last executing test programs:

1m32.348686106s ago: executing program 3 (id=682):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$chown(0x4, r2, 0xee00, 0x0)
keyctl$chown(0x4, r2, 0x0, 0x0)

1m32.348395066s ago: executing program 3 (id=683):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDGKBMETA(r1, 0x4bfa, 0x0)

1m32.347457866s ago: executing program 3 (id=684):
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32], 0x0, 0x4, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=@base={0xa, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x4}, 0x50)
pipe2$9p(&(0x7f0000000200), 0x4880)
r2 = dup3(r1, 0xffffffffffffffff, 0x80000)
write$P9_RWALK(r2, 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0), 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="480000001000030500"/20, @ANYRES32=r3, @ANYBLOB="0000000000000000280012800b0001006d61637365630000180002800c0004000100000100c28000050003"], 0x48}}, 0x40000)
sigaltstack(&(0x7f0000000300)={0x0, 0x80000001}, 0x0)

1m32.331618507s ago: executing program 3 (id=685):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x52)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f00000003c0)='kmem_cache_free\x00', r0}, 0x10)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000080)=0x9, 0x8, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x8, 0x6}, 0x0, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r1, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
connect$tipc(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r2 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x6, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x3, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r3}, &(0x7f0000000180), &(0x7f00000001c0)=r2}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x75)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_ro(r5, &(0x7f00000000c0)='cpu.stat\x00', 0x275a, 0x0)
preadv(r6, &(0x7f0000000100), 0x2b, 0x0, 0x0)

1m32.09168797s ago: executing program 3 (id=688):
unshare(0x2000400)
r0 = dup(0xffffffffffffffff)
ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000001900)={0x2, {0x2, 0xa00, 0x0, 0x101, 0x100}})
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$TIOCGPTPEER(r0, 0x5441, 0xb17)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0x20, 0xffffffff, 0x1, 0x1, 0xfffffffe}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c3a00000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000080000850000002d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'gre0\x00'})
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000780)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r4}, 0x10)
r5 = syz_open_dev$usbfs(&(0x7f0000000040), 0x206, 0x3601)
ioctl$USBDEVFS_ALLOW_SUSPEND(r5, 0x5522)
ioctl$USBDEVFS_BULK(r5, 0x5523, 0x0)
ioctl$USBDEVFS_FORBID_SUSPEND(r5, 0x5521)
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$RDMA_NLDEV_CMD_RES_PD_GET(r6, 0x0, 0x4040)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f0000000140)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0x100, 0x0, 0x0, 0x4, 0x2, 0x1}})
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000000)=@ethtool_cmd={0x2c, 0x4, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}})
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x10)
lsetxattr$security_ima(&(0x7f00000008c0)='./cgroup/../file0\x00', &(0x7f00000000c0), 0x0, 0x0, 0x1)
socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket(0x840000000002, 0x3, 0x100)
openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
socket$packet(0x11, 0x2, 0x300)
socket$inet_tcp(0x2, 0x1, 0x0)

1m31.245114933s ago: executing program 3 (id=704):
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030097850000007b00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r0}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r0}, 0x10)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) (async)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4001, 0x8000000, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
r2 = socket(0x15, 0x5, 0x0)
getsockopt(r2, 0x200000000114, 0x2717, 0x0, &(0x7f0000000000))
socket$key(0xf, 0x3, 0x2)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=ANY=[@ANYBLOB="44ffffff7f00000000000000fcdbff2500000000a95725ac6af7e2e1ec7e735ce4148a0da63fe1a47d736708b1f2e056fa85c5d36cbe7f6009deaddb7b71e46807eb1dd26d579da24c0662887e7e4b2700", @ANYRES32=0x0, @ANYBLOB="14d80400000000002400128009000100626f6e64000000001400028008001f00ffffff7f0800070007000000"], 0x44}, 0x1, 0x0, 0x0, 0x20004002}, 0x0) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=ANY=[@ANYBLOB="44ffffff7f00000000000000fcdbff2500000000a95725ac6af7e2e1ec7e735ce4148a0da63fe1a47d736708b1f2e056fa85c5d36cbe7f6009deaddb7b71e46807eb1dd26d579da24c0662887e7e4b2700", @ANYRES32=0x0, @ANYBLOB="14d80400000000002400128009000100626f6e64000000001400028008001f00ffffff7f0800070007000000"], 0x44}, 0x1, 0x0, 0x0, 0x20004002}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socket$netlink(0x10, 0x3, 0x0)
socket$packet(0x11, 0x3, 0x300)
openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000000000e3fdccea768caaf9e4ab26d8ab7d3468bfa139809086ead108205771ed54bb59d5dc28e0145a13db698c9a439727674ec4e1b9204112b7e1803d572ce577dada60413188fdcc1425dbc5bf60e19d152db191ca6e78b41555075e0943acae18f31f385877f8cad56792a407d5357cf26a3ea312c04f8b25ab469564d46017bfd002fc9515d8bc9f9c0def5aa00a6219da84bf5a58c919332d09a9c0ea9a57a4ee56e475d8"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3, <r4=>0xffffffffffffffff}, 0x4)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095", @ANYRES8=r4, @ANYRES16=0x0, @ANYRES32=0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) (async)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r8}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
pipe2(&(0x7f0000001cc0), 0x80000) (async)
pipe2(&(0x7f0000001cc0)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff}, 0x80000)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r9}, 0x2c, {'wfdno', 0x3d, r10}, 0x2c, {[{@access_uid}]}}) (async)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r9}, 0x2c, {'wfdno', 0x3d, r10}, 0x2c, {[{@access_uid}]}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
socket(0x10, 0x3, 0x0) (async)
r11 = socket(0x10, 0x3, 0x0)
write(r11, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000000d0000000000000008000f0001000000", 0x24)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0)

1m16.210765265s ago: executing program 32 (id=704):
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030097850000007b00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r0}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r0}, 0x10)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) (async)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4001, 0x8000000, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
r2 = socket(0x15, 0x5, 0x0)
getsockopt(r2, 0x200000000114, 0x2717, 0x0, &(0x7f0000000000))
socket$key(0xf, 0x3, 0x2)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=ANY=[@ANYBLOB="44ffffff7f00000000000000fcdbff2500000000a95725ac6af7e2e1ec7e735ce4148a0da63fe1a47d736708b1f2e056fa85c5d36cbe7f6009deaddb7b71e46807eb1dd26d579da24c0662887e7e4b2700", @ANYRES32=0x0, @ANYBLOB="14d80400000000002400128009000100626f6e64000000001400028008001f00ffffff7f0800070007000000"], 0x44}, 0x1, 0x0, 0x0, 0x20004002}, 0x0) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=ANY=[@ANYBLOB="44ffffff7f00000000000000fcdbff2500000000a95725ac6af7e2e1ec7e735ce4148a0da63fe1a47d736708b1f2e056fa85c5d36cbe7f6009deaddb7b71e46807eb1dd26d579da24c0662887e7e4b2700", @ANYRES32=0x0, @ANYBLOB="14d80400000000002400128009000100626f6e64000000001400028008001f00ffffff7f0800070007000000"], 0x44}, 0x1, 0x0, 0x0, 0x20004002}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socket$netlink(0x10, 0x3, 0x0)
socket$packet(0x11, 0x3, 0x300)
openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000000000e3fdccea768caaf9e4ab26d8ab7d3468bfa139809086ead108205771ed54bb59d5dc28e0145a13db698c9a439727674ec4e1b9204112b7e1803d572ce577dada60413188fdcc1425dbc5bf60e19d152db191ca6e78b41555075e0943acae18f31f385877f8cad56792a407d5357cf26a3ea312c04f8b25ab469564d46017bfd002fc9515d8bc9f9c0def5aa00a6219da84bf5a58c919332d09a9c0ea9a57a4ee56e475d8"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3, <r4=>0xffffffffffffffff}, 0x4)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095", @ANYRES8=r4, @ANYRES16=0x0, @ANYRES32=0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) (async)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r8}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
pipe2(&(0x7f0000001cc0), 0x80000) (async)
pipe2(&(0x7f0000001cc0)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff}, 0x80000)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r9}, 0x2c, {'wfdno', 0x3d, r10}, 0x2c, {[{@access_uid}]}}) (async)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r9}, 0x2c, {'wfdno', 0x3d, r10}, 0x2c, {[{@access_uid}]}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
socket(0x10, 0x3, 0x0) (async)
r11 = socket(0x10, 0x3, 0x0)
write(r11, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000000d0000000000000008000f0001000000", 0x24)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0)

5.119944844s ago: executing program 0 (id=2667):
gettid()
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
setsockopt$MRT6_DEL_MIF(0xffffffffffffffff, 0x29, 0xc8, 0x0, 0xc000000)
ioctl$sock_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000440)={0x0, @in={0x2, 0x4e22, @multicast1}, @llc={0x1a, 0x204, 0x4, 0x80, 0x6, 0x3, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x38}}, @in={0x2, 0x4e23, @multicast2}, 0xe73c, 0x0, 0x0, 0x0, 0x3, &(0x7f00000000c0)='macsec0\x00', 0x40, 0x7fffffff, 0x5})
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2b, 0x0, 0x0)
r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
write$tun(r1, &(0x7f0000000400)=ANY=[], 0xa2)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r2 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCBRDELBR(r2, 0x89a2, &(0x7f0000000000)='bridge0\x00')
syz_emit_ethernet(0x4e, &(0x7f0000000340)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0086dd685201000000000000000000000000130000000000000002fe800000000000007b00000000000041f30297862e347e3c6bf5da5bcdd96df17448d9a15dbf474e714219663f87c43ce59d58f6cecc48dba7bdc16cb51bd5ad04523a0cf6d20d88c04e06d2722208690056233661da9fa09ba471234b2ef7fb23aceca435fe4a8d69f3b02115b09ad0ff0cf1fd5cb4f7482d5b24f0e4a5f29ab776425f82b275d079a1888b5ed076321b047d2d0c726cd0f6622194c79a4bf4e8be74f6caf4f52c"], 0x0)

5.070890944s ago: executing program 0 (id=2669):
r0 = getpid()
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10)
r2 = gettid()
rt_tgsigqueueinfo(r0, r2, 0x34, &(0x7f0000000640)={0x6, 0x0, 0x4})

1.683386444s ago: executing program 1 (id=2720):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$kcm(0x1e, 0x2, 0x0)
setsockopt$sock_attach_bpf(r1, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={0x0, <r2=>0x0})
setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f0000000180), 0x4bd)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={<r3=>0x0, <r4=>0x0})
close(r3)
setsockopt$sock_attach_bpf(r4, 0x10f, 0x87, &(0x7f0000000180), 0x4bd)
r5 = socket$kcm(0x1e, 0x4, 0x0)
fcntl$dupfd(r0, 0x0, r3)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000040000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
getrusage(0x1, &(0x7f0000000200))
setsockopt$sock_attach_bpf(r5, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r7 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
write$binfmt_aout(r7, &(0x7f00000000c0)=ANY=[], 0x20)
open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
r8 = open$dir(&(0x7f0000000080)='./file0\x00', 0x804000, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x3, 0x12, r8, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000480))
sendmsg$kcm(r5, &(0x7f0000000100)={&(0x7f0000001540)=@tipc, 0x80, 0x0}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5021900000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a64000000060a09040000000000000000020000070900020073797a32000000000900010073797a300000000038000480340001800b0001006578746864720000240002800800044000000000050002000000000008010640000000010800054000000001140000001100010000000000000000000000000a6034f186a47e8fa753333b638a07f254a2077e512309cfedbb6e18df9031e6d04963dd9089b22a38cdd5e52ffe84b57e63079fc24ce08df12f3a474e39e5c9ac0b905342c31cd2c0fa7035e732b3d604596095e74a933868a870ab8a8ae253557c56e499f4182885e620b73008d16b2a6c0700d010f4ee6ffded226ae7453b18f49553a96ed33c1f0a2c33301eda9da01c0e1f64385136567a1bd44b6ca94abefc"], 0x8c}}, 0x0)

1.633424445s ago: executing program 2 (id=2722):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="6c000000100001009e90", @ANYRES32=0x0, @ANYBLOB="5cd2040000000000140003006e657464657673696d30000000000000300016802c0001"], 0x6c}, 0x1, 0x0, 0x0, 0x1}, 0x40)

1.589629256s ago: executing program 2 (id=2723):
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="1800"/11], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000500)=ANY=[@ANYBLOB='S\x00\x00\x00\a'], 0x53)
r3 = getpid()
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r4}, 0x10)
munlock(&(0x7f00002a4000/0x2000)=nil, 0x2000)
r5 = gettid()
rt_tgsigqueueinfo(r3, r5, 0x34, &(0x7f0000000640)={0x6, 0x0, 0x4})
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0xfffffffffffffffb]}, 0x8, 0x0)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])

1.518170347s ago: executing program 2 (id=2725):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[], 0xc8}}, 0x0)

1.515616177s ago: executing program 1 (id=2726):
r0 = getpid()
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r1}, &(0x7f00000002c0), &(0x7f0000000040)=r2}, 0x20)
r3 = gettid()
rt_tgsigqueueinfo(r0, r3, 0x34, &(0x7f0000000640)={0x6, 0x0, 0x4})

1.498677807s ago: executing program 2 (id=2727):
mkdir(&(0x7f0000000140)='./control\x00', 0x5)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x400e, &(0x7f00000004c0), 0x1, 0x440, &(0x7f0000000cc0)="$eJzs28tvG8UfAPDv2kn66+uXUJVHH0CgIMoradJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSJy6IIxJ/ASe4IOCExBXuqFKFcmnhZLT2bmI7thunTlzqz0dad2Z33Jmvd8ee2ckG0LdG05ckYk9E/B4Rw9VsfYHR6j83V5am/15Zmk6iXH7zr6RS7sbK0nReNH/f7jwzEFH4NIlDTepduHT53FSpNHsxy48vnn9vfOHS5Wfnzk+dnT07e2Hy1KkTxyeePzn5XFfiTOO6cfDD+cMHXn376uvTp6++8/O3SR5/QxxdMtru4OPlcper6629NelkoIcNoSPFajeNwUr/H45irJ284Xjlk542DthS5XK5fF/rw8tl4C6WRK9bAPRG/kOfzn/zbZuGHneE6y9WJ0Bp3DezrXpkIApZmcGG+W03jUbE6eV/vkq32Jr7EAAAdb5Pxz/PNBv/FaL2vtD/szWUkYi4JyL2RcTJiNgfEfdGVMreHxEPdFh/4yLJ+vFP4dqmAtugdPz3Qra2VT/+y0d/MVLMcnsr8Q8mZ+ZKs8eyz+RoDO5I8xNt6vjh5d8+b3WsdvyXbmn9+Vgwa8e1gR3175mZWpy6nZhrXf844uBAs/iT1ZWAJCIORMTBTdYx99Q3h1sdu3X8bXRhnan8dcQT1fO/HA3x55L265Pj/4vS7LHx/KpY75dfr7zRqv7bir8L0vO/q+n1vxr/SFK7XrvQyf/+5ZPp65U/Pms5p9ns9T+UvFW374OpxcWLExFDyWvVRtfun2woN7lWPo3/6JHm/X9frH0ShyIivYgfjIiHIuLhrO2PRMSjEXGkzafw00uPvbv5+LdWGv9MR+d/LTEUjXuaJ4rnfvyurtKRTuJPz/+JSupotmcj338baVenVzMAAAD8VxUiYk8khbHVdKEwNlb9G/79satQml9YfPrM/PsXZqrPCIzEYCG/0zVccz90IpvW5/nJhvzx7L7xF8WdlfzY9HxpptfBQ5/b3aL/p/4s9rp1wJbzvBb0L/0f+pf+D/1L/4f+1aT/7+xFO4Dt1+z3/6MetAPYfg3937If9BHzf+hfm+n/vjPg7tC2Lw9tXzuAbbWwM279kLyExLpEFO6IZkhsUaLX30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADd8W8AAAD//58P56I=")
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x12, 0x82, 0x8, 0xd0eb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4}, 0x50)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = openat$selinux_checkreqprot(0xffffffffffffff9c, 0x0, 0x10000, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
inotify_add_watch(0xffffffffffffffff, 0x0, 0x140003a1)
bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmmsg(r0, &(0x7f00000009c0)=[{{&(0x7f00000003c0)=@caif=@rfm={0x25, 0x0, "0e34f7e2f97442330ac8b883fd1d5a17"}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)="941e41a738eb5279b02f030b53f68893e037f0c28e561675a084d1a340287107206c65550fd345a236f1c03b95bd14f403508bb1a7f2d29e4365d41f4f44ded2c347cb389ff37007c9489295e4697f45c0ee034003e012b09f8fc8", 0x5b}], 0x1}}], 0x1, 0x40840)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7020000111e6ca5b70300000000b1098500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x59, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x18)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
renameat2(0xffffffffffffffff, &(0x7f0000000380)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000200)='./bus/file0\x00', 0x0)
pwrite64(0xffffffffffffffff, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)

1.429179099s ago: executing program 1 (id=2729):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x37, &(0x7f0000000380)=ANY=[@ANYBLOB="180000007751ffff002000000200000018110000", @ANYRES32=0x1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095000000000000001800000000004001000000000100000018430000fbffffff000000000000000018110000", @ANYRES32=0x1, @ANYBLOB="0000000000000000b7020000000000008500000086000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000003000000850000000600000018230000", @ANYRES32, @ANYBLOB="0000000001000000b7080000000000007b8af8ff00000000b70800001f9400007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b70500000800000085000000a500000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000900000085000000060000002446ffff04000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x58c024fd, 0x3e, &(0x7f0000000240)=""/62, 0x41100, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x4, 0x3}, 0x8, 0x10, &(0x7f0000000300)={0x2, 0xc, 0x212, 0x4}, 0x10, 0x0, 0x0, 0x8, 0x0, &(0x7f0000000540)=[{0x4, 0x1, 0x7}, {0x5, 0x3, 0x1, 0x6}, {0x5, 0x2, 0x9, 0xb}, {0x4, 0x3, 0x4, 0xb}, {0x2, 0x1, 0x9, 0x1}, {0x5, 0x3, 0x5, 0x8}, {0x4, 0x3, 0x9, 0x3}, {0x1, 0x3, 0x1, 0xc}], 0x10, 0x15ca}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000680)={&(0x7f0000000180)='svcsock_tcp_recv_short\x00', r0, 0x0, 0x400}, 0x18)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$sock_timeval(r1, 0x1, 0x14, &(0x7f0000000040)={0x0, 0x2710}, 0x10)
recvmsg$can_bcm(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f00000005c0)=""/170, 0xaa}], 0x1}, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r2, 0x4b2f, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000040)=ANY=[], &(0x7f0000000000)='GPL\x00', 0xfffffffc, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)={{0x14}, [@NFT_MSG_NEWCHAIN={0x20, 0x3, 0xa, 0x3, 0x0, 0x0, {0x2}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x48}, 0x1, 0x0, 0x0, 0x48001}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006980c70000000001000000940001000000fcffc50000000f00000095"], &(0x7f00000001c0)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
statfs(&(0x7f0000000340)='./file0\x00', 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r4, 0x400, 0x0)
write$binfmt_script(r4, &(0x7f0000000280)={'#! ', './file0', [{0x20, 'GPL\x00'}, {0x20, '/^'}, {0x20, '['}], 0xa, "e93429fafcc83c2ae216741f62c14c37e1159286612202f99f610fb61580c3"}, 0x34)

1.428402358s ago: executing program 1 (id=2731):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=@bloom_filter={0x1e, 0x1, 0x1, 0xd697, 0x80, 0xffffffffffffffff, 0xff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x2, 0xa}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000002c0)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4400000010004b0400000000000000007a000000", @ANYBLOB="0000000000000000240012800b0001006272696467650000140002800800080081000000060027"], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2010008, &(0x7f00000001c0), 0xff, 0x52e, &(0x7f0000000640)="$eJzs3cFvI1cZAPBvnDib7GabFDhApZZCi7IVrJ00tI04lCIhOFVClPsSEieK4sRR7LSbqILsX4CEECBxggsXJP4AJLQSF44IqRKcQSoCIdiCBAfoINvjJDjjxFuceNf5/aTZeW/GM9/3vHnjGc/TOIAr69mIeC0i3k/T9IWImMmWF7IpDttT83XvPXh7pTklkaZv/DWJJFvW2VeSzW9km01GxFe/HPGN5HTc+v7B5nK1WtnN6uXG1k65vn9we2Nreb2yXtleXFx4eemVpZeW5gfSzpsR8eoX//i9b//kS6/+4jNv/eHOn299s5nWdLb+ZDse0vhZK9tNL16b7Npg9wMGexQ121PsVKb62+beBeYDAEBvzXP8D0XEJyPihZiJsbNPZwEAAIDHUPr56fh3EpHmm+ixHAAAAHiMFFpjYJNCKRsLMB2FQqnUHsP7kbheqNbqjU+v1fa2V9tjZWejWFjbqFbms7HCs1FMmvWFVvm4/mJXfTEinoyI785MteqllVp1ddhffgAAAMAVcaPr+v8fM+3rfwAAAGDEzA47AQAAAODCuf4HAACA0ef6HwAAAEbaV15/vTmlnd+/Xn1zf2+z9ubt1Up9s7S1t1Jaqe3ulNZrtfXWM/u2zttftVbb+Wxs790tNyr1Rrm+f3Bnq7a33bizEZOX0iAAAADglCc/fv93SUQcfm6qNTVNDDsp4FKMH5WSbJ7T+3//RHv+7iUlBVyKsT5e8+61/OXOE+DxNt69oEdfB0ZPcdgJAEOXnLO+5+CdX2fzTww2HwAAYPDmPpZ///+864GIw8IlpAdcIJ0Yrq6u+//pzLASAS5d6/5/vwN5nCzASCn2NQIQGGX/9/3/c6XpQyUEAAAM3HRrSgql7Ou96SgUSqWIm62fBSgmaxvVynxEPBERv50pXmvWF1pbJn2MEQAAAAAAAAAAAAAAAAAAAAAAAAAAovVU7iRSAAAAYKRFFP6U/LL9LP+5meenu78fmEj+1fpJ4ImIeOuHb3z/7nKjsbvQXP63o+WNH2TLXxzGNxgAAABAt851emv+z2FnAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCoee/B2yudqY+XTw0q7l++EBGzefHHY7I1n4xiRFz/exLjJ7ZLImJsAPEP70XER/PiJ820jkLmxR/Em3BO/JjN3oW8+DcGEB+usvvN489ref2vEM+25vn9bzzif+ofVO/jXxwd/8Z69P+bfcZ46p2flXvGvxfx1Hj+8acTP+kR/7k+43/9awcHvdalP4qY63z+tI54JyMcl8qNrZ1yff/g9sbW8nplvbK9uLjw8tIrSy8tzZfXNqqV7N/cGN95+ufvn9X+67mff0mWTe/2P5+zv7zPpP+8c/fBhzuVw9Pxbz2XE/9XP85ecTp+IYvzqazcXD/XKR+2yyc989PfPHNW+1eP2198mP//W7122u1UR3m63z8dAOAC1PcPNper1cruyBaaV+mPQBoKj2DhWwPdYZqmabNP5ay6HxH97CeJAbe0kJ/PcaHnEWDYRyYAAGDQjk/6h50JAAAAAAAAAAAAAAAAAAAAXF2X8ZS17pjHj0BOBvEIbQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAgfhvAAAA//89e9P5")
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r4, 0x2)
r5 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r5, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r6)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
r7 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x2, @perf_bp={0x0, 0xc}, 0x0, 0xfffd, 0x0, 0x1, 0x40000008, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r8, @ANYRES16=r7], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r9}, 0x18)
pipe2$9p(&(0x7f00000000c0)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="7472616e733d66642c7266646e6f3d0dbad08006d11f12edbaa68313", @ANYRESHEX=r10, @ANYBLOB=',wfdno=', @ANYRESHEX=r11, @ANYBLOB=',noextend,\x00'])
write$RDMA_USER_CM_CMD_BIND_IP(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x0, 0x0, @private2, 0x63}}}, 0x30)

1.344742529s ago: executing program 2 (id=2734):
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f00000007c0)='syzkaller\x00', 0x3, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
pwritev2(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x140000}], 0x14, 0x7800, 0x0, 0x3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x0, 0x0, &(0x7f0000000080)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = syz_io_uring_setup(0x24fe, &(0x7f0000000300)={0x0, 0xf371, 0x10100, 0xfffffffe, 0x1}, &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000001c0)=[{&(0x7f00000004c0)=""/124, 0x7c}], 0x1)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<'], 0x38}}, 0x80)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r4, &(0x7f0000000180)=ANY=[], 0x118)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sys_enter\x00', r6}, 0x10)
ioprio_get$pid(0x2, 0xffffffffffffffff)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0xfca12000)
chdir(&(0x7f0000000200)='./cgroup\x00')
r7 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r7, &(0x7f0000000f80)=""/4096, 0x1000)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_FALLOCATE={0x11, 0x10, 0x0, @fd_index=0x8, 0xfff, 0x0, 0x6, 0x0, 0x1})
io_uring_enter(r1, 0x2d3e, 0x2936, 0x0, 0x0, 0x0)

1.30435954s ago: executing program 2 (id=2735):
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="1800"/11], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000500)=ANY=[@ANYBLOB='S\x00\x00\x00\a'], 0x53)
r3 = getpid()
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r4}, 0x10)
munlock(&(0x7f00002a4000/0x2000)=nil, 0x2000)
r5 = gettid()
rt_tgsigqueueinfo(r3, r5, 0x34, &(0x7f0000000640)={0x6, 0x0, 0x4})
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0xfffffffffffffffb]}, 0x8, 0x0)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])

1.194353432s ago: executing program 0 (id=2670):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000010000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)

821.044667ms ago: executing program 5 (id=2745):
r0 = syz_io_uring_setup(0x24fe, &(0x7f0000000300)={0x0, 0xf371, 0x10100, 0xfffffffe, 0x1}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000004c0)=""/124, 0x7c}], 0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FALLOCATE={0x11, 0x10, 0x0, @fd_index=0x8, 0xfff, 0x0, 0x6, 0x0, 0x1})
io_uring_enter(r0, 0x2d3e, 0x2936, 0x0, 0x0, 0x0)

820.342978ms ago: executing program 5 (id=2746):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f"], 0x48)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x7fff}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000200), &(0x7f0000000240)=r1}, 0x20)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r3)
sendmsg$NFC_CMD_DEP_LINK_UP(r3, &(0x7f0000000600)={0x0, 0xffffffffffffff24, &(0x7f00000005c0)={&(0x7f0000000700)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002abd7000fbdbdf250400000005000a0000000000080001"], 0x3c}, 0x1, 0x0, 0x0, 0x26040041}, 0x40)

777.457378ms ago: executing program 0 (id=2747):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB], 0x48)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_ethernet(0x36, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x2d)
r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r0)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x28, r4, 0x1, 0x4, 0x0, {}, [@IEEE802154_ATTR_DEV_TYPE={0x5, 0x20, 0x1}, @IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000010}, 0x0)

721.756449ms ago: executing program 5 (id=2748):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$kcm(0x1e, 0x2, 0x0)
setsockopt$sock_attach_bpf(r1, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={0x0, <r2=>0x0})
setsockopt$sock_attach_bpf(r2, 0x10f, 0x87, &(0x7f0000000180), 0x4bd)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={<r3=>0x0, <r4=>0x0})
close(r3)
setsockopt$sock_attach_bpf(r4, 0x10f, 0x87, &(0x7f0000000180), 0x4bd)
r5 = socket$kcm(0x1e, 0x4, 0x0)
fcntl$dupfd(r0, 0x0, r3)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000040000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
getrusage(0x1, &(0x7f0000000200))
setsockopt$sock_attach_bpf(r5, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r7 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
write$binfmt_aout(r7, &(0x7f00000000c0)=ANY=[], 0x20)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
r8 = open$dir(&(0x7f0000000080)='./file0\x00', 0x804000, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x3, 0x12, r8, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000480))
sendmsg$kcm(r5, &(0x7f0000000100)={&(0x7f0000001540)=@tipc, 0x80, 0x0}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5021900000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a64000000060a09040000000000000000020000070900020073797a32000000000900010073797a300000000038000480340001800b0001006578746864720000240002800800044000000000050002000000000008010640000000010800054000000001140000001100010000000000000000000000000a6034f186a47e8fa753333b638a07f254a2077e512309cfedbb6e18df9031e6d04963dd9089b22a38cdd5e52ffe84b57e63079fc24ce08df12f3a474e39e5c9ac0b905342c31cd2c0fa7035e732b3d604596095e74a933868a870ab8a8ae253557c56e499f4182885e620b73008d16b2a6c0700d010f4ee6ffded226ae7453b18f49553a96ed33c1f0a2c33301eda9da01c0e1f64385136567a1bd44b6ca94abefc"], 0x8c}}, 0x0)

701.634929ms ago: executing program 4 (id=2749):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a80)={{r2}, &(0x7f0000000a00), &(0x7f0000000a40)=r1}, 0x20)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x5, 0x4, 0x7fdf, 0x1}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfe}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = dup2(r4, r3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='sys_enter\x00', r5}, 0x18)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r5, 0x89f1, &(0x7f0000000180)={'ip6tnl0\x00', &(0x7f0000000480)={'ip6_vti0\x00', <r6=>0x0, 0x4, 0x8, 0x9f, 0x8, 0x4b, @mcast1, @dev={0xfe, 0x80, '\x00', 0x14}, 0x7800, 0x10, 0x7, 0x81}})
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r5, 0x20, &(0x7f0000000540)={&(0x7f0000001bc0)=""/4096, 0x1000, <r7=>0x0, &(0x7f0000000700)=""/201, 0xc9}}, 0x10)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r8, 0x0, 0xfffffffffffffffd}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x18, 0x14, &(0x7f0000000380)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xbef, 0x0, 0x0, 0x0, 0x7c}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r5}}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x3d, &(0x7f00000000c0)=""/61, 0x41100, 0x2, '\x00', r6, @fallback=0x10, r5, 0x8, &(0x7f0000000500)={0x1, 0x2}, 0x8, 0x10, 0x0, 0x0, r7, r8, 0x2, &(0x7f0000000980)=[0xffffffffffffffff, 0xffffffffffffffff, r3, r5, r5, 0xffffffffffffffff, r3], &(0x7f00000009c0)=[{0x2, 0x3, 0x8, 0xa}, {0x4, 0x4, 0x1, 0x3}], 0x10, 0xffff}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r9 = syz_open_dev$usbfs(&(0x7f0000000080), 0x70, 0x101301)
ioctl$USBDEVFS_IOCTL(r9, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r9, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)

614.66941ms ago: executing program 0 (id=2750):
syz_genetlink_get_family_id$ipvs(&(0x7f0000000380), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
syz_clone(0x42164000, 0x0, 0x0, 0x0, 0x0, 0x0)
open_tree(0xffffffffffffffff, 0x0, 0x1001)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001300)=@newtaction={0x88c, 0x30, 0xffff, 0x3, 0xffe4, {}, [{0x878, 0x1, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x2, 0x4, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x7f, 0x0, 0x10000005, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xfffffffc, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x6, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x44, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x4, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a6d, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, 0x7fff, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x9, 0x7, 0x0, 0x0, 0xfffffffe, {0x4, 0x0, 0x0, 0x0, 0xb, 0x3}, {0x4, 0x2, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x3, 0x2}}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0xffffffff, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1000000, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xffffffff, 0x0, 0x5, 0x0, 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffc, 0x6, 0x2, 0x4, 0x0, 0x0, 0x0, 0x1, 0x25d, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x2, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x80000, 0x0, 0x0, 0x0, 0xf9, 0x0, 0x0, 0x20000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xffffff81, 0x0, 0x0, 0xffffff7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, 0x2, 0x8]}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa, {0x2}}}}]}]}, 0x88c}}, 0x0)

594.517001ms ago: executing program 4 (id=2751):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f00000000c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
sendmsg$nl_route(r1, 0x0, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x4000800)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000980)=@delchain={0x34, 0x64, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xfff3, 0xffff}, {0x0, 0x1b}}, [@filter_kind_options=@f_flower={{0xb}, {0xffffffffffffffb0}}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x80)
sendto$inet(r2, &(0x7f0000000340)="b17c19473508aa97eb1ecc4d10b488e495f76b0980958c94a1b7f1ac978b4af426b60a48e53d137517fddb5e2fb7007f57f4743bcc3b91066e85da8313949240edc3405cf3a028dd9632644008652c999e922b6a012d143d247fd32bd8f49ced277a0d242bffbbbb8e1164e7d08755ce95b08948892c8d4dd1dcd7d2d4ba6765e0ab96b62866875c8d8a95", 0x8b, 0x20044080, &(0x7f0000000000)={0x2, 0x4e20, @remote}, 0x10)

526.091102ms ago: executing program 1 (id=2752):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="020900000700000000000000000000000500"], 0x38}}, 0x0)

514.761372ms ago: executing program 4 (id=2753):
socket$inet_udp(0x2, 0x2, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000001c0)='syzkaller\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x18)
ioctl$SG_SET_RESERVED_SIZE(r1, 0x2275, &(0x7f0000000000))
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0xfffffffc, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r7}, 0x10)
process_mrelease(0xffffffffffffffff, 0x0)
get_mempolicy(0x0, 0x0, 0x73e, &(0x7f0000433000/0x2000)=nil, 0x3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000b40)=@filter={'filter\x00', 0x4, 0x4, 0x4b8, 0xffffffff, 0x260, 0x260, 0xe8, 0xfeffffff, 0xffffffff, 0x3e8, 0x3e8, 0x3e8, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@dev={0xfe, 0x80, '\x00', 0x29}, @private2, [0xffffffff, 0xff000000, 0xff, 0xffffff00], [0xffffff00, 0xffffffff, 0xffffffff, 0xffffffff], 'hsr0\x00', 'sit0\x00', {}, {}, 0x87, 0x3, 0x4, 0x5}, 0x2f2, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x5, {0x7}}}}, {{@ipv6={@private2, @empty, [], [0x0, 0x0, 0xff000000], 'sit0\x00', 'batadv_slave_1\x00'}, 0x0, 0x138, 0x178, 0x0, {}, [@common=@srh1={{0x90}, {0x21, 0x12, 0xbe, 0x7, 0x5aa9, @ipv4={'\x00', '\xff\xff', @empty}, @private1, @local, [0xff000000, 0xff000000, 0x0, 0xff], [0xffffff00, 0xff000000, 0xff], [0x0, 0xffffff, 0xffffff00, 0x7fffff7f], 0x3c80}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x5, {0x2000010}}}}, {{@uncond, 0x0, 0x160, 0x188, 0x0, {}, [@common=@unspec=@addrtype1={{0x28}, {0x21, 0x180, 0x5}}, @common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x3, 0x7, @private1={0xfc, 0x1, '\x00', 0x1}, @mcast1, @private1, [0x0, 0x0, 0xff, 0xff], [0x0, 0xffffff00], [0x0, 0xff000000], 0x843, 0x1400}}]}, @REJECT={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x518)
rseq(0x0, 0x0, 0x0, 0x0)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r8, 0x8001000000000000, 0x40, &(0x7f0000000400)=@raw={'raw\x00', 0x8, 0x3, 0x268, 0xf8, 0x11, 0x148, 0xf8, 0x0, 0x220, 0x2a8, 0x2a8, 0x220, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'vlan0\x00', 'geneve0\x00'}, 0x0, 0x98, 0x100, 0x0, {}, [@common=@ttl={{0x28}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2c8)
syz_mount_image$ext4(&(0x7f0000000180)='ext3\x00', &(0x7f0000000080)='./file1\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x1000}}, {@minixdf}]}, 0x1, 0x503, &(0x7f0000000fc0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSG0EmKPILUhcaModhzFTmlCD+mZKxKVOMGRP4BzT9y5IHrjUg5I/IhADRIHoxlPUje1m6hJ7Gz8+UijeW/e1N/vazrvxS+NXwBD62pE7EbEWETcjojp7HouO+KT9pHc93Tv/tL+3v2lXLRan/0zl7Yn16LjzySuZK9ZjIgffS/ip7kX4za2d9YWq9XKZlafbdY2ZhvbOzdWa4srlZXKerm8ML8w99HND8tn1td3amNZ6atP/rj7rZ8naU1lVzr7cZbaXS8cxkmMRsQPziPYAIxk/RkbdCK8knxEvBkR76bP/3SMpF9NAOAya7WmozXdWQcALrt8ugaWy5eytYCpyOdLpfYa3lsxma/WG83rd+pb68vttbKZKOTvrFYrc9la4UwUckl9Pi0/q5eP1G9GxBsR8cvxibReWqpXlwf5jQ8ADLErR+b//4y3538A4JIrDjoBAKDvzP8AMHzM/wAwfMz/ADB82vP/xKDTAAD6yPt/ABg+5n8AGCo//PTT5GjtZ59/vXx3e2utfvfGcqWxVqptLZWW6psbpZV6fSX9zJ7aca9Xrdc35j+IrXsz395oNGcb2zu3avWt9eat9HO9b1UK6V27fegZANDLG+88epxLZuSPJ9IjOvZyKAw0M+C85QedADAwI4NOABgYu33B8DrFe3zLA3BJdNmi9znFbr8g1Gq1WueXEnDOrn3J+j8Mq471f/8LGIaM9X8YXtb/YXi1WrmT7vkfJ70RALjYrPEDPX7+/2Z2/l32w4GfLB+94+F5ZgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX28H+v6VsL/CpyOdLpYjXImImCrk7q9XKXES8HhF/Hi+MJ/X5AecMAJxW/m+5bP+va9PvTz3X9PaVw+JYRPzs15/96t5is7n5p4ix3L/GD643H2bXy/3PHgA43sE8nZ473sg/3bu/dHD0M5+/fzciiu34+3tjsX8YfzRG03MxChEx+e9cVm/LdaxdnMbug4j4Yrf+52IqXQNp73x6NH4S+7W+xs8/Fz+ftrXPyd/FF84gFxg2j5Lx55Nuz18+rqbn7s9/MR2hTi8b/5KXWtpPx8Bn8Q/Gv5Ee49/Vk8b44A/fb5cmXmx7EPHl0YiD2Psd489B/FyP+O+fMP5fvvL2u73aWr+JuBbd43fGmm3WNmYb2zs3VmuLK5WVynq5vDC/MPfRzQ/Ls+ka9Wzv2eAfH19/vVdb0v/JHvGLx/T/6yfs/2//d/vHX3tJ/G++1y1+Pt56SfxkTvzGCeMvTv6+2Kstib/co//Hff2vnzD+k7/uvLBtOAAwOI3tnbXFarWy+TkqPE6+pxl8Ggr9LyT/ZC9AGl0L3+lXrLHo3vSL99rP9JGmVuuVYvUaMc5i1Q24CA4f+oj476CTAQAAAAAAAAAAAAAAuurHbywNuo8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcXv8PAAD//+a4zis=")
r9 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x174)
ioctl$FS_IOC_SETFLAGS(r9, 0x40086602, 0x0)
r10 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x48041, 0x0)
pwrite64(r10, &(0x7f0000000140)="f6", 0xffffff07, 0x8000c61)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

429.123703ms ago: executing program 1 (id=2754):
set_mempolicy(0x3, &(0x7f0000000000)=0x4000000ffb, 0x8)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'veth0_macvtap\x00', <r1=>0x0})
eventfd2(0x8, 0x800)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r3, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x40, 0x7ffc1ffb}]})
tee(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2)
recvfrom$inet(r3, 0x0, 0x1f, 0x0, 0x0, 0x0)
bind$inet(r3, &(0x7f0000000480)={0x2, 0x4e20, @loopback}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x8003}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x12}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0xcc}}, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000500)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x31a0}})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x200, {0x0, 0x0, 0x0, r1, {0xfff2}, {}, {0x9, 0x5}}}, 0x24}}, 0x0)

401.926263ms ago: executing program 5 (id=2755):
r0 = socket$nl_route(0x10, 0x3, 0x0)
connect$netlink(r0, &(0x7f0000000280)=@proc={0x10, 0x0, 0x25dfdbfc, 0x4000}, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e0000000400000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c00000020000f0000f901000000000002"], 0x1c}, 0x1, 0x0, 0x0, 0x4000080}, 0x40000)

366.251414ms ago: executing program 5 (id=2756):
socket$inet_udp(0x2, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000001c0)='syzkaller\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x18)
ioctl$SG_SET_RESERVED_SIZE(r2, 0x2275, &(0x7f0000000000))
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0xfffffffc, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r5}, 0x10)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x48041, 0x0)
pwrite64(r6, &(0x7f0000000140)="f6", 0xffffff07, 0x8000c61)

144.544037ms ago: executing program 4 (id=2757):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
capset(&(0x7f0000000380)={0x20080522}, &(0x7f0000000040)={0x200000, 0x40200003, 0x0, 0x6, 0x7})
setrlimit(0x40000000000008, &(0x7f0000000080)={0x0, 0x6})
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
sendmmsg$inet(r0, &(0x7f0000000780)=[{{&(0x7f0000000040)={0x2, 0x4e21, @multicast1}, 0x10, 0x0, 0x0, 0x0, 0x30}}], 0x1, 0x4008804)

110.895408ms ago: executing program 0 (id=2758):
set_mempolicy(0x3, &(0x7f0000000000)=0x4000000ffb, 0x8)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'veth0_macvtap\x00', <r1=>0x0})
eventfd2(0x8, 0x800)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r3, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x40, 0x7ffc1ffb}]})
tee(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2)
recvfrom$inet(r3, 0x0, 0x1f, 0x0, 0x0, 0x0)
bind$inet(r3, &(0x7f0000000480)={0x2, 0x4e20, @loopback}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x8003}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x12}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0xcc}}, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000500)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x31a0}})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x200, {0x0, 0x0, 0x0, r1, {0xfff2}, {}, {0x9, 0x5}}}, 0x24}}, 0x0)

25.170619ms ago: executing program 4 (id=2759):
mkdir(&(0x7f0000000140)='./control\x00', 0x5)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x400e, &(0x7f00000004c0), 0x1, 0x440, &(0x7f0000000cc0)="$eJzs28tvG8UfAPDv2kn66+uXUJVHH0CgIMoradJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSJy6IIxJ/ASe4IOCExBXuqFKFcmnhZLT2bmI7thunTlzqz0dad2Z33Jmvd8ee2ckG0LdG05ckYk9E/B4Rw9VsfYHR6j83V5am/15Zmk6iXH7zr6RS7sbK0nReNH/f7jwzEFH4NIlDTepduHT53FSpNHsxy48vnn9vfOHS5Wfnzk+dnT07e2Hy1KkTxyeePzn5XFfiTOO6cfDD+cMHXn376uvTp6++8/O3SR5/QxxdMtru4OPlcper6629NelkoIcNoSPFajeNwUr/H45irJ284Xjlk542DthS5XK5fF/rw8tl4C6WRK9bAPRG/kOfzn/zbZuGHneE6y9WJ0Bp3DezrXpkIApZmcGG+W03jUbE6eV/vkq32Jr7EAAAdb5Pxz/PNBv/FaL2vtD/szWUkYi4JyL2RcTJiNgfEfdGVMreHxEPdFh/4yLJ+vFP4dqmAtugdPz3Qra2VT/+y0d/MVLMcnsr8Q8mZ+ZKs8eyz+RoDO5I8xNt6vjh5d8+b3WsdvyXbmn9+Vgwa8e1gR3175mZWpy6nZhrXf844uBAs/iT1ZWAJCIORMTBTdYx99Q3h1sdu3X8bXRhnan8dcQT1fO/HA3x55L265Pj/4vS7LHx/KpY75dfr7zRqv7bir8L0vO/q+n1vxr/SFK7XrvQyf/+5ZPp65U/Pms5p9ns9T+UvFW374OpxcWLExFDyWvVRtfun2woN7lWPo3/6JHm/X9frH0ShyIivYgfjIiHIuLhrO2PRMSjEXGkzafw00uPvbv5+LdWGv9MR+d/LTEUjXuaJ4rnfvyurtKRTuJPz/+JSupotmcj338baVenVzMAAAD8VxUiYk8khbHVdKEwNlb9G/79satQml9YfPrM/PsXZqrPCIzEYCG/0zVccz90IpvW5/nJhvzx7L7xF8WdlfzY9HxpptfBQ5/b3aL/p/4s9rp1wJbzvBb0L/0f+pf+D/1L/4f+1aT/7+xFO4Dt1+z3/6MetAPYfg3937If9BHzf+hfm+n/vjPg7tC2Lw9tXzuAbbWwM279kLyExLpEFO6IZkhsUaLX30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADd8W8AAAD//58P56I=")
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='sched_switch\x00'}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = openat$selinux_checkreqprot(0xffffffffffffff9c, 0x0, 0x10000, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
inotify_add_watch(0xffffffffffffffff, 0x0, 0x140003a1)
bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmmsg(r0, &(0x7f00000009c0)=[{{&(0x7f00000003c0)=@caif=@rfm={0x25, 0x0, "0e34f7e2f97442330ac8b883fd1d5a17"}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)="941e41a738eb5279b02f030b53f68893e037f0c28e561675a084d1a340287107206c65550fd345a236f1c03b95bd14f403508bb1a7f2d29e4365d41f4f44ded2c347cb389ff37007c9489295e4697f45c0ee034003e012b09f8fc8", 0x5b}], 0x1}}], 0x1, 0x40840)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7020000111e6ca5b70300000000b1098500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x59, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x18)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
renameat2(0xffffffffffffffff, &(0x7f0000000380)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000200)='./bus/file0\x00', 0x0)
pwrite64(0xffffffffffffffff, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)

24.965419ms ago: executing program 4 (id=2760):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x37e2f4aba9289b81, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000040)='sys_enter\x00', r2}, 0x10)
cachestat(r0, &(0x7f00000001c0)={0xffffffff, 0x3}, &(0x7f0000000200), 0x0)

0s ago: executing program 5 (id=2761):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000ac0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000003c0)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000340), &(0x7f0000000380)='%-5lx  \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000580)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000c40)='sys_enter\x00', r2}, 0x10)
umount2(&(0x7f0000000240)='./file0\x00', 0x8)

kernel console output (not intermixed with test programs):

0025c0 RDI: 0000000000000003
[   88.573854][ T6717] RBP: 00007f4615947090 R08: 0000000000000000 R09: 0000000000000000
[   88.573865][ T6717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   88.573875][ T6717] R13: 0000000000000000 R14: 00007f4617505fa0 R15: 00007fff03ecf2d8
[   88.573900][ T6717]  </TASK>
[   88.878146][ T6718] xt_CT: You must specify a L4 protocol and not use inversions on it
[   89.546144][ T6756] netlink: 'syz.2.1166': attribute type 8 has an invalid length.
[   89.664391][ T6758] 9pnet_fd: Insufficient options for proto=fd
[   89.713020][ T6761] netlink: 'syz.4.1167': attribute type 8 has an invalid length.
[   89.850987][ T6764] 9pnet_fd: Insufficient options for proto=fd
[   89.885986][   T29] kauditd_printk_skb: 1256 callbacks suppressed
[   89.886002][   T29] audit: type=1326 audit(1752074872.838:12146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6755 comm="syz.2.1166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8d6c45ab19 code=0x7ffc0000
[   89.955964][   T29] audit: type=1326 audit(1752074872.848:12147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6755 comm="syz.2.1166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f8d6c4be929 code=0x7ffc0000
[   89.979387][   T29] audit: type=1326 audit(1752074872.868:12148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6755 comm="syz.2.1166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8d6c4b58e7 code=0x7ffc0000
[   90.002905][   T29] audit: type=1326 audit(1752074872.868:12149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6755 comm="syz.2.1166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8d6c45ab19 code=0x7ffc0000
[   90.026626][   T29] audit: type=1326 audit(1752074872.878:12151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6760 comm="syz.4.1167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8cb93558e7 code=0x7ffc0000
[   90.050096][   T29] audit: type=1326 audit(1752074872.878:12152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6760 comm="syz.4.1167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8cb92fab19 code=0x7ffc0000
[   90.073697][   T29] audit: type=1326 audit(1752074872.878:12153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6760 comm="syz.4.1167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f8cb935e929 code=0x7ffc0000
[   90.097080][   T29] audit: type=1326 audit(1752074872.868:12150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6755 comm="syz.2.1166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8d6c4b58e7 code=0x7ffc0000
[   90.120495][   T29] audit: type=1326 audit(1752074872.878:12154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6755 comm="syz.2.1166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8d6c45ab19 code=0x7ffc0000
[   90.143867][   T29] audit: type=1326 audit(1752074872.878:12155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6755 comm="syz.2.1166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f8d6c4be929 code=0x7ffc0000
[   90.377830][ T6775] openvswitch: netlink: Message has 6 unknown bytes.
[   90.427593][ T6771] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[   90.728227][ T6800] netlink: 'syz.2.1182': attribute type 8 has an invalid length.
[   90.759487][ T6804] openvswitch: netlink: Message has 6 unknown bytes.
[   90.811773][ T6805] 9pnet_fd: Insufficient options for proto=fd
[   91.141918][ T6823] FAULT_INJECTION: forcing a failure.
[   91.141918][ T6823] name failslab, interval 1, probability 0, space 0, times 0
[   91.154590][ T6823] CPU: 1 UID: 0 PID: 6823 Comm: syz.4.1190 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(voluntary) 
[   91.154615][ T6823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   91.154627][ T6823] Call Trace:
[   91.154633][ T6823]  <TASK>
[   91.154640][ T6823]  __dump_stack+0x1d/0x30
[   91.154662][ T6823]  dump_stack_lvl+0xe8/0x140
[   91.154752][ T6823]  dump_stack+0x15/0x1b
[   91.154767][ T6823]  should_fail_ex+0x265/0x280
[   91.154796][ T6823]  should_failslab+0x8c/0xb0
[   91.154853][ T6823]  kmem_cache_alloc_lru_noprof+0x55/0x310
[   91.154877][ T6823]  ? sock_alloc_inode+0x34/0xa0
[   91.154922][ T6823]  ? __pfx_sock_alloc_inode+0x10/0x10
[   91.155010][ T6823]  sock_alloc_inode+0x34/0xa0
[   91.155079][ T6823]  alloc_inode+0x40/0x170
[   91.155107][ T6823]  __sock_create+0x122/0x5b0
[   91.155134][ T6823]  sock_create_kern+0x38/0x50
[   91.155202][ T6823]  udp_sock_create4+0x66/0x2a0
[   91.155229][ T6823]  wg_socket_init+0x21e/0x600
[   91.155260][ T6823]  ? __pfx_wg_receive+0x10/0x10
[   91.155320][ T6823]  wg_set_device+0x345/0x12e0
[   91.155423][ T6823]  ? __nla_parse+0x40/0x60
[   91.155451][ T6823]  ? genl_family_rcv_msg_attrs_parse+0x13b/0x190
[   91.155515][ T6823]  ? genl_family_rcv_msg_attrs_parse+0x184/0x190
[   91.155545][ T6823]  genl_family_rcv_msg_doit+0x140/0x1b0
[   91.155590][ T6823]  genl_rcv_msg+0x422/0x460
[   91.155610][ T6823]  ? __pfx_wg_set_device+0x10/0x10
[   91.155629][ T6823]  netlink_rcv_skb+0x120/0x220
[   91.155659][ T6823]  ? __pfx_genl_rcv_msg+0x10/0x10
[   91.155722][ T6823]  genl_rcv+0x28/0x40
[   91.155817][ T6823]  netlink_unicast+0x59e/0x670
[   91.155843][ T6823]  netlink_sendmsg+0x58b/0x6b0
[   91.155953][ T6823]  ? __pfx_netlink_sendmsg+0x10/0x10
[   91.155981][ T6823]  __sock_sendmsg+0x142/0x180
[   91.156001][ T6823]  ____sys_sendmsg+0x31e/0x4e0
[   91.156033][ T6823]  ___sys_sendmsg+0x17b/0x1d0
[   91.156143][ T6823]  __x64_sys_sendmsg+0xd4/0x160
[   91.156244][ T6823]  x64_sys_call+0x2999/0x2fb0
[   91.156350][ T6823]  do_syscall_64+0xd2/0x200
[   91.156377][ T6823]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   91.156448][ T6823]  ? clear_bhb_loop+0x40/0x90
[   91.156471][ T6823]  ? clear_bhb_loop+0x40/0x90
[   91.156494][ T6823]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.156516][ T6823] RIP: 0033:0x7f8cb935e929
[   91.156595][ T6823] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.156612][ T6823] RSP: 002b:00007f8cb79c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   91.156704][ T6823] RAX: ffffffffffffffda RBX: 00007f8cb9585fa0 RCX: 00007f8cb935e929
[   91.156717][ T6823] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[   91.156730][ T6823] RBP: 00007f8cb79c7090 R08: 0000000000000000 R09: 0000000000000000
[   91.156818][ T6823] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   91.156832][ T6823] R13: 0000000000000000 R14: 00007f8cb9585fa0 R15: 00007ffc9df2bfc8
[   91.156853][ T6823]  </TASK>
[   91.446218][ T6823] socket: no more sockets
[   91.450555][ T6823] wireguard: wg0: Could not create IPv4 socket
[   91.548248][ T6835] openvswitch: netlink: Message has 6 unknown bytes.
[   91.579660][ T6837] 9pnet: Could not find request transport: fd0x0000000000000003
[   91.618397][ T6844] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   91.643610][ T6846] FAULT_INJECTION: forcing a failure.
[   91.643610][ T6846] name failslab, interval 1, probability 0, space 0, times 0
[   91.656279][ T6846] CPU: 1 UID: 0 PID: 6846 Comm: syz.1.1201 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(voluntary) 
[   91.656308][ T6846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   91.656322][ T6846] Call Trace:
[   91.656328][ T6846]  <TASK>
[   91.656335][ T6846]  __dump_stack+0x1d/0x30
[   91.656398][ T6846]  dump_stack_lvl+0xe8/0x140
[   91.656426][ T6846]  dump_stack+0x15/0x1b
[   91.656481][ T6846]  should_fail_ex+0x265/0x280
[   91.656517][ T6846]  should_failslab+0x8c/0xb0
[   91.656538][ T6846]  kmem_cache_alloc_node_noprof+0x57/0x320
[   91.656561][ T6846]  ? __alloc_skb+0x101/0x320
[   91.656590][ T6846]  __alloc_skb+0x101/0x320
[   91.656624][ T6846]  netlink_alloc_large_skb+0xba/0xf0
[   91.656654][ T6846]  netlink_sendmsg+0x3cf/0x6b0
[   91.656689][ T6846]  ? __pfx_netlink_sendmsg+0x10/0x10
[   91.656785][ T6846]  __sock_sendmsg+0x142/0x180
[   91.656808][ T6846]  ____sys_sendmsg+0x31e/0x4e0
[   91.656838][ T6846]  ___sys_sendmsg+0x17b/0x1d0
[   91.656876][ T6846]  __x64_sys_sendmsg+0xd4/0x160
[   91.656926][ T6846]  x64_sys_call+0x2999/0x2fb0
[   91.656946][ T6846]  do_syscall_64+0xd2/0x200
[   91.656990][ T6846]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   91.657017][ T6846]  ? clear_bhb_loop+0x40/0x90
[   91.657038][ T6846]  ? clear_bhb_loop+0x40/0x90
[   91.657057][ T6846]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.657076][ T6846] RIP: 0033:0x7f4ee750e929
[   91.657098][ T6846] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.657113][ T6846] RSP: 002b:00007f4ee5b77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   91.657178][ T6846] RAX: ffffffffffffffda RBX: 00007f4ee7735fa0 RCX: 00007f4ee750e929
[   91.657188][ T6846] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[   91.657270][ T6846] RBP: 00007f4ee5b77090 R08: 0000000000000000 R09: 0000000000000000
[   91.657283][ T6846] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   91.657295][ T6846] R13: 0000000000000000 R14: 00007f4ee7735fa0 R15: 00007fff13d9d708
[   91.657446][ T6846]  </TASK>
[   91.974506][ T6851] 9pnet: Could not find request transport: fd0x0000000000000003
[   92.211961][ T6864] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1208'.
[   92.235256][ T6873] futex_wake_op: syz.0.1211 tries to shift op by -1; fix this program
[   92.648375][ T6884] openvswitch: netlink: Message has 6 unknown bytes.
[   92.986443][ T6892] netlink: 'syz.4.1216': attribute type 1 has an invalid length.
[   92.994287][ T6892] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1216'.
[   93.157211][ T6914] 9pnet: Could not find request transport: fd0x0000000000000003
[   93.234453][ T6919] netlink: 'syz.4.1228': attribute type 10 has an invalid length.
[   93.242391][ T6919] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1228'.
[   93.251636][ T6929] FAULT_INJECTION: forcing a failure.
[   93.251636][ T6929] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   93.264707][ T6929] CPU: 0 UID: 0 PID: 6929 Comm: syz.2.1231 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(voluntary) 
[   93.264733][ T6929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   93.264746][ T6929] Call Trace:
[   93.264752][ T6929]  <TASK>
[   93.264760][ T6929]  __dump_stack+0x1d/0x30
[   93.264781][ T6929]  dump_stack_lvl+0xe8/0x140
[   93.264873][ T6929]  dump_stack+0x15/0x1b
[   93.264891][ T6929]  should_fail_ex+0x265/0x280
[   93.264921][ T6929]  should_fail+0xb/0x20
[   93.264943][ T6929]  should_fail_usercopy+0x1a/0x20
[   93.265011][ T6929]  _copy_from_user+0x1c/0xb0
[   93.265033][ T6929]  memdup_user+0x5e/0xd0
[   93.265057][ T6929]  strndup_user+0x68/0xb0
[   93.265113][ T6929]  __se_sys_mount+0x4d/0x2e0
[   93.265146][ T6929]  ? fput+0x8f/0xc0
[   93.265167][ T6929]  ? ksys_write+0x192/0x1a0
[   93.265195][ T6929]  __x64_sys_mount+0x67/0x80
[   93.265231][ T6929]  x64_sys_call+0xd36/0x2fb0
[   93.265253][ T6929]  do_syscall_64+0xd2/0x200
[   93.265286][ T6929]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   93.265359][ T6929]  ? clear_bhb_loop+0x40/0x90
[   93.265376][ T6929]  ? clear_bhb_loop+0x40/0x90
[   93.265394][ T6929]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.265412][ T6929] RIP: 0033:0x7f8d6c4be929
[   93.265424][ T6929] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.265457][ T6929] RSP: 002b:00007f8d6ab27038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   93.265477][ T6929] RAX: ffffffffffffffda RBX: 00007f8d6c6e5fa0 RCX: 00007f8d6c4be929
[   93.265490][ T6929] RDX: 00002000000002c0 RSI: 0000200000000080 RDI: 0000000000000000
[   93.265509][ T6929] RBP: 00007f8d6ab27090 R08: 0000200000000240 R09: 0000000000000000
[   93.265522][ T6929] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   93.265610][ T6929] R13: 0000000000000000 R14: 00007f8d6c6e5fa0 R15: 00007ffc980c7d28
[   93.265625][ T6929]  </TASK>
[   93.517111][ T6911] xt_CT: You must specify a L4 protocol and not use inversions on it
[   93.656579][ T6949] 9pnet: Could not find request transport: fd0x0000000000000003
[   93.691296][ T6952] netlink: 'syz.2.1240': attribute type 8 has an invalid length.
[   94.087913][ T6981] FAULT_INJECTION: forcing a failure.
[   94.087913][ T6981] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   94.101042][ T6981] CPU: 0 UID: 0 PID: 6981 Comm: syz.4.1248 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(voluntary) 
[   94.101068][ T6981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   94.101078][ T6981] Call Trace:
[   94.101084][ T6981]  <TASK>
[   94.101090][ T6981]  __dump_stack+0x1d/0x30
[   94.101108][ T6981]  dump_stack_lvl+0xe8/0x140
[   94.101192][ T6981]  dump_stack+0x15/0x1b
[   94.101207][ T6981]  should_fail_ex+0x265/0x280
[   94.101232][ T6981]  should_fail+0xb/0x20
[   94.101256][ T6981]  should_fail_usercopy+0x1a/0x20
[   94.101295][ T6981]  _copy_to_user+0x20/0xa0
[   94.101376][ T6981]  simple_read_from_buffer+0xb5/0x130
[   94.101408][ T6981]  proc_fail_nth_read+0x100/0x140
[   94.101489][ T6981]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   94.101623][ T6981]  vfs_read+0x1a0/0x6f0
[   94.101732][ T6981]  ? __rcu_read_unlock+0x4f/0x70
[   94.101755][ T6981]  ? __fget_files+0x184/0x1c0
[   94.101777][ T6981]  ksys_read+0xda/0x1a0
[   94.101809][ T6981]  __x64_sys_read+0x40/0x50
[   94.101888][ T6981]  x64_sys_call+0x2d77/0x2fb0
[   94.101908][ T6981]  do_syscall_64+0xd2/0x200
[   94.101940][ T6981]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   94.101975][ T6981]  ? clear_bhb_loop+0x40/0x90
[   94.101997][ T6981]  ? clear_bhb_loop+0x40/0x90
[   94.102065][ T6981]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.102087][ T6981] RIP: 0033:0x7f8cb935d33c
[   94.102100][ T6981] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   94.102115][ T6981] RSP: 002b:00007f8cb7985030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   94.102198][ T6981] RAX: ffffffffffffffda RBX: 00007f8cb9586160 RCX: 00007f8cb935d33c
[   94.102211][ T6981] RDX: 000000000000000f RSI: 00007f8cb79850a0 RDI: 0000000000000006
[   94.102224][ T6981] RBP: 00007f8cb7985090 R08: 0000000000000000 R09: 0000000000000000
[   94.102237][ T6981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   94.102249][ T6981] R13: 0000000000000000 R14: 00007f8cb9586160 R15: 00007ffc9df2bfc8
[   94.102267][ T6981]  </TASK>
[   94.525568][ T6974] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[   94.793764][ T6985] 9pnet: Could not find request transport: fd0x0000000000000003
[   94.972667][   T29] kauditd_printk_skb: 621 callbacks suppressed
[   94.972681][   T29] audit: type=1326 audit(1752074877.928:12777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6993 comm="syz.5.1256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46172de929 code=0x7ffc0000
[   95.037039][   T29] audit: type=1326 audit(1752074877.958:12778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6993 comm="syz.5.1256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f46172dd290 code=0x7ffc0000
[   95.060868][   T29] audit: type=1326 audit(1752074877.958:12779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6993 comm="syz.5.1256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46172de929 code=0x7ffc0000
[   95.084900][   T29] audit: type=1326 audit(1752074877.958:12780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6993 comm="syz.5.1256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46172de929 code=0x7ffc0000
[   95.108498][   T29] audit: type=1326 audit(1752074877.958:12781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6993 comm="syz.5.1256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7f46172de929 code=0x7ffc0000
[   95.132074][   T29] audit: type=1326 audit(1752074877.958:12782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6993 comm="syz.5.1256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46172de929 code=0x7ffc0000
[   95.155750][   T29] audit: type=1326 audit(1752074877.958:12783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6993 comm="syz.5.1256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46172de929 code=0x7ffc0000
[   95.179339][   T29] audit: type=1326 audit(1752074877.958:12784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6993 comm="syz.5.1256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f46172de929 code=0x7ffc0000
[   95.202757][   T29] audit: type=1326 audit(1752074877.988:12785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6993 comm="syz.5.1256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46172de929 code=0x7ffc0000
[   95.226438][   T29] audit: type=1326 audit(1752074877.988:12786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6993 comm="syz.5.1256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46172de929 code=0x7ffc0000
[   95.633762][ T7025] openvswitch: netlink: Message has 6 unknown bytes.
[   95.797388][ T7003] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[   96.058631][ T7038] netlink: 'syz.0.1271': attribute type 10 has an invalid length.
[   96.066605][ T7038] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1271'.
[   96.264365][ T7048] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[   96.412525][ T7065] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1279'.
[   96.473766][ T7073] netlink: 'syz.0.1283': attribute type 10 has an invalid length.
[   96.481667][ T7073] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1283'.
[   96.494873][ T7075] 9pnet: Could not find request transport: fd0x0000000000000003
[   96.497231][ T7078] FAULT_INJECTION: forcing a failure.
[   96.497231][ T7078] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   96.515854][ T7078] CPU: 1 UID: 0 PID: 7078 Comm: syz.1.1285 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(voluntary) 
[   96.515919][ T7078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   96.515997][ T7078] Call Trace:
[   96.516018][ T7078]  <TASK>
[   96.516024][ T7078]  __dump_stack+0x1d/0x30
[   96.516045][ T7078]  dump_stack_lvl+0xe8/0x140
[   96.516066][ T7078]  dump_stack+0x15/0x1b
[   96.516083][ T7078]  should_fail_ex+0x265/0x280
[   96.516139][ T7078]  should_fail_alloc_page+0xf2/0x100
[   96.516164][ T7078]  __alloc_frozen_pages_noprof+0xff/0x360
[   96.516200][ T7078]  alloc_pages_mpol+0xb3/0x250
[   96.516344][ T7078]  alloc_pages_noprof+0x90/0x130
[   96.516375][ T7078]  __pmd_alloc+0x47/0x470
[   96.516397][ T7078]  handle_mm_fault+0x19d1/0x2be0
[   96.516423][ T7078]  ? check_vma_flags+0x2e1/0x340
[   96.516448][ T7078]  __get_user_pages+0x1036/0x1fb0
[   96.516587][ T7078]  __mm_populate+0x243/0x3a0
[   96.516609][ T7078]  vm_mmap_pgoff+0x232/0x2e0
[   96.516638][ T7078]  ksys_mmap_pgoff+0xc2/0x310
[   96.516735][ T7078]  ? __x64_sys_mmap+0x49/0x70
[   96.516759][ T7078]  x64_sys_call+0x1602/0x2fb0
[   96.516781][ T7078]  do_syscall_64+0xd2/0x200
[   96.516815][ T7078]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   96.516845][ T7078]  ? clear_bhb_loop+0x40/0x90
[   96.516914][ T7078]  ? clear_bhb_loop+0x40/0x90
[   96.516999][ T7078]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.517022][ T7078] RIP: 0033:0x7f4ee750e929
[   96.517037][ T7078] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   96.517131][ T7078] RSP: 002b:00007f4ee5b77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[   96.517150][ T7078] RAX: ffffffffffffffda RBX: 00007f4ee7735fa0 RCX: 00007f4ee750e929
[   96.517164][ T7078] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000200000000000
[   96.517177][ T7078] RBP: 00007f4ee5b77090 R08: ffffffffffffffff R09: 0000000000000000
[   96.517246][ T7078] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000002
[   96.517266][ T7078] R13: 0000000000000001 R14: 00007f4ee7735fa0 R15: 00007fff13d9d708
[   96.517284][ T7078]  </TASK>
[   96.858384][ T7080] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[   97.328556][ T7112] netlink: 'syz.0.1299': attribute type 10 has an invalid length.
[   97.336463][ T7112] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1299'.
[   97.380054][ T7116] FAULT_INJECTION: forcing a failure.
[   97.380054][ T7116] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   97.393419][ T7116] CPU: 0 UID: 0 PID: 7116 Comm: syz.0.1301 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(voluntary) 
[   97.393445][ T7116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   97.393458][ T7116] Call Trace:
[   97.393465][ T7116]  <TASK>
[   97.393472][ T7116]  __dump_stack+0x1d/0x30
[   97.393494][ T7116]  dump_stack_lvl+0xe8/0x140
[   97.393515][ T7116]  dump_stack+0x15/0x1b
[   97.393544][ T7116]  should_fail_ex+0x265/0x280
[   97.393570][ T7116]  should_fail_alloc_page+0xf2/0x100
[   97.393714][ T7116]  __alloc_frozen_pages_noprof+0xff/0x360
[   97.393805][ T7116]  alloc_pages_mpol+0xb3/0x250
[   97.393874][ T7116]  vma_alloc_folio_noprof+0x1aa/0x300
[   97.393900][ T7116]  do_wp_page+0x673/0x2400
[   97.393922][ T7116]  ? __rcu_read_lock+0x37/0x50
[   97.393998][ T7116]  handle_mm_fault+0x77d/0x2be0
[   97.394054][ T7116]  ? mas_walk+0xf2/0x120
[   97.394090][ T7116]  do_user_addr_fault+0x636/0x1090
[   97.394188][ T7116]  ? fpregs_assert_state_consistent+0xb4/0xe0
[   97.394215][ T7116]  exc_page_fault+0x62/0xa0
[   97.394307][ T7116]  asm_exc_page_fault+0x26/0x30
[   97.394329][ T7116] RIP: 0033:0x7fb082430ca3
[   97.394344][ T7116] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
[   97.394437][ T7116] RSP: 002b:00007fb080bd64a0 EFLAGS: 00010206
[   97.394450][ T7116] RAX: 0000000000011200 RBX: 00007fb080bd6540 RCX: 00007fb0787b7000
[   97.394536][ T7116] RDX: 00007fb080bd66e0 RSI: 0000000000000009 RDI: 00007fb080bd65e0
[   97.394547][ T7116] RBP: 000000000000004c R08: 0000000000000007 R09: 0000000000000041
[   97.394559][ T7116] R10: 0000000000000050 R11: 00007fb080bd6540 R12: 0000000000000001
[   97.394572][ T7116] R13: 00007fb08260c3a0 R14: 000000000000002e R15: 00007fb080bd65e0
[   97.394589][ T7116]  </TASK>
[   97.394597][ T7116] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[   97.793742][ T7141] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1310'.
[   97.803554][ T7141] SELinux: failed to load policy
[   97.973469][ T7151] netlink: 'syz.2.1313': attribute type 8 has an invalid length.
[   97.986990][ T7153] netlink: 'syz.0.1314': attribute type 8 has an invalid length.
[   98.062804][ T7158] 9pnet_fd: Insufficient options for proto=fd
[   98.070530][ T7160] 9pnet_fd: Insufficient options for proto=fd
[   98.157245][ T7164] openvswitch: netlink: Message has 6 unknown bytes.
[   98.339302][ T7181] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1325'.
[   98.362135][ T7181] 9pnet_fd: Insufficient options for proto=fd
[   98.477245][ T7194] 8021q: adding VLAN 0 to HW filter on device bond1
[   98.488274][ T7197] openvswitch: netlink: Message has 6 unknown bytes.
[   98.548259][ T7203] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1334'.
[   98.581475][ T7209] 9pnet: Could not find request transport: f
[   98.716290][ T7214] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[   98.842814][ T7224] netlink: 'syz.0.1343': attribute type 10 has an invalid length.
[   98.850759][ T7224] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1343'.
[   99.065649][ T7244] 9pnet: Could not find request transport: fd0x0000000000000003
[   99.078768][ T7247] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1353'.
[   99.099503][ T7249] netlink: 'syz.0.1354': attribute type 8 has an invalid length.
[   99.170217][ T7254] 9pnet_fd: Insufficient options for proto=fd
[   99.388337][ T7257] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1356'.
[   99.397321][ T7257] macsec0: entered allmulticast mode
[   99.402610][ T7257] veth1_macvtap: entered allmulticast mode
[   99.411077][ T7257] netlink: 'syz.5.1356': attribute type 13 has an invalid length.
[   99.447331][ T7257] bridge0: port 2(bridge_slave_1) entered disabled state
[   99.454529][ T7257] bridge0: port 1(bridge_slave_0) entered disabled state
[   99.492703][ T7257] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   99.502602][ T7257] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   99.533131][ T7257] veth1_macvtap: left allmulticast mode
[   99.542616][ T7257] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   99.551559][ T7257] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   99.560572][ T7257] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   99.569845][ T7257] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   99.742184][ T7279] openvswitch: netlink: Message has 6 unknown bytes.
[   99.753067][ T7281] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1366'.
[   99.831770][ T7283] SELinux:  Context Ü is not valid (left unmapped).
[  100.022925][   T29] kauditd_printk_skb: 1138 callbacks suppressed
[  100.022939][   T29] audit: type=1326 audit(1752074882.979:13925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7306 comm="syz.2.1377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d6c4be929 code=0x7ffc0000
[  100.024543][ T7307] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1377'.
[  100.036224][   T29] audit: type=1326 audit(1752074882.979:13926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7306 comm="syz.2.1377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8d6c4be929 code=0x7ffc0000
[  100.085198][   T29] audit: type=1326 audit(1752074882.979:13927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7306 comm="syz.2.1377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d6c4be929 code=0x7ffc0000
[  100.108689][   T29] audit: type=1326 audit(1752074882.979:13928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7306 comm="syz.2.1377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8d6c4be929 code=0x7ffc0000
[  100.132181][   T29] audit: type=1326 audit(1752074882.979:13929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7306 comm="syz.2.1377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d6c4be929 code=0x7ffc0000
[  100.155669][   T29] audit: type=1326 audit(1752074882.979:13930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7306 comm="syz.2.1377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8d6c4be929 code=0x7ffc0000
[  100.179058][   T29] audit: type=1326 audit(1752074882.979:13931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7306 comm="syz.2.1377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d6c4be929 code=0x7ffc0000
[  100.202613][   T29] audit: type=1326 audit(1752074882.979:13932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7306 comm="syz.2.1377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8d6c4be929 code=0x7ffc0000
[  100.204989][ T7312] 9pnet_fd: Insufficient options for proto=fd
[  100.226029][   T29] audit: type=1326 audit(1752074882.979:13933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7306 comm="syz.2.1377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d6c4be929 code=0x7ffc0000
[  100.226144][   T29] audit: type=1326 audit(1752074882.979:13934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7306 comm="syz.2.1377" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f8d6c4be929 code=0x7ffc0000
[  100.287901][ T7296] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  100.628288][ T7327] netlink: 'syz.5.1383': attribute type 8 has an invalid length.
[  100.694191][ T7332] 9pnet: Could not find request transport: f
[  100.723012][ T7337] FAULT_INJECTION: forcing a failure.
[  100.723012][ T7337] name failslab, interval 1, probability 0, space 0, times 0
[  100.735723][ T7337] CPU: 0 UID: 0 PID: 7337 Comm: syz.1.1387 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(voluntary) 
[  100.735748][ T7337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  100.735820][ T7337] Call Trace:
[  100.735825][ T7337]  <TASK>
[  100.735831][ T7337]  __dump_stack+0x1d/0x30
[  100.735853][ T7337]  dump_stack_lvl+0xe8/0x140
[  100.735871][ T7337]  dump_stack+0x15/0x1b
[  100.735885][ T7337]  should_fail_ex+0x265/0x280
[  100.735953][ T7337]  should_failslab+0x8c/0xb0
[  100.735974][ T7337]  __kmalloc_noprof+0xa5/0x3e0
[  100.736000][ T7337]  ? iovec_from_user+0x84/0x210
[  100.736023][ T7337]  iovec_from_user+0x84/0x210
[  100.736046][ T7337]  __import_iovec+0xf3/0x540
[  100.736092][ T7337]  ? kstrtouint_from_user+0x9f/0xf0
[  100.736122][ T7337]  import_iovec+0x61/0x80
[  100.736145][ T7337]  vfs_writev+0xfb/0x8b0
[  100.736214][ T7337]  __x64_sys_pwritev+0xfd/0x1c0
[  100.736231][ T7337]  x64_sys_call+0x2752/0x2fb0
[  100.736249][ T7337]  do_syscall_64+0xd2/0x200
[  100.736275][ T7337]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  100.736304][ T7337]  ? clear_bhb_loop+0x40/0x90
[  100.736326][ T7337]  ? clear_bhb_loop+0x40/0x90
[  100.736349][ T7337]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.736369][ T7337] RIP: 0033:0x7f4ee750e929
[  100.736381][ T7337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.736397][ T7337] RSP: 002b:00007f4ee5b77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000128
[  100.736510][ T7337] RAX: ffffffffffffffda RBX: 00007f4ee7735fa0 RCX: 00007f4ee750e929
[  100.736524][ T7337] RDX: 000000000000000a RSI: 0000200000000080 RDI: 0000000000000006
[  100.736536][ T7337] RBP: 00007f4ee5b77090 R08: 0000000000000000 R09: 0000000000000000
[  100.736549][ T7337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  100.736562][ T7337] R13: 0000000000000000 R14: 00007f4ee7735fa0 R15: 00007fff13d9d708
[  100.736581][ T7337]  </TASK>
[  100.742387][ T7338] 9pnet_fd: Insufficient options for proto=fd
[  100.993487][ T7348] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1389'.
[  101.016552][ T7348] 9pnet_fd: Insufficient options for proto=fd
[  101.348780][ T7361] xt_CT: You must specify a L4 protocol and not use inversions on it
[  101.593609][ T7315] syz.2.1378 (7315) used greatest stack depth: 6040 bytes left
[  102.467859][ T7379] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1401'.
[  102.498331][ T7379] 9pnet_fd: Insufficient options for proto=fd
[  102.668871][ T7409] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1411'.
[  102.933282][ T7430] netlink: 'syz.4.1420': attribute type 10 has an invalid length.
[  102.941347][ T7430] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1420'.
[  102.947438][ T7424] bridge0: port 4(syz_tun) entered blocking state
[  102.956796][ T7424] bridge0: port 4(syz_tun) entered disabled state
[  102.964666][ T7424] syz_tun: entered allmulticast mode
[  102.970594][ T7424] syz_tun: entered promiscuous mode
[  102.977336][ T7424] bridge0: port 4(syz_tun) entered blocking state
[  102.983778][ T7424] bridge0: port 4(syz_tun) entered forwarding state
[  103.013978][ T7437] openvswitch: netlink: Message has 6 unknown bytes.
[  103.055383][ T7445] FAULT_INJECTION: forcing a failure.
[  103.055383][ T7445] name failslab, interval 1, probability 0, space 0, times 0
[  103.068309][ T7445] CPU: 0 UID: 0 PID: 7445 Comm: syz.2.1427 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(voluntary) 
[  103.068415][ T7445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  103.068426][ T7445] Call Trace:
[  103.068433][ T7445]  <TASK>
[  103.068440][ T7445]  __dump_stack+0x1d/0x30
[  103.068523][ T7445]  dump_stack_lvl+0xe8/0x140
[  103.068540][ T7445]  dump_stack+0x15/0x1b
[  103.068554][ T7445]  should_fail_ex+0x265/0x280
[  103.068682][ T7445]  ? __pfx_cond_bools_destroy+0x10/0x10
[  103.068711][ T7445]  should_failslab+0x8c/0xb0
[  103.068733][ T7445]  kmem_cache_alloc_noprof+0x50/0x310
[  103.068759][ T7445]  ? hashtab_duplicate+0xfe/0x360
[  103.068803][ T7445]  ? __pfx_cond_bools_destroy+0x10/0x10
[  103.068832][ T7445]  hashtab_duplicate+0xfe/0x360
[  103.068854][ T7445]  ? __pfx_cond_bools_copy+0x10/0x10
[  103.068880][ T7445]  cond_policydb_dup+0xd2/0x4e0
[  103.068928][ T7445]  security_set_bools+0xa0/0x340
[  103.068953][ T7445]  sel_commit_bools_write+0x1ea/0x270
[  103.068986][ T7445]  vfs_writev+0x403/0x8b0
[  103.069046][ T7445]  ? __pfx_sel_commit_bools_write+0x10/0x10
[  103.069083][ T7445]  ? mutex_lock+0xd/0x30
[  103.069127][ T7445]  do_writev+0xe7/0x210
[  103.069148][ T7445]  __x64_sys_writev+0x45/0x50
[  103.069165][ T7445]  x64_sys_call+0x2006/0x2fb0
[  103.069183][ T7445]  do_syscall_64+0xd2/0x200
[  103.069276][ T7445]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  103.069302][ T7445]  ? clear_bhb_loop+0x40/0x90
[  103.069325][ T7445]  ? clear_bhb_loop+0x40/0x90
[  103.069347][ T7445]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.069432][ T7445] RIP: 0033:0x7f8d6c4be929
[  103.069474][ T7445] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  103.069491][ T7445] RSP: 002b:00007f8d6ab27038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  103.069583][ T7445] RAX: ffffffffffffffda RBX: 00007f8d6c6e5fa0 RCX: 00007f8d6c4be929
[  103.069594][ T7445] RDX: 0000000000000001 RSI: 00002000000025c0 RDI: 0000000000000003
[  103.069604][ T7445] RBP: 00007f8d6ab27090 R08: 0000000000000000 R09: 0000000000000000
[  103.069672][ T7445] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  103.069708][ T7445] R13: 0000000000000000 R14: 00007f8d6c6e5fa0 R15: 00007ffc980c7d28
[  103.069731][ T7445]  </TASK>
[  103.593539][ T7459] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1434'.
[  103.812859][ T7467] netlink: 'syz.5.1436': attribute type 10 has an invalid length.
[  103.820748][ T7467] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1436'.
[  104.109961][ T7480] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  104.339293][ T7486] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  104.481095][ T7507] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  104.573352][ T7520] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1457'.
[  104.589399][ T7520] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1538 sclass=netlink_route_socket pid=7520 comm=syz.2.1457
[  104.607212][ T7523] FAULT_INJECTION: forcing a failure.
[  104.607212][ T7523] name failslab, interval 1, probability 0, space 0, times 0
[  104.619852][ T7523] CPU: 1 UID: 0 PID: 7523 Comm: syz.5.1458 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(voluntary) 
[  104.619869][ T7523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  104.619954][ T7523] Call Trace:
[  104.619957][ T7523]  <TASK>
[  104.619961][ T7523]  __dump_stack+0x1d/0x30
[  104.619974][ T7523]  dump_stack_lvl+0xe8/0x140
[  104.619985][ T7523]  dump_stack+0x15/0x1b
[  104.619994][ T7523]  should_fail_ex+0x265/0x280
[  104.620012][ T7523]  should_failslab+0x8c/0xb0
[  104.620059][ T7523]  kmem_cache_alloc_noprof+0x50/0x310
[  104.620074][ T7523]  ? alloc_empty_file+0x76/0x200
[  104.620088][ T7523]  alloc_empty_file+0x76/0x200
[  104.620101][ T7523]  path_openat+0x68/0x2170
[  104.620157][ T7523]  ? mntput+0x4b/0x80
[  104.620217][ T7523]  ? terminate_walk+0x27f/0x2a0
[  104.620229][ T7523]  ? path_openat+0x1bf8/0x2170
[  104.620244][ T7523]  ? _parse_integer_limit+0x170/0x190
[  104.620329][ T7523]  do_filp_open+0x109/0x230
[  104.620376][ T7523]  do_open_execat+0xd8/0x260
[  104.620392][ T7523]  alloc_bprm+0x25/0x350
[  104.620440][ T7523]  do_execveat_common+0x12e/0x750
[  104.620496][ T7523]  ? getname_flags+0x154/0x3b0
[  104.620508][ T7523]  __x64_sys_execveat+0x73/0x90
[  104.620525][ T7523]  x64_sys_call+0x2dae/0x2fb0
[  104.620550][ T7523]  do_syscall_64+0xd2/0x200
[  104.620567][ T7523]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  104.620584][ T7523]  ? clear_bhb_loop+0x40/0x90
[  104.620631][ T7523]  ? clear_bhb_loop+0x40/0x90
[  104.620643][ T7523]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.620655][ T7523] RIP: 0033:0x7f46172de929
[  104.620663][ T7523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.620674][ T7523] RSP: 002b:00007f4615947038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[  104.620726][ T7523] RAX: ffffffffffffffda RBX: 00007f4617505fa0 RCX: 00007f46172de929
[  104.620733][ T7523] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  104.620740][ T7523] RBP: 00007f4615947090 R08: 0000000000001000 R09: 0000000000000000
[  104.620746][ T7523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  104.620889][ T7523] R13: 0000000000000000 R14: 00007f4617505fa0 R15: 00007fff03ecf2d8
[  104.620900][ T7523]  </TASK>
[  104.919360][ T7538] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  104.996384][ T7531] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  105.022624][ T7551] 9pnet: Could not find request transport: f
[  105.108758][ T7561] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(12)
[  105.115416][ T7561] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  105.123067][ T7561] vhci_hcd vhci_hcd.0: Device attached
[  105.131046][ T7561] vhci_hcd vhci_hcd.0: pdev(2) rhport(1) sockfd(14)
[  105.137645][ T7561] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  105.145424][ T7561] vhci_hcd vhci_hcd.0: Device attached
[  105.183776][   T29] kauditd_printk_skb: 3451 callbacks suppressed
[  105.183789][   T29] audit: type=1326 audit(1752074888.139:17386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7570 comm="syz.0.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb08256e929 code=0x7ffc0000
[  105.214608][ T7561] vhci_hcd vhci_hcd.0: pdev(2) rhport(2) sockfd(16)
[  105.221227][ T7561] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  105.228554][ T7574] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  105.228927][ T7561] vhci_hcd vhci_hcd.0: Device attached
[  105.241955][   T29] audit: type=1326 audit(1752074888.159:17387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7570 comm="syz.0.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb08256e929 code=0x7ffc0000
[  105.246908][ T7577] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  105.265562][   T29] audit: type=1326 audit(1752074888.159:17388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7570 comm="syz.0.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fb08256e929 code=0x7ffc0000
[  105.265591][   T29] audit: type=1326 audit(1752074888.159:17389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7570 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb08256e929 code=0x7ffc0000
[  105.320147][   T29] audit: type=1326 audit(1752074888.159:17390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7570 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb08256e929 code=0x7ffc0000
[  105.343090][   T29] audit: type=1326 audit(1752074888.159:17391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7570 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb08256e929 code=0x7ffc0000
[  105.366082][   T29] audit: type=1326 audit(1752074888.159:17392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7570 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb08256e929 code=0x7ffc0000
[  105.366088][   T10] usb 5-1: new low-speed USB device number 2 using vhci_hcd
[  105.370122][ T7584] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1481'.
[  105.389006][   T29] audit: type=1326 audit(1752074888.159:17393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7570 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb08256e929 code=0x7ffc0000
[  105.389034][   T29] audit: type=1326 audit(1752074888.159:17394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7570 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=155 compat=0 ip=0x7fb08256e929 code=0x7ffc0000
[  105.389059][   T29] audit: type=1326 audit(1752074888.159:17395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7570 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb08256e929 code=0x7ffc0000
[  105.491927][ T7588] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  105.519012][ T7561] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(18)
[  105.525644][ T7561] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  105.533275][ T7577] vhci_hcd vhci_hcd.0: pdev(2) rhport(4) sockfd(21)
[  105.539931][ T7577] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  105.547664][ T7577] vhci_hcd vhci_hcd.0: Device attached
[  105.547681][ T7561] vhci_hcd vhci_hcd.0: Device attached
[  105.571642][ T7577] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  105.608167][ T7588] vhci_hcd vhci_hcd.0: pdev(2) rhport(6) sockfd(28)
[  105.614778][ T7588] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  105.622401][ T7588] vhci_hcd vhci_hcd.0: Device attached
[  105.640919][ T7593] vhci_hcd: connection closed
[  105.641228][ T7564] vhci_hcd: connection closed
[  105.641573][ T7587] vhci_hcd: connection closed
[  105.647312][ T7562] vhci_hcd: connection reset by peer
[  105.651186][ T7586] vhci_hcd: connection closed
[  105.661467][   T51] vhci_hcd: stop threads
[  105.670736][   T51] vhci_hcd: release socket
[  105.675108][ T7572] vhci_hcd: connection closed
[  105.675448][   T51] vhci_hcd: disconnect device
[  105.691873][   T51] vhci_hcd: stop threads
[  105.696297][   T51] vhci_hcd: release socket
[  105.700956][   T51] vhci_hcd: disconnect device
[  105.707648][   T51] vhci_hcd: stop threads
[  105.711996][   T51] vhci_hcd: release socket
[  105.716568][   T51] vhci_hcd: disconnect device
[  105.723180][   T51] vhci_hcd: stop threads
[  105.727637][   T51] vhci_hcd: release socket
[  105.732232][   T51] vhci_hcd: disconnect device
[  105.737295][   T51] vhci_hcd: stop threads
[  105.741631][   T51] vhci_hcd: release socket
[  105.746234][   T51] vhci_hcd: disconnect device
[  105.752745][   T51] vhci_hcd: stop threads
[  105.757157][   T51] vhci_hcd: release socket
[  105.761892][   T51] vhci_hcd: disconnect device
[  105.773873][ T7611] netlink: 'syz.1.1488': attribute type 10 has an invalid length.
[  105.781722][ T7611] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1488'.
[  105.794599][ T7613] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  105.847660][ T7622] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1493'.
[  105.926498][ T7627] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1495'.
[  106.283310][ T7642] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  106.304413][ T7645] netlink: 'syz.1.1503': attribute type 10 has an invalid length.
[  106.886143][ T7667] FAULT_INJECTION: forcing a failure.
[  106.886143][ T7667] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  106.899435][ T7667] CPU: 0 UID: 0 PID: 7667 Comm: syz.5.1510 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(voluntary) 
[  106.899469][ T7667] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  106.899534][ T7667] Call Trace:
[  106.899541][ T7667]  <TASK>
[  106.899582][ T7667]  __dump_stack+0x1d/0x30
[  106.899602][ T7667]  dump_stack_lvl+0xe8/0x140
[  106.899618][ T7667]  dump_stack+0x15/0x1b
[  106.899699][ T7667]  should_fail_ex+0x265/0x280
[  106.899725][ T7667]  should_fail+0xb/0x20
[  106.899818][ T7667]  should_fail_usercopy+0x1a/0x20
[  106.899889][ T7667]  _copy_from_user+0x1c/0xb0
[  106.899908][ T7667]  kstrtouint_from_user+0x69/0xf0
[  106.899959][ T7667]  ? 0xffffffff81000000
[  106.899973][ T7667]  ? selinux_file_permission+0x1e4/0x320
[  106.899997][ T7667]  proc_fail_nth_write+0x50/0x160
[  106.900087][ T7667]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  106.900119][ T7667]  vfs_write+0x269/0x8e0
[  106.900150][ T7667]  ? vfs_read+0x47f/0x6f0
[  106.900216][ T7667]  ? __rcu_read_unlock+0x4f/0x70
[  106.900305][ T7667]  ? __fget_files+0x184/0x1c0
[  106.900326][ T7667]  ksys_write+0xda/0x1a0
[  106.900418][ T7667]  __x64_sys_write+0x40/0x50
[  106.900539][ T7667]  x64_sys_call+0x2cdd/0x2fb0
[  106.900557][ T7667]  do_syscall_64+0xd2/0x200
[  106.900589][ T7667]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  106.900745][ T7667]  ? clear_bhb_loop+0x40/0x90
[  106.900768][ T7667]  ? clear_bhb_loop+0x40/0x90
[  106.900787][ T7667]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.900806][ T7667] RIP: 0033:0x7f46172dd3df
[  106.900857][ T7667] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  106.900880][ T7667] RSP: 002b:00007f4615947030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  106.900899][ T7667] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f46172dd3df
[  106.900913][ T7667] RDX: 0000000000000001 RSI: 00007f46159470a0 RDI: 0000000000000005
[  106.900925][ T7667] RBP: 00007f4615947090 R08: 0000000000000000 R09: 0000000000000000
[  106.900971][ T7667] R10: 000000000000004a R11: 0000000000000293 R12: 0000000000000001
[  106.900982][ T7667] R13: 0000000000000000 R14: 00007f4617505fa0 R15: 00007fff03ecf2d8
[  106.900997][ T7667]  </TASK>
[  107.523065][ T7698] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  107.916083][ T7716] bridge0: port 3(syz_tun) entered blocking state
[  107.922691][ T7716] bridge0: port 3(syz_tun) entered disabled state
[  107.931187][ T7716] syz_tun: entered allmulticast mode
[  107.937277][ T7716] syz_tun: entered promiscuous mode
[  107.943139][ T7716] bridge0: port 3(syz_tun) entered blocking state
[  107.949721][ T7716] bridge0: port 3(syz_tun) entered forwarding state
[  108.021473][ T7692] syz.4.1518 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  108.035632][ T7692] CPU: 1 UID: 0 PID: 7692 Comm: syz.4.1518 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(voluntary) 
[  108.035661][ T7692] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  108.035698][ T7692] Call Trace:
[  108.035705][ T7692]  <TASK>
[  108.035711][ T7692]  __dump_stack+0x1d/0x30
[  108.035733][ T7692]  dump_stack_lvl+0xe8/0x140
[  108.035755][ T7692]  dump_stack+0x15/0x1b
[  108.035849][ T7692]  dump_header+0x81/0x220
[  108.035881][ T7692]  oom_kill_process+0x334/0x3f0
[  108.035911][ T7692]  out_of_memory+0x979/0xb80
[  108.035958][ T7692]  try_charge_memcg+0x5e6/0x9e0
[  108.036052][ T7692]  obj_cgroup_charge_pages+0xa6/0x150
[  108.036079][ T7692]  __memcg_kmem_charge_page+0x9f/0x170
[  108.036122][ T7692]  __alloc_frozen_pages_noprof+0x188/0x360
[  108.036197][ T7692]  alloc_pages_mpol+0xb3/0x250
[  108.036350][ T7692]  alloc_pages_noprof+0x90/0x130
[  108.036375][ T7692]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  108.036427][ T7692]  __kvmalloc_node_noprof+0x30f/0x4e0
[  108.036491][ T7692]  ? ip_set_alloc+0x1f/0x30
[  108.036514][ T7692]  ? ip_set_alloc+0x1f/0x30
[  108.036603][ T7692]  ? hash_netiface_create+0x21b/0x740
[  108.036629][ T7692]  ? __kmalloc_cache_noprof+0x189/0x320
[  108.036656][ T7692]  ip_set_alloc+0x1f/0x30
[  108.036721][ T7692]  hash_netiface_create+0x282/0x740
[  108.036823][ T7692]  ? __pfx_hash_netiface_create+0x10/0x10
[  108.036850][ T7692]  ip_set_create+0x3c9/0x960
[  108.036888][ T7692]  ? __nla_parse+0x40/0x60
[  108.036960][ T7692]  nfnetlink_rcv_msg+0x4c3/0x590
[  108.036981][ T7692]  ? __rcu_read_unlock+0x34/0x70
[  108.037043][ T7692]  ? selinux_capable+0x1f9/0x270
[  108.037108][ T7692]  netlink_rcv_skb+0x120/0x220
[  108.037206][ T7692]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  108.037235][ T7692]  nfnetlink_rcv+0x16b/0x1690
[  108.037291][ T7692]  ? __kfree_skb+0x109/0x150
[  108.037318][ T7692]  ? nlmon_xmit+0x4f/0x60
[  108.037391][ T7692]  ? consume_skb+0x49/0x150
[  108.037419][ T7692]  ? nlmon_xmit+0x4f/0x60
[  108.037437][ T7692]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  108.037469][ T7692]  ? __dev_queue_xmit+0x11c0/0x1fb0
[  108.037539][ T7692]  ? __dev_queue_xmit+0x182/0x1fb0
[  108.037617][ T7692]  ? ref_tracker_free+0x37d/0x3e0
[  108.037654][ T7692]  ? __netlink_deliver_tap+0x4dc/0x500
[  108.037687][ T7692]  netlink_unicast+0x59e/0x670
[  108.037783][ T7692]  netlink_sendmsg+0x58b/0x6b0
[  108.037815][ T7692]  ? __pfx_netlink_sendmsg+0x10/0x10
[  108.037843][ T7692]  __sock_sendmsg+0x142/0x180
[  108.037865][ T7692]  ____sys_sendmsg+0x31e/0x4e0
[  108.037916][ T7692]  ___sys_sendmsg+0x17b/0x1d0
[  108.037956][ T7692]  __x64_sys_sendmsg+0xd4/0x160
[  108.037993][ T7692]  x64_sys_call+0x2999/0x2fb0
[  108.038117][ T7692]  do_syscall_64+0xd2/0x200
[  108.038146][ T7692]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  108.038233][ T7692]  ? clear_bhb_loop+0x40/0x90
[  108.038251][ T7692]  ? clear_bhb_loop+0x40/0x90
[  108.038270][ T7692]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.038291][ T7692] RIP: 0033:0x7f8cb935e929
[  108.038307][ T7692] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  108.038404][ T7692] RSP: 002b:00007f8cb79a6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  108.038422][ T7692] RAX: ffffffffffffffda RBX: 00007f8cb9586080 RCX: 00007f8cb935e929
[  108.038436][ T7692] RDX: 0000000000000810 RSI: 0000200000000040 RDI: 0000000000000004
[  108.038449][ T7692] RBP: 00007f8cb93e0b39 R08: 0000000000000000 R09: 0000000000000000
[  108.038462][ T7692] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  108.038475][ T7692] R13: 0000000000000000 R14: 00007f8cb9586080 R15: 00007ffc9df2bfc8
[  108.038532][ T7692]  </TASK>
[  108.038588][ T7692] memory: usage 307200kB, limit 307200kB, failcnt 165
[  108.401275][ T7692] memory+swap: usage 309084kB, limit 9007199254740988kB, failcnt 0
[  108.409252][ T7692] kmem: usage 307196kB, limit 9007199254740988kB, failcnt 0
[  108.416549][ T7692] Memory cgroup stats for /syz4:
[  108.417455][ T7692] cache 0
[  108.425375][ T7692] rss 0
[  108.428131][ T7692] shmem 0
[  108.431060][ T7692] mapped_file 0
[  108.434549][ T7692] dirty 0
[  108.437520][ T7692] writeback 0
[  108.440805][ T7692] workingset_refault_anon 20
[  108.445405][ T7692] workingset_refault_file 150
[  108.450113][ T7692] swap 1929216
[  108.453481][ T7692] swapcached 4096
[  108.457153][ T7692] pgpgin 108837
[  108.460610][ T7692] pgpgout 108836
[  108.464274][ T7692] pgfault 120485
[  108.467827][ T7692] pgmajfault 26
[  108.471281][ T7692] inactive_anon 4096
[  108.475198][ T7692] active_anon 0
[  108.478648][ T7692] inactive_file 0
[  108.482273][ T7692] active_file 0
[  108.485758][ T7692] unevictable 0
[  108.489327][ T7692] hierarchical_memory_limit 314572800
[  108.494749][ T7692] hierarchical_memsw_limit 9223372036854771712
[  108.500973][ T7692] total_cache 0
[  108.504494][ T7692] total_rss 0
[  108.507829][ T7692] total_shmem 0
[  108.511291][ T7692] total_mapped_file 0
[  108.515423][ T7692] total_dirty 0
[  108.518877][ T7692] total_writeback 0
[  108.522682][ T7692] total_workingset_refault_anon 20
[  108.527818][ T7692] total_workingset_refault_file 150
[  108.533012][ T7692] total_swap 1929216
[  108.536939][ T7692] total_swapcached 4096
[  108.541085][ T7692] total_pgpgin 108837
[  108.545122][ T7692] total_pgpgout 108836
[  108.549179][ T7692] total_pgfault 120485
[  108.553320][ T7692] total_pgmajfault 26
[  108.557315][ T7692] total_inactive_anon 4096
[  108.561857][ T7692] total_active_anon 0
[  108.565863][ T7692] total_inactive_file 0
[  108.570052][ T7692] total_active_file 0
[  108.574024][ T7692] total_unevictable 0
[  108.578073][ T7692] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.1518,pid=7684,uid=0
[  108.592814][ T7692] Memory cgroup out of memory: Killed process 7684 (syz.4.1518) total-vm:93756kB, anon-rss:940kB, file-rss:22312kB, shmem-rss:0kB, UID:0 pgtables:120kB oom_score_adj:1000
[  108.657746][ T7731] __nla_validate_parse: 5 callbacks suppressed
[  108.657760][ T7731] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1535'.
[  108.745589][ T7735] 9pnet_fd: Insufficient options for proto=fd
[  108.983555][ T7747] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1541'.
[  108.993617][ T7743] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  109.024487][ T7737] xt_CT: You must specify a L4 protocol and not use inversions on it
[  109.349334][ T7765] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  109.733812][ T7771] block device autoloading is deprecated and will be removed.
[  109.765292][ T7777] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  109.894690][ T7789] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1557'.
[  110.081894][ T7804] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  110.098349][ T7792] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  110.109369][ T7792] loop0: detected capacity change from 0 to 512
[  110.118183][ T7792] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
[  110.188558][   T29] kauditd_printk_skb: 285 callbacks suppressed
[  110.188569][   T29] audit: type=1326 audit(1752074893.149:17681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7812 comm="syz.1.1567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4ee750e929 code=0x7ffc0000
[  110.218408][   T29] audit: type=1326 audit(1752074893.149:17682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7812 comm="syz.1.1567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ee750e929 code=0x7ffc0000
[  110.242049][   T29] audit: type=1326 audit(1752074893.149:17683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7812 comm="syz.1.1567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4ee750e929 code=0x7ffc0000
[  110.265629][   T29] audit: type=1326 audit(1752074893.149:17684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7812 comm="syz.1.1567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ee750e929 code=0x7ffc0000
[  110.289219][   T29] audit: type=1326 audit(1752074893.149:17685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7812 comm="syz.1.1567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4ee750e929 code=0x7ffc0000
[  110.320664][   T29] audit: type=1326 audit(1752074893.149:17686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7812 comm="syz.1.1567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ee750e929 code=0x7ffc0000
[  110.344236][   T29] audit: type=1326 audit(1752074893.149:17687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7812 comm="syz.1.1567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7f4ee750e929 code=0x7ffc0000
[  110.367761][   T29] audit: type=1326 audit(1752074893.149:17688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7812 comm="syz.1.1567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ee750e929 code=0x7ffc0000
[  110.391356][   T29] audit: type=1326 audit(1752074893.149:17689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7812 comm="syz.1.1567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f4ee750e929 code=0x7ffc0000
[  110.414755][   T29] audit: type=1326 audit(1752074893.149:17690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7812 comm="syz.1.1567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ee750e929 code=0x7ffc0000
[  110.441257][   T10] usb 5-1: enqueue for inactive port 0
[  110.447260][   T10] usb 5-1: enqueue for inactive port 0
[  110.524933][   T10] vhci_hcd: vhci_device speed not set
[  110.768649][ T7837] netdevsim netdevsim4 netdevsim0: entered allmulticast mode
[  110.855810][ T7837] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  111.748364][ T7865] openvswitch: netlink: Message has 6 unknown bytes.
[  111.756271][ T7864] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1584'.
[  111.945593][ T7877] netdevsim netdevsim5 netdevsim0: entered allmulticast mode
[  111.953157][ T7877] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  112.039565][ T7884] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  112.184211][ T7892] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1597'.
[  112.265224][ T7897] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  112.283712][ T7899] netlink: 'syz.2.1600': attribute type 10 has an invalid length.
[  112.291764][ T7899] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1600'.
[  112.401472][ T7904] 9pnet: Could not find request transport: f
[  112.493420][ T7919] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1609'.
[  112.585400][ T7927] 9pnet: Could not find request transport: f
[  112.703921][ T7925] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  112.891027][ T7966] 9pnet: Could not find request transport: f
[  113.120458][ T7996] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[  113.136359][ T7996] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  113.294944][ T8015] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1648'.
[  113.303927][ T8015] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1648'.
[  113.323504][ T8020] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1652'.
[  113.343742][ T8022] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  113.396140][ T8026] 9pnet_fd: Insufficient options for proto=fd
[  113.485363][ T3379] usb usb6-port1: attempt power cycle
[  113.664519][ T8042] 9pnet: Could not find request transport: f
[  114.113959][ T8067] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1671'.
[  114.311699][ T8087] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[  114.883508][ T8139] 9pnet: Could not find request transport: f
[  115.107480][ T8155] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1710'.
[  115.345132][ T3379] usb usb6-port1: unable to enumerate USB device
[  115.380184][   T29] kauditd_printk_skb: 778 callbacks suppressed
[  115.380196][   T29] audit: type=1326 audit(1752074898.340:18469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8173 comm="syz.5.1718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46172de929 code=0x7ffc0000
[  115.411636][ T8174] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1718'.
[  115.427635][   T29] audit: type=1326 audit(1752074898.380:18470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8173 comm="syz.5.1718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f46172de929 code=0x7ffc0000
[  115.451171][   T29] audit: type=1326 audit(1752074898.380:18471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8173 comm="syz.5.1718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46172de929 code=0x7ffc0000
[  115.474693][   T29] audit: type=1326 audit(1752074898.380:18472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8173 comm="syz.5.1718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f46172de929 code=0x7ffc0000
[  115.498181][   T29] audit: type=1326 audit(1752074898.380:18473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8173 comm="syz.5.1718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46172de929 code=0x7ffc0000
[  115.521732][   T29] audit: type=1326 audit(1752074898.380:18474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8173 comm="syz.5.1718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f46172de929 code=0x7ffc0000
[  115.545154][   T29] audit: type=1326 audit(1752074898.380:18475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8173 comm="syz.5.1718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46172de929 code=0x7ffc0000
[  115.568670][   T29] audit: type=1326 audit(1752074898.380:18476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8173 comm="syz.5.1718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f46172de929 code=0x7ffc0000
[  115.592133][   T29] audit: type=1326 audit(1752074898.380:18477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8173 comm="syz.5.1718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46172de929 code=0x7ffc0000
[  115.615658][   T29] audit: type=1326 audit(1752074898.380:18478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8173 comm="syz.5.1718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f46172de929 code=0x7ffc0000
[  116.633416][ T8221] netlink: 'syz.2.1737': attribute type 10 has an invalid length.
[  116.641272][ T8221] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1737'.
[  116.754024][ T8242] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1747'.
[  116.836511][ T8250] 9pnet_fd: Insufficient options for proto=fd
[  116.905547][ T8245] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  117.214745][ T8292] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1768'.
[  117.434505][ T8322] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[  117.471838][ T8328] 9pnet: Could not find request transport: f
[  117.597221][ T8347] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  117.643224][ T8354] 9pnet: Could not find request transport: f
[  117.768347][ T8359] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  117.884249][ T8374] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1806'.
[  117.960546][ T8378] 9pnet_fd: Insufficient options for proto=fd
[  118.349136][ T8402] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  119.349071][ T8445] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  119.440378][ T8458] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1839'.
[  119.549568][ T8468] netlink: 'syz.2.1844': attribute type 10 has an invalid length.
[  119.557469][ T8468] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1844'.
[  119.616077][ T8479] openvswitch: netlink: Message has 6 unknown bytes.
[  119.618969][ T8481] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1850'.
[  119.736466][ T8493] netlink: 'syz.2.1856': attribute type 10 has an invalid length.
[  119.744352][ T8493] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1856'.
[  119.775301][ T8495] netlink: 'syz.2.1857': attribute type 8 has an invalid length.
[  119.852660][ T8497] 9pnet_fd: Insufficient options for proto=fd
[  120.071391][ T8518] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  120.084568][ T8521] netlink: 'syz.0.1867': attribute type 10 has an invalid length.
[  120.092427][ T8521] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1867'.
[  120.117158][ T8526] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  120.126022][ T8526] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  120.330123][ T8526] 9pnet: p9_errstr2errno: server reported unknown error 
[  120.367225][ T8530] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1871'.
[  120.385670][   T29] kauditd_printk_skb: 1846 callbacks suppressed
[  120.385683][   T29] audit: type=1326 audit(1752074903.350:20325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8494 comm="syz.2.1857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8d6c4b58e7 code=0x7ffc0000
[  120.415377][   T29] audit: type=1326 audit(1752074903.350:20326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8494 comm="syz.2.1857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8d6c45ab19 code=0x7ffc0000
[  120.438850][   T29] audit: type=1326 audit(1752074903.350:20327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8494 comm="syz.2.1857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f8d6c4be929 code=0x7ffc0000
[  120.462308][   T29] audit: type=1326 audit(1752074903.350:20328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8529 comm="syz.4.1871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8cb93558e7 code=0x7ffc0000
[  120.485825][   T29] audit: type=1326 audit(1752074903.350:20329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8529 comm="syz.4.1871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8cb92fab19 code=0x7ffc0000
[  120.509194][   T29] audit: type=1326 audit(1752074903.350:20330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8529 comm="syz.4.1871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f8cb935e929 code=0x7ffc0000
[  120.532645][   T29] audit: type=1326 audit(1752074903.360:20331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8494 comm="syz.2.1857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8d6c4b58e7 code=0x7ffc0000
[  120.556107][   T29] audit: type=1326 audit(1752074903.360:20332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8494 comm="syz.2.1857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8d6c45ab19 code=0x7ffc0000
[  120.579493][   T29] audit: type=1326 audit(1752074903.360:20333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8494 comm="syz.2.1857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f8d6c4be929 code=0x7ffc0000
[  120.602941][   T29] audit: type=1326 audit(1752074903.360:20334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8529 comm="syz.4.1871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8cb93558e7 code=0x7ffc0000
[  120.775453][ T8544] netlink: 'syz.2.1878': attribute type 8 has an invalid length.
[  120.862810][ T8552] 9pnet_fd: Insufficient options for proto=fd
[  121.180246][ T8595] FAULT_INJECTION: forcing a failure.
[  121.180246][ T8595] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  121.193482][ T8595] CPU: 1 UID: 0 PID: 8595 Comm: syz.1.1898 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(voluntary) 
[  121.193510][ T8595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  121.193523][ T8595] Call Trace:
[  121.193529][ T8595]  <TASK>
[  121.193536][ T8595]  __dump_stack+0x1d/0x30
[  121.193558][ T8595]  dump_stack_lvl+0xe8/0x140
[  121.193638][ T8595]  dump_stack+0x15/0x1b
[  121.193656][ T8595]  should_fail_ex+0x265/0x280
[  121.193686][ T8595]  should_fail+0xb/0x20
[  121.193713][ T8595]  should_fail_usercopy+0x1a/0x20
[  121.193788][ T8595]  _copy_from_user+0x1c/0xb0
[  121.193809][ T8595]  __se_sys_mount+0x10d/0x2e0
[  121.193841][ T8595]  ? fput+0x8f/0xc0
[  121.193978][ T8595]  ? ksys_write+0x192/0x1a0
[  121.194016][ T8595]  __x64_sys_mount+0x67/0x80
[  121.194048][ T8595]  x64_sys_call+0xd36/0x2fb0
[  121.194086][ T8595]  do_syscall_64+0xd2/0x200
[  121.194116][ T8595]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  121.194181][ T8595]  ? clear_bhb_loop+0x40/0x90
[  121.194235][ T8595]  ? clear_bhb_loop+0x40/0x90
[  121.194253][ T8595]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.194301][ T8595] RIP: 0033:0x7f4ee750e929
[  121.194344][ T8595] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  121.194362][ T8595] RSP: 002b:00007f4ee5b77038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  121.194379][ T8595] RAX: ffffffffffffffda RBX: 00007f4ee7735fa0 RCX: 00007f4ee750e929
[  121.194390][ T8595] RDX: 00002000000002c0 RSI: 0000200000000080 RDI: 0000000000000000
[  121.194412][ T8595] RBP: 00007f4ee5b77090 R08: 0000200000000240 R09: 0000000000000000
[  121.194465][ T8595] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  121.194516][ T8595] R13: 0000000000000000 R14: 00007f4ee7735fa0 R15: 00007fff13d9d708
[  121.194537][ T8595]  </TASK>
[  121.643257][ T8609] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  121.672072][ T8618] 9pnet: p9_errstr2errno: server reported unknown error 
[  121.694496][ T8620] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1909'.
[  121.715094][ T8620] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1909'.
[  121.926202][ T8623] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  122.146494][ T8647] netlink: 'syz.2.1920': attribute type 10 has an invalid length.
[  122.154449][ T8647] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1920'.
[  122.608737][ T8690] 9pnet: p9_errstr2errno: server reported unknown error 
[  122.820651][ T8704] netlink: 'syz.5.1946': attribute type 8 has an invalid length.
[  122.901555][ T8715] 9pnet_fd: Insufficient options for proto=fd
[  122.997893][ T8726] 9pnet_fd: Insufficient options for proto=fd
[  123.103071][ T8734] netlink: 'syz.4.1957': attribute type 10 has an invalid length.
[  123.111095][ T8734] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1957'.
[  123.352005][ T8760] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  123.737340][ T8790] 9pnet: p9_errstr2errno: server reported unknown error 
[  123.910791][ T8802] netlink: 'syz.4.1986': attribute type 8 has an invalid length.
[  123.954692][ T8804] netlink: 'syz.5.1987': attribute type 8 has an invalid length.
[  123.987301][ T8806] 9pnet_fd: Insufficient options for proto=fd
[  124.037592][ T8808] 9pnet_fd: Insufficient options for proto=fd
[  124.259328][   T23] IPVS: starting estimator thread 0...
[  124.374472][ T8827] IPVS: using max 2592 ests per chain, 129600 per kthread
[  124.387331][ T8838] 9pnet: p9_errstr2errno: server reported unknown error 
[  124.934049][ T8872] 9pnet: p9_errstr2errno: server reported unknown error 
[  125.027274][ T8870] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  125.293753][ T8882] __nla_validate_parse: 1 callbacks suppressed
[  125.293771][ T8882] netlink: 76 bytes leftover after parsing attributes in process `syz.5.2018'.
[  125.394997][ T8890] 9pnet: Could not find request transport: 0xffffffffffffffff
[  125.427101][   T29] kauditd_printk_skb: 2259 callbacks suppressed
[  125.427116][   T29] audit: type=1400 audit(1752074908.380:22594): avc:  denied  { unlink } for  pid=6214 comm="syz-executor" name="file0" dev="tmpfs" ino=1103 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  125.430053][ T8896] openvswitch: netlink: Message has 6 unknown bytes.
[  125.443983][   T29] audit: type=1400 audit(1752074908.390:22595): avc:  denied  { setopt } for  pid=8894 comm="syz.5.2024" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  125.485941][ T8898] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2020'.
[  125.501075][ T8898] bridge0: port 3(syz_tun) entered disabled state
[  125.503683][   T29] audit: type=1400 audit(1752074908.440:22596): avc:  denied  { nlmsg_write } for  pid=8895 comm="syz.1.2025" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  125.528545][   T29] audit: type=1400 audit(1752074908.450:22597): avc:  denied  { connect } for  pid=8885 comm="syz.2.2020" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  125.549274][   T29] audit: type=1400 audit(1752074908.450:22598): avc:  denied  { write } for  pid=8885 comm="syz.2.2020" path="socket:[23756]" dev="sockfs" ino=23756 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  125.573006][   T29] audit: type=1326 audit(1752074908.460:22599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8899 comm="syz.5.2026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46172de929 code=0x7ffc0000
[  125.596540][   T29] audit: type=1326 audit(1752074908.460:22600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8899 comm="syz.5.2026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46172de929 code=0x7ffc0000
[  125.620201][   T29] audit: type=1326 audit(1752074908.460:22601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8899 comm="syz.5.2026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f46172de929 code=0x7ffc0000
[  125.643752][   T29] audit: type=1326 audit(1752074908.460:22602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8899 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46172de929 code=0x7ffc0000
[  125.666746][   T29] audit: type=1326 audit(1752074908.460:22603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8899 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46172de929 code=0x7ffc0000
[  125.721933][ T8898] syz_tun (unregistering): left allmulticast mode
[  125.728452][ T8898] syz_tun (unregistering): left promiscuous mode
[  125.734845][ T8898] bridge0: port 3(syz_tun) entered disabled state
[  125.920177][ T8914] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  126.171922][ T8921] netlink: 76 bytes leftover after parsing attributes in process `syz.5.2033'.
[  126.732183][ T8949] netlink: 'syz.1.2046': attribute type 8 has an invalid length.
[  126.737285][ T8944] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  126.871170][ T8955] 9pnet: Could not find request transport: f
[  127.150479][ T8981] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  127.298190][ T8991] 9pnet: Could not find request transport: f
[  127.402879][ T9002] 9pnet: p9_errstr2errno: server reported unknown error 
[  127.628026][ T9019] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2076'.
[  127.933522][ T9032] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2082'.
[  127.956593][ T9026] xt_CT: You must specify a L4 protocol and not use inversions on it
[  128.013075][ T9034] 9pnet_fd: Insufficient options for proto=fd
[  128.422772][ T9043] netlink: 'syz.0.2086': attribute type 8 has an invalid length.
[  128.511959][ T9046] 9pnet_fd: Insufficient options for proto=fd
[  128.643699][ T9057] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  128.809206][ T9068] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  128.811416][ T9071] netlink: 60 bytes leftover after parsing attributes in process `syz.5.2097'.
[  128.832412][ T9073] openvswitch: netlink: Message has 6 unknown bytes.
[  129.089232][ T9087] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2104'.
[  129.271275][ T9095] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2107'.
[  129.360793][ T9103] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2111'.
[  129.370243][ T9103] wg2: entered promiscuous mode
[  129.375127][ T9103] wg2: entered allmulticast mode
[  129.421427][ T9105] FAULT_INJECTION: forcing a failure.
[  129.421427][ T9105] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  129.434632][ T9105] CPU: 1 UID: 0 PID: 9105 Comm: syz.2.2112 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(voluntary) 
[  129.434719][ T9105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  129.434730][ T9105] Call Trace:
[  129.434735][ T9105]  <TASK>
[  129.434741][ T9105]  __dump_stack+0x1d/0x30
[  129.434787][ T9105]  dump_stack_lvl+0xe8/0x140
[  129.434806][ T9105]  dump_stack+0x15/0x1b
[  129.434821][ T9105]  should_fail_ex+0x265/0x280
[  129.434900][ T9105]  should_fail+0xb/0x20
[  129.434942][ T9105]  should_fail_usercopy+0x1a/0x20
[  129.434968][ T9105]  _copy_from_user+0x1c/0xb0
[  129.434990][ T9105]  get_timespec64+0x4c/0x100
[  129.435012][ T9105]  __x64_sys_recvmmsg+0xa3/0x170
[  129.435033][ T9105]  x64_sys_call+0x1c6a/0x2fb0
[  129.435054][ T9105]  do_syscall_64+0xd2/0x200
[  129.435099][ T9105]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  129.435128][ T9105]  ? clear_bhb_loop+0x40/0x90
[  129.435148][ T9105]  ? clear_bhb_loop+0x40/0x90
[  129.435197][ T9105]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.435218][ T9105] RIP: 0033:0x7f8d6c4be929
[  129.435246][ T9105] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  129.435263][ T9105] RSP: 002b:00007f8d6ab27038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  129.435306][ T9105] RAX: ffffffffffffffda RBX: 00007f8d6c6e5fa0 RCX: 00007f8d6c4be929
[  129.435316][ T9105] RDX: 04000000000003b4 RSI: 00002000000037c0 RDI: 0000000000000003
[  129.435337][ T9105] RBP: 00007f8d6ab27090 R08: 0000200000003700 R09: 0000000000000000
[  129.435357][ T9105] R10: 0000000002040000 R11: 0000000000000246 R12: 0000000000000001
[  129.435368][ T9105] R13: 0000000000000000 R14: 00007f8d6c6e5fa0 R15: 00007ffc980c7d28
[  129.435384][ T9105]  </TASK>
[  129.759649][ T9118] netlink: 56 bytes leftover after parsing attributes in process `syz.4.2116'.
[  130.233896][ T3379] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  130.300179][ T9154] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  130.492164][ T9162] FAULT_INJECTION: forcing a failure.
[  130.492164][ T9162] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  130.505330][ T9162] CPU: 1 UID: 0 PID: 9162 Comm: syz.2.2134 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(voluntary) 
[  130.505437][ T9162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  130.505451][ T9162] Call Trace:
[  130.505457][ T9162]  <TASK>
[  130.505462][ T9162]  __dump_stack+0x1d/0x30
[  130.505483][ T9162]  dump_stack_lvl+0xe8/0x140
[  130.505504][ T9162]  dump_stack+0x15/0x1b
[  130.505522][ T9162]  should_fail_ex+0x265/0x280
[  130.505554][ T9162]  should_fail+0xb/0x20
[  130.505655][ T9162]  should_fail_usercopy+0x1a/0x20
[  130.505688][ T9162]  _copy_from_user+0x1c/0xb0
[  130.505738][ T9162]  memdup_user+0x5e/0xd0
[  130.505813][ T9162]  strndup_user+0x68/0xb0
[  130.505833][ T9162]  __se_sys_add_key+0x128/0x350
[  130.505861][ T9162]  __x64_sys_add_key+0x67/0x80
[  130.505885][ T9162]  x64_sys_call+0x1d0d/0x2fb0
[  130.505907][ T9162]  do_syscall_64+0xd2/0x200
[  130.505963][ T9162]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  130.505988][ T9162]  ? clear_bhb_loop+0x40/0x90
[  130.506011][ T9162]  ? clear_bhb_loop+0x40/0x90
[  130.506046][ T9162]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.506140][ T9162] RIP: 0033:0x7f8d6c4be929
[  130.506155][ T9162] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  130.506172][ T9162] RSP: 002b:00007f8d6ab27038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8
[  130.506192][ T9162] RAX: ffffffffffffffda RBX: 00007f8d6c6e5fa0 RCX: 00007f8d6c4be929
[  130.506206][ T9162] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000200000000080
[  130.506219][ T9162] RBP: 00007f8d6ab27090 R08: 000000000c6a18cd R09: 0000000000000000
[  130.506233][ T9162] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  130.506246][ T9162] R13: 0000000000000000 R14: 00007f8d6c6e5fa0 R15: 00007ffc980c7d28
[  130.506289][ T9162]  </TASK>
[  130.740421][   T29] kauditd_printk_skb: 1263 callbacks suppressed
[  130.740434][   T29] audit: type=1400 audit(1752074913.700:23867): avc:  denied  { ioctl } for  pid=9169 comm="syz.2.2138" path="socket:[24184]" dev="sockfs" ino=24184 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  130.778768][ T9170] __nla_validate_parse: 1 callbacks suppressed
[  130.778806][ T9170] netlink: 2 bytes leftover after parsing attributes in process `syz.2.2138'.
[  130.797381][   T29] audit: type=1400 audit(1752074913.740:23868): avc:  denied  { create } for  pid=9169 comm="syz.2.2138" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  130.817461][   T29] audit: type=1400 audit(1752074913.740:23869): avc:  denied  { bind } for  pid=9169 comm="syz.2.2138" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  130.836825][   T29] audit: type=1400 audit(1752074913.740:23870): avc:  denied  { create } for  pid=9169 comm="syz.2.2138" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  130.856403][   T29] audit: type=1400 audit(1752074913.740:23871): avc:  denied  { ioctl } for  pid=9169 comm="syz.2.2138" path="socket:[24188]" dev="sockfs" ino=24188 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  130.881132][   T29] audit: type=1400 audit(1752074913.740:23872): avc:  denied  { write } for  pid=9169 comm="syz.2.2138" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  130.900802][   T29] audit: type=1400 audit(1752074913.740:23873): avc:  denied  { nlmsg_read } for  pid=9169 comm="syz.2.2138" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  130.921429][   T29] audit: type=1400 audit(1752074913.760:23874): avc:  denied  { read } for  pid=9169 comm="syz.2.2138" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  130.970589][ T9178] 9pnet: p9_errstr2errno: server reported unknown error 
[  130.998047][ T9182] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2144'.
[  131.004906][   T29] audit: type=1326 audit(1752074913.960:23875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9181 comm="syz.1.2144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ee750e929 code=0x7ffc0000
[  131.030412][   T29] audit: type=1326 audit(1752074913.960:23876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9181 comm="syz.1.2144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4ee750e929 code=0x7ffc0000
[  131.118459][ T9197] openvswitch: netlink: Message has 6 unknown bytes.
[  131.150141][ T9203] netlink: 'syz.2.2154': attribute type 10 has an invalid length.
[  131.158031][ T9203] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2154'.
[  131.301637][ T9221] netlink: 60 bytes leftover after parsing attributes in process `syz.5.2163'.
[  131.312728][ T9221] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2163'.
[  131.329651][ T9224] 9pnet: p9_errstr2errno: server reported unknown error 
[  131.383413][ T9235] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2168'.
[  131.396652][ T9237] xt_TPROXY: Can be used only with -p tcp or -p udp
[  131.410922][ T9237] tun0: tun_chr_ioctl cmd 1074025677
[  131.416158][ T9240] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2171'.
[  131.425347][ T9237] tun0: linktype set to 776
[  131.600328][ T9251] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2175'.
[  131.625915][ T9251] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2175'.
[  131.830951][ T9270] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2183'.
[  131.876224][ T9275] netlink: 'syz.1.2185': attribute type 8 has an invalid length.
[  131.947383][ T9276] 9pnet_fd: Insufficient options for proto=fd
[  132.646821][ T9298] FAULT_INJECTION: forcing a failure.
[  132.646821][ T9298] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  132.659988][ T9298] CPU: 0 UID: 0 PID: 9298 Comm: syz.2.2194 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(voluntary) 
[  132.660026][ T9298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  132.660037][ T9298] Call Trace:
[  132.660106][ T9298]  <TASK>
[  132.660113][ T9298]  __dump_stack+0x1d/0x30
[  132.660133][ T9298]  dump_stack_lvl+0xe8/0x140
[  132.660149][ T9298]  dump_stack+0x15/0x1b
[  132.660174][ T9298]  should_fail_ex+0x265/0x280
[  132.660262][ T9298]  should_fail+0xb/0x20
[  132.660278][ T9298]  should_fail_usercopy+0x1a/0x20
[  132.660295][ T9298]  _copy_from_iter+0xcf/0xe40
[  132.660345][ T9298]  ? __build_skb_around+0x1a0/0x200
[  132.660361][ T9298]  ? __alloc_skb+0x223/0x320
[  132.660378][ T9298]  netlink_sendmsg+0x471/0x6b0
[  132.660420][ T9298]  ? __pfx_netlink_sendmsg+0x10/0x10
[  132.660583][ T9298]  __sock_sendmsg+0x142/0x180
[  132.660596][ T9298]  ____sys_sendmsg+0x31e/0x4e0
[  132.660615][ T9298]  ___sys_sendmsg+0x17b/0x1d0
[  132.660680][ T9298]  __x64_sys_sendmsg+0xd4/0x160
[  132.660763][ T9298]  x64_sys_call+0x2999/0x2fb0
[  132.660775][ T9298]  do_syscall_64+0xd2/0x200
[  132.660861][ T9298]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  132.660876][ T9298]  ? clear_bhb_loop+0x40/0x90
[  132.660899][ T9298]  ? clear_bhb_loop+0x40/0x90
[  132.660913][ T9298]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.660932][ T9298] RIP: 0033:0x7f8d6c4be929
[  132.660947][ T9298] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  132.660980][ T9298] RSP: 002b:00007f8d6ab27038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  132.660996][ T9298] RAX: ffffffffffffffda RBX: 00007f8d6c6e5fa0 RCX: 00007f8d6c4be929
[  132.661064][ T9298] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[  132.661089][ T9298] RBP: 00007f8d6ab27090 R08: 0000000000000000 R09: 0000000000000000
[  132.661101][ T9298] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  132.661148][ T9298] R13: 0000000000000000 R14: 00007f8d6c6e5fa0 R15: 00007ffc980c7d28
[  132.661224][ T9298]  </TASK>
[  132.923811][ T9303] openvswitch: netlink: Message has 6 unknown bytes.
[  132.938735][ T9305] 9pnet: Could not find request transport: f
[  132.986943][ T9314] 9pnet: p9_errstr2errno: server reported unknown error 
[  133.028879][ T9322] netlink: 'syz.4.2204': attribute type 8 has an invalid length.
[  133.125795][ T9331] 9pnet_fd: Insufficient options for proto=fd
[  133.831183][ T9337] netlink: 'syz.2.2208': attribute type 8 has an invalid length.
[  133.925505][ T9338] 9pnet_fd: Insufficient options for proto=fd
[  133.950682][ T9343] 9pnet: Could not find request transport: f
[  134.010209][ T9353] syzkaller0: entered promiscuous mode
[  134.015787][ T9353] syzkaller0: entered allmulticast mode
[  134.040469][ T9356] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  134.097025][ T9369] netlink: 'syz.4.2215': attribute type 4 has an invalid length.
[  134.931494][ T9395] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  134.961113][ T9398] netlink: 'syz.1.2233': attribute type 8 has an invalid length.
[  135.140977][ T9413] 9pnet: p9_errstr2errno: server reported unknown error 
[  135.220501][ T9422] 9pnet_fd: Insufficient options for proto=fd
[  135.242934][ T9426] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  135.423893][ T9451] netlink: 'syz.0.2255': attribute type 8 has an invalid length.
[  135.438516][ T9447] 9pnet: p9_errstr2errno: server reported unknown error 
[  135.580910][ T9463] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  135.638010][ T9472] netlink: 'syz.1.2264': attribute type 10 has an invalid length.
[  135.748936][   T29] kauditd_printk_skb: 2401 callbacks suppressed
[  135.748950][   T29] audit: type=1326 audit(1752074918.711:26278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9408 comm="syz.5.2237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f46172d58e7 code=0x7ffc0000
[  135.792134][   T29] audit: type=1326 audit(1752074918.711:26279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9408 comm="syz.5.2237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f461727ab19 code=0x7ffc0000
[  135.815605][   T29] audit: type=1326 audit(1752074918.711:26280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9408 comm="syz.5.2237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f46172de929 code=0x7ffc0000
[  135.839194][   T29] audit: type=1326 audit(1752074918.721:26281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9408 comm="syz.5.2237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f46172d58e7 code=0x7ffc0000
[  135.862570][   T29] audit: type=1326 audit(1752074918.721:26282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9408 comm="syz.5.2237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f461727ab19 code=0x7ffc0000
[  135.885992][   T29] audit: type=1326 audit(1752074918.721:26283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9408 comm="syz.5.2237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f46172de929 code=0x7ffc0000
[  135.909369][   T29] audit: type=1326 audit(1752074918.731:26284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9408 comm="syz.5.2237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f46172d58e7 code=0x7ffc0000
[  135.932856][   T29] audit: type=1326 audit(1752074918.731:26285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9408 comm="syz.5.2237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f461727ab19 code=0x7ffc0000
[  135.956371][   T29] audit: type=1326 audit(1752074918.731:26286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9408 comm="syz.5.2237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f46172de929 code=0x7ffc0000
[  135.979901][   T29] audit: type=1326 audit(1752074918.741:26287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9408 comm="syz.5.2237" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f46172d58e7 code=0x7ffc0000
[  136.147101][ T9501] capability: warning: `syz.5.2276' uses deprecated v2 capabilities in a way that may be insecure
[  136.183297][ T9484] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  136.402228][ T9514] netlink: 'syz.2.2283': attribute type 8 has an invalid length.
[  136.519159][ T9521] 9pnet: Could not find request transport: f
[  136.530117][ T9523] 9pnet_fd: Insufficient options for proto=fd
[  136.958712][ T9536] smc: net device bond0 applied user defined pnetid SYZ2
[  136.968091][ T9536] smc: net device bond0 erased user defined pnetid SYZ2
[  137.125118][ T9546] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  137.149853][ T9546] vhci_hcd: default hub control req: 1f07 v0017 i0001 l0
[  137.241975][ T9555] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  137.396854][ T9559] __nla_validate_parse: 9 callbacks suppressed
[  137.396868][ T9559] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2301'.
[  137.609876][ T9578] 9pnet: p9_errstr2errno: server reported unknown error 
[  137.639524][ T9581] netlink: 'syz.0.2310': attribute type 8 has an invalid length.
[  137.733634][ T9597] 9pnet_fd: Insufficient options for proto=fd
[  137.773683][ T9602] netlink: 'syz.1.2318': attribute type 10 has an invalid length.
[  137.781575][ T9602] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2318'.
[  137.794651][ T9596] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2316'.
[  138.040873][ T9622] FAULT_INJECTION: forcing a failure.
[  138.040873][ T9622] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  138.054154][ T9622] CPU: 0 UID: 0 PID: 9622 Comm: syz.1.2327 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(voluntary) 
[  138.054193][ T9622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  138.054212][ T9622] Call Trace:
[  138.054218][ T9622]  <TASK>
[  138.054225][ T9622]  __dump_stack+0x1d/0x30
[  138.054316][ T9622]  dump_stack_lvl+0xe8/0x140
[  138.054334][ T9622]  dump_stack+0x15/0x1b
[  138.054348][ T9622]  should_fail_ex+0x265/0x280
[  138.054376][ T9622]  should_fail_alloc_page+0xf2/0x100
[  138.054398][ T9622]  __alloc_frozen_pages_noprof+0xff/0x360
[  138.054485][ T9622]  alloc_pages_mpol+0xb3/0x250
[  138.054516][ T9622]  folio_alloc_mpol_noprof+0x39/0x80
[  138.054625][ T9622]  shmem_get_folio_gfp+0x3cf/0xd60
[  138.054675][ T9622]  shmem_write_begin+0xa8/0x190
[  138.054711][ T9622]  generic_perform_write+0x181/0x490
[  138.054804][ T9622]  shmem_file_write_iter+0xc5/0xf0
[  138.054880][ T9622]  do_iter_readv_writev+0x421/0x4c0
[  138.054911][ T9622]  vfs_writev+0x2df/0x8b0
[  138.054989][ T9622]  __se_sys_pwritev2+0xfc/0x1c0
[  138.055012][ T9622]  __x64_sys_pwritev2+0x67/0x80
[  138.055034][ T9622]  x64_sys_call+0x1cea/0x2fb0
[  138.055121][ T9622]  do_syscall_64+0xd2/0x200
[  138.055168][ T9622]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  138.055195][ T9622]  ? clear_bhb_loop+0x40/0x90
[  138.055213][ T9622]  ? clear_bhb_loop+0x40/0x90
[  138.055233][ T9622]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.055284][ T9622] RIP: 0033:0x7f4ee750e929
[  138.055299][ T9622] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  138.055319][ T9622] RSP: 002b:00007f4ee5b77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  138.055335][ T9622] RAX: ffffffffffffffda RBX: 00007f4ee7735fa0 RCX: 00007f4ee750e929
[  138.055356][ T9622] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000003
[  138.055429][ T9622] RBP: 00007f4ee5b77090 R08: 0000000000000000 R09: 0000000000000000
[  138.055439][ T9622] R10: 0000000000001400 R11: 0000000000000246 R12: 0000000000000001
[  138.055449][ T9622] R13: 0000000000000000 R14: 00007f4ee7735fa0 R15: 00007fff13d9d708
[  138.055465][ T9622]  </TASK>
[  138.062368][ T9622] wg2: entered promiscuous mode
[  138.064155][ T1377] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  138.074845][ T9622] wg2: entered allmulticast mode
[  138.120244][ T9626] netlink: 60 bytes leftover after parsing attributes in process `syz.5.2328'.
[  138.269751][ T9638] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2328'.
[  138.282425][ T9640] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  138.318663][ T9643] 9pnet: p9_errstr2errno: server reported unknown error 
[  138.409945][ T9653] netlink: 'syz.5.2339': attribute type 10 has an invalid length.
[  138.417841][ T9653] netlink: 40 bytes leftover after parsing attributes in process `syz.5.2339'.
[  138.507704][ T9659] 9pnet: Could not find request transport: f
[  138.557029][ T9667] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2345'.
[  138.704673][ T9663] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  138.717890][ T9663] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  138.741535][ T9681] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2350'.
[  138.785521][ T9681] ip6gre1: entered allmulticast mode
[  138.885243][ T9687] xt_CT: You must specify a L4 protocol and not use inversions on it
[  138.959308][ T9694] openvswitch: netlink: Message has 6 unknown bytes.
[  139.182081][ T9702] 9pnet_fd: Insufficient options for proto=fd
[  139.311875][ T9712] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2365'.
[  139.493706][ T9727] openvswitch: netlink: Message has 6 unknown bytes.
[  139.687137][ T9751] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2383'.
[  139.731613][ T9757] openvswitch: netlink: Message has 6 unknown bytes.
[  139.833471][ T3379] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  140.262102][ T9793] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  140.653840][ T9834] openvswitch: netlink: Message has 6 unknown bytes.
[  140.724768][ T9838] 9pnet_fd: Insufficient options for proto=fd
[  140.825594][ T9849] openvswitch: netlink: Message has 6 unknown bytes.
[  141.009242][ T9861] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  141.047377][   T29] kauditd_printk_skb: 1189 callbacks suppressed
[  141.047439][   T29] audit: type=1326 audit(1752074924.011:27477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9862 comm="syz.1.2432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ee750e929 code=0x7ffc0000
[  141.050133][ T9863] netlink: 'syz.1.2432': attribute type 8 has an invalid length.
[  141.053734][   T29] audit: type=1326 audit(1752074924.011:27478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9862 comm="syz.1.2432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ee750e929 code=0x7ffc0000
[  141.127693][   T29] audit: type=1326 audit(1752074924.011:27479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9862 comm="syz.1.2432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4ee750e929 code=0x7ffc0000
[  141.151351][   T29] audit: type=1326 audit(1752074924.011:27480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9862 comm="syz.1.2432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ee750e929 code=0x7ffc0000
[  141.174905][   T29] audit: type=1326 audit(1752074924.011:27481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9862 comm="syz.1.2432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4ee750e929 code=0x7ffc0000
[  141.198512][   T29] audit: type=1326 audit(1752074924.011:27482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9862 comm="syz.1.2432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ee750e929 code=0x7ffc0000
[  141.222108][   T29] audit: type=1326 audit(1752074924.011:27483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9862 comm="syz.1.2432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4ee750e929 code=0x7ffc0000
[  141.245724][   T29] audit: type=1326 audit(1752074924.011:27484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9862 comm="syz.1.2432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ee750e929 code=0x7ffc0000
[  141.269295][   T29] audit: type=1326 audit(1752074924.011:27485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9862 comm="syz.1.2432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4ee750e929 code=0x7ffc0000
[  141.280373][ T9870] xt_CT: You must specify a L4 protocol and not use inversions on it
[  141.292673][   T29] audit: type=1326 audit(1752074924.011:27486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9862 comm="syz.1.2432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ee750e929 code=0x7ffc0000
[  141.351659][ T9875] netlink: 'syz.2.2436': attribute type 8 has an invalid length.
[  141.583832][ T9895] FAULT_INJECTION: forcing a failure.
[  141.583832][ T9895] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  141.597042][ T9895] CPU: 0 UID: 0 PID: 9895 Comm: syz.0.2445 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(voluntary) 
[  141.597070][ T9895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  141.597148][ T9895] Call Trace:
[  141.597153][ T9895]  <TASK>
[  141.597158][ T9895]  __dump_stack+0x1d/0x30
[  141.597176][ T9895]  dump_stack_lvl+0xe8/0x140
[  141.597192][ T9895]  dump_stack+0x15/0x1b
[  141.597240][ T9895]  should_fail_ex+0x265/0x280
[  141.597266][ T9895]  should_fail+0xb/0x20
[  141.597319][ T9895]  should_fail_usercopy+0x1a/0x20
[  141.597349][ T9895]  _copy_from_iter+0xcf/0xe40
[  141.597440][ T9895]  ? file_tty_write+0x1dc/0x670
[  141.597469][ T9895]  ? __pfx_woken_wake_function+0x10/0x10
[  141.597535][ T9895]  file_tty_write+0x32f/0x670
[  141.597559][ T9895]  ? __pfx_tty_write+0x10/0x10
[  141.597622][ T9895]  tty_write+0x25/0x30
[  141.597642][ T9895]  vfs_write+0x4a0/0x8e0
[  141.597729][ T9895]  ksys_write+0xda/0x1a0
[  141.597814][ T9895]  __x64_sys_write+0x40/0x50
[  141.597840][ T9895]  x64_sys_call+0x2cdd/0x2fb0
[  141.597857][ T9895]  do_syscall_64+0xd2/0x200
[  141.597886][ T9895]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  141.597910][ T9895]  ? clear_bhb_loop+0x40/0x90
[  141.597944][ T9895]  ? clear_bhb_loop+0x40/0x90
[  141.598013][ T9895]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.598036][ T9895] RIP: 0033:0x7fb08256e929
[  141.598127][ T9895] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  141.598143][ T9895] RSP: 002b:00007fb080bd7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  141.598163][ T9895] RAX: ffffffffffffffda RBX: 00007fb082795fa0 RCX: 00007fb08256e929
[  141.598176][ T9895] RDX: 000000000000ff2e RSI: 00002000000003c0 RDI: 0000000000000003
[  141.598198][ T9895] RBP: 00007fb080bd7090 R08: 0000000000000000 R09: 0000000000000000
[  141.598211][ T9895] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  141.598223][ T9895] R13: 0000000000000000 R14: 00007fb082795fa0 R15: 00007ffe5b4f4448
[  141.598238][ T9895]  </TASK>
[  141.912812][ T9899] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  142.092184][ T9920] 9pnet_fd: Insufficient options for proto=fd
[  142.134430][ T9925] 9pnet: Could not find request transport: f
[  142.460852][ T9948] __nla_validate_parse: 12 callbacks suppressed
[  142.460948][ T9948] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2468'.
[  142.515624][ T9951] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2469'.
[  142.589517][ T9954] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2471'.
[  142.605401][ T9955] 9pnet_fd: Insufficient options for proto=fd
[  142.614342][ T9954] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2471'.
[  142.640853][ T9940] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  142.697551][ T9958] 9pnet: Could not find request transport: f
[  142.707710][ T9961] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2472'.
[  142.807829][ T9963] netlink: 'syz.2.2473': attribute type 10 has an invalid length.
[  142.815702][ T9963] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2473'.
[  142.925171][ T9969] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  143.153768][ T9991] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2485'.
[  143.190174][ T9995] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2487'.
[  143.201086][ T9971] xt_CT: You must specify a L4 protocol and not use inversions on it
[  143.335536][T10009] 9pnet_fd: Insufficient options for proto=fd
[  143.423838][T10024] netlink: 'syz.4.2500': attribute type 8 has an invalid length.
[  143.447901][T10029] openvswitch: netlink: Message has 6 unknown bytes.
[  143.498827][T10034] openvswitch: netlink: Message has 6 unknown bytes.
[  143.541407][T10041] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2507'.
[  143.603959][T10047] block device autoloading is deprecated and will be removed.
[  143.617025][T10048] 9pnet_fd: Insufficient options for proto=fd
[  143.673530][  T124] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  143.838478][T10062] openvswitch: netlink: Message has 6 unknown bytes.
[  143.929053][T10064] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  144.043788][T10071] netlink: 'syz.2.2520': attribute type 2 has an invalid length.
[  144.245585][T10086] openvswitch: netlink: Message has 6 unknown bytes.
[  144.302084][T10094] block device autoloading is deprecated and will be removed.
[  144.504760][T10113] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2539'.
[  144.634270][T10130] openvswitch: netlink: Message has 6 unknown bytes.
[  144.659308][T10132] netlink: 'syz.5.2548': attribute type 10 has an invalid length.
[  144.777060][T10143] hub 2-0:1.0: USB hub found
[  144.781790][T10143] hub 2-0:1.0: 8 ports detected
[  144.804407][T10148] xt_CT: You must specify a L4 protocol and not use inversions on it
[  144.845614][T10154] netlink: 'syz.1.2556': attribute type 28 has an invalid length.
[  145.137782][T10167] netlink: 'syz.0.2561': attribute type 10 has an invalid length.
[  145.443228][T10184] 9pnet_fd: Insufficient options for proto=fd
[  145.552927][T10193] openvswitch: netlink: Message has 6 unknown bytes.
[  145.575580][T10195] netlink: 'syz.2.2572': attribute type 10 has an invalid length.
[  145.796127][T10211] 9pnet_fd: Insufficient options for proto=fd
[  145.858922][T10218] openvswitch: netlink: Message has 6 unknown bytes.
[  145.919152][T10224] 9pnet: p9_errstr2errno: server reported unknown error 
[  145.994570][T10230] netlink: 'syz.2.2588': attribute type 8 has an invalid length.
[  146.150087][   T29] kauditd_printk_skb: 1036 callbacks suppressed
[  146.150102][   T29] audit: type=1326 audit(1752074929.071:28523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10229 comm="syz.2.2588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d6c4be929 code=0x7ffc0000
[  146.180114][   T29] audit: type=1326 audit(1752074929.071:28524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10229 comm="syz.2.2588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d6c4be929 code=0x7ffc0000
[  146.203834][   T29] audit: type=1326 audit(1752074929.071:28525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10229 comm="syz.2.2588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8d6c4be929 code=0x7ffc0000
[  146.227726][   T29] audit: type=1326 audit(1752074929.111:28526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10229 comm="syz.2.2588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d6c4be929 code=0x7ffc0000
[  146.251331][   T29] audit: type=1326 audit(1752074929.111:28527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10229 comm="syz.2.2588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d6c4be929 code=0x7ffc0000
[  146.275021][   T29] audit: type=1326 audit(1752074929.111:28528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10229 comm="syz.2.2588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f8d6c4be929 code=0x7ffc0000
[  146.298592][   T29] audit: type=1326 audit(1752074929.111:28529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10229 comm="syz.2.2588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d6c4be929 code=0x7ffc0000
[  146.299415][T10238] 9pnet_fd: Insufficient options for proto=fd
[  146.322170][   T29] audit: type=1326 audit(1752074929.111:28530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10229 comm="syz.2.2588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d6c4be929 code=0x7ffc0000
[  146.322197][   T29] audit: type=1326 audit(1752074929.111:28531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10237 comm="syz.2.2588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f8d6c4f11e5 code=0x7ffc0000
[  146.348105][   T29] audit: type=1326 audit(1752074929.201:28532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10229 comm="syz.2.2588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7f8d6c4be929 code=0x7ffc0000
[  146.460832][    T9] IPVS: starting estimator thread 0...
[  146.541989][T10252] 9pnet_fd: Insufficient options for proto=fd
[  146.562931][T10250] IPVS: using max 2592 ests per chain, 129600 per kthread
[  146.712184][T10269] openvswitch: netlink: Message has 6 unknown bytes.
[  146.867374][T10277] openvswitch: netlink: Message has 6 unknown bytes.
[  146.883158][    T9] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  146.905917][T10274] infiniband syz!: set active
[  146.910621][T10274] infiniband syz!: added team_slave_0
[  146.947833][T10274] RDS/IB: syz!: added
[  146.957435][T10274] smc: adding ib device syz! with port count 1
[  146.961738][T10286] 9pnet: Could not find request transport: f
[  146.963997][T10274] smc:    ib device syz! port 1 has pnetid 
[  147.276262][T10305] netlink: 'syz.0.2612': attribute type 8 has an invalid length.
[  147.399861][T10314] 9pnet_fd: Insufficient options for proto=fd
[  147.555863][T10327] __nla_validate_parse: 18 callbacks suppressed
[  147.555879][T10327] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2621'.
[  147.573069][T10329] netlink: 'syz.1.2622': attribute type 10 has an invalid length.
[  147.580953][T10329] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2622'.
[  147.678700][T10340] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2624'.
[  147.689194][T10340] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2624'.
[  147.698122][T10340] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2624'.
[  147.797594][T10350] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2631'.
[  147.853156][T10350] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2631'.
[  147.906776][T10360] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2635'.
[  147.935411][T10363] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2636'.
[  147.947535][T10363] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2636'.
[  147.957302][T10364] netlink: 'syz.5.2637': attribute type 10 has an invalid length.
[  148.274457][T10385] openvswitch: netlink: Message has 6 unknown bytes.
[  148.878852][T10416] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  148.964452][T10422] openvswitch: netlink: Message has 6 unknown bytes.
[  149.094821][T10418] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  149.150469][T10429] 9pnet: p9_errstr2errno: server reported unknown error 
[  149.435115][   T51] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  149.647875][T10449] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  149.997949][T10446] chnl_net:caif_netlink_parms(): no params data found
[  150.067466][   T41] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  150.138060][   T41] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  150.150348][T10446] bridge0: port 1(bridge_slave_0) entered blocking state
[  150.157426][T10446] bridge0: port 1(bridge_slave_0) entered disabled state
[  150.244207][T10446] bridge_slave_0: entered allmulticast mode
[  150.251453][T10446] bridge_slave_0: entered promiscuous mode
[  150.261090][T10446] bridge0: port 2(bridge_slave_1) entered blocking state
[  150.268203][T10446] bridge0: port 2(bridge_slave_1) entered disabled state
[  150.275366][T10446] bridge_slave_1: entered allmulticast mode
[  150.281703][T10446] bridge_slave_1: entered promiscuous mode
[  150.355812][T10486] 9pnet: p9_errstr2errno: server reported unknown error 
[  150.365374][   T41] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  150.381253][T10492] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  150.394933][T10446] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  150.412877][T10446] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  150.445649][T10498] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  150.463534][   T41] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  150.478937][T10446] team0: Port device team_slave_0 added
[  150.488785][T10446] team0: Port device team_slave_1 added
[  150.501725][T10499] 9pnet_fd: Insufficient options for proto=fd
[  150.533468][T10446] batman_adv: batadv0: Adding interface: batadv_slave_0
[  150.540421][T10446] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  150.566416][T10446] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  150.578685][T10446] batman_adv: batadv0: Adding interface: batadv_slave_1
[  150.585707][T10446] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  150.611748][T10446] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  150.711631][   T41] bridge_slave_1: left allmulticast mode
[  150.717483][   T41] bridge_slave_1: left promiscuous mode
[  150.723363][   T41] bridge0: port 2(bridge_slave_1) entered disabled state
[  150.750501][   T41] bridge_slave_0: left allmulticast mode
[  150.756200][   T41] bridge_slave_0: left promiscuous mode
[  150.761912][   T41] bridge0: port 1(bridge_slave_0) entered disabled state
[  150.878239][   T41] team0: Port device geneve1 removed
[  151.154208][   T29] kauditd_printk_skb: 1168 callbacks suppressed
[  151.154220][   T29] audit: type=1326 audit(1752074934.122:29701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10493 comm="syz.5.2688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f46172d58e7 code=0x7ffc0000
[  151.185599][   T29] audit: type=1326 audit(1752074934.122:29702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10493 comm="syz.5.2688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f461727ab19 code=0x7ffc0000
[  151.209202][   T29] audit: type=1326 audit(1752074934.122:29703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10493 comm="syz.5.2688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f46172de929 code=0x7ffc0000
[  151.232760][   T29] audit: type=1326 audit(1752074934.122:29704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10493 comm="syz.5.2688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f46172d58e7 code=0x7ffc0000
[  151.256253][   T29] audit: type=1326 audit(1752074934.122:29705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10493 comm="syz.5.2688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f461727ab19 code=0x7ffc0000
[  151.279761][   T29] audit: type=1326 audit(1752074934.122:29706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10493 comm="syz.5.2688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f46172de929 code=0x7ffc0000
[  151.303337][   T29] audit: type=1326 audit(1752074934.122:29707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10493 comm="syz.5.2688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f46172d58e7 code=0x7ffc0000
[  151.326884][   T29] audit: type=1326 audit(1752074934.122:29708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10493 comm="syz.5.2688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f461727ab19 code=0x7ffc0000
[  151.350448][   T29] audit: type=1326 audit(1752074934.122:29709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10493 comm="syz.5.2688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f46172de929 code=0x7ffc0000
[  151.373937][   T29] audit: type=1326 audit(1752074934.152:29710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10493 comm="syz.5.2688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f46172d58e7 code=0x7ffc0000
[  151.654200][   T41] bond0 (unregistering): Released all slaves
[  151.683822][T10446] hsr_slave_0: entered promiscuous mode
[  151.699772][T10446] hsr_slave_1: entered promiscuous mode
[  151.711199][T10446] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  151.720227][T10446] Cannot create hsr debugfs directory
[  151.905171][   T41] hsr_slave_0: left promiscuous mode
[  151.916206][   T41] hsr_slave_1: left promiscuous mode
[  151.931962][   T41] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  151.939386][   T41] batman_adv: batadv0: Removing interface: batadv_slave_0
[  151.972852][   T41] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  151.980277][   T41] batman_adv: batadv0: Removing interface: batadv_slave_1
[  152.002123][   T41] veth1_macvtap: left promiscuous mode
[  152.007725][   T41] veth0_macvtap: left promiscuous mode
[  152.015694][   T41] veth1_vlan: left promiscuous mode
[  152.025292][   T41] veth0_vlan: left promiscuous mode
[  152.121932][   T41] team0 (unregistering): Port device team_slave_1 removed
[  152.149698][   T41] team0 (unregistering): Port device team_slave_0 removed
[  152.163177][  T121] smc: removing ib device syz!
[  152.239698][T10559] netlink: 'syz.5.2713': attribute type 8 has an invalid length.
[  152.335697][T10561] 9pnet_fd: Insufficient options for proto=fd
[  152.572161][T10446] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  152.583459][T10446] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  152.594189][T10446] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  152.603215][T10446] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  152.650422][T10446] 8021q: adding VLAN 0 to HW filter on device bond0
[  152.680750][T10446] 8021q: adding VLAN 0 to HW filter on device team0
[  152.689055][T10580] __nla_validate_parse: 15 callbacks suppressed
[  152.689067][T10580] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2719'.
[  152.706988][ T1377] bridge0: port 1(bridge_slave_0) entered blocking state
[  152.714159][ T1377] bridge0: port 1(bridge_slave_0) entered forwarding state
[  152.737094][ T1377] bridge0: port 2(bridge_slave_1) entered blocking state
[  152.744172][ T1377] bridge0: port 2(bridge_slave_1) entered forwarding state
[  152.818708][T10586] netlink: 76 bytes leftover after parsing attributes in process `syz.2.2722'.
[  152.841830][T10588] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2720'.
[  152.862207][T10592] openvswitch: netlink: Message has 6 unknown bytes.
[  152.864923][T10593] 9pnet: p9_errstr2errno: server reported unknown error 
[  152.875069][T10446] 8021q: adding VLAN 0 to HW filter on device batadv0
[  152.988912][T10612] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2730'.
[  153.021560][T10446] veth0_vlan: entered promiscuous mode
[  153.022312][T10616] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2731'.
[  153.048398][T10446] veth1_vlan: entered promiscuous mode
[  153.083949][T10446] veth0_macvtap: entered promiscuous mode
[  153.102565][T10446] veth1_macvtap: entered promiscuous mode
[  153.123626][T10446] batman_adv: batadv0: Interface activated: batadv_slave_0
[  153.142079][T10622] 9pnet_fd: Insufficient options for proto=fd
[  153.142872][T10446] batman_adv: batadv0: Interface activated: batadv_slave_1
[  153.163474][T10627] 9pnet: p9_errstr2errno: server reported unknown error 
[  153.171735][T10446] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  153.180479][T10446] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  153.189193][T10446] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  153.197969][T10446] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  153.270505][T10629] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2736'.
[  153.316654][T10621] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  153.486210][T10649] netlink: 'syz.5.2741': attribute type 10 has an invalid length.
[  153.494146][T10649] netlink: 40 bytes leftover after parsing attributes in process `syz.5.2741'.
[  153.641794][T10663] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2746'.
[  153.675968][T10665] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2743'.
[  153.756577][  T121] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  153.785319][T10643] chnl_net:caif_netlink_parms(): no params data found
[  153.806597][T10676] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2748'.
[  153.822904][T10673] hub 2-0:1.0: USB hub found
[  153.828071][T10673] hub 2-0:1.0: 8 ports detected
[  153.856320][  T121] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  153.895125][T10643] bridge0: port 1(bridge_slave_0) entered blocking state
[  153.902183][T10643] bridge0: port 1(bridge_slave_0) entered disabled state
[  153.909986][T10643] bridge_slave_0: entered allmulticast mode
[  153.919501][T10643] bridge_slave_0: entered promiscuous mode
[  153.928029][T10643] bridge0: port 2(bridge_slave_1) entered blocking state
[  153.935271][T10643] bridge0: port 2(bridge_slave_1) entered disabled state
[  153.944368][T10643] bridge_slave_1: entered allmulticast mode
[  153.950895][T10643] bridge_slave_1: entered promiscuous mode
[  153.985809][T10643] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  154.002119][  T121] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  154.031669][T10643] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  154.062976][  T121] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  154.110516][T10643] team0: Port device team_slave_0 added
[  154.118842][T10643] team0: Port device team_slave_1 added
[  154.137989][T10688] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  154.164144][T10643] batman_adv: batadv0: Adding interface: batadv_slave_0
[  154.171122][T10643] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  154.197103][T10643] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  154.246217][T10643] batman_adv: batadv0: Adding interface: batadv_slave_1
[  154.253202][T10643] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  154.279174][T10643] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  154.356032][  T121] bridge_slave_1: left allmulticast mode
[  154.361712][  T121] bridge_slave_1: left promiscuous mode
[  154.367486][  T121] bridge0: port 2(bridge_slave_1) entered disabled state
[  154.380105][  T121] bridge_slave_0: left allmulticast mode
[  154.385828][  T121] bridge_slave_0: left promiscuous mode
[  154.391595][  T121] bridge0: port 1(bridge_slave_0) entered disabled state
[  154.452795][  T124] ==================================================================
[  154.460911][  T124] BUG: KCSAN: data-race in batadv_hard_if_event / batadv_mcast_mla_update
[  154.469422][  T124] 
[  154.471747][  T124] write to 0xffff888106e49210 of 1 bytes by task 121 on cpu 1:
[  154.479286][  T124]  batadv_hard_if_event+0x76a/0x1070
[  154.484570][  T124]  raw_notifier_call_chain+0x6c/0x1b0
[  154.489929][  T124]  call_netdevice_notifiers_info+0xae/0x100
[  154.495811][  T124]  unregister_netdevice_many_notify+0xd9d/0x1690
[  154.502136][  T124]  unregister_netdevice_many+0x19/0x20
[  154.507593][  T124]  ops_undo_list+0x213/0x410
[  154.512175][  T124]  cleanup_net+0x2de/0x4d0
[  154.516587][  T124]  process_scheduled_works+0x4cb/0x9d0
[  154.522043][  T124]  worker_thread+0x582/0x770
[  154.526628][  T124]  kthread+0x489/0x510
[  154.530685][  T124]  ret_from_fork+0xda/0x150
[  154.535176][  T124]  ret_from_fork_asm+0x1a/0x30
[  154.539931][  T124] 
[  154.542237][  T124] read to 0xffff888106e49210 of 1 bytes by task 124 on cpu 0:
[  154.549679][  T124]  batadv_mcast_mla_update+0x29f/0x1850
[  154.555215][  T124]  process_scheduled_works+0x4cb/0x9d0
[  154.560669][  T124]  worker_thread+0x582/0x770
[  154.565254][  T124]  kthread+0x489/0x510
[  154.569309][  T124]  ret_from_fork+0xda/0x150
[  154.573797][  T124]  ret_from_fork_asm+0x1a/0x30
[  154.578549][  T124] 
[  154.580855][  T124] value changed: 0x00 -> 0x01
[  154.585516][  T124] 
[  154.587825][  T124] Reported by Kernel Concurrency Sanitizer on:
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  154.593960][  T124] CPU: 0 UID: 0 PID: 124 Comm: kworker/u8:5 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(voluntary) 
[  154.606448][  T124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  154.616493][  T124] Workqueue: bat_events batadv_mcast_mla_update
[  154.622727][  T124] ==================================================================
[  154.639068][  T121] team0: Port device geneve1 removed
[  155.192770][   T31] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  155.465945][ T5032] bridge0: port 4(syz_tun) entered disabled state
[  155.473937][ T5032] syz_tun (unregistering): left allmulticast mode
[  155.480386][ T5032] syz_tun (unregistering): left promiscuous mode
[  155.487079][ T5032] bridge0: port 4(syz_tun) entered disabled state
[  155.500679][  T121] hsr_slave_0: left promiscuous mode
[  155.506422][  T121] hsr_slave_1: left promiscuous mode
[  155.511975][  T121] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  155.519581][  T121] batman_adv: batadv0: Removing interface: batadv_slave_0
[  155.527517][  T121] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  155.535069][  T121] batman_adv: batadv0: Removing interface: batadv_slave_1
[  155.545031][  T121] veth1_vlan: left promiscuous mode
[  155.550298][  T121] veth0_vlan: left promiscuous mode
[  155.591204][  T121] team0 (unregistering): Port device team_slave_1 removed
[  155.605135][  T121] team0 (unregistering): Port device team_slave_0 removed
[  155.905632][  T121] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.964094][  T121] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.004511][  T121] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.073540][  T121] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.315724][  T121] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.364059][  T121] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.404088][  T121] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.443355][  T121] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.513982][  T121] batadv1: left allmulticast mode
[  156.519099][  T121] batadv1: left promiscuous mode
[  156.524198][  T121] bridge0: port 3(batadv1) entered disabled state
[  156.531137][  T121] bridge_slave_1: left allmulticast mode
[  156.536899][  T121] bridge_slave_1: left promiscuous mode
[  156.542623][  T121] bridge0: port 2(bridge_slave_1) entered disabled state
[  156.550241][  T121] bridge_slave_0: left allmulticast mode
[  156.555938][  T121] bridge_slave_0: left promiscuous mode
[  156.561641][  T121] bridge0: port 1(bridge_slave_0) entered disabled state
[  156.571764][  T121] bridge_slave_1: left allmulticast mode
[  156.577493][  T121] bridge_slave_1: left promiscuous mode
[  156.583145][  T121] bridge0: port 2(bridge_slave_1) entered disabled state
[  156.590558][  T121] bridge_slave_0: left allmulticast mode
[  156.596195][  T121] bridge_slave_0: left promiscuous mode
[  156.601848][  T121] bridge0: port 1(bridge_slave_0) entered disabled state
[  156.609877][  T121] bridge_slave_1: left allmulticast mode
[  156.615520][  T121] bridge_slave_1: left promiscuous mode
[  156.621168][  T121] bridge0: port 2(bridge_slave_1) entered disabled state
[  156.628672][  T121] bridge_slave_0: left allmulticast mode
[  156.634376][  T121] bridge_slave_0: left promiscuous mode
[  156.639948][  T121] bridge0: port 1(bridge_slave_0) entered disabled state
[  156.649364][  T121] bridge_slave_1: left allmulticast mode
[  156.655043][  T121] bridge_slave_1: left promiscuous mode
[  156.660694][  T121] bridge0: port 2(bridge_slave_1) entered disabled state
[  156.668440][  T121] bridge_slave_0: left allmulticast mode
[  156.674122][  T121] bridge_slave_0: left promiscuous mode
[  156.679715][  T121] bridge0: port 1(bridge_slave_0) entered disabled state
[  156.734259][  T121] team0: Port device geneve1 removed
[  157.283775][  T121] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  157.293413][  T121] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  157.302507][  T121] bond0 (unregistering): Released all slaves
[  157.319072][  T121] team0: Port device geneve1 removed
[  157.664287][  T121] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  157.673561][  T121] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  157.682542][  T121] bond0 (unregistering): Released all slaves
[  157.690193][  T121] bond1 (unregistering): Released all slaves
[  157.710067][  T121] team0: Port device geneve1 removed
[  158.253967][  T121] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  158.263409][  T121] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  158.272470][  T121] bond0 (unregistering): Released all slaves
[  158.280380][  T121] bond1 (unregistering): Released all slaves
[  158.331254][  T121] hsr_slave_0: left promiscuous mode
[  158.337557][  T121] hsr_slave_1: left promiscuous mode
[  158.343139][  T121] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  158.350519][  T121] batman_adv: batadv0: Removing interface: batadv_slave_0
[  158.358115][  T121] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  158.365567][  T121] batman_adv: batadv0: Removing interface: batadv_slave_1
[  158.373091][  T121] batman_adv: batadv0: Removing interface: batadv_slave_0
[  158.380454][  T121] batman_adv: batadv0: Removing interface: batadv_slave_1
[  158.389482][  T121] hsr_slave_0: left promiscuous mode
[  158.395181][  T121] hsr_slave_1: left promiscuous mode
[  158.400799][  T121] batman_adv: batadv0: Removing interface: batadv_slave_0
[  158.408590][  T121] batman_adv: batadv0: Removing interface: batadv_slave_1
[  158.417257][  T121] hsr_slave_0: left promiscuous mode
[  158.423008][  T121] hsr_slave_1: left promiscuous mode
[  158.428496][  T121] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  158.435923][  T121] batman_adv: batadv0: Removing interface: batadv_slave_0
[  158.443422][  T121] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  158.450854][  T121] batman_adv: batadv0: Removing interface: batadv_slave_1
[  158.462748][  T121] veth1_vlan: left promiscuous mode
[  158.467979][  T121] veth0_vlan: left promiscuous mode
[  158.473775][  T121] veth1_macvtap: left promiscuous mode
[  158.479246][  T121] veth0_macvtap: left promiscuous mode
[  158.484765][  T121] veth1_vlan: left promiscuous mode
[  158.490001][  T121] veth0_vlan: left promiscuous mode
[  158.560106][  T121] team0 (unregistering): Port device team_slave_1 removed
[  158.569665][  T121] team0 (unregistering): Port device team_slave_0 removed
[  158.598442][  T121] team0 (unregistering): Port device team_slave_1 removed
[  158.607339][  T121] team0 (unregistering): Port device team_slave_0 removed
[  158.652974][  T121] team0 (unregistering): Port device team_slave_1 removed
[  158.661842][  T121] team0 (unregistering): Port device team_slave_0 removed
[  158.708171][  T121] team0 (unregistering): Port device team_slave_1 removed
[  158.717075][  T121] team0 (unregistering): Port device team_slave_0 removed
[  159.648836][  T121] IPVS: stop unused estimator thread 0...
[  159.655601][  T121] IPVS: stop unused estimator thread 0...
[  159.695390][  T121] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.743966][  T121] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.794002][  T121] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.864353][  T121] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.932701][  T121] bridge_slave_1: left allmulticast mode
[  159.938335][  T121] bridge_slave_1: left promiscuous mode
[  159.944035][  T121] bridge0: port 2(bridge_slave_1) entered disabled state
[  159.951543][  T121] bridge_slave_0: left allmulticast mode
[  159.957204][  T121] bridge_slave_0: left promiscuous mode
[  159.962822][  T121] bridge0: port 1(bridge_slave_0) entered disabled state
[  160.034176][  T121] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  160.043758][  T121] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  160.052951][  T121] bond0 (unregistering): Released all slaves
[  160.104167][  T121] hsr_slave_0: left promiscuous mode
[  160.109658][  T121] hsr_slave_1: left promiscuous mode
[  160.115252][  T121] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  160.122618][  T121] batman_adv: batadv0: Removing interface: batadv_slave_0
[  160.130021][  T121] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  160.137429][  T121] batman_adv: batadv0: Removing interface: batadv_slave_1
[  160.146712][  T121] veth1_vlan: left promiscuous mode
[  160.152061][  T121] veth0_vlan: left promiscuous mode
[  160.195380][  T121] team0 (unregistering): Port device team_slave_1 removed
[  160.204794][  T121] team0 (unregistering): Port device team_slave_0 removed