cd8bee5af04cad7303004a4aba464b99", 0xcb3}, {&(0x7f00000006c0)="97b13f5cf9f584c87e0e637d2ff483a311bb412cb3b03c3d9e97e435f2fceb58ff0402ed7b96244b43386c222917662028d7a01206a1990722ccef1d8f39f7c8ae242e58359217b1c6161ea741445cf16b0c48eb18a6c72174dfb7cd1bd0f409dad5a432bed4afb470da3656dd30d70769e229dc91037321d618e1eff4a176ea46d5cd4d5da97f80356e46d9e8166bf2d97210b631654ece218a2a204a1786ab5a60a881a7a294cd2f92438350e6e3ec4439ebe06133ff65b1e32b809ba0482783b563ec8e5778285da5211e5821135433053a7921319c544d5e797f"}, {&(0x7f00000007c0)="75c37714a0bada8343bceb64ccb6d95a2a37b020e0bf1f6a1de4584223a2f285aaca30a9554cd5cdc1659cb9fec462cc5c2220a7cd891ec3bad99fe3c06e15a109ec0fdb6aeeee5ef8e4bfc28e17984a3860b907d549492d47a447782b7357ea72f4b2c26512a6a33c0247b730a6182ea5a99aee25fcee07f9cb0a80595cd5f744fa6898fdffda5b34b19474b8e853467329e4aea36cfd0e00735d37beb0f895c5688259a8935194eefd3a96d55707133a08f03e14da563160a545396b93341f41c161c93687e28a"}, {&(0x7f0000000b00)="1b080b7a30aec939ce8e26e0cbbe37fc064ceef965fd5e3b6739c966492dbdf71c04423d8a403e56dfd224e4e55918a5e31e683fec5cc9460882a0d1628d02d51a8da997073f856e2cd00586c6e8c89c71cf8be6121b0b3a85d597a1afb0cc311f30cc26183c8e594ce5ff62661c9e32cbc9dd9a72985e9857f3bddb52382b6c27ca85d5774cf17b92e2d2097f12a8687e70f90d46381a47706a9124a2cf61b84f26aae22fd4da84ae35b93f7be9fdfdfbf33c59f5c657e9f7e81b81b786082f88af4de07808ff3c954bae"}], 0x5, &(0x7f0000001480)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private, @multicast1}}}], 0x20}, 0x0)
recvmsg$unix(r5, &(0x7f0000001140)={0x0, 0x2, &(0x7f0000001040)=[{&(0x7f00000015c0)=""/4096, 0x7ffff000}], 0x1}, 0x40000100)
write$selinux_load(r3, &(0x7f00000004c0)={0xf97cff8c, 0x8, 'SE Linux', "f2cd51e15437361d4ef91dbfd31c58b97efa9dba9b9b571631523b31a9a58cda35f0e42c869247bd18b5db3297bade203f950075a3a0de1dc1fb892bc696d07d841a8b1fd7c47606d99dadee169478359a44c7c42465bbfb91392570aac92c6c32df1edc4253010260a0ffc4a9b5267562d374dfb1d263c96751364e684ab91cf3647183a8356550eeb91b8e"}, 0x9c)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
ioctl$AUTOFS_IOC_EXPIRE_MULTI(r5, 0x40049366, &(0x7f0000000580))
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil)

1.294596576s ago: executing program 0 (id=13824):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x2082)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$SG_IO(r3, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x300, 0x0, 0x0, 0x0})

1.278353346s ago: executing program 0 (id=13825):
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f0000000600)=ANY=[@ANYRESDEC=r0, @ANYBLOB="010028bd7000000000000c000000180001801400020076657468305f746f5f626f6e64000000d800038004000100d0000380cc000180c70002"], 0x104}, 0x1, 0x0, 0x0, 0x4040044}, 0x0)
r1 = io_uring_setup(0x1d48, &(0x7f0000000340)={0x0, 0xb140, 0x1000, 0x2, 0x196})
r2 = open(&(0x7f0000000180)='./file0\x00', 0x20000, 0x20)
r3 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r3, &(0x7f0000000000)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x0, @multicast1}}, 0x24)
listen(r3, 0x4)
r4 = socket$unix(0x1, 0x5, 0x0)
recvmmsg(r4, &(0x7f00000050c0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f000000}}], 0x1, 0x40000100, 0x0)
preadv(r1, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/184, 0xb8}], 0x1, 0x80, 0x6)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000580)=ANY=[@ANYRES16=r3, @ANYRESHEX=r4, @ANYRESOCT, @ANYRESOCT=r1], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r6, 0x0, 0x1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc1ffb}]})
close_range(r1, r3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x17, 0x2, 0x0, 0x8000, 0x0, r2, 0x40000}, 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="c5890000bb0209001a2c113a5c4e9407e50c0000e2425b4cc036037de2140b87363e00000000000000", @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r7}, 0x10)
r8 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_IO(r8, 0x2285, 0x0)
lsetxattr$trusted_overlay_upper(0x0, 0x0, 0x0, 0x0, 0x2)
r9 = fcntl$dupfd(r8, 0x0, r8)
write$sndseq(r9, &(0x7f0000000180)=[{0x0, 0x47, 0x0, 0x0, @tick, {0x40, 0xff}, {0x0, 0x9}, @queue={0xee, {0x7, 0xc9a}}}, {0x0, 0x0, 0x0, 0x0, @time={0x367f, 0xfffffffd}, {}, {0x80}, @connect={{0x40, 0x7}, {0x80, 0xf6}}}], 0x38)
write$sndseq(r9, &(0x7f0000000200)=[{0x0, 0x2, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x1, 0x0, @time={0xffffffff}, {0x4, 0x3}, {0x0, 0x4}, @time=@tick=0x5}, {0xff, 0x0, 0x0, 0x0, @time={0x7, 0x7}, {0x0, 0x3}, {}, @control={0x0, 0x0, 0x800}}, {0x0, 0x0, 0x0, 0x7, @tick, {}, {0x0, 0x4}, @raw32={[0x0, 0xffffffff, 0x5dd]}}, {0x0, 0x0, 0x0, 0x0, @tick, {0x0, 0x3}, {0xa}, @quote={{0x1, 0xfe}}}, {0x7, 0x0, 0x0, 0x5, @time, {0x2}, {0x0, 0x49}, @addr={0x1, 0x7f}}, {0x0, 0x1, 0x1, 0x0, @tick=0x401, {}, {}, @quote={{0x2, 0x2}, 0x9}}], 0xc4)
read$snapshot(r9, 0x0, 0xffffffbf)
read$char_usb(r9, 0x0, 0x0)

1.226231577s ago: executing program 0 (id=13828):
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f0000000600)=ANY=[@ANYBLOB, @ANYRESDEC=r0, @ANYBLOB="010028bd7000000000000c000000180001801400020076657468305f746f5f626f6e64000000d800038004000100d0000380cc000180c70002"], 0x104}, 0x1, 0x0, 0x0, 0x4040044}, 0x0)
r1 = io_uring_setup(0x1d48, &(0x7f0000000340)={0x0, 0xb140, 0x1000, 0x2, 0x196})
r2 = open(&(0x7f0000000180)='./file0\x00', 0x20000, 0x20)
r3 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r3, &(0x7f0000000000)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x0, @multicast1}}, 0x24)
listen(r3, 0x4)
r4 = socket$unix(0x1, 0x5, 0x0)
recvmmsg(r4, &(0x7f00000050c0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f000000}}], 0x1, 0x40000100, 0x0)
preadv(r1, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/184, 0xb8}], 0x1, 0x80, 0x6)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000580)=ANY=[@ANYRES16=r3, @ANYRESHEX=r4, @ANYRESOCT, @ANYRESOCT=r1], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r6, 0x0, 0x1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc1ffb}]})
close_range(r1, r3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x17, 0x2, 0x0, 0x8000, 0x0, r2, 0x40000}, 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="c5890000bb0209001a2c113a5c4e9407e50c0000e2425b4cc036037de2140b87363e00000000000000", @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r7}, 0x10)
r8 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_IO(r8, 0x2285, 0x0)
lsetxattr$trusted_overlay_upper(0x0, 0x0, 0x0, 0x0, 0x2)
r9 = fcntl$dupfd(r8, 0x0, r8)
write$sndseq(r9, &(0x7f0000000180)=[{0x0, 0x47, 0x0, 0x0, @tick, {0x40, 0xff}, {0x0, 0x9}, @queue={0xee, {0x7, 0xc9a}}}, {0x0, 0x0, 0x0, 0x0, @time={0x367f, 0xfffffffd}, {}, {0x80}, @connect={{0x40, 0x7}, {0x80, 0xf6}}}], 0x38)
write$sndseq(r9, &(0x7f0000000200)=[{0x0, 0x2, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x1, 0x0, @time={0xffffffff}, {0x4, 0x3}, {0x0, 0x4}, @time=@tick=0x5}, {0xff, 0x0, 0x0, 0x0, @time={0x7, 0x7}, {0x0, 0x3}, {}, @control={0x0, 0x0, 0x800}}, {0x0, 0x0, 0x0, 0x7, @tick, {}, {0x0, 0x4}, @raw32={[0x0, 0xffffffff, 0x5dd]}}, {0x0, 0x0, 0x0, 0x0, @tick, {0x0, 0x3}, {0xa}, @quote={{0x1, 0xfe}}}, {0x7, 0x0, 0x0, 0x5, @time, {0x2}, {0x0, 0x49}, @addr={0x1, 0x7f}}, {0x0, 0x1, 0x1, 0x0, @tick=0x401, {}, {}, @quote={{0x2, 0x2}, 0x9}}], 0xc4)
read$snapshot(r9, 0x0, 0xffffffbf)
read$char_usb(r9, 0x0, 0x0)

1.166771448s ago: executing program 0 (id=13831):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000200)='kfree\x00', r0}, 0x18)
r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32, @ANYBLOB="63a080a12d1496b4000000004ff7005700000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0xc, &(0x7f0000000040)=@framed={{0x18, 0x7}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}}, @func={0x85, 0x0, 0x1, 0x0, 0x3}, @initr0, @exit]}, &(0x7f0000000000)='GPL\x00'}, 0x94)

1.142423538s ago: executing program 0 (id=13832):
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, r0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffff9}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)

1.141779609s ago: executing program 3 (id=13834):
io_setup(0xeb0, &(0x7f0000000140)=<r0=>0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000480)='syzkaller\x00', 0x3, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
sync()
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x200000b, 0x8c4b815a5465c2b2, 0xffffffffffffffff, 0x0)
r4 = creat(&(0x7f0000000180)='./file0\x00', 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$qrtrtun(r4, &(0x7f0000000400)="2ec8425d4ce2ef", 0x7)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000240)={r5, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x0, 0x2000000000000116}}, 0x40)
setregid(0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r1}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x3, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001240)=@newqdisc={0x2c, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
io_pgetevents(r0, 0x3, 0x3, &(0x7f0000000300)=[{}, {}, {}], &(0x7f0000000080)={0x0, 0x989680}, &(0x7f0000000200)={&(0x7f0000000180)={[0x54b1]}, 0x8})

570.976319ms ago: executing program 1 (id=13847):
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
r1 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x2082)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$SG_IO(r2, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x300, 0x0, 0x0, 0x0})

545.146829ms ago: executing program 1 (id=13849):
io_setup(0xeb0, &(0x7f0000000140)=<r0=>0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000480)='syzkaller\x00', 0x3, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
sync()
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x200000b, 0x8c4b815a5465c2b2, 0xffffffffffffffff, 0x0)
r4 = creat(&(0x7f0000000180)='./file0\x00', 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$qrtrtun(r4, &(0x7f0000000400)="2ec8425d4ce2ef", 0x7)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000240)={r5, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x0, 0x2000000000000116}}, 0x40)
setregid(0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r1}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x3, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
r7 = syz_open_procfs(0x0, &(0x7f00000005c0)='smaps_rollup\x00')
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
lseek(r7, 0x2000, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001240)=@newqdisc={0x2c, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
io_pgetevents(r0, 0x3, 0x3, &(0x7f0000000300)=[{}, {}, {}], &(0x7f0000000080)={0x0, 0x989680}, &(0x7f0000000200)={&(0x7f0000000180)={[0x54b1]}, 0x8})

530.52214ms ago: executing program 3 (id=13850):
r0 = fsopen(&(0x7f0000000400)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000240)=',-\x10*\x00', &(0x7f0000000380)='$\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000540)='\x00', &(0x7f0000001c80)='n', 0x1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b7040000000000008500000057"], 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
close(r0)

522.86003ms ago: executing program 4 (id=13852):
syz_emit_ethernet(0x36, &(0x7f0000000280)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaaaa86dd6003000000002cfffe8000000000000000000000000000bbfe8000000000e327653c"], 0x0)

474.762141ms ago: executing program 3 (id=13853):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0xffffffff, 0xfd}, 0x0, 0x0, 0x800000, 0x6, 0x2, 0xcb, 0xffff, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xfff7ffffffffffff, 0xffffffffffffffff, 0x1)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="540100001800010026bd7000000000001d0100001500030000000000000000008ca5be073cff296e020000001e01060000fdfe0c0071ec6d721744cd52f3070000f8cfcad4c4ec6511ec028c5028564abce83afe14c93e15e556c2baed7f897fe841c155a2b2a4b9f3052995cdf66a9c7922ff0300005b6c67281f1519cd7c32c2bf7563b9452575505da99ea128d37616896be8764a2c78edbad5bde7a5e405bdc893770338925f824bd24689c0d11a5568fc3aaa9ad0d7766d8ea8d3bf1006e3df494e2f373148ecb4adafdd39874e9808b118301f1e76054a64c6d243523f5de7b347f3b740e105d0ed18fae7289635301ebd8949268090b3bcd4cbed5f1cfe93cff41a9630802f96defe9e8ea850529827c5e301953a8abaafa1f121e590f74e28233f4129d4587eee87ec5d42c3ef0619022c035c8d586b2a88d81866930fca15c8a95d29e5b2ea0000080005"], 0x154}, 0x1, 0x0, 0x0, 0x20008080}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x50)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0))
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000580)={'veth1_to_bond\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000300)={r1, r2, 0x25, 0x4}, 0x14)
r3 = socket$nl_route(0x10, 0x3, 0x0)
set_mempolicy(0x6005, &(0x7f0000000080)=0xfffffffffffffffd, 0x4)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x801, 0x84)
r4 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MIF(r4, 0x29, 0xca, &(0x7f0000000040)={0x0, 0x1, 0x8, 0x0, 0x401}, 0xc)
setsockopt$MRT6_FLUSH(r4, 0x29, 0xd4, &(0x7f0000000080)=0xc, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
socket$kcm(0x21, 0x2, 0x2)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000009c0)=ANY=[@ANYBLOB="2800000010005fba00"/20, @ANYRES32=0x0, @ANYBLOB="80000200ff7f000008001b0000000000"], 0x28}}, 0x0)

474.091131ms ago: executing program 4 (id=13855):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='kfree\x00', r0}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x200000, &(0x7f0000000300)={[{@minixdf}, {}, {@barrier_val={'barrier', 0x3d, 0x9}}, {@commit={'commit', 0x3d, 0x5}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@noblock_validity}, {@nomblk_io_submit}]}, 0x1, 0x566, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9GajdN4o8KgvUiiBYLeq9LMg0lm27JbkoTC20P9uJFiiBiQfwDvHss/gP+FQUtFClBD14is5lNt81ukqYbN3U+H5j2vZnZvPnum+/bNzu7bACFNZL9U4p4OSK+SSIOt20bjHzjyOp+yw+vTWVLEisrn/2ZRJKva+2f5P8fzCsvRcSvX0WcKK1vt764NFupVtP5vD7WmLs8Vl9cOnlxrjKTzqSXJiYnT781OfHuO2/3LNbXz/39/ad3Pzr99fHl736+f+R2EmfiUL6tPY5ncKO9MhIj+XMyFGee2HG8B43tJkm/D4BtGcjzfCiyMeBwDORZD/z/XY+IFaCgEvkPBdWaB7Su7Xt0HfzcePDB6gXQ+vgHV98biX3Na6MDy8ljV0bZ9e5wD9rP2vjljzu3syU2eR/ieg/aA2i5cTMiTg0Orh//knz8275TzTePN/ZkG0V7/YF+upvNf97oNP8prc1/osP852CH3N2OzfO/dL8HzXSVzf/e6zj/XRu6hgfy2gvNOd9QcuFiNT0VES9GxGgM7c3qG93POb18b6Xbtvb5X7Zk7bfmgvlx3B/c+/hjpiuNyrPE3O7BzYhXOs5/k7X+Tzr0f/Z8nNtiG8fSO69227Z5/Dtr5aeI1zr2/6M7WsnG9yfHmufDWOusWO+vW8d+69b+6If9jT/r/wMbxz+ctN+vrT99Gz/u+yfttm275/+e5PNmeU++7mql0Zgfj9iTfLJ+/cSjx7bqrf2z+EePbzz+dTr/90fEF1uM/9bRW1137ff5n8U//VT9//SFex9/+UO39rfW/282S6P5mq2Mf1s9wGd57gAAAAAAAGC3KUXEoUhK5bVyqVQur36+42gcKFVr9caJC7WFS9PR/K7scAyVWne6D7d9HmI8/zxsqz7xRH0yIo5ExLcD+5v18lStOt3v4AEAAAAAAAAAAAAAAAAAAGCXONjl+/+Z3wf6fXTAjvOT31Bcm+Z/L37pCdiVvP5Dccl/KC75D8Ul/6G45D8Ul/yH4pL/UFzyHwAAAAAAAAAAAAAAAAAAAAAAAAAAAHrq3Nmz2bKy/PDaVFafvrK4MFu7cnI6rc+W5xamylO1+cvlmVptppqWp2pzm/29aq12eXwiFq6ONdJ6Y6y+uHR+rrZwqXH+4lxlJj2fDv0nUQEAAAAAAAAAAAAAAAAAAMDzpb64NFupVtN5ha6F92NXHMZOBrhqWw8f3C1RKHQt7NtG5/Z5YAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACANv8GAAD//04mM/E=")
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = accept4$vsock_stream(0xffffffffffffffff, &(0x7f0000000280)={0x28, 0x0, 0x2710, @hyper}, 0x10, 0x0)
connect$vsock_stream(r1, &(0x7f00000002c0)={0x28, 0x0, 0x0, @hyper}, 0x10)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000600)={'ip6gre0\x00', 0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r2, @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x10, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
lsetxattr$security_ima(0x0, &(0x7f0000000140), 0x0, 0x34, 0x1)

366.155253ms ago: executing program 2 (id=13856):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x4}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1b, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5, 0x0, 0x0, 0x20}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1004}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xeb48195b69e85694, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x18, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x50)

365.784773ms ago: executing program 4 (id=13857):
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x4cfb}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000001c00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x29)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r3=>0xffffffffffffffff})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{}, &(0x7f0000000180), &(0x7f00000001c0)=r3}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xfe, 0x0, 0x7ffc9ffe}]})
setrlimit(0x6, &(0x7f0000000240)={0x1, 0xfffffffffffff800})
unlink(&(0x7f0000000140)='./cgroup\x00')

365.677823ms ago: executing program 2 (id=13858):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x137b}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GENEVE_PORT={0x6, 0x5, 0x4e20}, @IFLA_GENEVE_COLLECT_METADATA={0x4}]}}}]}, 0x40}}, 0x40800)

322.824484ms ago: executing program 4 (id=13859):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00"/11], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x2082)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$SG_IO(r3, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x300, 0x0, 0x0, 0x0})

292.704984ms ago: executing program 0 (id=13860):
io_setup(0xeb0, &(0x7f0000000140)=<r0=>0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000480)='syzkaller\x00', 0x3, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
sync()
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x200000b, 0x8c4b815a5465c2b2, 0xffffffffffffffff, 0x0)
r4 = creat(&(0x7f0000000180)='./file0\x00', 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$qrtrtun(r4, &(0x7f0000000400)="2ec8425d4ce2ef", 0x7)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000240)={r5, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x0, 0x2000000000000116}}, 0x40)
setregid(0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r1}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x3, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001240)=@newqdisc={0x2c, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
io_pgetevents(r0, 0x3, 0x3, &(0x7f0000000300)=[{}, {}, {}], &(0x7f0000000080)={0x0, 0x989680}, &(0x7f0000000200)={&(0x7f0000000180)={[0x54b1]}, 0x8})

264.993575ms ago: executing program 4 (id=13861):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000300)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="a1ab00000000000000003200000008001781"], 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)

186.834176ms ago: executing program 4 (id=13862):
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2042, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x7, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}]}, &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="611230000000000061134c0000000000bf2000000000000016000200071b48013c030000000000009500000000000000bc26000000000000bf67000000000000150200000fff07006702000003000000360600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050800000000000095000000000000004d9bd591d568253e9988431ec068e3a83683d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf5fe7030586"], &(0x7f0000000100)='GPL\x00'}, 0x48)
ioctl$AUTOFS_IOC_FAIL(r0, 0x4c80, 0x7000000)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xa, &(0x7f0000000040)=0x3, 0x4)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000001000001"], 0x50)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'dvmrp1\x00', <r5=>0x0})
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000f000000000000b7ffff000006000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', r5, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r6}, 0x18)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$AUTOFS_IOC_READY(r7, 0x9360, 0x2)
listen(r8, 0x0)
listen(r3, 0x4)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xe, &(0x7f0000000100)={[{@resgid}, {@resgid}, {@noblock_validity}]}, 0xff, 0x454, &(0x7f0000000740)="$eJzs281vVFUbAPDn3umUlxewFfGDD7WKxsaPlgIqCxdqNHGBiYkudNm0hSADNbQmQoiCMbgyxsS9cem/4Eo3xrgycat7Q0IMG8DVmDtzL50pM0M7zHQK8/slF86599ye88y5Z+bce2YCGFoT2T9JxPaI+DMixurZ5gIT9f+uXz0/d+Pq+bkkqtV3/0lq5a5dPT9XFC3O25ZnJtOI9Isk9raod+nsuZOzlcrCmTw/vXzqo+mls+deOHFq9vjC8YXTB48cOXxo5uWXDr7YkzizNl3b8+nivt1vffDN20e/aop/VRw9MtHp4NPVao+rG6wdDelkZIANYV1KEZF1V7k2/seiFCudNxZvfj7QxgF9Va1Wq9vaH75QBe5hSTTnDXkYFsUHfXb/W2yrJwGv9m/6MXBXXqvfAGVxX8+3+pGRSPMy5fz+ttSH+ici4v0L/36XbdGf5xAAAE1+yuY/z7ea/6XxUEO5+/K1ofGIuD8idkbEAxGxKyIejKiVfTgiHlln/Q2LJNej5fwnvdx1cGuQzf9eyde2mud/xewvxkt5bkct/nJy7ERl4UD+mkxGeUuWn+lQx89v/PF1u2ON879sy+ov5oJ5Oy6PbGk+Z352efZOYm505WLEnpFW8Sc3VwKSiNgdEXu6rOPEsz/sa3fs9vF30IN1pur3Ec/U+/9CrIq/kHRen5z+X1QWDkwXV8Wtfvv90jvt6r+j+Hsg6///t7z+b8Y/njSu1y6tv45Lf33Z9p6m2+t/NHmvlh7N930yu7x8ZiZiNDlab3Tj/oMr5xb5onwW/+T+1uN/Z6y8EnsjIruIH42IxyLi8bztT0TEkxGxv0P8v77+1Ifdx99fWfzz6+r/lcRorN7TOlE6+cuPTZWO3xL/jc79f7iWmsz3rOX9by3t6u5qBgAAgLtPGhHbI0mnbqbTdGqq/n35XRFpZXFp+bljix+fnq//RmA8Ii2edI01PA+dyW/r6/mLEVH/akFx/FD+3Pjb0tZafmpusTI/6OBhyG1rM/4zf/fjCy/A5uL3WjC8jH8YXsY/DK91jP+kn+0ANl6L8b91EO0ANl6rz//PBtAOYOOtGv+W/WCIeP4Hw8v4h+Fl/MNQWtoat/+RfMdE8Ze6PP2eTUR5UzSjb4lIN0UzNm2ifJePi8G9JwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPTSfwEAAP//L1neZg==")
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
ioctl$FS_IOC_GETFSMAP(r9, 0xc0c0583b, &(0x7f0000000d40)=ANY=[@ANYBLOB="000000004c900200000000000300010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000001000000000000000000fe"])
openat$selinux_context(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ftruncate(0xffffffffffffffff, 0x200)
recvfrom$inet(0xffffffffffffffff, 0x0, 0x48, 0x61, 0x0, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
r10 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$UHID_INPUT(r10, &(0x7f00000011c0)={0xfc, {"a483885aed0d09f91b5e070987f70e06d038e7ff7fc6e5539b0d3e0e8b089b3f073063030890e0879b0af8c6e70a9b334a959b669a240d0a0af3988f7ef319520100ffe8d178708c523c921b1b5b31070d0773090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801118c20b8f16bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399ea4727d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a040200b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a64002bebc2407aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef64ab253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bf068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827475e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcb32b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba36b37767b6b45a44957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b94025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b03512629f46366e7205dd8d6f37525c1a0e94210dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9154f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d603994732d6b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21396532713e5b69cf767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285e6a89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeaf1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b627cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e46a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5c92441918145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed608000000a006e39336d07c2b80817a28ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030f81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c00004f5d374755534d7f68f679c4ff516e9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c00", 0x1000}}, 0xffbc)

131.460827ms ago: executing program 2 (id=13863):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="070000000400000008020000"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r1, 0x0, 0x5}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_MAP_GET_NEXT_ID(0xc, 0x0, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@newtaction={0x74, 0x30, 0x2, 0x0, 0x0, {0x0, 0x0, 0x6a00}, [{0x60, 0x1, [@m_mpls={0x5c, 0x2, 0x0, 0x0, {{0x9}, {0x4}, {0x2e, 0x6, "e7bc8ee4d622010647f06f881097cdf5c54a728310105d8fbfa298e051ce49ccdf655f04069c3ffc9dd2"}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x4008001}, 0x0)
openat$qrtrtun(0xffffffffffffff9c, 0x0, 0x8000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00'}, 0x10)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, @perf_config_ext={0x1000, 0xa}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = socket$igmp(0x2, 0x3, 0x2)
r4 = inotify_init()
inotify_add_watch(r4, &(0x7f0000000040)='./file0\x00', 0x10000000)
fadvise64(r4, 0x8, 0x5, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000340)=ANY=[@ANYRES64=r2, @ANYRES32=r2], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$MRT_FLUSH(r3, 0x0, 0xd4, &(0x7f0000000000)=0x9, 0x4)
syz_io_uring_setup(0x23c, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000180), &(0x7f0000000200))
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0300000004000000040000000100000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="19"], 0x48)

112.571538ms ago: executing program 3 (id=13864):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x18)
getitimer(0x2, &(0x7f0000000000))

73.183518ms ago: executing program 2 (id=13865):
syz_emit_ethernet(0x36, &(0x7f0000000280)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaaaa86dd6003000000002cfffe8000000000000000000000000000bbfe8000000000e327653c"], 0x0)

58.299769ms ago: executing program 2 (id=13866):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x18)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x300000c, 0x3032, 0xffffffffffffffff, 0x0)
setitimer(0x2, &(0x7f0000000080)={{0x0, 0xea60}, {0x77359400}}, 0x0)
getitimer(0x2, &(0x7f0000000000))
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000800)={&(0x7f0000000300)=ANY=[@ANYBLOB="9feb010018000000000000006c0000006c00000007000000000000000000000d0a0000000000000001000006040000000000000e"], &(0x7f0000000f40)=""/4089, 0x8b, 0xff9, 0x8}, 0x28)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r3)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0))
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/asound/timers\x00', 0x0, 0x0)
close(r4)

499.38µs ago: executing program 3 (id=13867):
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="120000000200000008000000eb"], 0x50)

0s ago: executing program 2 (id=13868):
r0 = socket(0x1e, 0x80004, 0x0)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x7, 0x0, 0x1000004}, 0x10)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r2 = openat$uhid(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
write$UHID_CREATE(r2, &(0x7f00000004c0)={0x0, {'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000040)=""/2, 0x2, 0x0, 0x3, 0x0, 0x3, 0x6}}, 0x120)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a44000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40000000010800034000000014480000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000001c00038018000080080003"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r4 = syz_io_uring_setup(0x1327, &(0x7f0000000300)={0x0, 0x7303, 0x10100, 0x0, 0x2}, &(0x7f0000000180)=<r5=>0x0, &(0x7f00000001c0)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r4, 0x2def, 0x4000, 0x0, 0x0, 0x0)
write$UHID_DESTROY(r2, &(0x7f0000000200), 0x4)
r7 = dup3(r1, r0, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="19000000040000000400000002"], 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r11 = syz_open_dev$usbfs(&(0x7f0000000080), 0xf, 0x8041)
r12 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
io_setup(0x1, &(0x7f0000000480)=<r13=>0x0)
io_submit(r13, 0x6, &(0x7f0000000c00)=[&(0x7f0000000780)={0x0, 0x0, 0x0, 0x6, 0x2, 0xffffffffffffffff, &(0x7f00000006c0)="daaf4566dada410681dce08e8d7ef8f3b2503a5e434244a12e3019816723a7bac15a114a167f64ea7ddbbfbdfa6d91da5669f9be9e8fab07e1ce028c6aae371eb7b3d688177a29837ddf694e9f633c599b7c9096bcbc9cd6701d543c459d0baeda894f2bb0c564d5c190b2354934c1cc28354198306a6770c931e0ff420831f246033074f593ac3964cf4e3855afbbada5db382c4f7d849698007e694fda28b186da2e5f929e6d2d0a70", 0xaa, 0x80000000, 0x0, 0x3}, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x6, 0xa, r0, &(0x7f00000007c0)="2de2f459a6c62c0ca74247596e0f96e23a9fd4e7dfb57646b8c2366522cce1948f090d01dbbd85ab0bd2bd5baca2ee3d07e7d16cb9e85fbf9750580ca6a4caa48594f5a3eabc0ad330c1f42b660b2bb48edf684646f2ee0c0b17def40a35e2c17c845420448a2afb9652f79be71e036a73d40cbfae1346cc664c8ea83fc78dae297523ef8ff161bd6efa4c026c7280a2cc7336f010d169295d3ea04fb756cf5706e6bf8fec40ee399b1948b3efe608ff7458e8186bd2ef73e2a3999a186d6cf454ec4b5d1ecc1ca027bad33088b738deac304e36863f37a2a3ab61640dd29352a855cab6b1e2bb07a527d87f1ba09c4e391ad00a31be2e", 0xf7, 0x4e, 0x0, 0x0, r10}, &(0x7f0000000980)={0x0, 0x0, 0x0, 0x8, 0x1ea, r9, &(0x7f0000000900)="fb0331f5ed4c38177cdb6f5184397a1306f368585ffb094525e9f1381987c34ad7e459cf321dc33b62745792d6d5e04cd7090d02967d70b61f7f239c04a0dba43038f0f2e74637b727bf9f28c1ca1ab5c3576d19d87d7421171afa444c822a62ba166adf59", 0x65, 0x1, 0x0, 0x3, r9}, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x8, 0x2, r4, &(0x7f00000009c0)="f7c7d60101c29750898aa2496bbb14c49cea4b5da38cae9a78679830be768fcd5e275533e876eb41341ac1f2cf5b26c8e3942404dd9eff777d0bf0493d5843e78c69cd2e385dd93b2404322da1d2056d33bf285611481b9f380095114e908d", 0x5f, 0x7, 0x0, 0x1, r10}, &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x3, 0x7, r8, &(0x7f0000000a80)="bc1178b4506e4e9b7735759a38da326bf0287cbfca45ea8e5615ce02c34131b0d42fa324b2fe78ed3332e6db7b791818a6692efefaee8ce16b0a555a24c2c4322a9f848846de73c79c338a8a113327cf523e19", 0x53, 0x77e, 0x0, 0x2, r7}, &(0x7f0000000bc0)={0x0, 0x0, 0x0, 0x8, 0x571, r12, &(0x7f0000000b40)="aa9655f1eed814fadb524b13c180921ba0fc35d6937cc0e3024d00f3c96ad886bdab5e77ff921e137d973a9a0bc46d8a3f66b7a60a92f14829ef8bdd251651c9ab2a98e6d5c73beb72d9271415a26f67e7bbd8284fe47e1844acb4d27f35fa3dffffb32bb70e858dbd5202a282e64b8a70", 0x71, 0x100000001, 0x0, 0x3, r10}])
ioctl$USBDEVFS_CONTROL(r12, 0xc0105500, &(0x7f0000000040)={0x0, 0x3, 0x1, 0x3, 0x0, 0x7, 0x0})
ioctl$USBDEVFS_CLEAR_HALT(r11, 0x80045515, &(0x7f0000000000)={0xb})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r9}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r8}, &(0x7f0000000000), &(0x7f0000000080)=r9}, 0x20)
recvmmsg(r7, &(0x7f0000004580)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000600)=""/179, 0x3514}], 0x1}, 0xffffffff}], 0x1, 0x40000001, 0x0)

kernel console output (not intermixed with test programs):

0
[  707.685813][ T5360] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  707.783576][T19438] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  707.830555][T19438] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  707.854766][ T5360] SELinux: failed to load policy
[  707.903936][T19438] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  707.922658][ T5365] __nla_validate_parse: 19 callbacks suppressed
[  707.922685][ T5365] netlink: 8 bytes leftover after parsing attributes in process `syz.4.12617'.
[  707.948665][T19438] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  707.980154][ T5371] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[  708.058153][ T5369] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12619'.
[  708.171452][ T5386] netlink: 'syz.3.12625': attribute type 1 has an invalid length.
[  708.179379][ T5386] netlink: 224 bytes leftover after parsing attributes in process `syz.3.12625'.
[  708.338817][ T5398] syzkaller0: entered promiscuous mode
[  708.344314][ T5398] syzkaller0: entered allmulticast mode
[  708.579180][ T5411] netlink: 4 bytes leftover after parsing attributes in process `syz.2.12634'.
[  708.906654][ T5432] netlink: 12 bytes leftover after parsing attributes in process `syz.3.12642'.
[  708.934409][ T5432] netlink: 12 bytes leftover after parsing attributes in process `syz.3.12642'.
[  708.948178][ T5435] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  708.990307][ T5435] SELinux: failed to load policy
[  709.068694][ T5432] netlink: 12 bytes leftover after parsing attributes in process `syz.3.12642'.
[  709.139913][   T29] kauditd_printk_skb: 465 callbacks suppressed
[  709.139977][   T29] audit: type=1326 audit(709.128:68229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5442 comm="syz.1.12646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38625eec29 code=0x7ffc0000
[  709.173684][   T29] audit: type=1326 audit(709.158:68230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5442 comm="syz.1.12646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f38625eec29 code=0x7ffc0000
[  709.196694][   T29] audit: type=1326 audit(709.158:68231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5442 comm="syz.1.12646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38625eec29 code=0x7ffc0000
[  709.219819][   T29] audit: type=1326 audit(709.158:68232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5442 comm="syz.1.12646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38625eec29 code=0x7ffc0000
[  709.242858][   T29] audit: type=1326 audit(709.158:68233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5442 comm="syz.1.12646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=244 compat=0 ip=0x7f38625eec29 code=0x7ffc0000
[  709.265822][   T29] audit: type=1326 audit(709.158:68234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5442 comm="syz.1.12646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38625eec29 code=0x7ffc0000
[  709.289094][   T29] audit: type=1326 audit(709.158:68235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5448 comm="syz.4.12638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f540412ec29 code=0x7ffc0000
[  709.312087][   T29] audit: type=1326 audit(709.158:68236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5448 comm="syz.4.12638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f540412ec29 code=0x7ffc0000
[  709.335124][   T29] audit: type=1326 audit(709.158:68237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5448 comm="syz.4.12638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f540412ec29 code=0x7ffc0000
[  709.358085][   T29] audit: type=1326 audit(709.158:68238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5448 comm="syz.4.12638" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f540412ec29 code=0x7ffc0000
[  709.492950][ T5470] netlink: 4 bytes leftover after parsing attributes in process `syz.2.12652'.
[  709.668016][ T5504] netlink: 'syz.3.12666': attribute type 1 has an invalid length.
[  709.675871][ T5504] netlink: 224 bytes leftover after parsing attributes in process `syz.3.12666'.
[  709.723256][ T5507] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12667'.
[  709.745940][ T5507] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  709.763391][ T5507] batman_adv: batadv0: Removing interface: batadv_slave_1
[  709.835158][ T5515] syzkaller0: entered promiscuous mode
[  709.840901][ T5515] syzkaller0: entered allmulticast mode
[  709.862378][ T5517] SELinux: failed to load policy
[  710.076560][ T5540] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[  710.155058][ T5544] SELinux: failed to load policy
[  710.326342][ T5565] syzkaller0: entered promiscuous mode
[  710.331966][ T5565] syzkaller0: entered allmulticast mode
[  711.229174][ T5619] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[  711.279021][ T5627] random: crng reseeded on system resumption
[  711.339056][ T5627] Restarting kernel threads ...
[  711.347788][ T5627] Done restarting kernel threads.
[  711.365451][ T5627] FAULT_INJECTION: forcing a failure.
[  711.365451][ T5627] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  711.378563][ T5627] CPU: 1 UID: 0 PID: 5627 Comm: syz.3.12706 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  711.378594][ T5627] Tainted: [W]=WARN
[  711.378600][ T5627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  711.378664][ T5627] Call Trace:
[  711.378670][ T5627]  <TASK>
[  711.378676][ T5627]  __dump_stack+0x1d/0x30
[  711.378697][ T5627]  dump_stack_lvl+0xe8/0x140
[  711.378717][ T5627]  dump_stack+0x15/0x1b
[  711.378742][ T5627]  should_fail_ex+0x265/0x280
[  711.378763][ T5627]  should_fail+0xb/0x20
[  711.378780][ T5627]  should_fail_usercopy+0x1a/0x20
[  711.378805][ T5627]  _copy_from_user+0x1c/0xb0
[  711.378849][ T5627]  kstrtouint_from_user+0x69/0xf0
[  711.378929][ T5627]  ? 0xffffffff81000000
[  711.378943][ T5627]  ? selinux_file_permission+0x1e4/0x320
[  711.378968][ T5627]  proc_fail_nth_write+0x50/0x160
[  711.379023][ T5627]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  711.379045][ T5627]  vfs_write+0x266/0x960
[  711.379066][ T5627]  ? vfs_read+0x4e6/0x770
[  711.379087][ T5627]  ? __rcu_read_unlock+0x4f/0x70
[  711.379110][ T5627]  ? __fget_files+0x184/0x1c0
[  711.379228][ T5627]  ? finish_task_switch+0xad/0x2b0
[  711.379250][ T5627]  ksys_write+0xda/0x1a0
[  711.379273][ T5627]  __x64_sys_write+0x40/0x50
[  711.379328][ T5627]  x64_sys_call+0x27fe/0x2ff0
[  711.379348][ T5627]  do_syscall_64+0xd2/0x200
[  711.379439][ T5627]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  711.379462][ T5627]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  711.379490][ T5627]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  711.379513][ T5627] RIP: 0033:0x7ff95335d6df
[  711.379528][ T5627] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  711.379543][ T5627] RSP: 002b:00007ff951dc7030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  711.379630][ T5627] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ff95335d6df
[  711.379643][ T5627] RDX: 0000000000000001 RSI: 00007ff951dc70a0 RDI: 0000000000000004
[  711.379657][ T5627] RBP: 00007ff951dc7090 R08: 0000000000000000 R09: 0000000000000000
[  711.379729][ T5627] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  711.379760][ T5627] R13: 00007ff9535a6038 R14: 00007ff9535a5fa0 R15: 00007ffe72c803b8
[  711.379780][ T5627]  </TASK>
[  711.990001][ T5671] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  712.014215][ T5671] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  712.304336][ T5678] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  712.340111][ T5678] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  712.379876][ T5678] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  712.435403][ T5682] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[  712.444995][ T5678] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  712.564093][T19450] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  712.601990][T19450] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  712.610609][T19450] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  712.619029][T19450] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  712.671415][ T5684] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  712.683383][ T5684] batman_adv: batadv0: Removing interface: batadv_slave_1
[  712.926108][ T5713] netlink: 'syz.4.12741': attribute type 1 has an invalid length.
[  712.934124][ T5713] __nla_validate_parse: 11 callbacks suppressed
[  712.934138][ T5713] netlink: 224 bytes leftover after parsing attributes in process `syz.4.12741'.
[  713.093773][ T5735] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[  713.243280][ T5746] loop0: detected capacity change from 0 to 1024
[  713.269995][ T5746] EXT4-fs: Ignoring removed orlov option
[  713.276205][ T5746] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  713.377680][ T5751] SELinux: failed to load policy
[  713.384378][ T5746] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  713.424461][ T5746] netlink: 'syz.0.12754': attribute type 1 has an invalid length.
[  713.432418][ T5746] netlink: 224 bytes leftover after parsing attributes in process `syz.0.12754'.
[  713.466076][ T3258] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  713.552065][ T5764] SELinux: failed to load policy
[  714.049225][ T5790] SELinux: failed to load policy
[  714.135091][ T5794] netlink: 4 bytes leftover after parsing attributes in process `syz.0.12774'.
[  714.201960][ T5807] FAULT_INJECTION: forcing a failure.
[  714.201960][ T5807] name failslab, interval 1, probability 0, space 0, times 0
[  714.214770][ T5807] CPU: 1 UID: 0 PID: 5807 Comm: syz.2.12779 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  714.214800][ T5807] Tainted: [W]=WARN
[  714.214806][ T5807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  714.214873][ T5807] Call Trace:
[  714.214878][ T5807]  <TASK>
[  714.214885][ T5807]  __dump_stack+0x1d/0x30
[  714.214905][ T5807]  dump_stack_lvl+0xe8/0x140
[  714.214921][ T5807]  dump_stack+0x15/0x1b
[  714.214973][ T5807]  should_fail_ex+0x265/0x280
[  714.214993][ T5807]  should_failslab+0x8c/0xb0
[  714.215013][ T5807]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  714.215106][ T5807]  ? shmem_alloc_inode+0x34/0x50
[  714.215124][ T5807]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  714.215141][ T5807]  shmem_alloc_inode+0x34/0x50
[  714.215158][ T5807]  alloc_inode+0x40/0x170
[  714.215176][ T5807]  new_inode+0x1d/0xe0
[  714.215211][ T5807]  shmem_get_inode+0x244/0x750
[  714.215276][ T5807]  __shmem_file_setup+0x113/0x210
[  714.215302][ T5807]  shmem_file_setup+0x3b/0x50
[  714.215316][ T5807]  __se_sys_memfd_create+0x2c3/0x590
[  714.215335][ T5807]  __x64_sys_memfd_create+0x31/0x40
[  714.215428][ T5807]  x64_sys_call+0x2abe/0x2ff0
[  714.215445][ T5807]  do_syscall_64+0xd2/0x200
[  714.215468][ T5807]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  714.215502][ T5807]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  714.215519][ T5807] RIP: 0033:0x7ff2a554ec29
[  714.215541][ T5807] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  714.215555][ T5807] RSP: 002b:00007ff2a3faee18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  714.215571][ T5807] RAX: ffffffffffffffda RBX: 0000000000000507 RCX: 00007ff2a554ec29
[  714.215620][ T5807] RDX: 00007ff2a3faeef0 RSI: 0000000000000000 RDI: 00007ff2a55d2810
[  714.215630][ T5807] RBP: 0000200000001cc0 R08: 00007ff2a3faebb7 R09: 00007ff2a3faee40
[  714.215641][ T5807] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000000
[  714.215656][ T5807] R13: 00007ff2a3faeef0 R14: 00007ff2a3faeeb0 R15: 0000200000000140
[  714.215672][ T5807]  </TASK>
[  714.421183][   T29] kauditd_printk_skb: 775 callbacks suppressed
[  714.421197][   T29] audit: type=1326 audit(714.208:69014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5804 comm="syz.3.12778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  714.450307][   T29] audit: type=1326 audit(714.208:69015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5804 comm="syz.3.12778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  714.475807][   T29] audit: type=1326 audit(714.458:69016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5804 comm="syz.3.12778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  714.498804][   T29] audit: type=1326 audit(714.458:69017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5804 comm="syz.3.12778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  714.523462][   T29] audit: type=1326 audit(714.508:69018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5804 comm="syz.3.12778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  714.546503][   T29] audit: type=1326 audit(714.508:69019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5804 comm="syz.3.12778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  714.575949][   T29] audit: type=1326 audit(714.538:69020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5804 comm="syz.3.12778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff95335d590 code=0x7ffc0000
[  714.599001][   T29] audit: type=1326 audit(714.538:69021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5804 comm="syz.3.12778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  714.621951][   T29] audit: type=1326 audit(714.538:69022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5804 comm="syz.3.12778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  714.644839][   T29] audit: type=1326 audit(714.538:69023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5804 comm="syz.3.12778" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  714.849083][ T5827] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12786'.
[  715.156134][ T5847] netlink: 12 bytes leftover after parsing attributes in process `syz.1.12793'.
[  715.215560][ T5847] netlink: 12 bytes leftover after parsing attributes in process `syz.1.12793'.
[  715.284704][ T5847] netlink: 12 bytes leftover after parsing attributes in process `syz.1.12793'.
[  715.470171][ T5859] netlink: 76 bytes leftover after parsing attributes in process `syz.4.12798'.
[  715.512451][ T5863] netlink: 76 bytes leftover after parsing attributes in process `syz.1.12800'.
[  715.598419][ T5877] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[  715.686531][ T5879] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[  715.709334][ T5887] netlink: 12 bytes leftover after parsing attributes in process `syz.2.12808'.
[  715.861286][ T5908] syzkaller0: entered promiscuous mode
[  715.866785][ T5908] syzkaller0: entered allmulticast mode
[  716.732090][ T5951] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[  716.954017][ T5966] netlink: 'syz.2.12832': attribute type 1 has an invalid length.
[  717.202980][ T5980] 
@0Ù: renamed from bond_slave_1 (while UP)
[  717.456759][ T5995] netlink: 'syz.2.12846': attribute type 1 has an invalid length.
[  717.531203][ T6002] SELinux: failed to load policy
[  717.811948][ T6023] syzkaller0: entered promiscuous mode
[  717.817474][ T6023] syzkaller0: entered allmulticast mode
[  717.944124][ T6048] loop0: detected capacity change from 0 to 164
[  717.960317][ T6048] ISOFS: unable to read i-node block
[  717.966186][ T6048] iso9660: Corrupted directory entry in block 2 of inode 1792
[  717.974764][ T6048] iso9660: Corrupted directory entry in block 2 of inode 1792
[  718.262014][ T6079] loop0: detected capacity change from 0 to 1024
[  718.268367][ T6081] syzkaller0: entered promiscuous mode
[  718.272023][ T6079] EXT4-fs: Ignoring removed orlov option
[  718.273831][ T6081] syzkaller0: entered allmulticast mode
[  718.280272][ T6079] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  718.354613][ T6079] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  718.424750][ T6079] netlink: 'syz.0.12884': attribute type 1 has an invalid length.
[  718.432634][ T6079] __nla_validate_parse: 13 callbacks suppressed
[  718.432647][ T6079] netlink: 224 bytes leftover after parsing attributes in process `syz.0.12884'.
[  718.465820][ T6093] lo speed is unknown, defaulting to 1000
[  718.472625][ T6093] lo speed is unknown, defaulting to 1000
[  718.478545][ T6093] lo speed is unknown, defaulting to 1000
[  718.527218][ T6093] infiniband s
z1: set active
[  718.531991][ T6093] infiniband s
z1: added lo
[  718.536529][ T3410] lo speed is unknown, defaulting to 1000
[  718.537446][ T3258] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  718.569651][ T6093] RDS/IB: s
z1: added
[  718.588547][ T6093] smc: adding ib device s
z1 with port count 1
[  718.594865][ T6093] smc:    ib device s
z1 port 1 has pnetid 
[  718.611647][ T2577] lo speed is unknown, defaulting to 1000
[  718.617466][ T6093] lo speed is unknown, defaulting to 1000
[  718.706745][ T6093] lo speed is unknown, defaulting to 1000
[  718.739850][T19418] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  718.771836][ T6093] lo speed is unknown, defaulting to 1000
[  718.813598][ T6093] lo speed is unknown, defaulting to 1000
[  718.840762][T19418] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  718.889287][T19418] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  718.939912][T19418] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  718.959823][ T6093] lo speed is unknown, defaulting to 1000
[  718.995471][ T6125] syzkaller0: entered promiscuous mode
[  719.001324][ T6125] syzkaller0: entered allmulticast mode
[  719.033012][ T6127] netlink: 8 bytes leftover after parsing attributes in process `syz.0.12899'.
[  719.072700][T19418] gretap0: left allmulticast mode
[  719.077833][T19418] gretap0: left promiscuous mode
[  719.083014][T19418] bridge0: port 3(gretap0) entered disabled state
[  719.111167][T19418] bridge_slave_1: left allmulticast mode
[  719.116908][T19418] bridge_slave_1: left promiscuous mode
[  719.122577][T19418] bridge0: port 2(bridge_slave_1) entered disabled state
[  719.180438][T19418] bridge_slave_0: left allmulticast mode
[  719.186100][T19418] bridge_slave_0: left promiscuous mode
[  719.191817][T19418] bridge0: port 1(bridge_slave_0) entered disabled state
[  719.241032][ T6135] FAULT_INJECTION: forcing a failure.
[  719.241032][ T6135] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  719.254343][ T6135] CPU: 0 UID: 0 PID: 6135 Comm: syz.1.12902 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  719.254440][ T6135] Tainted: [W]=WARN
[  719.254447][ T6135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  719.254459][ T6135] Call Trace:
[  719.254466][ T6135]  <TASK>
[  719.254473][ T6135]  __dump_stack+0x1d/0x30
[  719.254493][ T6135]  dump_stack_lvl+0xe8/0x140
[  719.254510][ T6135]  dump_stack+0x15/0x1b
[  719.254595][ T6135]  should_fail_ex+0x265/0x280
[  719.254616][ T6135]  should_fail_alloc_page+0xf2/0x100
[  719.254638][ T6135]  __alloc_frozen_pages_noprof+0xff/0x360
[  719.254730][ T6135]  alloc_pages_mpol+0xb3/0x250
[  719.254758][ T6135]  alloc_pages_noprof+0x90/0x130
[  719.254855][ T6135]  pte_alloc_one+0x2d/0x120
[  719.254879][ T6135]  __pte_alloc+0x32/0x2b0
[  719.254904][ T6135]  handle_mm_fault+0x1c55/0x2c20
[  719.254969][ T6135]  do_user_addr_fault+0x636/0x1090
[  719.254996][ T6135]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  719.255072][ T6135]  exc_page_fault+0x62/0xa0
[  719.255102][ T6135]  asm_exc_page_fault+0x26/0x30
[  719.255119][ T6135] RIP: 0033:0x7f38624b0ca6
[  719.255133][ T6135] Code: f0 72 6e 48 63 cd 48 01 c1 49 39 4f 08 72 4c 8d 4d ff 85 ed 74 33 66 0f 1f 44 00 00 48 39 f0 72 1b 4d 8b 07 49 89 c1 49 29 f1 <47> 0f b6 0c 08 45 84 c9 74 08 45 88 0c 00 49 8b 47 10 48 83 c0 01
[  719.255148][ T6135] RSP: 002b:00007f386104e4a0 EFLAGS: 00010246
[  719.255206][ T6135] RAX: 0000000000000001 RBX: 00007f386104e540 RCX: 0000000000000101
[  719.255220][ T6135] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 00007f386104e5e0
[  719.255233][ T6135] RBP: 0000000000000102 R08: 00007f3858c2f000 R09: 0000000000000000
[  719.255307][ T6135] R10: 0000000000000000 R11: 00007f386104e550 R12: 0000000000000001
[  719.255318][ T6135] R13: 00007f386268da20 R14: 0000000000000000 R15: 00007f386104e5e0
[  719.255334][ T6135]  </TASK>
[  719.255343][ T6135] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  719.478652][T19418] bond1 (unregistering): (slave ip6erspan0): Releasing active interface
[  719.555692][ T6138] netlink: 8 bytes leftover after parsing attributes in process `syz.1.12903'.
[  719.611570][T19418] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  719.621507][T19418] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  719.632144][T19418] bond0 (unregistering): Released all slaves
[  719.660783][T19418] bond1 (unregistering): Released all slaves
[  719.677379][T19418] bond2 (unregistering): Released all slaves
[  719.692982][ T6093] lo speed is unknown, defaulting to 1000
[  719.756259][ T6133] rdma_rxe: rxe_newlink: failed to add lo
[  719.800876][ T6108] chnl_net:caif_netlink_parms(): no params data found
[  719.820477][T19418] tipc: Disabling bearer <udp:s>
[  719.825621][T19418] tipc: Left network mode
[  719.827467][   T29] kauditd_printk_skb: 482 callbacks suppressed
[  719.827480][   T29] audit: type=1326 audit(719.808:69506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6143 comm="syz.3.12905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  719.887703][   T29] audit: type=1326 audit(719.848:69507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6143 comm="syz.3.12905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  719.910720][   T29] audit: type=1326 audit(719.848:69508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6143 comm="syz.3.12905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  719.933787][   T29] audit: type=1326 audit(719.848:69509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6143 comm="syz.3.12905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  719.956761][   T29] audit: type=1326 audit(719.848:69510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6143 comm="syz.3.12905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  719.979795][   T29] audit: type=1326 audit(719.848:69511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6143 comm="syz.3.12905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  720.002757][   T29] audit: type=1326 audit(719.848:69512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6143 comm="syz.3.12905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  720.025767][   T29] audit: type=1326 audit(719.848:69513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6143 comm="syz.3.12905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  720.048892][   T29] audit: type=1326 audit(719.848:69514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6143 comm="syz.3.12905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  720.071976][   T29] audit: type=1326 audit(719.848:69515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6143 comm="syz.3.12905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  720.163532][T19418] hsr_slave_0: left promiscuous mode
[  720.169346][T19418] hsr_slave_1: left promiscuous mode
[  720.174895][T19418] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  720.182287][T19418] batman_adv: batadv0: Removing interface: batadv_slave_0
[  720.280970][T19418] veth1_macvtap: left promiscuous mode
[  720.304388][T19418] veth0_macvtap: left promiscuous mode
[  720.319518][T19418] veth1_vlan: left promiscuous mode
[  720.343315][T19418] veth0_vlan: left promiscuous mode
[  720.474274][T19418] team0 (unregistering): Port device team_slave_1 removed
[  720.493357][T19418] team0 (unregistering): Port device team_slave_0 removed
[  720.576490][ T6163] syzkaller0: entered promiscuous mode
[  720.582095][ T6163] syzkaller0: entered allmulticast mode
[  720.608557][ T6108] bridge0: port 1(bridge_slave_0) entered blocking state
[  720.615637][ T6108] bridge0: port 1(bridge_slave_0) entered disabled state
[  720.629160][ T6108] bridge_slave_0: entered allmulticast mode
[  720.635786][ T6108] bridge_slave_0: entered promiscuous mode
[  720.658280][ T6108] bridge0: port 2(bridge_slave_1) entered blocking state
[  720.665466][ T6108] bridge0: port 2(bridge_slave_1) entered disabled state
[  720.673460][ T6108] bridge_slave_1: entered allmulticast mode
[  720.680232][ T6108] bridge_slave_1: entered promiscuous mode
[  720.707301][ T6108] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  720.718818][ T6108] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  720.755905][ T6108] team0: Port device team_slave_0 added
[  720.772210][ T6108] team0: Port device team_slave_1 added
[  720.793600][ T6183] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[  720.822985][ T6108] batman_adv: batadv0: Adding interface: batadv_slave_0
[  720.830007][ T6108] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  720.855930][ T6108] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  720.872777][ T6108] batman_adv: batadv0: Adding interface: batadv_slave_1
[  720.879768][ T6108] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  720.905691][ T6108] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  720.936799][ T6108] hsr_slave_0: entered promiscuous mode
[  720.943277][ T6108] hsr_slave_1: entered promiscuous mode
[  720.949557][ T6108] debugfs: 'hsr0' already exists in 'hsr'
[  720.955279][ T6108] Cannot create hsr debugfs directory
[  721.028060][T19418] ------------[ cut here ]------------
[  721.033544][T19418] WARNING: CPU: 1 PID: 19418 at net/xfrm/xfrm_state.c:3303 xfrm_state_fini+0x179/0x1f0
[  721.036082][ T6201] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  721.043265][T19418] Modules linked in:
[  721.055537][T19418] CPU: 1 UID: 0 PID: 19418 Comm: kworker/u8:29 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  721.067195][T19418] Tainted: [W]=WARN
[  721.071007][T19418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  721.077172][ T6201] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  721.081104][T19418] Workqueue: netns cleanup_net
[  721.093552][T19418] RIP: 0010:xfrm_state_fini+0x179/0x1f0
[  721.099159][T19418] Code: 48 8d bb 30 0e 00 00 e8 a5 aa bc fc 48 8b bb 30 0e 00 00 e8 39 2b c9 fc 5b 41 5e 41 5f 5d e9 4e 8e b3 00 cc e8 38 ed a1 fc 90 <0f> 0b 90 e9 d9 fe ff ff e8 2a ed a1 fc 90 0f 0b 90 4c 89 f7 e8 6e
[  721.118854][T19418] RSP: 0018:ffffc9000707fc60 EFLAGS: 00010293
[  721.124915][T19418] RAX: ffffffff84b60c18 RBX: ffff88813e7b8000 RCX: ffff88810275c200
[  721.132973][T19418] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88813e7b8e00
[  721.140979][T19418] RBP: ffffffff86c8b980 R08: 0001ffff86847f7f R09: 0000000000000000
[  721.149126][T19418] R10: ffffc9000707fbe8 R11: 0001c9000707fbe8 R12: ffffffff86c8b9a0
[  721.157139][T19418] R13: ffff88813e7b8028 R14: ffff88813e7b8e00 R15: ffff88813e7b8000
[  721.165165][T19418] FS:  0000000000000000(0000) GS:ffff8882aef40000(0000) knlGS:0000000000000000
[  721.174133][T19418] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  721.180753][T19418] CR2: 000000110c260e1e CR3: 000000013679c000 CR4: 00000000003506f0
[  721.188798][T19418] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  721.196771][T19418] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  721.204779][T19418] Call Trace:
[  721.208092][T19418]  <TASK>
[  721.209793][ T6211] syzkaller0: entered promiscuous mode
[  721.211015][T19418]  xfrm_net_exit+0x2d/0x60
[  721.211039][T19418]  ops_undo_list+0x27b/0x410
[  721.216515][ T6211] syzkaller0: entered allmulticast mode
[  721.220889][T19418]  cleanup_net+0x2de/0x4d0
[  721.235436][T19418]  process_scheduled_works+0x4cb/0x9d0
[  721.240999][T19418]  worker_thread+0x582/0x770
[  721.245617][T19418]  kthread+0x489/0x510
[  721.249746][T19418]  ? finish_task_switch+0xad/0x2b0
[  721.254859][T19418]  ? __pfx_worker_thread+0x10/0x10
[  721.260058][T19418]  ? __pfx_kthread+0x10/0x10
[  721.264645][T19418]  ret_from_fork+0x11f/0x1b0
[  721.269268][T19418]  ? __pfx_kthread+0x10/0x10
[  721.273860][T19418]  ret_from_fork_asm+0x1a/0x30
[  721.278669][T19418]  </TASK>
[  721.281688][T19418] ---[ end trace 0000000000000000 ]---
[  721.287904][T19418] ------------[ cut here ]------------
[  721.293345][T19418] WARNING: CPU: 1 PID: 19418 at net/xfrm/xfrm_state.c:3310 xfrm_state_fini+0x1b9/0x1f0
[  721.302994][T19418] Modules linked in:
[  721.306949][T19418] CPU: 1 UID: 0 PID: 19418 Comm: kworker/u8:29 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  721.318587][T19418] Tainted: [W]=WARN
[  721.322378][T19418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  721.332435][T19418] Workqueue: netns cleanup_net
[  721.337249][T19418] RIP: 0010:xfrm_state_fini+0x1b9/0x1f0
[  721.342809][T19418] Code: aa bc fc 4d 8b 3e e9 06 ff ff ff e8 11 ed a1 fc 90 0f 0b 90 4c 89 f7 e8 55 aa bc fc 4d 8b 3e e9 24 ff ff ff e8 f8 ec a1 fc 90 <0f> 0b 90 4c 89 f7 e8 3c aa bc fc 4d 8b 3e e9 42 ff ff ff e8 df ec
[  721.362499][T19418] RSP: 0018:ffffc9000707fc60 EFLAGS: 00010293
[  721.368579][T19418] RAX: ffffffff84b60c58 RBX: ffff88813e7b8000 RCX: ffff88810275c200
[  721.376536][T19418] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88812fbda280
[  721.384522][T19418] RBP: 0000000000000040 R08: 000188813e7b8e1f R09: 0000000000000000
[  721.392488][T19418] R10: ffff88812fbdabc0 R11: 000188812fbda9ff R12: ffffffff86c8b9a0
[  721.400451][T19418] R13: ffff88813e7b8028 R14: ffff88813e7b8e18 R15: ffff88812fbda280
[  721.408440][T19418] FS:  0000000000000000(0000) GS:ffff8882aef40000(0000) knlGS:0000000000000000
[  721.417376][T19418] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  721.424030][T19418] CR2: 000000110c260e1e CR3: 000000013679c000 CR4: 00000000003506f0
[  721.432003][T19418] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  721.440003][T19418] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  721.448068][T19418] Call Trace:
[  721.451366][T19418]  <TASK>
[  721.454276][T19418]  xfrm_net_exit+0x2d/0x60
[  721.458687][T19418]  ops_undo_list+0x27b/0x410
[  721.463261][T19418]  cleanup_net+0x2de/0x4d0
[  721.467675][T19418]  process_scheduled_works+0x4cb/0x9d0
[  721.473136][T19418]  worker_thread+0x582/0x770
[  721.477826][T19418]  kthread+0x489/0x510
[  721.481956][T19418]  ? finish_task_switch+0xad/0x2b0
[  721.487093][T19418]  ? __pfx_worker_thread+0x10/0x10
[  721.492209][T19418]  ? __pfx_kthread+0x10/0x10
[  721.496811][T19418]  ret_from_fork+0x11f/0x1b0
[  721.501419][T19418]  ? __pfx_kthread+0x10/0x10
[  721.505990][T19418]  ret_from_fork_asm+0x1a/0x30
[  721.510772][T19418]  </TASK>
[  721.513769][T19418] ---[ end trace 0000000000000000 ]---
[  721.519813][T19418] ------------[ cut here ]------------
[  721.525247][T19418] WARNING: CPU: 1 PID: 19418 at net/xfrm/xfrm_state.c:3312 xfrm_state_fini+0x1d2/0x1f0
[  721.534950][T19418] Modules linked in:
[  721.538849][T19418] CPU: 1 UID: 0 PID: 19418 Comm: kworker/u8:29 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  721.550472][T19418] Tainted: [W]=WARN
[  721.554250][T19418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  721.564365][T19418] Workqueue: netns cleanup_net
[  721.569144][T19418] RIP: 0010:xfrm_state_fini+0x1d2/0x1f0
[  721.574687][T19418] Code: aa bc fc 4d 8b 3e e9 24 ff ff ff e8 f8 ec a1 fc 90 0f 0b 90 4c 89 f7 e8 3c aa bc fc 4d 8b 3e e9 42 ff ff ff e8 df ec a1 fc 90 <0f> 0b 90 4c 89 f7 e8 23 aa bc fc 4d 8b 3e e9 60 ff ff ff 66 66 2e
[  721.594344][T19418] RSP: 0018:ffffc9000707fc60 EFLAGS: 00010293
[  721.600407][T19418] RAX: ffffffff84b60c71 RBX: ffff88813e7b8000 RCX: ffff88810275c200
[  721.608375][T19418] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88812fbda140
[  721.616325][T19418] RBP: 0000000000000040 R08: 000188813e7b8e17 R09: 0000000000000000
[  721.624365][T19418] R10: ffff88812fbda9c0 R11: 000188812fbda2bf R12: ffffffff86c8b9a0
[  721.632349][T19418] R13: ffff88813e7b8028 R14: ffff88813e7b8e10 R15: ffff88812fbda140
[  721.640392][T19418] FS:  0000000000000000(0000) GS:ffff8882aef40000(0000) knlGS:0000000000000000
[  721.649314][T19418] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  721.655875][T19418] CR2: 000000110c260e1e CR3: 000000013679c000 CR4: 00000000003506f0
[  721.663847][T19418] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  721.671857][T19418] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  721.679878][T19418] Call Trace:
[  721.683145][T19418]  <TASK>
[  721.686061][T19418]  xfrm_net_exit+0x2d/0x60
[  721.690478][T19418]  ops_undo_list+0x27b/0x410
[  721.695050][T19418]  cleanup_net+0x2de/0x4d0
[  721.699532][T19418]  process_scheduled_works+0x4cb/0x9d0
[  721.705076][T19418]  worker_thread+0x582/0x770
[  721.709682][T19418]  kthread+0x489/0x510
[  721.713738][T19418]  ? finish_task_switch+0xad/0x2b0
[  721.718880][T19418]  ? __pfx_worker_thread+0x10/0x10
[  721.723997][T19418]  ? __pfx_kthread+0x10/0x10
[  721.728678][T19418]  ret_from_fork+0x11f/0x1b0
[  721.733316][T19418]  ? __pfx_kthread+0x10/0x10
[  721.737929][T19418]  ret_from_fork_asm+0x1a/0x30
[  721.742766][T19418]  </TASK>
[  721.745845][T19418] ---[ end trace 0000000000000000 ]---
[  722.072320][ T6233] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  722.369026][ T6233] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  722.385522][ T6239] s
z1: rxe_newlink: already configured on lo
[  722.394551][ T6245] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  722.403180][ T6245] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  722.419182][ T6233] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  722.500854][ T6108] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  722.527816][ T6233] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  722.538658][ T6108] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  722.548491][ T6108] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  722.557369][ T6108] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  722.698821][ T6260] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  722.710411][T19418] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  722.720984][T19418] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  722.730289][T19418] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  722.741599][T19418] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  722.760028][ T6260] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  722.850292][ T6260] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  722.889974][ T6260] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  723.014634][T19446] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  723.025672][T19446] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  723.084468][ T6108] 8021q: adding VLAN 0 to HW filter on device bond0
[  723.096325][ T6108] 8021q: adding VLAN 0 to HW filter on device team0
[  723.105504][T19446] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  723.114604][T19455] bridge0: port 1(bridge_slave_0) entered blocking state
[  723.121689][T19455] bridge0: port 1(bridge_slave_0) entered forwarding state
[  723.139798][T19446] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  723.152580][T19450] bridge0: port 2(bridge_slave_1) entered blocking state
[  723.159895][T19450] bridge0: port 2(bridge_slave_1) entered forwarding state
[  723.251177][ T6108] 8021q: adding VLAN 0 to HW filter on device batadv0
[  723.409620][ T6281] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[  723.424784][ T6108] veth0_vlan: entered promiscuous mode
[  723.442616][ T6108] veth1_vlan: entered promiscuous mode
[  723.458812][ T6108] veth0_macvtap: entered promiscuous mode
[  723.466006][ T6108] veth1_macvtap: entered promiscuous mode
[  723.480307][ T6108] batman_adv: batadv0: Interface activated: batadv_slave_0
[  723.492184][ T6108] batman_adv: batadv0: Interface activated: batadv_slave_1
[  723.505129][T19418] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  723.530397][T19418] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  723.545510][ T6292] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[  723.549833][T19418] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  723.554065][ T6293] netlink: 76 bytes leftover after parsing attributes in process `syz.3.12947'.
[  723.574880][T19418] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  723.660937][ T6305] loop0: detected capacity change from 0 to 164
[  723.669742][ T6305] Unable to read rock-ridge attributes
[  723.683669][ T6307] bridge0: port 3(gretap0) entered blocking state
[  723.690209][ T6307] bridge0: port 3(gretap0) entered disabled state
[  723.707281][ T6307] gretap0: entered allmulticast mode
[  723.713363][ T6307] gretap0: entered promiscuous mode
[  723.720129][ T6307] bridge0: port 3(gretap0) entered blocking state
[  723.726661][ T6307] bridge0: port 3(gretap0) entered forwarding state
[  723.945720][ T6318] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12957'.
[  724.206776][ T6327] lo speed is unknown, defaulting to 1000
[  724.482667][ T6330] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[  724.656051][ T6332] netlink: 4 bytes leftover after parsing attributes in process `syz.0.12962'.
[  724.816508][ T6343] netlink: 'syz.4.12965': attribute type 1 has an invalid length.
[  724.824412][ T6343] netlink: 224 bytes leftover after parsing attributes in process `syz.4.12965'.
[  724.850365][   T29] kauditd_printk_skb: 465 callbacks suppressed
[  724.850391][   T29] audit: type=1326 audit(724.838:69981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6342 comm="syz.4.12965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f601509ec29 code=0x7ffc0000
[  724.895922][   T29] audit: type=1326 audit(724.838:69982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6342 comm="syz.4.12965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f601509ec29 code=0x7ffc0000
[  724.918968][   T29] audit: type=1326 audit(724.838:69983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6342 comm="syz.4.12965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f601509ec29 code=0x7ffc0000
[  724.978283][   T29] audit: type=1400 audit(724.968:69984): avc:  denied  { load_policy } for  pid=6346 comm="syz.4.12967" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  724.984451][ T6347] SELinux: failed to load policy
[  725.019339][ T6350] netlink: 12 bytes leftover after parsing attributes in process `syz.1.12968'.
[  725.056798][ T6350] netlink: 12 bytes leftover after parsing attributes in process `syz.1.12968'.
[  725.090240][ T6350] netlink: 12 bytes leftover after parsing attributes in process `syz.1.12968'.
[  725.114736][   T29] audit: type=1326 audit(725.098:69985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6363 comm="syz.3.12973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  725.143516][   T29] audit: type=1326 audit(725.098:69986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6363 comm="syz.3.12973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  725.166567][   T29] audit: type=1326 audit(725.098:69987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6363 comm="syz.3.12973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  725.189440][   T29] audit: type=1326 audit(725.098:69988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6363 comm="syz.3.12973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  725.212404][   T29] audit: type=1326 audit(725.098:69989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6363 comm="syz.3.12973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  725.235394][   T29] audit: type=1326 audit(725.098:69990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6363 comm="syz.3.12973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  725.317144][ T6374] netlink: 12 bytes leftover after parsing attributes in process `syz.4.12977'.
[  725.350925][ T6374] netlink: 12 bytes leftover after parsing attributes in process `syz.4.12977'.
[  725.449681][ T6374] netlink: 12 bytes leftover after parsing attributes in process `syz.4.12977'.
[  725.556278][ T6387] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  725.570237][ T6387] batman_adv: batadv0: Removing interface: batadv_slave_1
[  725.944303][ T6416] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[  726.039150][ T6426] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  726.053446][ T6426] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  727.204428][ T6473] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  727.236568][ T2577] IPVS: starting estimator thread 0...
[  727.247176][ T6488] program syz.1.13016 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  727.328256][ T6486] IPVS: using max 2736 ests per chain, 136800 per kthread
[  727.432246][ T6503] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  727.440829][ T6503] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  727.454747][ T6503] loop1: detected capacity change from 0 to 1024
[  727.695026][ T6513] loop1: detected capacity change from 0 to 512
[  727.701636][ T6513] ext4: Unknown parameter 'permit_directio'
[  727.716980][ T6513] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  727.819714][ T6513] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  727.861693][ T6513] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  727.911607][ T6513] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  728.044463][T19455] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  728.060443][T19455] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  728.069060][T19455] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  728.095440][T19455] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  728.127236][ T6521] netlink: 'syz.4.13031': attribute type 1 has an invalid length.
[  728.258003][ T6546] FAULT_INJECTION: forcing a failure.
[  728.258003][ T6546] name failslab, interval 1, probability 0, space 0, times 0
[  728.270706][ T6546] CPU: 1 UID: 0 PID: 6546 Comm: syz.2.13041 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  728.270790][ T6546] Tainted: [W]=WARN
[  728.270798][ T6546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  728.270809][ T6546] Call Trace:
[  728.270815][ T6546]  <TASK>
[  728.270822][ T6546]  __dump_stack+0x1d/0x30
[  728.270843][ T6546]  dump_stack_lvl+0xe8/0x140
[  728.270861][ T6546]  dump_stack+0x15/0x1b
[  728.270945][ T6546]  should_fail_ex+0x265/0x280
[  728.270969][ T6546]  should_failslab+0x8c/0xb0
[  728.270994][ T6546]  __kmalloc_noprof+0xa5/0x3e0
[  728.271053][ T6546]  ? security_prepare_creds+0x52/0x120
[  728.271076][ T6546]  security_prepare_creds+0x52/0x120
[  728.271098][ T6546]  prepare_creds+0x34a/0x4c0
[  728.271121][ T6546]  lookup_user_key+0x12a/0xd10
[  728.271150][ T6546]  ? __pfx_lookup_user_key_possessed+0x10/0x10
[  728.271291][ T6546]  __se_sys_add_key+0x263/0x350
[  728.271315][ T6546]  __x64_sys_add_key+0x67/0x80
[  728.271414][ T6546]  x64_sys_call+0x28c4/0x2ff0
[  728.271434][ T6546]  do_syscall_64+0xd2/0x200
[  728.271460][ T6546]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  728.271557][ T6546]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  728.271659][ T6546]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  728.271677][ T6546] RIP: 0033:0x7ff2a554ec29
[  728.271694][ T6546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  728.271711][ T6546] RSP: 002b:00007ff2a3faf038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8
[  728.271732][ T6546] RAX: ffffffffffffffda RBX: 00007ff2a5795fa0 RCX: 00007ff2a554ec29
[  728.271746][ T6546] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000200000000340
[  728.271759][ T6546] RBP: 00007ff2a3faf090 R08: ffffffffffffffff R09: 0000000000000000
[  728.271826][ T6546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  728.271837][ T6546] R13: 00007ff2a5796038 R14: 00007ff2a5795fa0 R15: 00007ffefc10e7a8
[  728.271852][ T6546]  </TASK>
[  728.580107][ T6553] netlink: 'syz.4.13044': attribute type 1 has an invalid length.
[  728.588035][ T6553] __nla_validate_parse: 11 callbacks suppressed
[  728.588050][ T6553] netlink: 224 bytes leftover after parsing attributes in process `syz.4.13044'.
[  728.716689][ T6575] lo speed is unknown, defaulting to 1000
[  729.095861][ T6597] tun0: tun_chr_ioctl cmd 1074812118
[  729.104780][ T6597] FAULT_INJECTION: forcing a failure.
[  729.104780][ T6597] name failslab, interval 1, probability 0, space 0, times 0
[  729.118020][ T6597] CPU: 1 UID: 0 PID: 6597 Comm: syz.2.13058 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  729.118065][ T6597] Tainted: [W]=WARN
[  729.118071][ T6597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  729.118082][ T6597] Call Trace:
[  729.118087][ T6597]  <TASK>
[  729.118094][ T6597]  __dump_stack+0x1d/0x30
[  729.118114][ T6597]  dump_stack_lvl+0xe8/0x140
[  729.118133][ T6597]  dump_stack+0x15/0x1b
[  729.118148][ T6597]  should_fail_ex+0x265/0x280
[  729.118199][ T6597]  should_failslab+0x8c/0xb0
[  729.118299][ T6597]  __kmalloc_noprof+0xa5/0x3e0
[  729.118366][ T6597]  ? copy_splice_read+0xc2/0x660
[  729.118383][ T6597]  copy_splice_read+0xc2/0x660
[  729.118403][ T6597]  ? __pfx_copy_splice_read+0x10/0x10
[  729.118428][ T6597]  splice_direct_to_actor+0x26c/0x680
[  729.118500][ T6597]  ? __pfx_direct_splice_actor+0x10/0x10
[  729.118525][ T6597]  do_splice_direct+0xda/0x150
[  729.118541][ T6597]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  729.118562][ T6597]  do_sendfile+0x380/0x650
[  729.118589][ T6597]  __x64_sys_sendfile64+0x105/0x150
[  729.118631][ T6597]  x64_sys_call+0x2bb0/0x2ff0
[  729.118649][ T6597]  do_syscall_64+0xd2/0x200
[  729.118674][ T6597]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  729.118805][ T6597]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  729.118829][ T6597]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  729.118854][ T6597] RIP: 0033:0x7ff2a554ec29
[  729.118867][ T6597] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  729.118925][ T6597] RSP: 002b:00007ff2a3faf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  729.118942][ T6597] RAX: ffffffffffffffda RBX: 00007ff2a5795fa0 RCX: 00007ff2a554ec29
[  729.118954][ T6597] RDX: 0000000000000000 RSI: 000000000000000a RDI: 0000000000000009
[  729.118965][ T6597] RBP: 00007ff2a3faf090 R08: 0000000000000000 R09: 0000000000000000
[  729.119035][ T6597] R10: 0000080000000007 R11: 0000000000000246 R12: 0000000000000001
[  729.119046][ T6597] R13: 00007ff2a5796038 R14: 00007ff2a5795fa0 R15: 00007ffefc10e7a8
[  729.119062][ T6597]  </TASK>
[  729.120143][ T6599] FAULT_INJECTION: forcing a failure.
[  729.120143][ T6599] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  729.341888][ T6599] CPU: 0 UID: 0 PID: 6599 Comm: syz.4.13059 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  729.341917][ T6599] Tainted: [W]=WARN
[  729.341922][ T6599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  729.341934][ T6599] Call Trace:
[  729.341941][ T6599]  <TASK>
[  729.341951][ T6599]  __dump_stack+0x1d/0x30
[  729.341988][ T6599]  dump_stack_lvl+0xe8/0x140
[  729.342005][ T6599]  dump_stack+0x15/0x1b
[  729.342048][ T6599]  should_fail_ex+0x265/0x280
[  729.342080][ T6599]  should_fail+0xb/0x20
[  729.342152][ T6599]  should_fail_usercopy+0x1a/0x20
[  729.342176][ T6599]  _copy_from_iter+0xd2/0xe80
[  729.342205][ T6599]  ? __build_skb_around+0x1a0/0x200
[  729.342303][ T6599]  ? __alloc_skb+0x223/0x320
[  729.342328][ T6599]  netlink_sendmsg+0x471/0x6b0
[  729.342369][ T6599]  ? __pfx_netlink_sendmsg+0x10/0x10
[  729.342391][ T6599]  __sock_sendmsg+0x142/0x180
[  729.342471][ T6599]  ____sys_sendmsg+0x31e/0x4e0
[  729.342530][ T6599]  ___sys_sendmsg+0x17b/0x1d0
[  729.342564][ T6599]  __x64_sys_sendmsg+0xd4/0x160
[  729.342588][ T6599]  x64_sys_call+0x191e/0x2ff0
[  729.342668][ T6599]  do_syscall_64+0xd2/0x200
[  729.342699][ T6599]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  729.342844][ T6599]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  729.342862][ T6599] RIP: 0033:0x7f601509ec29
[  729.342876][ T6599] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  729.342890][ T6599] RSP: 002b:00007f6013b07038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  729.342953][ T6599] RAX: ffffffffffffffda RBX: 00007f60152e5fa0 RCX: 00007f601509ec29
[  729.342967][ T6599] RDX: 000000000000c000 RSI: 0000200000000080 RDI: 0000000000000003
[  729.342980][ T6599] RBP: 00007f6013b07090 R08: 0000000000000000 R09: 0000000000000000
[  729.342993][ T6599] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  729.343006][ T6599] R13: 00007f60152e6038 R14: 00007f60152e5fa0 R15: 00007ffcbf93ab08
[  729.343022][ T6599]  </TASK>
[  729.571725][ T6607] netlink: 24 bytes leftover after parsing attributes in process `syz.4.13062'.
[  729.720820][ T6630] netlink: 8 bytes leftover after parsing attributes in process `syz.0.13071'.
[  729.862076][   T29] kauditd_printk_skb: 774 callbacks suppressed
[  729.862090][   T29] audit: type=1400 audit(729.848:70765): avc:  denied  { create } for  pid=6639 comm="syz.3.13074" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  730.090743][   T29] audit: type=1326 audit(730.068:70766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6650 comm="syz.2.13076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2a554ec29 code=0x7ffc0000
[  730.113742][   T29] audit: type=1326 audit(730.068:70767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6650 comm="syz.2.13076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=160 compat=0 ip=0x7ff2a554ec29 code=0x7ffc0000
[  730.136907][   T29] audit: type=1326 audit(730.068:70768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6650 comm="syz.2.13076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2a554ec29 code=0x7ffc0000
[  730.159916][   T29] audit: type=1326 audit(730.068:70769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6650 comm="syz.2.13076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=87 compat=0 ip=0x7ff2a554ec29 code=0x7ffc0000
[  730.182846][   T29] audit: type=1326 audit(730.068:70770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6650 comm="syz.2.13076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2a554ec29 code=0x7ffc0000
[  730.205816][   T29] audit: type=1326 audit(730.068:70771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6650 comm="syz.2.13076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2a554ec29 code=0x7ffc0000
[  730.229418][   T29] audit: type=1326 audit(730.128:70772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6652 comm="syz.2.13077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2a554ec29 code=0x7ffc0000
[  730.252514][   T29] audit: type=1326 audit(730.128:70773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6652 comm="syz.2.13077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2a554ec29 code=0x7ffc0000
[  730.275560][   T29] audit: type=1326 audit(730.138:70774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6652 comm="syz.2.13077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7ff2a554ec29 code=0x7ffc0000
[  730.719744][ T6680] rdma_rxe: rxe_newlink: failed to add lo
[  730.725864][ T6680] syzkaller0: entered promiscuous mode
[  730.731919][ T6679] syzkaller0: left promiscuous mode
[  730.855289][ T6694] netlink: 8 bytes leftover after parsing attributes in process `syz.1.13095'.
[  730.879011][T19446] tipc: Subscription rejected, illegal request
[  730.954602][ T6698] SELinux: failed to load policy
[  731.290331][ T6710] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  731.313826][   T10] IPVS: starting estimator thread 0...
[  731.417630][ T6712] IPVS: using max 2688 ests per chain, 134400 per kthread
[  731.966329][ T6730] syzkaller0: entered promiscuous mode
[  731.971870][ T6730] syzkaller0: entered allmulticast mode
[  732.151146][ T6752] s
z1: rxe_newlink: already configured on lo
[  732.167621][ T6752] syzkaller0: entered promiscuous mode
[  732.173653][ T6750] syzkaller0: left promiscuous mode
[  732.581118][ T6778] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  732.594432][   T10] IPVS: starting estimator thread 0...
[  732.687679][ T6779] IPVS: using max 2784 ests per chain, 139200 per kthread
[  732.719036][ T6791] netlink: 'syz.2.13129': attribute type 1 has an invalid length.
[  732.726898][ T6791] netlink: 224 bytes leftover after parsing attributes in process `syz.2.13129'.
[  732.795166][ T6795] syzkaller0: entered promiscuous mode
[  732.800764][ T6795] syzkaller0: entered allmulticast mode
[  732.873257][ T6799] syzkaller0: entered promiscuous mode
[  732.878871][ T6799] syzkaller0: entered allmulticast mode
[  732.955769][ T6809] netlink: 4 bytes leftover after parsing attributes in process `syz.4.13136'.
[  733.087119][ T6819] netlink: 'syz.3.13142': attribute type 1 has an invalid length.
[  733.095042][ T6819] netlink: 224 bytes leftover after parsing attributes in process `syz.3.13142'.
[  733.438646][ T6844] rdma_rxe: rxe_newlink: failed to add lo
[  733.444850][ T6844] syzkaller0: entered promiscuous mode
[  733.450945][ T6843] syzkaller0: left promiscuous mode
[  733.538480][ T6853] syzkaller0: entered promiscuous mode
[  733.544003][ T6853] syzkaller0: entered allmulticast mode
[  733.630189][ T6850] netlink: 76 bytes leftover after parsing attributes in process `syz.2.13154'.
[  733.683920][ T6864] FAULT_INJECTION: forcing a failure.
[  733.683920][ T6864] name failslab, interval 1, probability 0, space 0, times 0
[  733.696624][ T6864] CPU: 0 UID: 0 PID: 6864 Comm: syz.0.13158 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  733.696652][ T6864] Tainted: [W]=WARN
[  733.696658][ T6864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  733.696719][ T6864] Call Trace:
[  733.696724][ T6864]  <TASK>
[  733.696731][ T6864]  __dump_stack+0x1d/0x30
[  733.696751][ T6864]  dump_stack_lvl+0xe8/0x140
[  733.696767][ T6864]  dump_stack+0x15/0x1b
[  733.696783][ T6864]  should_fail_ex+0x265/0x280
[  733.696896][ T6864]  should_failslab+0x8c/0xb0
[  733.696918][ T6864]  kmem_cache_alloc_node_noprof+0x57/0x320
[  733.696942][ T6864]  ? __alloc_skb+0x101/0x320
[  733.696963][ T6864]  __alloc_skb+0x101/0x320
[  733.696986][ T6864]  netlink_alloc_large_skb+0xba/0xf0
[  733.697083][ T6864]  netlink_sendmsg+0x3cf/0x6b0
[  733.697111][ T6864]  ? __pfx_netlink_sendmsg+0x10/0x10
[  733.697133][ T6864]  __sock_sendmsg+0x142/0x180
[  733.697159][ T6864]  ____sys_sendmsg+0x31e/0x4e0
[  733.697279][ T6864]  ___sys_sendmsg+0x17b/0x1d0
[  733.697310][ T6864]  __x64_sys_sendmsg+0xd4/0x160
[  733.697339][ T6864]  x64_sys_call+0x191e/0x2ff0
[  733.697391][ T6864]  do_syscall_64+0xd2/0x200
[  733.697419][ T6864]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  733.697442][ T6864]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  733.697465][ T6864]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  733.697568][ T6864] RIP: 0033:0x7ff7a5afec29
[  733.697590][ T6864] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  733.697605][ T6864] RSP: 002b:00007ff7a455f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  733.697622][ T6864] RAX: ffffffffffffffda RBX: 00007ff7a5d45fa0 RCX: 00007ff7a5afec29
[  733.697634][ T6864] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000005
[  733.697645][ T6864] RBP: 00007ff7a455f090 R08: 0000000000000000 R09: 0000000000000000
[  733.697670][ T6864] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  733.697693][ T6864] R13: 00007ff7a5d46038 R14: 00007ff7a5d45fa0 R15: 00007ffffa8c4ff8
[  733.697768][ T6864]  </TASK>
[  734.042765][ T6883] syzkaller0: entered promiscuous mode
[  734.048365][ T6883] syzkaller0: entered allmulticast mode
[  734.075083][ T6890] netlink: 8 bytes leftover after parsing attributes in process `syz.4.13169'.
[  734.127011][ T6893] syzkaller0: entered promiscuous mode
[  734.132626][ T6893] syzkaller0: entered allmulticast mode
[  734.189180][ T6896] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13171'.
[  734.232117][ T6900] FAULT_INJECTION: forcing a failure.
[  734.232117][ T6900] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  734.245238][ T6900] CPU: 1 UID: 0 PID: 6900 Comm: syz.1.13173 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  734.245312][ T6900] Tainted: [W]=WARN
[  734.245319][ T6900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  734.245331][ T6900] Call Trace:
[  734.245340][ T6900]  <TASK>
[  734.245348][ T6900]  __dump_stack+0x1d/0x30
[  734.245370][ T6900]  dump_stack_lvl+0xe8/0x140
[  734.245389][ T6900]  dump_stack+0x15/0x1b
[  734.245427][ T6900]  should_fail_ex+0x265/0x280
[  734.245449][ T6900]  should_fail+0xb/0x20
[  734.245470][ T6900]  should_fail_usercopy+0x1a/0x20
[  734.245497][ T6900]  _copy_from_iter+0xd2/0xe80
[  734.245544][ T6900]  ? alloc_pages_mpol+0x201/0x250
[  734.245573][ T6900]  copy_page_from_iter+0x178/0x2a0
[  734.245598][ T6900]  tun_get_user+0x679/0x2680
[  734.245623][ T6900]  ? ref_tracker_alloc+0x1f2/0x2f0
[  734.245655][ T6900]  tun_chr_write_iter+0x15e/0x210
[  734.245673][ T6900]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  734.245689][ T6900]  vfs_write+0x527/0x960
[  734.245843][ T6900]  ksys_write+0xda/0x1a0
[  734.245941][ T6900]  __x64_sys_write+0x40/0x50
[  734.245964][ T6900]  x64_sys_call+0x27fe/0x2ff0
[  734.245993][ T6900]  do_syscall_64+0xd2/0x200
[  734.246018][ T6900]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  734.246149][ T6900]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  734.246173][ T6900]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  734.246261][ T6900] RIP: 0033:0x7f38625ed6df
[  734.246277][ T6900] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  734.246291][ T6900] RSP: 002b:00007f386104f000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  734.246308][ T6900] RAX: ffffffffffffffda RBX: 00007f3862835fa0 RCX: 00007f38625ed6df
[  734.246319][ T6900] RDX: 000000000000004a RSI: 0000200000000000 RDI: 00000000000000c8
[  734.246366][ T6900] RBP: 00007f386104f090 R08: 0000000000000000 R09: 0000000000000000
[  734.246377][ T6900] R10: 000000000000004a R11: 0000000000000293 R12: 0000000000000001
[  734.246390][ T6900] R13: 00007f3862836038 R14: 00007f3862835fa0 R15: 00007ffca2ddd9a8
[  734.246410][ T6900]  </TASK>
[  734.886935][ T6879] netlink: 4 bytes leftover after parsing attributes in process `syz.2.13164'.
[  734.928927][ T6879] netlink: 12 bytes leftover after parsing attributes in process `syz.2.13164'.
[  734.942813][ T6879] netlink: 156 bytes leftover after parsing attributes in process `syz.2.13164'.
[  735.085336][   T29] kauditd_printk_skb: 755 callbacks suppressed
[  735.085350][   T29] audit: type=1326 audit(735.068:71530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6912 comm="syz.1.13176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38625eec29 code=0x7ffc0000
[  735.140244][   T29] audit: type=1326 audit(735.098:71531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6912 comm="syz.1.13176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=198 compat=0 ip=0x7f38625eec29 code=0x7ffc0000
[  735.163328][   T29] audit: type=1326 audit(735.098:71532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6912 comm="syz.1.13176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38625eec29 code=0x7ffc0000
[  735.186305][   T29] audit: type=1326 audit(735.098:71533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6912 comm="syz.1.13176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f38625eec29 code=0x7ffc0000
[  735.209299][   T29] audit: type=1326 audit(735.108:71534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6912 comm="syz.1.13176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38625eec29 code=0x7ffc0000
[  735.232554][   T29] audit: type=1326 audit(735.108:71535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6912 comm="syz.1.13176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f38625eec29 code=0x7ffc0000
[  735.255622][   T29] audit: type=1326 audit(735.108:71536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6912 comm="syz.1.13176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38625eec29 code=0x7ffc0000
[  735.278902][   T29] audit: type=1326 audit(735.108:71537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6912 comm="syz.1.13176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f38625eec29 code=0x7ffc0000
[  735.301887][   T29] audit: type=1326 audit(735.108:71538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6912 comm="syz.1.13176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38625eec29 code=0x7ffc0000
[  735.325272][   T29] audit: type=1326 audit(735.108:71539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6912 comm="syz.1.13176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f38625eec29 code=0x7ffc0000
[  735.488145][ T6922] netlink: 64691 bytes leftover after parsing attributes in process `syz.0.13180'.
[  735.736796][ T6932] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  735.909316][ T6951] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13192'.
[  736.053360][ T6962] vlan2: entered allmulticast mode
[  736.282175][ T6967] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  736.327861][ T6975] rdma_rxe: rxe_newlink: failed to add lo
[  736.368467][ T6981] syzkaller0: entered promiscuous mode
[  736.374058][ T6981] syzkaller0: entered allmulticast mode
[  736.646546][ T6995] FAULT_INJECTION: forcing a failure.
[  736.646546][ T6995] name failslab, interval 1, probability 0, space 0, times 0
[  736.659224][ T6995] CPU: 0 UID: 0 PID: 6995 Comm: syz.2.13210 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  736.659298][ T6995] Tainted: [W]=WARN
[  736.659305][ T6995] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  736.659394][ T6995] Call Trace:
[  736.659401][ T6995]  <TASK>
[  736.659408][ T6995]  __dump_stack+0x1d/0x30
[  736.659450][ T6995]  dump_stack_lvl+0xe8/0x140
[  736.659470][ T6995]  dump_stack+0x15/0x1b
[  736.659487][ T6995]  should_fail_ex+0x265/0x280
[  736.659511][ T6995]  should_failslab+0x8c/0xb0
[  736.659562][ T6995]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  736.659586][ T6995]  ? __d_alloc+0x3d/0x340
[  736.659662][ T6995]  __d_alloc+0x3d/0x340
[  736.659693][ T6995]  ? mpol_shared_policy_init+0xbd/0x4c0
[  736.659770][ T6995]  d_alloc_pseudo+0x1e/0x80
[  736.659798][ T6995]  alloc_file_pseudo+0x71/0x160
[  736.659847][ T6995]  __shmem_file_setup+0x1de/0x210
[  736.659914][ T6995]  shmem_file_setup+0x3b/0x50
[  736.659933][ T6995]  __se_sys_memfd_create+0x2c3/0x590
[  736.659969][ T6995]  __x64_sys_memfd_create+0x31/0x40
[  736.660036][ T6995]  x64_sys_call+0x2abe/0x2ff0
[  736.660059][ T6995]  do_syscall_64+0xd2/0x200
[  736.660090][ T6995]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  736.660152][ T6995]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  736.660177][ T6995]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  736.660279][ T6995] RIP: 0033:0x7ff2a554ec29
[  736.660296][ T6995] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  736.660313][ T6995] RSP: 002b:00007ff2a3f8de18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  736.660333][ T6995] RAX: ffffffffffffffda RBX: 000000000000042f RCX: 00007ff2a554ec29
[  736.660347][ T6995] RDX: 00007ff2a3f8def0 RSI: 0000000000000000 RDI: 00007ff2a55d2810
[  736.660358][ T6995] RBP: 0000200000000940 R08: 00007ff2a3f8dbb7 R09: 00007ff2a3f8de40
[  736.660408][ T6995] R10: 000000000000000a R11: 0000000000000202 R12: 00002000000001c0
[  736.660419][ T6995] R13: 00007ff2a3f8def0 R14: 00007ff2a3f8deb0 R15: 0000200000000200
[  736.660434][ T6995]  </TASK>
[  737.079764][ T6998] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  737.109268][ T2577] IPVS: starting estimator thread 0...
[  737.197627][ T7012] IPVS: using max 2736 ests per chain, 136800 per kthread
[  737.630267][ T7031] s
z1: rxe_newlink: already configured on lo
[  737.671702][ T7045] netlink: 32 bytes leftover after parsing attributes in process `syz.4.13230'.
[  738.011828][ T7061] netlink: 12 bytes leftover after parsing attributes in process `syz.2.13237'.
[  738.682959][ T7102] __nla_validate_parse: 2 callbacks suppressed
[  738.682973][ T7102] netlink: 32 bytes leftover after parsing attributes in process `syz.3.13255'.
[  738.895384][ T7134] netlink: 4 bytes leftover after parsing attributes in process `syz.1.13265'.
[  738.897786][ T7135] FAULT_INJECTION: forcing a failure.
[  738.897786][ T7135] name failslab, interval 1, probability 0, space 0, times 0
[  738.916969][ T7135] CPU: 1 UID: 0 PID: 7135 Comm: syz.2.13266 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  738.917045][ T7135] Tainted: [W]=WARN
[  738.917052][ T7135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  738.917064][ T7135] Call Trace:
[  738.917070][ T7135]  <TASK>
[  738.917078][ T7135]  __dump_stack+0x1d/0x30
[  738.917100][ T7135]  dump_stack_lvl+0xe8/0x140
[  738.917165][ T7135]  dump_stack+0x15/0x1b
[  738.917182][ T7135]  should_fail_ex+0x265/0x280
[  738.917207][ T7135]  should_failslab+0x8c/0xb0
[  738.917231][ T7135]  kmem_cache_alloc_node_noprof+0x57/0x320
[  738.917360][ T7135]  ? __alloc_skb+0x101/0x320
[  738.917381][ T7135]  __alloc_skb+0x101/0x320
[  738.917402][ T7135]  inet6_rt_notify+0x8b/0x1d0
[  738.917426][ T7135]  fib6_del+0x783/0x8b0
[  738.917444][ T7135]  ? copy_from_kernel_nofault_allowed+0x9c/0xc0
[  738.917521][ T7135]  ? fib6_ifdown+0xce/0x330
[  738.917557][ T7135]  ? fib6_clean_node+0x1ca/0x280
[  738.917574][ T7135]  fib6_clean_node+0x167/0x280
[  738.917635][ T7135]  fib6_walk_continue+0x39c/0x440
[  738.917702][ T7135]  fib6_walk+0xc5/0x180
[  738.917720][ T7135]  ? __pfx_fib6_ifdown+0x10/0x10
[  738.917739][ T7135]  fib6_clean_all+0xca/0x140
[  738.917780][ T7135]  ? __pfx_fib6_clean_node+0x10/0x10
[  738.917800][ T7135]  ? __pfx_fib6_ifdown+0x10/0x10
[  738.917834][ T7135]  rt6_disable_ip+0xa6/0x580
[  738.917906][ T7135]  ? _raw_spin_unlock+0x26/0x50
[  738.917928][ T7135]  ? finish_task_switch+0xad/0x2b0
[  738.917946][ T7135]  addrconf_ifdown+0xa6/0xf30
[  738.917966][ T7135]  ? tls_dev_event+0x3d7/0x910
[  738.917996][ T7135]  addrconf_notify+0x222/0x930
[  738.918019][ T7135]  ? __pfx_addrconf_notify+0x10/0x10
[  738.918045][ T7135]  raw_notifier_call_chain+0x6f/0x1b0
[  738.918075][ T7135]  ? call_netdevice_notifiers_info+0x9c/0x100
[  738.918173][ T7135]  call_netdevice_notifiers_info+0xae/0x100
[  738.918202][ T7135]  netif_set_mtu_ext+0x356/0x470
[  738.918248][ T7135]  netif_set_mtu+0x4a/0xf0
[  738.918269][ T7135]  dev_set_mtu+0xc1/0x170
[  738.918368][ T7135]  dev_ifsioc+0x474/0xaa0
[  738.918392][ T7135]  ? __rcu_read_unlock+0x4f/0x70
[  738.918417][ T7135]  dev_ioctl+0x70a/0x960
[  738.918485][ T7135]  sock_do_ioctl+0x197/0x220
[  738.918514][ T7135]  sock_ioctl+0x41b/0x610
[  738.918539][ T7135]  ? __pfx_sock_ioctl+0x10/0x10
[  738.918562][ T7135]  __se_sys_ioctl+0xce/0x140
[  738.918612][ T7135]  __x64_sys_ioctl+0x43/0x50
[  738.918634][ T7135]  x64_sys_call+0x1816/0x2ff0
[  738.918652][ T7135]  do_syscall_64+0xd2/0x200
[  738.918680][ T7135]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  738.918703][ T7135]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  738.918806][ T7135]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  738.918824][ T7135] RIP: 0033:0x7ff2a554ec29
[  738.918837][ T7135] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  738.918853][ T7135] RSP: 002b:00007ff2a3faf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  738.918873][ T7135] RAX: ffffffffffffffda RBX: 00007ff2a5795fa0 RCX: 00007ff2a554ec29
[  738.918950][ T7135] RDX: 0000200000002280 RSI: 0000000000008922 RDI: 0000000000000007
[  738.918963][ T7135] RBP: 00007ff2a3faf090 R08: 0000000000000000 R09: 0000000000000000
[  738.918976][ T7135] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  738.918989][ T7135] R13: 00007ff2a5796038 R14: 00007ff2a5795fa0 R15: 00007ffefc10e7a8
[  738.919008][ T7135]  </TASK>
[  739.419307][ T7161] 9pnet: p9_errstr2errno: server reported unknown error 

[  739.469876][ T7164] net_ratelimit: 7 callbacks suppressed
[  739.469925][ T7164] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  740.140949][   T29] kauditd_printk_skb: 875 callbacks suppressed
[  740.140964][   T29] audit: type=1326 audit(740.128:72415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7222 comm="syz.3.13301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  740.217313][ T7236] SELinux: failed to load policy
[  740.222516][   T29] audit: type=1326 audit(740.128:72416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7222 comm="syz.3.13301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=127 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  740.245564][   T29] audit: type=1326 audit(740.128:72417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7222 comm="syz.3.13301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  740.269187][   T29] audit: type=1326 audit(740.228:72418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7239 comm="syz.3.13310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  740.292496][   T29] audit: type=1326 audit(740.228:72419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7239 comm="syz.3.13310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  740.315667][   T29] audit: type=1326 audit(740.228:72420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7239 comm="syz.3.13310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  740.338636][   T29] audit: type=1326 audit(740.228:72421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7239 comm="syz.3.13310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  740.361852][   T29] audit: type=1326 audit(740.228:72422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7239 comm="syz.3.13310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  740.384835][   T29] audit: type=1326 audit(740.228:72423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7239 comm="syz.3.13310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  740.407833][   T29] audit: type=1326 audit(740.228:72424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7239 comm="syz.3.13310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  740.521526][ T7256] netlink: 12 bytes leftover after parsing attributes in process `syz.0.13317'.
[  740.700594][ T7265] lo speed is unknown, defaulting to 1000
[  740.824205][ T7262] netlink: 'syz.4.13320': attribute type 1 has an invalid length.
[  740.832117][ T7262] netlink: 224 bytes leftover after parsing attributes in process `syz.4.13320'.
[  741.612503][ T7306] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[  741.659518][ T7310] netlink: 104 bytes leftover after parsing attributes in process `syz.3.13339'.
[  742.224941][ T7330] netlink: 132 bytes leftover after parsing attributes in process `syz.1.13346'.
[  742.425863][ T7341] SELinux: failed to load policy
[  742.577290][ T7357] netlink: 48 bytes leftover after parsing attributes in process `syz.2.13354'.
[  742.661460][ T7359] SELinux: failed to load policy
[  742.702821][ T7362] FAULT_INJECTION: forcing a failure.
[  742.702821][ T7362] name failslab, interval 1, probability 0, space 0, times 0
[  742.715583][ T7362] CPU: 1 UID: 0 PID: 7362 Comm: syz.4.13360 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  742.715618][ T7362] Tainted: [W]=WARN
[  742.715625][ T7362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  742.715638][ T7362] Call Trace:
[  742.715644][ T7362]  <TASK>
[  742.715653][ T7362]  __dump_stack+0x1d/0x30
[  742.715675][ T7362]  dump_stack_lvl+0xe8/0x140
[  742.715776][ T7362]  dump_stack+0x15/0x1b
[  742.715857][ T7362]  should_fail_ex+0x265/0x280
[  742.715878][ T7362]  should_failslab+0x8c/0xb0
[  742.715941][ T7362]  __kmalloc_cache_node_noprof+0x54/0x320
[  742.715966][ T7362]  ? __get_vm_area_node+0x106/0x1d0
[  742.715985][ T7362]  __get_vm_area_node+0x106/0x1d0
[  742.716031][ T7362]  __vmalloc_node_range_noprof+0x273/0xe00
[  742.716084][ T7362]  ? sel_write_load+0x158/0x380
[  742.716101][ T7362]  ? __rcu_read_unlock+0x4f/0x70
[  742.716115][ T7362]  ? sel_write_load+0x158/0x380
[  742.716184][ T7362]  vmalloc_noprof+0x82/0xc0
[  742.716201][ T7362]  ? sel_write_load+0x158/0x380
[  742.716214][ T7362]  sel_write_load+0x158/0x380
[  742.716249][ T7362]  ? __pfx_sel_write_load+0x10/0x10
[  742.716273][ T7362]  vfs_write+0x266/0x960
[  742.716291][ T7362]  ? __rcu_read_unlock+0x4f/0x70
[  742.716352][ T7362]  ? __fget_files+0x184/0x1c0
[  742.716439][ T7362]  ksys_write+0xda/0x1a0
[  742.716452][ T7362]  __x64_sys_write+0x40/0x50
[  742.716465][ T7362]  x64_sys_call+0x27fe/0x2ff0
[  742.716477][ T7362]  do_syscall_64+0xd2/0x200
[  742.716573][ T7362]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  742.716589][ T7362]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  742.716614][ T7362]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  742.716663][ T7362] RIP: 0033:0x7f601509ec29
[  742.716673][ T7362] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  742.716683][ T7362] RSP: 002b:00007f6013b07038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  742.716695][ T7362] RAX: ffffffffffffffda RBX: 00007f60152e5fa0 RCX: 00007f601509ec29
[  742.716703][ T7362] RDX: 000000000000ffa8 RSI: 0000200000000000 RDI: 0000000000000005
[  742.716735][ T7362] RBP: 00007f6013b07090 R08: 0000000000000000 R09: 0000000000000000
[  742.716742][ T7362] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  742.716749][ T7362] R13: 00007f60152e6038 R14: 00007f60152e5fa0 R15: 00007ffcbf93ab08
[  742.716775][ T7362]  </TASK>
[  742.716781][ T7362] syz.4.13360: vmalloc error: size 65448, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null)
[  742.787906][ T7360] s
z1: rxe_newlink: already configured on lo
[  742.792204][ T7362] ,cpuset=/,mems_allowed=0
[  742.972726][ T7362] CPU: 1 UID: 0 PID: 7362 Comm: syz.4.13360 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  742.972813][ T7362] Tainted: [W]=WARN
[  742.972818][ T7362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  742.972829][ T7362] Call Trace:
[  742.972835][ T7362]  <TASK>
[  742.972842][ T7362]  __dump_stack+0x1d/0x30
[  742.972861][ T7362]  dump_stack_lvl+0xe8/0x140
[  742.972877][ T7362]  dump_stack+0x15/0x1b
[  742.972891][ T7362]  warn_alloc+0x12b/0x1a0
[  742.972986][ T7362]  __vmalloc_node_range_noprof+0x297/0xe00
[  742.973073][ T7362]  ? __rcu_read_unlock+0x4f/0x70
[  742.973094][ T7362]  ? sel_write_load+0x158/0x380
[  742.973114][ T7362]  vmalloc_noprof+0x82/0xc0
[  742.973216][ T7362]  ? sel_write_load+0x158/0x380
[  742.973244][ T7362]  sel_write_load+0x158/0x380
[  742.973265][ T7362]  ? __pfx_sel_write_load+0x10/0x10
[  742.973286][ T7362]  vfs_write+0x266/0x960
[  742.973304][ T7362]  ? __rcu_read_unlock+0x4f/0x70
[  742.973321][ T7362]  ? __fget_files+0x184/0x1c0
[  742.973369][ T7362]  ksys_write+0xda/0x1a0
[  742.973389][ T7362]  __x64_sys_write+0x40/0x50
[  742.973408][ T7362]  x64_sys_call+0x27fe/0x2ff0
[  742.973426][ T7362]  do_syscall_64+0xd2/0x200
[  742.973467][ T7362]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  742.973541][ T7362]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  742.973566][ T7362]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  742.973584][ T7362] RIP: 0033:0x7f601509ec29
[  742.973597][ T7362] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  742.973687][ T7362] RSP: 002b:00007f6013b07038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  742.973702][ T7362] RAX: ffffffffffffffda RBX: 00007f60152e5fa0 RCX: 00007f601509ec29
[  742.973713][ T7362] RDX: 000000000000ffa8 RSI: 0000200000000000 RDI: 0000000000000005
[  742.973789][ T7362] RBP: 00007f6013b07090 R08: 0000000000000000 R09: 0000000000000000
[  742.973799][ T7362] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  742.973881][ T7362] R13: 00007f60152e6038 R14: 00007f60152e5fa0 R15: 00007ffcbf93ab08
[  742.973897][ T7362]  </TASK>
[  742.973904][ T7362] Mem-Info:
[  743.185081][ T7362] active_anon:8031 inactive_anon:20 isolated_anon:0
[  743.185081][ T7362]  active_file:22808 inactive_file:3362 isolated_file:0
[  743.185081][ T7362]  unevictable:0 dirty:706 writeback:0
[  743.185081][ T7362]  slab_reclaimable:3379 slab_unreclaimable:16214
[  743.185081][ T7362]  mapped:32922 shmem:3001 pagetables:1264
[  743.185081][ T7362]  sec_pagetables:0 bounce:0
[  743.185081][ T7362]  kernel_misc_reclaimable:0
[  743.185081][ T7362]  free:1841325 free_pcp:49073 free_cma:0
[  743.230245][ T7362] Node 0 active_anon:32124kB inactive_anon:80kB active_file:91232kB inactive_file:13448kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:131688kB dirty:2824kB writeback:0kB shmem:12004kB kernel_stack:4464kB pagetables:5056kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  743.257840][ T7362] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  743.286374][ T7362] lowmem_reserve[]: 0 2883 7862 7862
[  743.291668][ T7362] Node 0 DMA32 free:2949288kB boost:0kB min:4132kB low:7064kB high:9996kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2952820kB mlocked:0kB bounce:0kB free_pcp:3532kB local_pcp:0kB free_cma:0kB
[  743.321712][ T7362] lowmem_reserve[]: 0 0 4978 4978
[  743.326807][ T7362] Node 0 Normal free:4400652kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB free_highatomic:0KB active_anon:32124kB inactive_anon:80kB active_file:91232kB inactive_file:13448kB unevictable:0kB writepending:2824kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:192904kB local_pcp:95232kB free_cma:0kB
[  743.359019][ T7362] lowmem_reserve[]: 0 0 0 0
[  743.363541][ T7362] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  743.376250][ T7362] Node 0 DMA32: 4*4kB (M) 3*8kB (M) 4*16kB (M) 2*32kB (M) 4*64kB (M) 4*128kB (M) 3*256kB (M) 3*512kB (M) 3*1024kB (M) 3*2048kB (M) 717*4096kB (M) = 2949288kB
[  743.392346][ T7362] Node 0 Normal: 2440*4kB (UME) 830*8kB (UME) 383*16kB (UME) 269*32kB (UME) 191*64kB (UME) 204*128kB (UME) 319*256kB (UME) 138*512kB (UME) 91*1024kB (UME) 69*2048kB (UME) 963*4096kB (UM) = 4400736kB
[  743.412122][ T7362] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  743.421526][ T7362] 29140 total pagecache pages
[  743.426189][ T7362] 24 pages in swap cache
[  743.430455][ T7362] Free swap  = 124900kB
[  743.434597][ T7362] Total swap = 124996kB
[  743.438753][ T7362] 2097051 pages RAM
[  743.442561][ T7362] 0 pages HighMem/MovableOnly
[  743.447219][ T7362] 80446 pages reserved
[  743.497159][ T7371] netlink: 'syz.4.13364': attribute type 1 has an invalid length.
[  743.501259][ T7367] SELinux:  policydb magic number 0x7 does not match expected magic number 0xf97cff8c
[  743.505119][ T7371] netlink: 224 bytes leftover after parsing attributes in process `syz.4.13364'.
[  743.514848][ T7367] SELinux: failed to load policy
[  743.568794][ T7369] SELinux: failed to load policy
[  743.709713][ T7396] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  743.720860][ T7399] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  743.729826][ T7399] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  743.737739][ T7396] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  743.900831][ T7405] netlink: 16 bytes leftover after parsing attributes in process `syz.2.13379'.
[  744.678939][ T7407] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  744.691946][ T7411] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  744.771706][ T7412] lo speed is unknown, defaulting to 1000
[  744.781048][ T7407] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  744.833432][ T7411] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  744.851399][ T7407] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  744.881243][ T7411] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  744.903304][ T7407] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  744.928986][ T7411] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  744.966222][T19430] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  744.974859][T19430] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  744.990565][T19430] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  745.001749][T19430] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  745.017328][T19430] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  745.033981][T19430] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  745.050920][T19430] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  745.069013][T19430] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  745.191272][ T7424] netlink: 4 bytes leftover after parsing attributes in process `syz.2.13384'.
[  745.201114][ T7424] netlink: 12 bytes leftover after parsing attributes in process `syz.2.13384'.
[  745.216450][ T7424] netlink: 156 bytes leftover after parsing attributes in process `syz.2.13384'.
[  745.419691][   T29] kauditd_printk_skb: 716 callbacks suppressed
[  745.419706][   T29] audit: type=1400 audit(745.408:73141): avc:  denied  { listen } for  pid=7433 comm="syz.2.13387" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  745.528623][   T29] audit: type=1326 audit(745.518:73142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7438 comm="syz.2.13389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2a554ec29 code=0x7ffc0000
[  745.552082][   T29] audit: type=1326 audit(745.518:73143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7438 comm="syz.2.13389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2a554ec29 code=0x7ffc0000
[  745.575124][   T29] audit: type=1326 audit(745.518:73144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7438 comm="syz.2.13389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7ff2a554ec29 code=0x7ffc0000
[  745.598267][   T29] audit: type=1326 audit(745.518:73145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7438 comm="syz.2.13389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2a554ec29 code=0x7ffc0000
[  745.621318][   T29] audit: type=1326 audit(745.518:73146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7438 comm="syz.2.13389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff2a554ec29 code=0x7ffc0000
[  745.644336][   T29] audit: type=1326 audit(745.518:73147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7438 comm="syz.2.13389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2a554ec29 code=0x7ffc0000
[  745.667281][   T29] audit: type=1326 audit(745.518:73148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7438 comm="syz.2.13389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff2a554ec29 code=0x7ffc0000
[  745.690220][   T29] audit: type=1326 audit(745.518:73149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7438 comm="syz.2.13389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2a554ec29 code=0x7ffc0000
[  745.713231][   T29] audit: type=1326 audit(745.518:73150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7438 comm="syz.2.13389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2a554ec29 code=0x7ffc0000
[  746.078955][ T7474] rdma_rxe: rxe_newlink: failed to add lo
[  746.193478][ T7499] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[  746.280668][ T7509] SELinux: failed to load policy
[  746.310085][ T7511] netlink: 'syz.2.13421': attribute type 1 has an invalid length.
[  746.317973][ T7511] netlink: 224 bytes leftover after parsing attributes in process `syz.2.13421'.
[  746.373351][ T7517] netlink: 4 bytes leftover after parsing attributes in process `@'.
[  746.498453][ T7521] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[  746.786085][ T7532] SELinux: failed to load policy
[  746.807799][ T7536] netlink: 'syz.0.13432': attribute type 1 has an invalid length.
[  746.815683][ T7536] netlink: 224 bytes leftover after parsing attributes in process `syz.0.13432'.
[  746.828445][ T7540] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  746.843980][ T7540] SELinux: failed to load policy
[  746.911953][ T7551] syzkaller0: entered promiscuous mode
[  746.917504][ T7551] syzkaller0: entered allmulticast mode
[  746.939691][ T7558] FAULT_INJECTION: forcing a failure.
[  746.939691][ T7558] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  746.945088][ T7556] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  746.952850][ T7558] CPU: 0 UID: 0 PID: 7558 Comm: @ Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  746.952896][ T7558] Tainted: [W]=WARN
[  746.952903][ T7558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  746.952916][ T7558] Call Trace:
[  746.952922][ T7558]  <TASK>
[  746.952931][ T7558]  __dump_stack+0x1d/0x30
[  746.952954][ T7558]  dump_stack_lvl+0xe8/0x140
[  746.953036][ T7558]  dump_stack+0x15/0x1b
[  746.953053][ T7558]  should_fail_ex+0x265/0x280
[  746.953076][ T7558]  should_fail+0xb/0x20
[  746.953097][ T7558]  should_fail_usercopy+0x1a/0x20
[  746.953189][ T7558]  _copy_to_user+0x20/0xa0
[  746.953219][ T7558]  simple_read_from_buffer+0xb5/0x130
[  746.953242][ T7558]  proc_fail_nth_read+0x10e/0x150
[  746.953270][ T7558]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  746.953305][ T7558]  vfs_read+0x1a5/0x770
[  746.953326][ T7558]  ? __rcu_read_unlock+0x4f/0x70
[  746.953349][ T7558]  ? __fget_files+0x184/0x1c0
[  746.953448][ T7558]  ksys_read+0xda/0x1a0
[  746.953471][ T7558]  __x64_sys_read+0x40/0x50
[  746.953492][ T7558]  x64_sys_call+0x27bc/0x2ff0
[  746.953513][ T7558]  do_syscall_64+0xd2/0x200
[  746.953565][ T7558]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  746.953588][ T7558]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  746.953616][ T7558]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  746.953714][ T7558] RIP: 0033:0x7f38625ed63c
[  746.953764][ T7558] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  746.953829][ T7558] RSP: 002b:00007f386104f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  746.953847][ T7558] RAX: ffffffffffffffda RBX: 00007f3862835fa0 RCX: 00007f38625ed63c
[  746.953860][ T7558] RDX: 000000000000000f RSI: 00007f386104f0a0 RDI: 0000000000000005
[  746.953872][ T7558] RBP: 00007f386104f090 R08: 0000000000000000 R09: 0000000000000000
[  746.953884][ T7558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  746.953897][ T7558] R13: 00007f3862836038 R14: 00007f3862835fa0 R15: 00007ffca2ddd9a8
[  746.953915][ T7558]  </TASK>
[  746.967422][ T7560] syz.4.13445 (7560) used obsolete PPPIOCDETACH ioctl
[  746.972202][ T7556] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  747.343341][ T7578] netlink: 'syz.4.13451': attribute type 1 has an invalid length.
[  747.351280][ T7578] netlink: 224 bytes leftover after parsing attributes in process `syz.4.13451'.
[  747.408883][ T7581] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  747.425771][ T7580] netlink: 4 bytes leftover after parsing attributes in process `syz.4.13452'.
[  747.539946][ T7581] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  747.580324][ T7581] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  747.636425][ T7590] netem: change failed
[  747.669733][ T7581] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  747.848158][T19455] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  747.857984][T19455] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  747.883840][T19455] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  747.894317][T19455] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  748.028599][ T7606] netlink: 8 bytes leftover after parsing attributes in process `syz.1.13462'.
[  748.344601][ T7625] veth0: entered promiscuous mode
[  748.919975][ T7641] __nla_validate_parse: 5 callbacks suppressed
[  748.919986][ T7641] netlink: 4 bytes leftover after parsing attributes in process `syz.4.13478'.
[  748.936466][ T7641] netlink: 12 bytes leftover after parsing attributes in process `syz.4.13478'.
[  749.055974][ T7654] netlink: 12 bytes leftover after parsing attributes in process `syz.1.13483'.
[  749.073941][ T7654] netlink: 12 bytes leftover after parsing attributes in process `syz.1.13483'.
[  749.101024][ T7654] netlink: 12 bytes leftover after parsing attributes in process `syz.1.13483'.
[  749.115742][ T7664] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  749.123665][ T7664] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  749.129129][ T7666] netlink: 4 bytes leftover after parsing attributes in process `syz.1.13487'.
[  749.131433][ T7664] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  749.148125][ T7664] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  749.155865][ T7664] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  749.163634][ T7664] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  749.171485][ T7664] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  749.174692][ T7668] FAULT_INJECTION: forcing a failure.
[  749.174692][ T7668] name failslab, interval 1, probability 0, space 0, times 0
[  749.179273][ T7664] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  749.191920][ T7668] CPU: 1 UID: 0 PID: 7668 Comm: syz.1.13488 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  749.191992][ T7668] Tainted: [W]=WARN
[  749.191999][ T7668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  749.192011][ T7668] Call Trace:
[  749.192018][ T7668]  <TASK>
[  749.192027][ T7668]  __dump_stack+0x1d/0x30
[  749.192048][ T7668]  dump_stack_lvl+0xe8/0x140
[  749.192138][ T7668]  dump_stack+0x15/0x1b
[  749.192154][ T7668]  should_fail_ex+0x265/0x280
[  749.192246][ T7668]  should_failslab+0x8c/0xb0
[  749.192386][ T7668]  __kmalloc_noprof+0xa5/0x3e0
[  749.192412][ T7668]  ? iter_file_splice_write+0xf9/0xa60
[  749.192433][ T7668]  iter_file_splice_write+0xf9/0xa60
[  749.192454][ T7668]  ? atime_needs_update+0x3be/0x3e0
[  749.192501][ T7668]  ? shmem_file_splice_read+0x5c2/0x600
[  749.192572][ T7668]  ? __pfx_iter_file_splice_write+0x10/0x10
[  749.192667][ T7668]  direct_splice_actor+0x156/0x2a0
[  749.192688][ T7668]  ? shmem_mmap+0x61/0xb0
[  749.192708][ T7668]  splice_direct_to_actor+0x312/0x680
[  749.192729][ T7668]  ? __pfx_direct_splice_actor+0x10/0x10
[  749.192801][ T7668]  do_splice_direct+0xda/0x150
[  749.192821][ T7668]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  749.192846][ T7668]  do_sendfile+0x380/0x650
[  749.192883][ T7668]  __x64_sys_sendfile64+0x105/0x150
[  749.192916][ T7668]  x64_sys_call+0x2bb0/0x2ff0
[  749.192936][ T7668]  do_syscall_64+0xd2/0x200
[  749.192967][ T7668]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  749.193057][ T7668]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  749.193086][ T7668]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  749.193107][ T7668] RIP: 0033:0x7f38625eec29
[  749.193123][ T7668] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  749.193141][ T7668] RSP: 002b:00007f386104f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  749.193176][ T7668] RAX: ffffffffffffffda RBX: 00007f3862835fa0 RCX: 00007f38625eec29
[  749.193189][ T7668] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000005
[  749.193201][ T7668] RBP: 00007f386104f090 R08: 0000000000000000 R09: 0000000000000000
[  749.193213][ T7668] R10: 000000007ffff019 R11: 0000000000000246 R12: 0000000000000001
[  749.193226][ T7668] R13: 00007f3862836038 R14: 00007f3862835fa0 R15: 00007ffca2ddd9a8
[  749.193308][ T7668]  </TASK>
[  749.224187][ T7671] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  749.224877][ T7664] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  749.533422][ T7694] netlink: 4 bytes leftover after parsing attributes in process `syz.3.13499'.
[  749.584813][ T7696] SELinux: failed to load policy
[  749.651883][ T7708] 9pnet_fd: Insufficient options for proto=fd
[  749.665168][ T7706] netlink: 'syz.4.13504': attribute type 1 has an invalid length.
[  749.673157][ T7706] netlink: 224 bytes leftover after parsing attributes in process `syz.4.13504'.
[  749.814356][ T7724] SELinux: failed to load policy
[  750.124350][ T7765] SELinux: failed to load policy
[  750.193674][ T7767] lo speed is unknown, defaulting to 1000
[  750.297497][ T7779] netlink: 8 bytes leftover after parsing attributes in process `syz.0.13538'.
[  750.445874][   T29] kauditd_printk_skb: 740 callbacks suppressed
[  750.445886][   T29] audit: type=1326 audit(1263.423:73891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7785 comm="syz.0.13541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7a5afec29 code=0x7ffc0000
[  750.478938][   T29] audit: type=1326 audit(1263.453:73892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7785 comm="syz.0.13541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7a5afec29 code=0x7ffc0000
[  750.502093][   T29] audit: type=1326 audit(1263.453:73893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7785 comm="syz.0.13541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff7a5afec29 code=0x7ffc0000
[  750.525260][   T29] audit: type=1326 audit(1263.453:73894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7785 comm="syz.0.13541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7a5afec29 code=0x7ffc0000
[  750.535888][ T7775] netlink: 4 bytes leftover after parsing attributes in process `syz.2.13537'.
[  750.548446][   T29] audit: type=1326 audit(1263.453:73895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7785 comm="syz.0.13541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=115 compat=0 ip=0x7ff7a5afec29 code=0x7ffc0000
[  750.580348][   T29] audit: type=1326 audit(1263.453:73896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7785 comm="syz.0.13541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7a5afec29 code=0x7ffc0000
[  750.603455][   T29] audit: type=1326 audit(1263.453:73897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7785 comm="syz.0.13541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7ff7a5afec29 code=0x7ffc0000
[  750.626456][   T29] audit: type=1326 audit(1263.453:73898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7785 comm="syz.0.13541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7a5afec29 code=0x7ffc0000
[  750.649553][   T29] audit: type=1326 audit(1263.453:73899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7785 comm="syz.0.13541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff7a5afec29 code=0x7ffc0000
[  750.672503][   T29] audit: type=1326 audit(1263.453:73900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7785 comm="syz.0.13541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7a5afec29 code=0x7ffc0000
[  751.329214][ T7861] lo speed is unknown, defaulting to 1000
[  751.869448][ T7903] sctp: [Deprecated]: syz.0.13585 (pid 7903) Use of int in max_burst socket option.
[  751.869448][ T7903] Use struct sctp_assoc_value instead
[  752.212921][ T7933] netlink: 'syz.2.13597': attribute type 1 has an invalid length.
[  752.354498][ T7937] SELinux: failed to load policy
[  752.455918][ T7912] 9pnet_fd: Insufficient options for proto=fd
[  753.084810][ T7996] s
z1: rxe_newlink: already configured on lo
[  753.363943][ T8011] SELinux: failed to load policy
[  753.979061][ T8048] __nla_validate_parse: 18 callbacks suppressed
[  753.979127][ T8048] netlink: 12 bytes leftover after parsing attributes in process `syz.3.13646'.
[  754.052805][ T8032] netlink: 12 bytes leftover after parsing attributes in process `syz.1.13639'.
[  754.086626][ T8056] netlink: 4 bytes leftover after parsing attributes in process `syz.3.13648'.
[  754.289584][ T8075] netlink: 12 bytes leftover after parsing attributes in process `syz.1.13657'.
[  754.541780][ T8106] netlink: 12 bytes leftover after parsing attributes in process `syz.1.13669'.
[  754.741901][ T8121] lo speed is unknown, defaulting to 1000
[  754.949987][ T8135] netlink: 12 bytes leftover after parsing attributes in process `syz.1.13679'.
[  754.969094][ T8135] netlink: 12 bytes leftover after parsing attributes in process `syz.1.13679'.
[  754.998886][ T8135] netlink: 12 bytes leftover after parsing attributes in process `syz.1.13679'.
[  755.119723][ T8147] netlink: 'syz.2.13684': attribute type 1 has an invalid length.
[  755.127676][ T8147] netlink: 224 bytes leftover after parsing attributes in process `syz.2.13684'.
[  755.170807][ T8154] netlink: 10 bytes leftover after parsing attributes in process `syz.2.13687'.
[  755.274760][ T8168] serio: Serial port ptm0
[  755.375298][ T8180] FAULT_INJECTION: forcing a failure.
[  755.375298][ T8180] name failslab, interval 1, probability 0, space 0, times 0
[  755.375386][ T8180] CPU: 0 UID: 0 PID: 8180 Comm: syz.4.13692 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  755.375472][ T8180] Tainted: [W]=WARN
[  755.375478][ T8180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  755.375488][ T8180] Call Trace:
[  755.375493][ T8180]  <TASK>
[  755.375557][ T8180]  __dump_stack+0x1d/0x30
[  755.375575][ T8180]  dump_stack_lvl+0xe8/0x140
[  755.375686][ T8180]  dump_stack+0x15/0x1b
[  755.375701][ T8180]  should_fail_ex+0x265/0x280
[  755.375771][ T8180]  ? vc_allocate+0x105/0x3d0
[  755.375836][ T8180]  should_failslab+0x8c/0xb0
[  755.375856][ T8180]  __kmalloc_cache_noprof+0x4c/0x320
[  755.375995][ T8180]  vc_allocate+0x105/0x3d0
[  755.376019][ T8180]  ? down+0x48/0x60
[  755.376116][ T8180]  con_install+0x34/0x2a0
[  755.376134][ T8180]  tty_init_dev+0x7c/0x330
[  755.376160][ T8180]  tty_open+0x6cc/0xaf0
[  755.376228][ T8180]  chrdev_open+0x2e8/0x3a0
[  755.376250][ T8180]  do_dentry_open+0x649/0xa20
[  755.376275][ T8180]  ? __pfx_chrdev_open+0x10/0x10
[  755.376299][ T8180]  vfs_open+0x37/0x1e0
[  755.376389][ T8180]  path_openat+0x1c5e/0x2170
[  755.376478][ T8180]  do_filp_open+0x109/0x230
[  755.376500][ T8180]  do_sys_openat2+0xa6/0x110
[  755.376527][ T8180]  __x64_sys_openat+0xf2/0x120
[  755.376578][ T8180]  x64_sys_call+0x2e9c/0x2ff0
[  755.376598][ T8180]  do_syscall_64+0xd2/0x200
[  755.376623][ T8180]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  755.376646][ T8180]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  755.376750][ T8180]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  755.376770][ T8180] RIP: 0033:0x7f601509d590
[  755.376783][ T8180] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[  755.376797][ T8180] RSP: 002b:00007f6013ac4b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  755.376868][ T8180] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f601509d590
[  755.376881][ T8180] RDX: 0000000000000002 RSI: 00007f6013ac4c10 RDI: 00000000ffffff9c
[  755.376894][ T8180] RBP: 00007f6013ac4c10 R08: 0000000000000000 R09: 00007f6013ac4986
[  755.376908][ T8180] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  755.376920][ T8180] R13: 00007f60152e6218 R14: 00007f60152e6180 R15: 00007ffcbf93ab08
[  755.376938][ T8180]  </TASK>
[  755.527759][   T29] kauditd_printk_skb: 723 callbacks suppressed
[  755.527773][   T29] audit: type=1326 audit(1268.513:74624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8187 comm="syz.3.13699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  755.529066][   T29] audit: type=1326 audit(1268.513:74625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8187 comm="syz.3.13699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=198 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  755.529212][   T29] audit: type=1326 audit(1268.513:74626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8187 comm="syz.3.13699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  755.529350][   T29] audit: type=1326 audit(1268.513:74627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8187 comm="syz.3.13699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  755.529573][   T29] audit: type=1326 audit(1268.513:74628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8187 comm="syz.3.13699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  755.529955][   T29] audit: type=1326 audit(1268.513:74629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8187 comm="syz.3.13699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  755.530111][   T29] audit: type=1326 audit(1268.513:74630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8187 comm="syz.3.13699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  755.531058][   T29] audit: type=1326 audit(1268.513:74631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8187 comm="syz.3.13699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  755.531239][   T29] audit: type=1326 audit(1268.513:74632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8187 comm="syz.3.13699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  755.531474][   T29] audit: type=1326 audit(1268.513:74633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8187 comm="syz.3.13699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff95335ec29 code=0x7ffc0000
[  755.539800][ T8186] infiniband syz!: set active
[  755.539817][ T8186] infiniband syz!: added team_slave_0
[  755.554252][ T8186] RDS/IB: syz!: added
[  755.554268][ T8186] smc: adding ib device syz! with port count 1
[  755.554286][ T8186] smc:    ib device syz! port 1 has pnetid 
[  755.766932][ T8194] FAULT_INJECTION: forcing a failure.
[  755.766932][ T8194] name failslab, interval 1, probability 0, space 0, times 0
[  755.766977][ T8194] CPU: 0 UID: 0 PID: 8194 Comm: +}[@ Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  755.767076][ T8194] Tainted: [W]=WARN
[  755.767082][ T8194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  755.767093][ T8194] Call Trace:
[  755.767099][ T8194]  <TASK>
[  755.767108][ T8194]  __dump_stack+0x1d/0x30
[  755.767161][ T8194]  dump_stack_lvl+0xe8/0x140
[  755.767185][ T8194]  dump_stack+0x15/0x1b
[  755.767244][ T8194]  should_fail_ex+0x265/0x280
[  755.767268][ T8194]  ? audit_log_d_path+0x8d/0x150
[  755.767345][ T8194]  should_failslab+0x8c/0xb0
[  755.767371][ T8194]  __kmalloc_cache_noprof+0x4c/0x320
[  755.767437][ T8194]  audit_log_d_path+0x8d/0x150
[  755.767493][ T8194]  audit_log_d_path_exe+0x42/0x70
[  755.767526][ T8194]  audit_log_task+0x1e9/0x250
[  755.767553][ T8194]  audit_seccomp+0x61/0x100
[  755.767575][ T8194]  ? __seccomp_filter+0x68c/0x10d0
[  755.767601][ T8194]  __seccomp_filter+0x69d/0x10d0
[  755.767620][ T8194]  ? mt_find+0x200/0x320
[  755.767642][ T8194]  __secure_computing+0x82/0x150
[  755.767660][ T8194]  syscall_trace_enter+0xcf/0x1e0
[  755.767709][ T8194]  do_syscall_64+0xac/0x200
[  755.767735][ T8194]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  755.767755][ T8194]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  755.767832][ T8194]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  755.767851][ T8194] RIP: 0033:0x7ff7a5afd63c
[  755.767872][ T8194] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  755.767889][ T8194] RSP: 002b:00007ff7a455f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  755.767909][ T8194] RAX: ffffffffffffffda RBX: 00007ff7a5d45fa0 RCX: 00007ff7a5afd63c
[  755.767949][ T8194] RDX: 000000000000000f RSI: 00007ff7a455f0a0 RDI: 000000000000000a
[  755.767960][ T8194] RBP: 00007ff7a455f090 R08: 0000000000000000 R09: 0000000000000000
[  755.767971][ T8194] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  755.767982][ T8194] R13: 00007ff7a5d46038 R14: 00007ff7a5d45fa0 R15: 00007ffffa8c4ff8
[  755.767999][ T8194]  </TASK>
[  756.639343][ T8251] syzkaller0: entered promiscuous mode
[  756.644843][ T8251] syzkaller0: entered allmulticast mode
[  757.053114][ T8296] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  757.280725][ T8303] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  757.493109][ T8322] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  757.570509][ T8325] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  757.579090][ T8325] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  757.719207][ T8326] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  758.453748][ T8328] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  758.539809][ T8326] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  758.579797][ T8328] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  758.619349][ T8326] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  758.649161][ T8328] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  758.699334][ T8326] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  758.719060][ T8328] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  758.774245][T19450] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  758.783433][T19450] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  758.792730][T19450] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  758.814005][T19450] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  758.824917][T19450] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  758.833250][T19450] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  758.856730][T19450] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  758.879308][T19450] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  758.996510][ T8394] FAULT_INJECTION: forcing a failure.
[  758.996510][ T8394] name failslab, interval 1, probability 0, space 0, times 0
[  759.009294][ T8394] CPU: 0 UID: 0 PID: 8394 Comm: syz.2.13785 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  759.009324][ T8394] Tainted: [W]=WARN
[  759.009331][ T8394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  759.009342][ T8394] Call Trace:
[  759.009348][ T8394]  <TASK>
[  759.009355][ T8394]  __dump_stack+0x1d/0x30
[  759.009376][ T8394]  dump_stack_lvl+0xe8/0x140
[  759.009454][ T8394]  dump_stack+0x15/0x1b
[  759.009471][ T8394]  should_fail_ex+0x265/0x280
[  759.009490][ T8394]  ? rtnl_newlink+0x5c/0x12d0
[  759.009516][ T8394]  should_failslab+0x8c/0xb0
[  759.009541][ T8394]  __kmalloc_cache_noprof+0x4c/0x320
[  759.009637][ T8394]  rtnl_newlink+0x5c/0x12d0
[  759.009666][ T8394]  ? __bpf_ringbuf_reserve+0x413/0x530
[  759.009685][ T8394]  ? __rcu_read_unlock+0x4f/0x70
[  759.009703][ T8394]  ? __perf_event_task_sched_in+0xa5b/0xac0
[  759.009783][ T8394]  ? xfd_validate_state+0x45/0xf0
[  759.009812][ T8394]  ? __rcu_read_unlock+0x4f/0x70
[  759.009830][ T8394]  ? avc_has_perm_noaudit+0x1b1/0x200
[  759.009875][ T8394]  ? cred_has_capability+0x210/0x280
[  759.009939][ T8394]  ? selinux_capable+0x31/0x40
[  759.009963][ T8394]  ? security_capable+0x83/0x90
[  759.009984][ T8394]  ? ns_capable+0x7d/0xb0
[  759.010001][ T8394]  ? __pfx_rtnl_newlink+0x10/0x10
[  759.010105][ T8394]  rtnetlink_rcv_msg+0x5fe/0x6d0
[  759.010154][ T8394]  netlink_rcv_skb+0x123/0x220
[  759.010250][ T8394]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  759.010280][ T8394]  rtnetlink_rcv+0x1c/0x30
[  759.010304][ T8394]  netlink_unicast+0x5bd/0x690
[  759.010325][ T8394]  netlink_sendmsg+0x58b/0x6b0
[  759.010404][ T8394]  ? __pfx_netlink_sendmsg+0x10/0x10
[  759.010425][ T8394]  __sock_sendmsg+0x142/0x180
[  759.010452][ T8394]  ____sys_sendmsg+0x31e/0x4e0
[  759.010537][ T8394]  ___sys_sendmsg+0x17b/0x1d0
[  759.010570][ T8394]  __x64_sys_sendmsg+0xd4/0x160
[  759.010594][ T8394]  x64_sys_call+0x191e/0x2ff0
[  759.010612][ T8394]  do_syscall_64+0xd2/0x200
[  759.010696][ T8394]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  759.010716][ T8394]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  759.010798][ T8394]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  759.010816][ T8394] RIP: 0033:0x7ff2a554ec29
[  759.010830][ T8394] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  759.010844][ T8394] RSP: 002b:00007ff2a3faf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  759.010908][ T8394] RAX: ffffffffffffffda RBX: 00007ff2a5795fa0 RCX: 00007ff2a554ec29
[  759.010919][ T8394] RDX: 0000000024004004 RSI: 0000200000000000 RDI: 0000000000000005
[  759.010930][ T8394] RBP: 00007ff2a3faf090 R08: 0000000000000000 R09: 0000000000000000
[  759.010946][ T8394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  759.010957][ T8394] R13: 00007ff2a5796038 R14: 00007ff2a5795fa0 R15: 00007ffefc10e7a8
[  759.010973][ T8394]  </TASK>
[  759.386806][ T8413] tun0: tun_chr_ioctl cmd 1074812118
[  759.707099][ T8435] vhci_hcd: invalid port number 15
[  759.712281][ T8435] vhci_hcd: default hub control req: 6031 v0000 i000f l0
[  760.165884][ T8439] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  760.337188][ T8449] syzkaller1: entered promiscuous mode
[  760.342759][ T8449] syzkaller1: entered allmulticast mode
[  760.480514][ T8459] __nla_validate_parse: 6 callbacks suppressed
[  760.480528][ T8459] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13811'.
[  760.520675][ T8466] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  760.549315][ T8466] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  760.642307][ T8466] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  760.677748][ T8473] FAULT_INJECTION: forcing a failure.
[  760.677748][ T8473] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  760.690923][ T8473] CPU: 0 UID: 0 PID: 8473 Comm: syz.1.13815 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  760.690958][ T8473] Tainted: [W]=WARN
[  760.690964][ T8473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  760.690978][ T8473] Call Trace:
[  760.690984][ T8473]  <TASK>
[  760.690997][ T8473]  __dump_stack+0x1d/0x30
[  760.691019][ T8473]  dump_stack_lvl+0xe8/0x140
[  760.691040][ T8473]  dump_stack+0x15/0x1b
[  760.691058][ T8473]  should_fail_ex+0x265/0x280
[  760.691124][ T8473]  should_fail+0xb/0x20
[  760.691142][ T8473]  should_fail_usercopy+0x1a/0x20
[  760.691168][ T8473]  _copy_to_user+0x20/0xa0
[  760.691199][ T8473]  simple_read_from_buffer+0xb5/0x130
[  760.691258][ T8473]  proc_fail_nth_read+0x10e/0x150
[  760.691282][ T8473]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  760.691303][ T8473]  vfs_read+0x1a5/0x770
[  760.691320][ T8473]  ? bpf_trace_run2+0x124/0x1c0
[  760.691413][ T8473]  ? __rcu_read_unlock+0x4f/0x70
[  760.691434][ T8473]  ? __fget_files+0x184/0x1c0
[  760.691463][ T8473]  ksys_read+0xda/0x1a0
[  760.691482][ T8473]  __x64_sys_read+0x40/0x50
[  760.691550][ T8473]  x64_sys_call+0x27bc/0x2ff0
[  760.691573][ T8473]  do_syscall_64+0xd2/0x200
[  760.691602][ T8473]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  760.691658][ T8473]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  760.691689][ T8473]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  760.691805][ T8473] RIP: 0033:0x7f38625ed63c
[  760.691872][ T8473] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  760.691887][ T8473] RSP: 002b:00007f386104f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  760.691940][ T8473] RAX: ffffffffffffffda RBX: 00007f3862835fa0 RCX: 00007f38625ed63c
[  760.691954][ T8473] RDX: 000000000000000f RSI: 00007f386104f0a0 RDI: 0000000000000004
[  760.692039][ T8473] RBP: 00007f386104f090 R08: 0000000000000000 R09: 0000000000000000
[  760.692052][ T8473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  760.692065][ T8473] R13: 00007f3862836038 R14: 00007f3862835fa0 R15: 00007ffca2ddd9a8
[  760.692150][ T8473]  </TASK>
[  760.995159][ T8466] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  761.131496][T19450] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  761.160900][T19450] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  761.195420][T19450] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  761.220077][T19450] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  761.278869][ T8462] netlink: 12 bytes leftover after parsing attributes in process `syz.2.13812'.
[  761.423673][ T8483] netlink: 16 bytes leftover after parsing attributes in process `syz.0.13820'.
[  761.432769][ T8483] netlink: 4 bytes leftover after parsing attributes in process `syz.0.13820'.
[  761.442746][   T29] kauditd_printk_skb: 675 callbacks suppressed
[  761.442758][   T29] audit: type=1326 audit(1274.403:75309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8482 comm="syz.0.13820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7a5afec29 code=0x7ffc0000
[  761.472052][   T29] audit: type=1326 audit(1274.403:75310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8482 comm="syz.0.13820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7a5afec29 code=0x7ffc0000
[  761.495321][   T29] audit: type=1326 audit(1274.403:75311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8482 comm="syz.0.13820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff7a5afec29 code=0x7ffc0000
[  761.518513][   T29] audit: type=1326 audit(1274.403:75312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8482 comm="syz.0.13820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7a5afec29 code=0x7ffc0000
[  761.541791][   T29] audit: type=1326 audit(1274.403:75313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8482 comm="syz.0.13820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7a5afec29 code=0x7ffc0000
[  761.564903][   T29] audit: type=1326 audit(1274.403:75314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8482 comm="syz.0.13820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7ff7a5afec29 code=0x7ffc0000
[  761.588127][   T29] audit: type=1326 audit(1274.403:75315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8482 comm="syz.0.13820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7a5afec29 code=0x7ffc0000
[  761.611203][   T29] audit: type=1326 audit(1274.403:75316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8482 comm="syz.0.13820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff7a5afec29 code=0x7ffc0000
[  761.634302][   T29] audit: type=1326 audit(1274.403:75317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8482 comm="syz.0.13820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7a5afec29 code=0x7ffc0000
[  761.657440][   T29] audit: type=1326 audit(1274.403:75318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8482 comm="syz.0.13820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff7a5afec29 code=0x7ffc0000
[  761.890229][ T8520] pim6reg: entered allmulticast mode
[  761.898042][ T8520] pim6reg: left allmulticast mode
[  761.974862][ T8520] bridge0: port 3(gretap0) entered disabled state
[  761.995007][ T8520] bridge0: port 2(bridge_slave_1) entered disabled state
[  762.002243][ T8520] bridge0: port 1(bridge_slave_0) entered disabled state
[  762.044702][ T8520] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  762.066524][ T8526] netlink: 12 bytes leftover after parsing attributes in process `syz.3.13834'.
[  762.092843][ T8520] syzkaller0: left promiscuous mode
[  762.098094][ T8520] syzkaller0: left allmulticast mode
[  762.122741][T19435] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  762.140225][T19435] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  762.157924][T19435] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  762.176823][T19435] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  762.560049][ T8563] pim6reg: entered allmulticast mode
[  762.576295][ T8563] pim6reg: left allmulticast mode
[  762.644605][ T8570] bridge0: port 3(gretap0) entered disabled state
[  762.682293][ T8570] bridge0: port 2(bridge_slave_1) entered disabled state
[  762.689484][ T8570] bridge0: port 1(bridge_slave_0) entered disabled state
[  762.746175][ T8570] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  762.770113][ T8581] netlink: 4 bytes leftover after parsing attributes in process `syz.4.13861'.
[  762.785803][T21110] lo speed is unknown, defaulting to 1000
[  762.791565][T21110] s
z1: Port: 1 Link DOWN
[  762.798942][ T8574] geneve2: entered promiscuous mode
[  762.804178][ T8574] geneve2: entered allmulticast mode
[  762.815021][ T8578] netlink: 12 bytes leftover after parsing attributes in process `syz.0.13860'.
[  762.824082][T19450] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  762.833771][T21110] lo speed is unknown, defaulting to 1000
[  762.839959][T19450] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  762.857600][T19450] netdevsim netdevsim3 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  762.876578][T19450] netdevsim netdevsim3 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  762.896028][T19450] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[  762.916847][T19450] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[  762.943402][T19450] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[  762.943446][T19450] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[  762.943510][ T8588] ==================================================================
[  762.943538][ T8588] BUG: KCSAN: data-race in _prb_read_valid / data_alloc
[  762.943577][ T8588] 
[  762.943584][ T8588] write to 0xffffffff86882730 of 8 bytes by task 19450 on cpu 0:
[  762.943599][ T8588]  data_alloc+0x271/0x2b0
[  762.943621][ T8588]  prb_reserve+0x808/0xaf0
[  762.943644][ T8588]  vprintk_store+0x56d/0x860
[  762.943658][ T8588]  vprintk_emit+0x178/0x650
[  762.943674][ T8588]  dev_vprintk_emit+0x242/0x2a0
[  762.943695][ T8588]  dev_printk_emit+0x84/0xb0
[  762.943714][ T8588]  __netdev_printk+0x35c/0x3e0
[  762.943740][ T8588]  netdev_info+0x9b/0xd0
[  762.943763][ T8588]  nsim_udp_tunnel_set_port+0x13b/0x160
[  762.943782][ T8588]  __udp_tunnel_nic_device_sync+0x567/0x9c0
[  762.943801][ T8588]  udp_tunnel_nic_device_sync_work+0x5d/0x5f0
[  762.943822][ T8588]  process_scheduled_works+0x4cb/0x9d0
[  762.943850][ T8588]  worker_thread+0x582/0x770
[  762.943876][ T8588]  kthread+0x489/0x510
[  762.943894][ T8588]  ret_from_fork+0x11f/0x1b0
[  762.943913][ T8588]  ret_from_fork_asm+0x1a/0x30
[  762.943934][ T8588] 
[  762.943940][ T8588] read to 0xffffffff86882730 of 16 bytes by task 8588 on cpu 1:
[  762.943956][ T8588]  _prb_read_valid+0x1bc/0x920
[  762.943981][ T8588]  prb_read_valid+0x3c/0x60
[  762.944007][ T8588]  printk_get_next_message+0xc8/0x510
[  762.944029][ T8588]  console_flush_all+0x290/0x730
[  762.944049][ T8588]  console_unlock+0xa1/0x330
[  762.944066][ T8588]  do_con_write+0x28d7/0x2940
[  762.944088][ T8588]  con_write+0x24/0x40
[  762.944108][ T8588]  n_tty_write+0x7d0/0xb50
[  762.944130][ T8588]  file_tty_write+0x370/0x690
[  762.944160][ T8588]  tty_write+0x25/0x30
[  762.944188][ T8588]  vfs_write+0x527/0x960
[  762.944209][ T8588]  ksys_write+0xda/0x1a0
[  762.944239][ T8588]  __x64_sys_write+0x40/0x50
[  762.944260][ T8588]  x64_sys_call+0x27fe/0x2ff0
[  762.944281][ T8588]  do_syscall_64+0xd2/0x200
[  762.944313][ T8588]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  762.944334][ T8588] 
[  762.944338][ T8588] Reported by Kernel Concurrency Sanitizer on:
[  762.944352][ T8588] CPU: 1 UID: 0 PID: 8588 Comm: syz.4.13862 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  762.944381][ T8588] Tainted: [W]=WARN
[  762.944388][ T8588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  762.944401][ T8588] ==================================================================
[  763.098524][T21110] hid-generic 0000:0003:0000.0004: unknown main item tag 0x0
[  763.098553][T21110] hid-generic 0000:0003:0000.0004: unknown main item tag 0x0
[  763.099992][T21110] hid-generic 0000:0003:0000.0004: hidraw0: <UNKNOWN> HID v0.03 Device [syz0] on syz0
[  763.100976][ T8598] netlink: 12 bytes leftover after parsing attributes in process `syz.2.13868'.
[  763.100994][ T8598] netlink: 12 bytes leftover after parsing attributes in process `syz.2.13868'.