last executing test programs:

2.656444832s ago: executing program 0 (id=289):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b702000000000000850000008500"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000000000000001000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r2}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000002080)=@newtaction={0xe7c, 0x30, 0x25, 0x0, 0x0, {}, [{0xe68, 0x1, [@m_pedit={0xe64, 0x1, 0x0, 0x0, {{0xa}, {0xe38, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x14, 0x5, 0x0, 0x1, [{0xc, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6}]}, {0x4}]}, @TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x2}, [{}, {}, {0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x6}, {0x1000}, {}, {}, {}, {0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x20000}, {}, {}, {}, {0x1}, {0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {0x0, 0x0, 0x7}, {0x0, 0x7}, {0x0, 0x0, 0x0, 0xfffffffd}, {}, {0x0, 0x2, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {0xfffffffc}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4}, {}, {}, {}, {0x0, 0x0, 0x10000000}, {0x0, 0x1, 0x0, 0x0, 0x0, 0x2}, {0x7}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {}, {}, {}, {0x0, 0x800000}, {}, {}, {}, {0x0, 0x0, 0x2}, {0x4, 0xc000000}, {}, {0x0, 0x80000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, {}, {0x0, 0x23}, {0x0, 0x0, 0x0, 0x404}, {0x0, 0x0, 0x0, 0x2, 0xfffffffd}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x100000}, {}, {}, {}, {0x0, 0x0, 0x9f, 0x0, 0x0, 0x1}, {0x20000, 0x0, 0x9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0xfffffffd}, {}, {}, {0x0, 0x0, 0x1, 0x0, 0x747}, {0x8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x6}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xb}, {}, {}, {0x0, 0x78}, {0x0, 0x5}, {}, {0x0, 0x0, 0x0, 0x2}], [{0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {0x1}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe7c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000880)=ANY=[@ANYBLOB='trans=fd'])
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r5}, 0x18)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r6, 0x0)
fdatasync(r6)
ioctl$RTC_PIE_OFF(r6, 0x7006)
socketpair(0xf, 0x3, 0x2, &(0x7f00000001c0))
syz_usb_connect(0x3, 0x1c, 0x0, 0x0)
r7 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f0000000000)={'vxcan0\x00', <r8=>0x0})
bind$can_j1939(r7, &(0x7f0000000100)={0x1d, r8, 0x2, {0x3}}, 0x18)
sendmmsg$inet6(r7, &(0x7f0000004d80)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000240)="050000a300000000", 0x8}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x2, 0x4)

1.666836254s ago: executing program 1 (id=318):
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
getpeername$packet(r1, 0x0, &(0x7f0000000040))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
sendmmsg(r0, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0)

1.537995606s ago: executing program 1 (id=323):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$SO_TIMESTAMP(r0, 0x1, 0x3e, 0x0, &(0x7f0000001980)) (fail_nth: 2)

1.196243134s ago: executing program 2 (id=324):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000640)='./binderfs2/binder1\x00', 0x3, 0x0)
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r0, 0xc018620c, &(0x7f0000000680)={0x1})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000440)=@newqdisc={0x24, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, 0x0, {0x0, 0xa}, {0xffff, 0xffff}, {0xd, 0xffff}}}, 0x24}}, 0x44080)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000001180)=@newqdisc={0x38, 0x24, 0xd0f, 0x70bd25, 0x0, {0x60, 0x0, 0x0, 0x0, {}, {0x0, 0xa}, {0x0, 0x10}}, [@qdisc_kind_options=@q_pfifo={{0xa}, {0x8, 0x2, 0xfffffc00}}]}, 0x38}, 0x1, 0x0, 0x0, 0x55}, 0x4000)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="18090000000200000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff000000caf100bf0500000000000000010000f8ffffffb702000008000000b70300000000000085000000730000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup(r1)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r3}, &(0x7f0000000000), &(0x7f00000005c0)=r4}, 0x20)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x4, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r5}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, @void, @value}, 0x94)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r6}, 0x10)
r7 = socket$inet(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFDSTADDR(r7, 0x8918, &(0x7f0000000040)={'veth1\x00', {0x2, 0x4e23, @empty}})

1.191295824s ago: executing program 2 (id=325):
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x301100, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0) (async)
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) (async)
r1 = socket$nl_route(0x10, 0x3, 0x0) (async)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bond0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="4c00000010003b1500"/20, @ANYRES32=0x0, @ANYBLOB="270c0000038000002c00128009000100626f6e64000000001c000280050001000100000005001b000000000008000b00", @ANYRES32=r3, @ANYBLOB="c2cbea41c62dfe1ee6a3b82fa0a54c9229ad1698372eaf7c2da6a28c785a44f2e40977687242300ef56661b549e71ff2ec2825b508d4a0915330ba23a3d46ec1e63a875eee16585652078d3a0a325c377d737abc6782a94fffadf59728f3dc5d7936"], 0x4c}}, 0x0)
bind$packet(r0, &(0x7f0000000180)={0x11, 0x6, r3, 0x1, 0xc}, 0x14) (async)
bind$packet(r0, &(0x7f00000002c0)={0x11, 0x19, 0x0, 0x1, 0x8, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x14)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x0, 0x0, 0x3}, 0x1c) (async)
perf_event_open(&(0x7f00000012c0)={0x3, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, @perf_config_ext={0x3af, 0x4}, 0x10a038, 0x0, 0x0, 0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xfffffffffffffffc, 0xffffffffffffffff, 0x9) (async)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000040), 0x208e24b) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r4, 0x0) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="0100000001000000e27f00000100000000000000", @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000f65a", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @void, @value}, 0xfffffffffffffde3)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10) (async)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[], 0x0, 0x2, 0x0, 0x0, 0x0, 0x15, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94) (async)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0) (async)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x200000, &(0x7f00000004c0)={[{@dioread_nolock}, {@stripe={'stripe', 0x3d, 0x3}}, {@min_batch_time={'min_batch_time', 0x3d, 0x1}}, {@nogrpid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@errors_remount}, {@acl}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x343}}, {@jqfmt_vfsold}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@nombcache}], [{@appraise}]}, 0xfd, 0x573, &(0x7f0000000cc0)="$eJzs3V9rW+UfAPDvSZP9636/djCGeiGDXTgZS9fWPxOEzUvR4UDvZ2izMpouo0nHWgduF+7GGxmCiAPxBXjv5fAN+CoGOhgyil6IUDnpSZe1Sf8tNbH5fOBsz5Nzkud58pzvyfOck/QEMLBOpv/kIl6OiK+SiJGWdfnIVp5c3W756e2pdEliZeXj35O4sO61kuz/4SzzUkT8/EXEmdzGcmuLS7OlSqU8n+XH6nM3xmqLS2evzZVmyjPl6xOTk+ffnJx45+23utbW1y//+e1HD98//+Wp5W9+fHzsfhIX42i2Lm1XF4q405o5Wfo7SxXi4roNx7tQWD9Jel0BdmUoi/NCpMeAkRjKoh7Y/z6PiBVgQCXiHwZUcxzQnNt3aR78n/HkvdUJ0Mb251fPjcShxtzoyHLy3Mwone+OdqH8tIyffntwP11i8/MQh7fIA+zInbsRcS6f33j8S7Lj3+6da5w83tz6Mgbt8wd66WE6/knuRGyI/9za+CfajH+G28Tubmwd/7nHXSimo3T8927b8e/aoWt0KMv9rzHmKyRXr1XK5yLi/xFxOgoH0/xm13POLz9a6bSudfyXLmn5zbFgVo/H+YPPP2e6VC+9SJtbPbkb8Urb8W+y1v9Jm/5P34/L2yzjRPnBq53Wbd3+vbXyQ8Rrbfv/2RWtZPPrk2ON/WGsuVds9Me9E790Kr/X7U/7/8jm7R9NWq/X1nZexveH/ip3Wrfb/f9A8kkjfSB77FapXp8fjziQfJgfXv/4xLPnNvPN7dP2nz7VPv432//Tyden22z/veP3Om7aD/0/vaP+33ni0Qeffdep/O31/xuN1Onske0c/7ZbwRd57wAAAAAAAKDf5CLiaCS54lo6lysWV7/fcTyO5CrVWv3M1erC9elo/FZ2NAq55pXukZbvQ4xn34dt5ifW5Scj4lhEfD10uJEvTlUr071uPAAAAAAAAAAAAAAAAAAAAPSJ4Q6//0/9OtTr2gF7rnFjg4O9rgXQC1ve8r8bd3oC+tKW8Q/sWzuPf2cGYL/w+Q+DS/zD4BL/MLi2G/+FkT2uCPCv8/kPg0v8AwAAAAAAAAAAAAAAAAAAAAAAAAAAQFddvnQpXVaWn96eSvPTNxcXZqs3z06Xa7PFuYWp4lR1/kZxplqdqZSLU9W5rV6vUq3eGJ+IhVtj9XKtPlZbXLoyV124Xr9yba40U75SLvhjwwAAAAAAAAAAAAAAAAAAALBBbXFptlSplOclOiYuRF9UYy8buGpXT8/3Syskupro8YEJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFr8EwAA//8DDjNQ") (async)
shutdown(r0, 0x1) (async)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
sendmmsg$unix(r8, &(0x7f00000bd000), 0x318, 0x0) (async)
r9 = syz_io_uring_setup(0x497, &(0x7f0000000200)={0x0, 0x707b, 0x0, 0x4, 0x288}, &(0x7f0000000340)=<r10=>0x0, &(0x7f0000000280)=<r11=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r10, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r10, r11, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x40, 0x0, r7, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0, 0x40000120, 0x4aa52520f215cfe4, {0x2}}) (async)
io_uring_enter(r9, 0x3516, 0x0, 0x0, 0x0, 0x0)

1.182329634s ago: executing program 0 (id=326):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000040)={0xa, 0x0, &(0x7f0000000340)={&(0x7f0000000b00)=ANY=[@ANYBLOB="020300000b0000000000000000000000030006000000000002000000e000000100000000000000000200010000001c000000fb18000000000300050000000000020000007f0000010000000000000000010018"], 0x58}, 0x1, 0x7}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_GET(r2, &(0x7f0000000900)={0x0, 0x5, &(0x7f0000000100)={&(0x7f0000000200)={0x28, r3, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@TIPC_NLA_BEARER={0x14, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x0, 0x4, {{0x0, 0x1, @in6={0xa, 0x4e24, 0xa, @loopback, 0xb}}, {0x0, 0x2, @in6={0xa, 0x4e22, 0x6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x8}}}}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x20008001}, 0x8000)
io_uring_setup(0x5f41, &(0x7f00000001c0)={0x0, 0x0, 0x800})
r4 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
creat(&(0x7f0000000240)='./bus\x00', 0xc2)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r5 = socket(0x2, 0x80805, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r5, 0x84, 0x6b, &(0x7f0000000300)=[@in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0xd0, 0x0}}, @in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}], 0x20)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000000)='./bus\x00', 0x2006, &(0x7f0000000080)={[{@nolazytime}, {@data_writeback}, {@journal_path={'journal_path', 0x3d, './bus'}}, {@bsdgroups}, {@jqfmt_vfsold}, {@noload}]}, 0x3, 0x46d, &(0x7f0000000680)="$eJzs3MtvG0UYAPBv7SR9N6Eqjz6AIECUAkmTltIDFxBIHEBCgkM5hiStSt0GNUEiVQUBoXJElThxQRyR+As4wQUBJyQuHOCOKlWolxZORmvvprZrp4nrR1v/ftI6M7trz3y7M/bsTuwABtZ4+pBEbI+IPyNitJqt32G8+uf61Quz/169MJtEufzWP8lQuvna1Quz+a7587blmaGIwmdJ7GtS7uLy+dMzpdL8uSw/uXTm/cnF5fPPnTozc3L+5PzZ6WPHjhyeeuHo9PMdiTON69rejxb273ntnUtvzB6/9O4v3yV5/A1xdMh4i/WV4/Zkudzh4vprR0262jK4GxSzBjlc6f+jUYwbJ280Xv20r5UDuqpcLpcfaL15pQzcw5Lodw2A/sg/6NPr33zp0dDjjnDlpeoFUBr39WypbhmKQrbPcMP1bSeNR8Txlf++Tpfozn0IAIA6P6Tjn2ebjf8KUXtfaGc2hzIWEfdFxK6IOBoRuyPi/oh035UHI+KhDZbfOEly8/incLmtwNYpHf+9mM1t1Y//8tFfjBWz3I5K/MPJiVOl+UPZMTkQw5vS/NQaZfz4yu9ftNpWO/5Ll7T8fCyY1ePy0Kb658zNLM3cTsy1rnwSsXeoWfzJ6kxAEhF7ImJvm2WcOvjt/lbbbh3/Gjowz1T+JuKp6vlfiYb4c8na85OTm6M0f2gybxUVxdoyfv3t4putyr+t+DsgPf9bm7b/1fjHktr52sWNvPpXT6ePF//6vOU1TbvtfyR5u27dhzNLS+emIkaS16uVrl0/3bDf9I390/gPPN68/++KG0diX0SkjfjhiHgkIh7N6v7YHztveRR+fvmJ99qPv7vS+OfWf/7LoxF5Q1geiSyxuqZ5onj6p+/rCh1rHv/Oluf/SCV1IFuznve/9dRro60ZAAAA7laFiNgeSWFiNV0oTExU/4d/d2wtlBYWl545sfDB2bnqdwTGYriQ3+karbkfOpVd1uf56Yb84ey+8ZfFLZX8xOxCaa7fwcOA29ai/6f+Lva7dkDX+b4WDK42+v/H3agH0Hs+/2Fw3dz/N/elHkDvNfn839KPegC912z8v64L/O2drwvQWw3937QfDBD3/2BwtdP/vWfAvWForZ9sHulpVYDeWdwSt/6SvERXE/kvzXToBfNfrulGVYfT1nIwIpbPR+EOOHQSXUv0810JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgc/4PAAD///Q43wY=")
setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r4, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4)
stat(0x0, 0x0)
getpid()
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r6)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r6, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, 0x0)
mkdir(0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xb8af, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000600)='kfree\x00', r8}, 0x18)
syz_io_uring_submit(0x0, 0x0, 0x0)

1.150031655s ago: executing program 4 (id=327):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x9, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa540000850000008200000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
io_setup(0x1, 0x0) (fail_nth: 10)

1.100509486s ago: executing program 0 (id=328):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x70, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0x2}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
io_cancel(0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0xe5, 0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x81, 0x0, 0x1}, &(0x7f0000000140))

1.100054246s ago: executing program 2 (id=329):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="05000000040000000400000004"], 0x48)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
timer_create(0x0, 0x0, &(0x7f00009b1ffc))
timer_delete(0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000001000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b70300000000ffff850000000400000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
syz_emit_ethernet(0x32, &(0x7f0000000200)={@random="e90c610faca2", @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0xe000, 0x3, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x10, 0x0, @gue={{0x2, 0x1, 0x2, 0xc, 0x100}}}}}}}, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000005c0)={{r1}, &(0x7f0000000440), &(0x7f0000000480)='%ps    \x00'}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000280), 0x1, 0x0)
writev(r3, &(0x7f0000000040)=[{&(0x7f0000002500)='\f7', 0x2}, {0x0}], 0x2)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x37, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0xa0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x5, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x44000006, 0x0}, 0x0, 0x8, &(0x7f0000000440))
r6 = memfd_create(&(0x7f00000006c0)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xd4N\x12\x9b\x1f\t\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\xa1\x9c\x86xm\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xb9\xc0LF;\xd6\x84\x195\x06\x00\x00\x00~\xf3S\x12\"p^\xc1jP\x8a\xc6[\xbd\xe7q]\xdd\r\x1aZS\x01*\x1b\xfd\xbcMA\xdcq\xa1\x00\xb3\xf9\x91r\x7f\xdc\xf1\xc3G,\xdb\xccS\x15\x95b\x17\xab\xe4?\x96\x95\xa4kP\x99YO\xb8V\xd5p\x90X\xaaf', 0x0)
fallocate(r6, 0x0, 0x400000000000000, 0x2)

1.054257847s ago: executing program 0 (id=330):
personality(0x4600005)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa4ebbe25218875b3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
truncate(&(0x7f00000001c0)='./file2\x00', 0xaeb3)
pipe(&(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000a0db000000000000000000850000000e000000c50000002a00000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='netlink_extack\x00', r4}, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYRESHEX=r2, @ANYRESDEC=r4, @ANYRES64=r3], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f00000002c0)=ANY=[@ANYBLOB, @ANYRES32=r5, @ANYBLOB="0000000000000000b702000000020000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$kcm(0x10, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48)
r7 = socket$nl_route(0x10, 0x3, 0x0)
creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dc52)
lsetxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000140), &(0x7f00000000c0)=@v2={0x2000000, [{0x800, 0xbf}, {0x60, 0x1}]}, 0x14, 0x0)
lchown(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="00000000080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a08000000000000080007000800000900000012", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=r8, @ANYRES32, @ANYRES8], 0x48)
r9 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r9, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0x5}})
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = memfd_create(&(0x7f00000006c0)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xd4N\x12\x9b\x1f\t\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\xa1\x9c\x86xm\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xb9\xc0LF;\xd6\x84\x195\x06\x00\x00\x00~\xf3S\x12\"p^\xc1jP\x8a\xc6[\xbd\xe7q]\xdd\r\x1aZS\x01*\x1b\xfd\xbcMA\xdcq\xa1\x00\xb3\xf9\x91r\x7f\xdc\xf1\xc3G,\xdb\xccS\x15\x95b\x17\xab\xe4?\x96\x95\xa4kP\x99YO\xb8V\xd5p\x90X\xaaf', 0x0)
fallocate(r11, 0x0, 0x400000000000000, 0x2)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r2, 0xc0189378, &(0x7f0000000500)={{0x1, 0x1, 0x18, r5, {r11}}, './file0\x00'})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r10, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r12=>0x0})
r13 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r13, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=@newtfilter={0x24, 0x11, 0x1, 0x691522eb, 0x0, {0x0, 0x0, 0x74, r12, {0x10, 0x4}, {}, {0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)

860.214402ms ago: executing program 1 (id=331):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r0, &(0x7f0000000440)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x1}], 0x1}}], 0x1, 0x0)

766.993093ms ago: executing program 4 (id=332):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000600), 0x200)
unshare(0x2c020400)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000001c0)={0x1000000, 0x300102, 0x0, 'queue1\x00', 0xffffffff}) (fail_nth: 6)

736.817924ms ago: executing program 2 (id=333):
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
getpeername$packet(r1, 0x0, &(0x7f0000000040))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
sendmmsg(r0, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0)

546.627729ms ago: executing program 1 (id=334):
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000000)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000080)='9p_protocol_dump\x00', r3}, 0x10)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) (fail_nth: 10)

482.26217ms ago: executing program 4 (id=336):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000080000000000000000000850000007d00000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='kfree\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000840)=@newqdisc={0x80, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x50, 0x2, {{}, [@TCA_NETEM_LOSS={0x34, 0x5, 0x0, 0x1, [@NETEM_LOSS_GI={0x18}, @NETEM_LOSS_GI={0x4}]}]}}}]}, 0x80}}, 0x0) (fail_nth: 10)

464.42475ms ago: executing program 0 (id=338):
syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000001240)='./file0\x00', 0x10, &(0x7f0000000400)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e0500001e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c71e68558b677156e22e13d8e509274ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba0", @ANYRES32, @ANYRES8, @ANYRES64, @ANYRESDEC, @ANYRES8, @ANYRES64], 0x1, 0x11f8, &(0x7f0000004b80)="$eJzs3M+LW1UUB/AzYzszzjg/1FptQbzgRjePziwE0U2QKUgDStsI7UJ4dV405JmEvDAQF1ZXbv03dO1OkO50Mxv/BnezcdmF+IREbVNTYSyYYfh8Njlw7jc5l0Dghtwcv/31p912lbXzUSwvLcXyICLdT5FiOf7yRbz+1o8/vXzj1u1rjWZz/3pKVxs3d99IKW298sP5iLg32vjgu63vV+No58PjX/d+Obp4dOn495ufdKrUqVKvP0p5utPvj/I7ZZEOOmvdLKX3yyKvitTpVcVwpt8u+4PBOOW9g831wbCoqpT3xqlbjNOon0bDcco/zju9lGVZ2lwPnkTr2/t1XUfU9flYibqu66djPTbimdiMrdiOnXg2novn40K8EBfjxXgpLk1WLXpuAAAAAAAAAAAAAAAAAAAAOFvc/wcAAAAAAAAAAAAAAAAAAIDFu3Hr9rVGs7l/PaW1iPKrw9Zha/o47Tfa0YkyirgS2/FbTG7/T03rq+8296+kiZ34srz7Z/7uYeup2fzu5O8E5uZ3p/k0m1+N9Yfze7EdF+bn9+bm1+K1Vx/KZ7EdP38U/SjjICLuxYP857spvfNe85H85ck6AAAAOAuy9Le55/cse1x/mj/B9wOPnK/PxeVzi907EdX4s25elsXwvxTLM/HViJizeCWe5CUUZ6FYOR1jLLhYOh1jzCu++Wdr0Z9M/B8evOmLngQAAAAAAAAAAICTOMFPBd+MiMe0Nv71eRa9RwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD/YgWMBAAAAAGH+1ml0bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfBUAAP//U0jL/Q==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
fallocate(r0, 0x0, 0x0, 0x20000)
syz_open_dev$usbfs(&(0x7f0000000000), 0x4, 0x115140)

401.870601ms ago: executing program 2 (id=339):
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000000)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000080)='9p_protocol_dump\x00', r3}, 0x10)
mount$9p_fd(0x2000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

401.437451ms ago: executing program 4 (id=340):
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
bind$l2tp(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
r0 = syz_io_uring_setup(0x1f87, &(0x7f0000000080)={0x0, 0x0, 0x13580}, &(0x7f0000000100), &(0x7f0000000280))
io_uring_enter(r0, 0x15f1, 0xff98, 0x23, 0x0, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
bind$bt_hci(r1, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)

401.010631ms ago: executing program 3 (id=341):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000f40), 0x48a41, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00'}, 0x10)
ioctl$AUTOFS_IOC_CATATONIC(r0, 0x9362, 0x0)
r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r1, 0x402, 0x1a)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = perf_event_open(&(0x7f0000000fc0)={0x2, 0x80, 0x82, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x20000000}, 0x0, 0x0, 0x3, 0x0, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f0000000180)='cpu>=0||!')
r4 = socket$kcm(0x10, 0x2, 0x0)
recvmsg(r4, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r5}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe0f, 0x0, 0x0, 0x2b, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00'}, 0x10)
write$cgroup_subtree(r4, &(0x7f0000000000)=ANY=[@ANYBLOB="364000002600913e"], 0xfe33)
close(r1)

400.626041ms ago: executing program 2 (id=342):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=ANY=[@ANYBLOB='\\\x00\x00\x00'], 0x5c}}, 0x0)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7"], 0x0, 0x8, 0x0, 0x0, 0x41000, 0x38, '\x00', 0x0, @lirc_mode2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = perf_event_open$cgroup(&(0x7f0000000180)={0x0, 0x80, 0x9, 0x7, 0x10, 0x1b, 0x0, 0x81, 0x28000, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, @perf_bp={&(0x7f00000000c0), 0x9}, 0x1a0, 0x7, 0x1, 0x2, 0x6, 0x9, 0xfff9, 0x0, 0x7, 0x0, 0x4}, 0xffffffffffffffff, 0x6, 0xffffffffffffffff, 0x1)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000100)='&@(\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
creat(&(0x7f0000000080)='./bus\x00', 0xf9)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r7}, 0x10)
r8 = socket$netlink(0x10, 0x3, 0x0)
r9 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r10}, 0x10)
r11 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r11, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x10000000, {0x0, 0x0, 0x0, 0x0, {0x1}, {}, {0xe}}, [@TCA_INGRESS_BLOCK={0x8}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}}, 0x0)

398.110701ms ago: executing program 4 (id=343):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000100), 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100000800000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000032ce8500000004000000850000000500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='global_dirty_state\x00', r1}, 0x10)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
r2 = socket$igmp6(0xa, 0x3, 0x3a)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
io_uring_setup(0x5590, 0x0)
setsockopt$MRT6_ADD_MFC(r2, 0x29, 0x22, &(0x7f0000000000)={{0xa, 0x0, 0x101, @rand_addr=' \x01\x00'}, {0xa, 0x4e24, 0x3, @dev, 0x20002}, 0x0, {[0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4]}}, 0x5c)

352.719933ms ago: executing program 1 (id=344):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000750000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000e0000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000cc0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000200)='fdb_delete\x00', r0}, 0x18)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"})

275.126374ms ago: executing program 3 (id=345):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r0, &(0x7f0000000440)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x1}], 0x1}}], 0x1, 0x0)

217.008635ms ago: executing program 3 (id=346):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdde, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000030000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a80)={&(0x7f0000000480)='mm_page_alloc\x00', r1, 0x0, 0x10000000006}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0xfffffffd, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000400), 0x101000, 0x0)
syz_io_uring_setup(0x73d3, &(0x7f0000000580)={0x0, 0x7d89, 0x10100, 0x3267, 0x289}, &(0x7f0000000540), &(0x7f0000000700)) (async)
syz_io_uring_setup(0x73d3, &(0x7f0000000580)={0x0, 0x7d89, 0x10100, 0x3267, 0x289}, &(0x7f0000000540)=<r3=>0x0, &(0x7f0000000700)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x4007, @fd=r2, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x1})
connect$rxrpc(r2, &(0x7f00000002c0)=@in4={0x21, 0x2, 0x2, 0x10, {0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}}, 0x24) (async)
connect$rxrpc(r2, &(0x7f00000002c0)=@in4={0x21, 0x2, 0x2, 0x10, {0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}}, 0x24)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x18)
io_uring_setup(0xf08, &(0x7f0000000780)={0x0, 0x826e, 0x10000, 0x3, 0x3c}) (async)
r6 = io_uring_setup(0xf08, &(0x7f0000000780)={0x0, 0x826e, 0x10000, 0x3, 0x3c})
io_uring_register$IORING_REGISTER_BUFFERS(r6, 0x0, &(0x7f0000000640), 0x2a) (async)
io_uring_register$IORING_REGISTER_BUFFERS(r6, 0x0, &(0x7f0000000640), 0x2a)
syz_clone3(&(0x7f0000000000)={0x285002400, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x46)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000001000000850000000e000000850000002a00000095"], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
r8 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000000c0)={r8, 0x44, 0xfffffffffffffffe}, 0x10)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000080)={{0x1, 0x1, 0x18, r5}, './file0\x00'}) (async)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r9=>r5}, './file0\x00'})
prlimit64(0x0, 0x8, &(0x7f0000000140)={0x8000a, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
pipe(&(0x7f0000000140)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff})
r12 = socket$nl_route(0x10, 0x3, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000340), 0x2a0001)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000500)=ANY=[@ANYBLOB="9400000013004f0a000200"/20, @ANYRES64=r8, @ANYRESHEX=r7], 0x94}, 0x1, 0x0, 0x0, 0x20002050}, 0x20008841) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000500)=ANY=[@ANYBLOB="9400000013004f0a000200"/20, @ANYRES64=r8, @ANYRESHEX=r7], 0x94}, 0x1, 0x0, 0x0, 0x20002050}, 0x20008841)
write$binfmt_misc(r11, &(0x7f0000000000), 0xfffffecc) (async)
write$binfmt_misc(r11, &(0x7f0000000000), 0xfffffecc)
splice(r10, 0x0, r12, 0x0, 0x8001, 0xd) (async)
splice(r10, 0x0, r12, 0x0, 0x8001, 0xd)
sendmsg$OSF_MSG_ADD(r9, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40048000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000a40)=ANY=[@ANYBLOB="bc040000000503000000000000000000070000065402010001000000ffff00000f04ff030c000f0073797a310000000000000000000000000000000000000000000000000000000013809314fbb8d24b954d584717344c05fc605ff0ab67b506c75044ee925e70deee02db2cbf3e7cef852045fcd19193c52994ca0e892c38edb57598fa2d053632faff00020000000006000000feff8000020000000100000001009f000300000081ffffff070055090100000001040000486e060003000000810000000020000003000000ff7f0000d56f7e2302000000a80f00000500050002000000040000004f04080003000000fbffffff03004065020000001000000005007a63010000000000000003007f00020000008754000000ff060002000000ffff00000000ffff01000000050000000700040002000000650000002800de0003000000000200000200ffffffffffffffff0000100008000200000008a32c730800865c020000001e0b0000020000aa0100000000000000800010000100000006000000080002000100000000000000632b090001000000060000000010b0080300000003000000ffff0500010000000700000004000300030000001b2800000700faff000000003cb10000090000100300000009000000d100020002000000fcffffff0100910500000000080000002b0a070003000000cd3d00000800060001000000ff7f00000080040001000000090000004ac89a040000000001feffff80000f590100000044000000a1060900000000000500000001800700020000000104000002001000542a9d6d070000000400040002000000050000000010010001000000090000005402010003000000ffffffff0408e7080101010073797a31000000000000000000000000000000000000000000000000000000008a3126087cee877a61d399eb85980ad9063dd6cc0c75e2cf5e067e0890093f357c6ed438d987e47f0cf953aacdebad9d03109ff94d9a07a6d0178a7c8ad6224f98a10004010000000700000000000c00020000000900000007000600020000000700000003000500020000003f02000001f0000003000000020000000000000802000000ffff00000a00070001000000010400000900b20201000000ffffff7f340e8600010000004e68000004000d00030000006e0000002000060000000000080000003478090000000000fcffffff0104070000000000020000000500090001000000feffffffff0fdaaf0000000002000000090000000000000000000000270801f802000000000001002500010000000000070000000300ff07030000000800000009000e0002000000060000000104bc00020000007f0000000900ff0100000000ad0e00008a00001002000000bd5100000200ff0700000000faffffff09000600020000000e000000040000020000000007000000ff7f050000000000070000000010080002000000ff0f00000600230903000000f600050001000000040000000000000002000000090000000700080001000000010000000800050002000000000000000300810000000000df0a00000000f3000000000006000000080011d6000000007fffffff03000600000000002a8600000600010002000000f40a00000200040003000000fc00000001000900000000000300000000000000"], 0x4bc}, 0x1, 0x0, 0x0, 0x24004080}, 0x10)
socket$inet_udplite(0x2, 0x2, 0x88) (async)
socket$inet_udplite(0x2, 0x2, 0x88)
io_uring_register$IORING_REGISTER_FILES(r6, 0x1e, &(0x7f0000000000)=[r6], 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/power/reserved_size', 0x44100, 0x1)

180.173936ms ago: executing program 1 (id=347):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000640)='./binderfs2/binder1\x00', 0x3, 0x0)
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r0, 0xc018620c, &(0x7f0000000680)={0x1})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000440)=@newqdisc={0x24, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, 0x0, {0x0, 0xa}, {0xffff, 0xffff}, {0xd, 0xffff}}}, 0x24}}, 0x44080)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000001180)=@newqdisc={0x38, 0x24, 0xd0f, 0x70bd25, 0x0, {0x60, 0x0, 0x0, 0x0, {}, {0x0, 0xa}, {0x0, 0x10}}, [@qdisc_kind_options=@q_pfifo={{0xa}, {0x8, 0x2, 0xfffffc00}}]}, 0x38}, 0x1, 0x0, 0x0, 0x55}, 0x4000)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="18090000000200000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff000000caf100bf0500000000000000010000f8ffffffb702000008000000b70300000000000085000000730000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup(r1)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r3}, &(0x7f0000000000), &(0x7f00000005c0)=r4}, 0x20)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x4, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r5}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, @void, @value}, 0x94)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r6}, 0x10)
r7 = socket$inet(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFDSTADDR(r7, 0x8918, &(0x7f0000000040)={'veth1\x00', {0x2, 0x4e23, @empty}})

53.316469ms ago: executing program 4 (id=348):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000280)={{0x1, 0x1, 0x18, <r1=>r0, {0x2}}, './file0\x00'})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000200000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
getsockopt$inet_mptcp_buf(r3, 0x6, 0x1, 0xfffffffffffffffd, &(0x7f0000000000))
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r6, 0x89f0, &(0x7f0000000740)={'ip6gre0\x00', &(0x7f00000006c0)={'ip6_vti0\x00', 0x0, 0x2f, 0x0, 0x3, 0x1ff, 0x8, @local, @private1={0xfc, 0x1, '\x00', 0x1}, 0x9, 0x1ffe1, 0x7, 0x2}})
r7 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0), 0x80100, 0x0)
r8 = syz_genetlink_get_family_id$devlink(&(0x7f0000000b80), r7)
io_uring_register$IORING_REGISTER_EVENTFD(r1, 0x4, &(0x7f0000000b40)=r1, 0x1)
sendmsg$DEVLINK_CMD_RELOAD(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="6400ffff", @ANYRES16=r8, @ANYBLOB="01000000000000000000250000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008008b00", @ANYRES32=0x0, @ANYBLOB="0e0001006e657464657673696d0000000f0002006e657464657673696d30000008008a00", @ANYRES32, @ANYBLOB], 0x64}}, 0x54)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
connect$unix(r9, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r10, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r9, &(0x7f0000000ac0)=[{{&(0x7f00000002c0)=@xdp, 0x80, &(0x7f0000000600)=[{&(0x7f0000001600)=""/4096, 0x1000}, {&(0x7f0000000340)=""/63, 0x3f}, {&(0x7f0000000380)=""/147, 0x93}, {&(0x7f0000000580)=""/99, 0x63}, {&(0x7f0000002600)=""/4096, 0x1000}], 0x5, &(0x7f0000000780)=""/204, 0xcc}, 0x8}, {{&(0x7f0000000900)=@generic, 0x80, &(0x7f0000000880)=[{&(0x7f0000000680)=""/43, 0x2b}, {&(0x7f0000000980)=""/142, 0x8e}], 0x2, &(0x7f0000000a40)=""/75, 0x4b}, 0x2}], 0x2, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000004c0)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@nombcache}, {@data_err_ignore}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@oldalloc}, {@grpquota}, {@noload}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
perf_event_open(&(0x7f0000000140)={0x8, 0x80, 0x7, 0x0, 0x0, 0x3, 0x82, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0xf}, 0x8080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x7}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x2)
io_uring_setup(0x3d67, &(0x7f0000000000)={0x0, 0xef3f, 0x2, 0x3, 0x4000000})

52.758499ms ago: executing program 3 (id=349):
personality(0x4600005)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa4ebbe25218875b3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
truncate(&(0x7f00000001c0)='./file2\x00', 0xaeb3)
pipe(&(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000a0db000000000000000000850000000e000000c50000002a00000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='netlink_extack\x00', r4}, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYRESHEX=r2, @ANYRESDEC=r4, @ANYRES64=r3], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f00000002c0)=ANY=[@ANYBLOB, @ANYRES32=r5, @ANYBLOB="0000000000000000b702000000020000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$kcm(0x10, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48)
r7 = socket$nl_route(0x10, 0x3, 0x0)
creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dc52)
lsetxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000140), &(0x7f00000000c0)=@v2={0x2000000, [{0x800, 0xbf}, {0x60, 0x1}]}, 0x14, 0x0)
lchown(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="00000000080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a08000000000000080007000800000900000012", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=r8, @ANYRES32, @ANYRES8], 0x48)
r9 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r9, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0x5}})
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = memfd_create(&(0x7f00000006c0)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xd4N\x12\x9b\x1f\t\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\xa1\x9c\x86xm\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xb9\xc0LF;\xd6\x84\x195\x06\x00\x00\x00~\xf3S\x12\"p^\xc1jP\x8a\xc6[\xbd\xe7q]\xdd\r\x1aZS\x01*\x1b\xfd\xbcMA\xdcq\xa1\x00\xb3\xf9\x91r\x7f\xdc\xf1\xc3G,\xdb\xccS\x15\x95b\x17\xab\xe4?\x96\x95\xa4kP\x99YO\xb8V\xd5p\x90X\xaaf', 0x0)
fallocate(r11, 0x0, 0x400000000000000, 0x2)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r2, 0xc0189378, &(0x7f0000000500)={{0x1, 0x1, 0x18, r5, {r11}}, './file0\x00'})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r10, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r12=>0x0})
r13 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r13, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=@newtfilter={0x24, 0x11, 0x1, 0x691522eb, 0x0, {0x0, 0x0, 0x74, r12, {0x10, 0x4}, {}, {0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)

47.75097ms ago: executing program 3 (id=350):
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @dev}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
sendmmsg(r0, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r2}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0)

696.92µs ago: executing program 0 (id=351):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
ioctl$TUNSETVNETHDRSZ(r0, 0x400454d8, &(0x7f0000000100)=0x4) (fail_nth: 1)

0s ago: executing program 3 (id=352):
socket(0x10, 0x3, 0x0) (async)
socket(0x10, 0x3, 0x0) (async, rerun: 32)
r0 = socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 32)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000500)=ANY=[@ANYBLOB="a001000010000100000000000000000000000000000000000000000000000000ff01000000000000000000000000000100000000000000000000200000000000be160e9cef4baab26a69f18fef23f15e6a99c0e62707fd96c97ce093aeea46af21eca7d4ceae008622699d57e91bc13eec18888bf4acd84015565344a713f51474b729ca20e758b75f7be8811b34", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000004d63200000000000000000000000000000000000001feffffffffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000400af0000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c00170000000000ffffffff000000000000000000000000000000004c001400636d61632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000"], 0x1a0}}, 0x10) (async, rerun: 32)
r2 = socket(0x10, 0x803, 0x0) (async, rerun: 32)
unshare(0x2c020400)
r3 = socket$xdp(0x2c, 0x3, 0x0)
getsockopt$XDP_STATISTICS(r3, 0x11b, 0x7, 0x0, &(0x7f00000022c0)) (async, rerun: 64)
sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) (async, rerun: 64)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000300)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000800)=ANY=[@ANYRES32=r4, @ANYRESOCT=r0, @ANYBLOB="7e731cc3d54c81caa3c2428b35b10a4772d5582b4abe353f63e26f1f0ad656f8c8f35a269431fb4f350c59c395cbb485659b4264bacbbcdfa9e859c53239283a79adb730f2ec2e692fe3fe797afc505d1d47e89e184ea94a4f7825ec89818a2a4db13fa9c28c12f64222efecbb27b7c17f147955f4605a896d430c52a3d5e75febfcf98c232a206b50ca906d087cbee894baa32222bbd8b5e9f07ccc232feafe1e4a5df5e8f023"], 0x3c}}, 0x0) (async, rerun: 64)
r5 = openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) (rerun: 64)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000c80)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
write$selinux_validatetrans(r5, 0x0, 0x79)
r7 = syz_open_procfs(0x0, &(0x7f0000000180)='mountinfo\x00') (async)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x20000000)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r10}, 0x10)
sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
sendmsg$NFT_BATCH(r8, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000780)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000180a0500000000000000000002000000300003802c00038014000100776732000000000000000000000000001400010076657468315f746f5f627269646765000900020073797a30000000000900010073797a30"], 0x84}, 0x1, 0x0, 0x0, 0x24040089}, 0x20008000) (async)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0) (async)
mount$tmpfs(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000080), 0x1200042, 0x0)
r11 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r11, 0x1, r7, &(0x7f0000000040)) (async, rerun: 32)
r12 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000280), r2) (rerun: 32)
sendmsg$L2TP_CMD_SESSION_MODIFY(r2, &(0x7f00000003c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000380)={&(0x7f00000002c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r12, @ANYBLOB="300426bd7000fddbdf25070000000500040007000000"], 0x1c}, 0x1, 0x0, 0x0, 0x44890}, 0x4008000)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.66' (ED25519) to the list of known hosts.
[   33.324126][   T29] audit: type=1400 audit(1748534049.816:62): avc:  denied  { mounton } for  pid=3306 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   33.325309][ T3306] cgroup: Unknown subsys name 'net'
[   33.347621][   T29] audit: type=1400 audit(1748534049.816:63): avc:  denied  { mount } for  pid=3306 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   33.375941][   T29] audit: type=1400 audit(1748534049.846:64): avc:  denied  { unmount } for  pid=3306 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   33.512613][ T3306] cgroup: Unknown subsys name 'cpuset'
[   33.519551][ T3306] cgroup: Unknown subsys name 'rlimit'
[   33.631788][   T29] audit: type=1400 audit(1748534050.126:65): avc:  denied  { setattr } for  pid=3306 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   33.658001][   T29] audit: type=1400 audit(1748534050.126:66): avc:  denied  { create } for  pid=3306 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   33.668980][ T3309] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[   33.679893][   T29] audit: type=1400 audit(1748534050.126:67): avc:  denied  { write } for  pid=3306 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   33.710769][   T29] audit: type=1400 audit(1748534050.126:68): avc:  denied  { read } for  pid=3306 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   33.731656][   T29] audit: type=1400 audit(1748534050.126:69): avc:  denied  { mounton } for  pid=3306 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
Setting up swapspace version 1, size = 127995904 bytes
[   33.758448][   T29] audit: type=1400 audit(1748534050.126:70): avc:  denied  { mount } for  pid=3306 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   33.784021][   T29] audit: type=1400 audit(1748534050.186:71): avc:  denied  { relabelto } for  pid=3309 comm="mkswap" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   33.815944][ T3306] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   35.670349][ T3316] chnl_net:caif_netlink_parms(): no params data found
[   35.777459][ T3316] bridge0: port 1(bridge_slave_0) entered blocking state
[   35.785815][ T3316] bridge0: port 1(bridge_slave_0) entered disabled state
[   35.793495][ T3316] bridge_slave_0: entered allmulticast mode
[   35.800091][ T3316] bridge_slave_0: entered promiscuous mode
[   35.809199][ T3316] bridge0: port 2(bridge_slave_1) entered blocking state
[   35.816746][ T3316] bridge0: port 2(bridge_slave_1) entered disabled state
[   35.824470][ T3316] bridge_slave_1: entered allmulticast mode
[   35.832398][ T3316] bridge_slave_1: entered promiscuous mode
[   35.842533][ T3318] chnl_net:caif_netlink_parms(): no params data found
[   35.882184][ T3316] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   35.894442][ T3325] chnl_net:caif_netlink_parms(): no params data found
[   35.918082][ T3316] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   35.958374][ T3316] team0: Port device team_slave_0 added
[   35.982110][ T3316] team0: Port device team_slave_1 added
[   36.019071][ T3318] bridge0: port 1(bridge_slave_0) entered blocking state
[   36.026274][ T3318] bridge0: port 1(bridge_slave_0) entered disabled state
[   36.033547][ T3318] bridge_slave_0: entered allmulticast mode
[   36.040191][ T3318] bridge_slave_0: entered promiscuous mode
[   36.049210][ T3318] bridge0: port 2(bridge_slave_1) entered blocking state
[   36.056620][ T3318] bridge0: port 2(bridge_slave_1) entered disabled state
[   36.063869][ T3318] bridge_slave_1: entered allmulticast mode
[   36.070587][ T3318] bridge_slave_1: entered promiscuous mode
[   36.082088][ T3326] chnl_net:caif_netlink_parms(): no params data found
[   36.108487][ T3316] batman_adv: batadv0: Adding interface: batadv_slave_0
[   36.115660][ T3316] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   36.141881][ T3316] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   36.156455][ T3328] chnl_net:caif_netlink_parms(): no params data found
[   36.165681][ T3325] bridge0: port 1(bridge_slave_0) entered blocking state
[   36.172967][ T3325] bridge0: port 1(bridge_slave_0) entered disabled state
[   36.180429][ T3325] bridge_slave_0: entered allmulticast mode
[   36.187096][ T3325] bridge_slave_0: entered promiscuous mode
[   36.198735][ T3316] batman_adv: batadv0: Adding interface: batadv_slave_1
[   36.206525][ T3316] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   36.234204][ T3316] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   36.254236][ T3325] bridge0: port 2(bridge_slave_1) entered blocking state
[   36.261696][ T3325] bridge0: port 2(bridge_slave_1) entered disabled state
[   36.269285][ T3325] bridge_slave_1: entered allmulticast mode
[   36.276108][ T3325] bridge_slave_1: entered promiscuous mode
[   36.283936][ T3318] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   36.308213][ T3318] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   36.344228][ T3325] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   36.355778][ T3325] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   36.381134][ T3318] team0: Port device team_slave_0 added
[   36.403277][ T3316] hsr_slave_0: entered promiscuous mode
[   36.409531][ T3316] hsr_slave_1: entered promiscuous mode
[   36.416312][ T3318] team0: Port device team_slave_1 added
[   36.428571][ T3325] team0: Port device team_slave_0 added
[   36.468301][ T3325] team0: Port device team_slave_1 added
[   36.480275][ T3326] bridge0: port 1(bridge_slave_0) entered blocking state
[   36.487680][ T3326] bridge0: port 1(bridge_slave_0) entered disabled state
[   36.495171][ T3326] bridge_slave_0: entered allmulticast mode
[   36.501898][ T3326] bridge_slave_0: entered promiscuous mode
[   36.508465][ T3328] bridge0: port 1(bridge_slave_0) entered blocking state
[   36.515815][ T3328] bridge0: port 1(bridge_slave_0) entered disabled state
[   36.523118][ T3328] bridge_slave_0: entered allmulticast mode
[   36.529929][ T3328] bridge_slave_0: entered promiscuous mode
[   36.537069][ T3318] batman_adv: batadv0: Adding interface: batadv_slave_0
[   36.544179][ T3318] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   36.572229][ T3318] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   36.593348][ T3326] bridge0: port 2(bridge_slave_1) entered blocking state
[   36.600537][ T3326] bridge0: port 2(bridge_slave_1) entered disabled state
[   36.607932][ T3326] bridge_slave_1: entered allmulticast mode
[   36.614903][ T3326] bridge_slave_1: entered promiscuous mode
[   36.621289][ T3328] bridge0: port 2(bridge_slave_1) entered blocking state
[   36.628735][ T3328] bridge0: port 2(bridge_slave_1) entered disabled state
[   36.636337][ T3328] bridge_slave_1: entered allmulticast mode
[   36.643272][ T3328] bridge_slave_1: entered promiscuous mode
[   36.650561][ T3318] batman_adv: batadv0: Adding interface: batadv_slave_1
[   36.658072][ T3318] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   36.685085][ T3318] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   36.699085][ T3325] batman_adv: batadv0: Adding interface: batadv_slave_0
[   36.706468][ T3325] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   36.734750][ T3325] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   36.770960][ T3325] batman_adv: batadv0: Adding interface: batadv_slave_1
[   36.778153][ T3325] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   36.804854][ T3325] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   36.819526][ T3326] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   36.835835][ T3328] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   36.854491][ T3326] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   36.865876][ T3328] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   36.918316][ T3328] team0: Port device team_slave_0 added
[   36.925363][ T3328] team0: Port device team_slave_1 added
[   36.938490][ T3318] hsr_slave_0: entered promiscuous mode
[   36.944639][ T3318] hsr_slave_1: entered promiscuous mode
[   36.950695][ T3318] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   36.958409][ T3318] Cannot create hsr debugfs directory
[   36.971529][ T3325] hsr_slave_0: entered promiscuous mode
[   36.977903][ T3325] hsr_slave_1: entered promiscuous mode
[   36.984031][ T3325] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   36.992148][ T3325] Cannot create hsr debugfs directory
[   36.998837][ T3326] team0: Port device team_slave_0 added
[   37.005829][ T3326] team0: Port device team_slave_1 added
[   37.022361][ T3328] batman_adv: batadv0: Adding interface: batadv_slave_0
[   37.029441][ T3328] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   37.055990][ T3328] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   37.084030][ T3328] batman_adv: batadv0: Adding interface: batadv_slave_1
[   37.091432][ T3328] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   37.117834][ T3328] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   37.145180][ T3326] batman_adv: batadv0: Adding interface: batadv_slave_0
[   37.152218][ T3326] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   37.179108][ T3326] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   37.200292][ T3326] batman_adv: batadv0: Adding interface: batadv_slave_1
[   37.207878][ T3326] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   37.234963][ T3326] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   37.287423][ T3328] hsr_slave_0: entered promiscuous mode
[   37.293699][ T3328] hsr_slave_1: entered promiscuous mode
[   37.299869][ T3328] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   37.307800][ T3328] Cannot create hsr debugfs directory
[   37.341599][ T3326] hsr_slave_0: entered promiscuous mode
[   37.348178][ T3326] hsr_slave_1: entered promiscuous mode
[   37.354546][ T3326] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   37.362355][ T3326] Cannot create hsr debugfs directory
[   37.426515][ T3316] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   37.438771][ T3316] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   37.447628][ T3316] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   37.458529][ T3316] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   37.543084][ T3325] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   37.555776][ T3325] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   37.565723][ T3325] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   37.575925][ T3325] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   37.614303][ T3318] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   37.633738][ T3318] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   37.647011][ T3318] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   37.663971][ T3318] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   37.678807][ T3316] 8021q: adding VLAN 0 to HW filter on device bond0
[   37.697292][ T3326] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   37.707590][ T3326] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   37.717793][ T3326] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   37.727894][ T3326] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   37.754115][ T3316] 8021q: adding VLAN 0 to HW filter on device team0
[   37.771674][   T37] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.778906][   T37] bridge0: port 1(bridge_slave_0) entered forwarding state
[   37.790678][ T3325] 8021q: adding VLAN 0 to HW filter on device bond0
[   37.805963][   T51] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.813447][   T51] bridge0: port 2(bridge_slave_1) entered forwarding state
[   37.838521][ T3328] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   37.848165][ T3328] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   37.860875][ T3328] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   37.870316][ T3328] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   37.882217][ T3325] 8021q: adding VLAN 0 to HW filter on device team0
[   37.899592][   T51] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.906885][   T51] bridge0: port 1(bridge_slave_0) entered forwarding state
[   37.921991][   T51] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.929279][   T51] bridge0: port 2(bridge_slave_1) entered forwarding state
[   37.982754][ T3318] 8021q: adding VLAN 0 to HW filter on device bond0
[   38.007566][ T3318] 8021q: adding VLAN 0 to HW filter on device team0
[   38.023724][ T1777] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.030921][ T1777] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.045438][ T3326] 8021q: adding VLAN 0 to HW filter on device bond0
[   38.062628][   T51] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.070112][   T51] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.106501][ T3318] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   38.117916][ T3318] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   38.146145][ T3328] 8021q: adding VLAN 0 to HW filter on device bond0
[   38.155830][ T3326] 8021q: adding VLAN 0 to HW filter on device team0
[   38.171232][ T3316] 8021q: adding VLAN 0 to HW filter on device batadv0
[   38.183039][   T37] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.190334][   T37] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.199974][   T37] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.207559][   T37] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.224530][ T3328] 8021q: adding VLAN 0 to HW filter on device team0
[   38.240562][ T3326] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   38.251907][ T3326] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   38.276864][ T3325] 8021q: adding VLAN 0 to HW filter on device batadv0
[   38.294796][ T3318] 8021q: adding VLAN 0 to HW filter on device batadv0
[   38.321077][ T1441] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.328347][ T1441] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.340841][ T1441] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.348128][ T1441] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.410874][ T3326] 8021q: adding VLAN 0 to HW filter on device batadv0
[   38.494725][ T3325] veth0_vlan: entered promiscuous mode
[   38.504660][ T3318] veth0_vlan: entered promiscuous mode
[   38.517284][ T3316] veth0_vlan: entered promiscuous mode
[   38.532870][ T3325] veth1_vlan: entered promiscuous mode
[   38.550170][ T3318] veth1_vlan: entered promiscuous mode
[   38.577106][ T3316] veth1_vlan: entered promiscuous mode
[   38.609290][ T3316] veth0_macvtap: entered promiscuous mode
[   38.618289][ T3325] veth0_macvtap: entered promiscuous mode
[   38.627314][ T3325] veth1_macvtap: entered promiscuous mode
[   38.639438][ T3316] veth1_macvtap: entered promiscuous mode
[   38.657329][ T3318] veth0_macvtap: entered promiscuous mode
[   38.671957][ T3316] batman_adv: batadv0: Interface activated: batadv_slave_0
[   38.684771][ T3325] batman_adv: batadv0: Interface activated: batadv_slave_0
[   38.696182][ T3318] veth1_macvtap: entered promiscuous mode
[   38.705332][ T3328] 8021q: adding VLAN 0 to HW filter on device batadv0
[   38.719468][ T3316] batman_adv: batadv0: Interface activated: batadv_slave_1
[   38.733467][ T3325] batman_adv: batadv0: Interface activated: batadv_slave_1
[   38.749319][ T3318] batman_adv: batadv0: Interface activated: batadv_slave_0
[   38.759400][ T3316] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   38.768529][ T3316] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   38.778019][ T3316] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   38.787182][ T3316] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   38.802795][ T3325] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   38.812367][ T3325] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   38.821265][ T3325] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   38.830338][ T3325] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   38.849806][ T3318] batman_adv: batadv0: Interface activated: batadv_slave_1
[   38.862597][ T3318] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   38.872303][ T3318] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   38.881621][ T3318] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   38.891158][ T3318] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   38.910063][ T3326] veth0_vlan: entered promiscuous mode
[   38.933030][   T29] kauditd_printk_skb: 9 callbacks suppressed
[   38.933045][   T29] audit: type=1400 audit(1748534055.426:81): avc:  denied  { mounton } for  pid=3316 comm="syz-executor" path="/root/syzkaller.1V1KQv/syz-tmp" dev="sda1" ino=2041 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[   38.969311][   T29] audit: type=1400 audit(1748534055.426:82): avc:  denied  { mount } for  pid=3316 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   38.992371][   T29] audit: type=1400 audit(1748534055.426:83): avc:  denied  { mounton } for  pid=3316 comm="syz-executor" path="/root/syzkaller.1V1KQv/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   39.018696][   T29] audit: type=1400 audit(1748534055.426:84): avc:  denied  { mount } for  pid=3316 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[   39.040575][   T29] audit: type=1400 audit(1748534055.426:85): avc:  denied  { mounton } for  pid=3316 comm="syz-executor" path="/root/syzkaller.1V1KQv/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[   39.067822][   T29] audit: type=1400 audit(1748534055.426:86): avc:  denied  { mounton } for  pid=3316 comm="syz-executor" path="/root/syzkaller.1V1KQv/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=4280 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[   39.100053][   T29] audit: type=1400 audit(1748534055.426:87): avc:  denied  { unmount } for  pid=3316 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   39.125231][   T29] audit: type=1400 audit(1748534055.616:88): avc:  denied  { mounton } for  pid=3316 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=536 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[   39.135622][ T3326] veth1_vlan: entered promiscuous mode
[   39.156633][   T29] audit: type=1400 audit(1748534055.616:89): avc:  denied  { mount } for  pid=3316 comm="syz-executor" name="/" dev="gadgetfs" ino=3870 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[   39.192445][ T3316] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   39.193592][ T3328] veth0_vlan: entered promiscuous mode
[   39.215993][ T3328] veth1_vlan: entered promiscuous mode
[   39.242962][   T29] audit: type=1400 audit(1748534055.726:90): avc:  denied  { read write } for  pid=3316 comm="syz-executor" name="loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   39.269645][ T3326] veth0_macvtap: entered promiscuous mode
[   39.304895][ T3328] veth0_macvtap: entered promiscuous mode
[   39.323186][ T3326] veth1_macvtap: entered promiscuous mode
[   39.351908][ T3328] veth1_macvtap: entered promiscuous mode
[   39.367866][ T3326] batman_adv: batadv0: Interface activated: batadv_slave_0
[   39.380847][ T3463] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=3463 comm=syz.0.1
[   39.396841][ T3328] batman_adv: batadv0: Interface activated: batadv_slave_0
[   39.407471][ T3326] batman_adv: batadv0: Interface activated: batadv_slave_1
[   39.416295][ T3328] batman_adv: batadv0: Interface activated: batadv_slave_1
[   39.433008][ T3326] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   39.441900][ T3326] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   39.444657][    C1] hrtimer: interrupt took 36090 ns
[   39.450802][ T3326] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   39.465177][ T3326] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   39.477553][ T3328] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   39.486729][ T3328] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   39.495978][ T3328] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   39.504852][ T3328] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   39.651973][ T3477] netlink: 'syz.1.10': attribute type 4 has an invalid length.
[   39.691378][ T3477] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10'.
[   39.724831][ T3477] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   39.732467][ T3477] batman_adv: batadv0: Removing interface: batadv_slave_0
[   39.744368][ T3475] loop2: detected capacity change from 0 to 128
[   39.752481][ T3477] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   39.760357][ T3477] batman_adv: batadv0: Removing interface: batadv_slave_1
[   39.767474][ T3475] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   39.780618][ T3485] syz.3.11 uses obsolete (PF_INET,SOCK_PACKET)
[   39.799927][ T1777] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   39.879200][ T3489] FAULT_INJECTION: forcing a failure.
[   39.879200][ T3489] name failslab, interval 1, probability 0, space 0, times 1
[   39.892647][ T3489] CPU: 0 UID: 0 PID: 3489 Comm: syz.2.12 Not tainted 6.15.0-syzkaller-07774-g90b83efa6701 #0 PREEMPT(voluntary) 
[   39.892760][ T3489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   39.892781][ T3489] Call Trace:
[   39.892789][ T3489]  <TASK>
[   39.892849][ T3489]  __dump_stack+0x1d/0x30
[   39.892883][ T3489]  dump_stack_lvl+0xe8/0x140
[   39.892908][ T3489]  dump_stack+0x15/0x1b
[   39.892930][ T3489]  should_fail_ex+0x265/0x280
[   39.892971][ T3489]  should_failslab+0x8c/0xb0
[   39.893026][ T3489]  kmem_cache_alloc_noprof+0x50/0x310
[   39.893061][ T3489]  ? audit_log_start+0x365/0x6c0
[   39.893104][ T3489]  audit_log_start+0x365/0x6c0
[   39.893320][ T3489]  ? __rcu_read_unlock+0x34/0x70
[   39.893416][ T3489]  audit_seccomp+0x48/0x100
[   39.893449][ T3489]  ? __seccomp_filter+0x68c/0x10d0
[   39.893476][ T3489]  __seccomp_filter+0x69d/0x10d0
[   39.893531][ T3489]  __secure_computing+0x82/0x150
[   39.893559][ T3489]  syscall_trace_enter+0xcf/0x1e0
[   39.893596][ T3489]  do_syscall_64+0xac/0x200
[   39.893692][ T3489]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   39.893726][ T3489]  ? clear_bhb_loop+0x40/0x90
[   39.893774][ T3489]  ? clear_bhb_loop+0x40/0x90
[   39.893804][ T3489]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   39.893830][ T3489] RIP: 0033:0x7f63fd2b0887
[   39.893902][ T3489] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   39.893927][ T3489] RSP: 002b:00007f63fb915fa8 EFLAGS: 00000286 ORIG_RAX: 0000000000000029
[   39.893950][ T3489] RAX: ffffffffffffffda RBX: 00007f63fd4d5fa0 RCX: 00007f63fd2b0887
[   39.893995][ T3489] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[   39.894012][ T3489] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000
[   39.894029][ T3489] R10: 0000200000000fc0 R11: 0000000000000286 R12: 0000000000000001
[   39.894046][ T3489] R13: 0000000000000000 R14: 00007f63fd4d5fa0 R15: 00007ffe039ce2b8
[   39.894071][ T3489]  </TASK>
[   40.117725][ T3500] FAULT_INJECTION: forcing a failure.
[   40.117725][ T3500] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   40.131019][ T3500] CPU: 1 UID: 0 PID: 3500 Comm: syz.3.15 Not tainted 6.15.0-syzkaller-07774-g90b83efa6701 #0 PREEMPT(voluntary) 
[   40.131116][ T3500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   40.131139][ T3500] Call Trace:
[   40.131147][ T3500]  <TASK>
[   40.131155][ T3500]  __dump_stack+0x1d/0x30
[   40.131176][ T3500]  dump_stack_lvl+0xe8/0x140
[   40.131201][ T3500]  dump_stack+0x15/0x1b
[   40.131230][ T3500]  should_fail_ex+0x265/0x280
[   40.131270][ T3500]  should_fail+0xb/0x20
[   40.131303][ T3500]  should_fail_usercopy+0x1a/0x20
[   40.131415][ T3500]  _copy_to_user+0x20/0xa0
[   40.131616][ T3500]  simple_read_from_buffer+0xb5/0x130
[   40.131658][ T3500]  proc_fail_nth_read+0x100/0x140
[   40.131694][ T3500]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   40.131730][ T3500]  vfs_read+0x1a0/0x6f0
[   40.131847][ T3500]  ? __rcu_read_unlock+0x4f/0x70
[   40.131891][ T3500]  ? __fget_files+0x184/0x1c0
[   40.131913][ T3500]  ksys_read+0xda/0x1a0
[   40.132010][ T3500]  __x64_sys_read+0x40/0x50
[   40.132049][ T3500]  x64_sys_call+0x2d77/0x2fb0
[   40.132071][ T3500]  do_syscall_64+0xd2/0x200
[   40.132139][ T3500]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   40.132172][ T3500]  ? clear_bhb_loop+0x40/0x90
[   40.132200][ T3500]  ? clear_bhb_loop+0x40/0x90
[   40.132232][ T3500]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   40.132259][ T3500] RIP: 0033:0x7fe18eb4d37c
[   40.132317][ T3500] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   40.132336][ T3500] RSP: 002b:00007fe18d196030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   40.132354][ T3500] RAX: ffffffffffffffda RBX: 00007fe18ed76080 RCX: 00007fe18eb4d37c
[   40.132370][ T3500] RDX: 000000000000000f RSI: 00007fe18d1960a0 RDI: 0000000000000006
[   40.132386][ T3500] RBP: 00007fe18d196090 R08: 0000000000000000 R09: 00000000fffffdcf
[   40.132403][ T3500] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   40.132419][ T3500] R13: 0000000000000000 R14: 00007fe18ed76080 R15: 00007ffdaa5809f8
[   40.132508][ T3500]  </TASK>
[   40.537570][ T3519] process 'syz.2.22' launched './file1' with NULL argv: empty string added
[   40.548764][ T3515] loop4: detected capacity change from 0 to 128
[   40.562387][ T3515] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   40.600339][ T3525] capability: warning: `syz.2.25' uses deprecated v2 capabilities in a way that may be insecure
[   40.613078][ T3525] loop2: detected capacity change from 0 to 128
[   40.638029][   T57] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   40.648283][ T3525] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[   40.679329][ T3525] ext4 filesystem being mounted at /7/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   40.690246][ T3529] loop4: detected capacity change from 0 to 1024
[   40.695664][ T3525] netlink: 'syz.2.25': attribute type 27 has an invalid length.
[   40.705124][ T3525] netlink: 'syz.2.25': attribute type 3 has an invalid length.
[   40.713164][ T3525] netlink: 132 bytes leftover after parsing attributes in process `syz.2.25'.
[   40.723178][ T3529] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.744752][ T3529] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   40.763279][ T3529] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 51 with max blocks 1 with error 28
[   40.775826][ T3529] EXT4-fs (loop4): This should not happen!! Data will be lost
[   40.775826][ T3529] 
[   40.786026][ T3529] EXT4-fs (loop4): Total free blocks count 0
[   40.792256][ T3529] EXT4-fs (loop4): Free/Dirty block details
[   40.798696][ T3529] EXT4-fs (loop4): free_blocks=68451041280
[   40.804711][ T3529] EXT4-fs (loop4): dirty_blocks=32
[   40.810110][ T3529] EXT4-fs (loop4): Block reservation details
[   40.816174][ T3529] EXT4-fs (loop4): i_reserved_data_blocks=2
[   40.824225][ T3532] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 52 with error 28
[   40.847386][ T3529] syz.4.26 (3529) used greatest stack depth: 9880 bytes left
[   40.938518][ T3325] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   40.962393][ T3539] block device autoloading is deprecated and will be removed.
[   40.970571][ T3539] syz.2.28: attempt to access beyond end of device
[   40.970571][ T3539] md33: rw=2048, sector=0, nr_sectors = 8 limit=0
[   41.188055][ T3555] netlink: 'syz.2.35': attribute type 10 has an invalid length.
[   41.195976][ T3555] netlink: 40 bytes leftover after parsing attributes in process `syz.2.35'.
[   41.209904][ T3555] team0: Port device geneve1 added
[   41.279011][ T3556] loop2: detected capacity change from 0 to 512
[   41.314964][ T3556] EXT4-fs (loop2): too many log groups per flexible block group
[   41.323127][ T3556] EXT4-fs (loop2): failed to initialize mballoc (-12)
[   41.392073][ T3556] EXT4-fs (loop2): mount failed
[   41.426173][ T3567] loop3: detected capacity change from 0 to 128
[   41.475506][ T3567] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   41.505492][ T3569] loop4: detected capacity change from 0 to 2048
[   41.534847][ T3569] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   41.549861][ T3572] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   41.567632][ T1777] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   41.621476][ T3326] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.713119][ T3582] loop1: detected capacity change from 0 to 1024
[   41.747463][ T3582] =======================================================
[   41.747463][ T3582] WARNING: The mand mount option has been deprecated and
[   41.747463][ T3582]          and is ignored by this kernel. Remove the mand
[   41.747463][ T3582]          option from the mount to silence this warning.
[   41.747463][ T3582] =======================================================
[   41.854215][ T3593] FAULT_INJECTION: forcing a failure.
[   41.854215][ T3593] name failslab, interval 1, probability 0, space 0, times 0
[   41.867613][ T3593] CPU: 1 UID: 0 PID: 3593 Comm: syz.1.47 Not tainted 6.15.0-syzkaller-07774-g90b83efa6701 #0 PREEMPT(voluntary) 
[   41.867646][ T3593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   41.867663][ T3593] Call Trace:
[   41.867672][ T3593]  <TASK>
[   41.867748][ T3593]  __dump_stack+0x1d/0x30
[   41.867774][ T3593]  dump_stack_lvl+0xe8/0x140
[   41.867793][ T3593]  dump_stack+0x15/0x1b
[   41.867809][ T3593]  should_fail_ex+0x265/0x280
[   41.867866][ T3593]  ? ftrace_profile_set_filter+0x96/0x190
[   41.867890][ T3593]  should_failslab+0x8c/0xb0
[   41.867917][ T3593]  __kmalloc_cache_noprof+0x4c/0x320
[   41.867950][ T3593]  ftrace_profile_set_filter+0x96/0x190
[   41.867978][ T3593]  perf_ioctl+0x7b3/0x12e0
[   41.868102][ T3593]  ? ioctl_has_perm+0x289/0x2a0
[   41.868134][ T3593]  ? do_vfs_ioctl+0xd1e/0x11d0
[   41.868170][ T3593]  ? selinux_file_ioctl+0x2e3/0x370
[   41.868193][ T3593]  ? __fget_files+0x184/0x1c0
[   41.868240][ T3593]  ? __pfx_perf_ioctl+0x10/0x10
[   41.868276][ T3593]  __se_sys_ioctl+0xce/0x140
[   41.868340][ T3593]  __x64_sys_ioctl+0x43/0x50
[   41.868375][ T3593]  x64_sys_call+0x19a8/0x2fb0
[   41.868397][ T3593]  do_syscall_64+0xd2/0x200
[   41.868423][ T3593]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   41.868448][ T3593]  ? clear_bhb_loop+0x40/0x90
[   41.868492][ T3593]  ? clear_bhb_loop+0x40/0x90
[   41.868521][ T3593]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   41.868549][ T3593] RIP: 0033:0x7f25223be969
[   41.868565][ T3593] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   41.868582][ T3593] RSP: 002b:00007f2520a27038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   41.868640][ T3593] RAX: ffffffffffffffda RBX: 00007f25225e5fa0 RCX: 00007f25223be969
[   41.868732][ T3593] RDX: 0000200000000340 RSI: 0000000040082406 RDI: 0000000000000006
[   41.868749][ T3593] RBP: 00007f2520a27090 R08: 0000000000000000 R09: 0000000000000000
[   41.868765][ T3593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   41.868780][ T3593] R13: 0000000000000000 R14: 00007f25225e5fa0 R15: 00007ffe208a4268
[   41.868805][ T3593]  </TASK>
[   42.196182][ T3595] loop4: detected capacity change from 0 to 1024
[   42.203808][ T3599] loop1: detected capacity change from 0 to 764
[   42.212852][ T3599] rock: corrupted directory entry. extent=32, offset=2044, size=237
[   42.280626][ T3595] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   42.304619][ T3608] loop2: detected capacity change from 0 to 128
[   42.334772][ T3595] ext4 filesystem being mounted at /10/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   42.348494][ T3608] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   42.377752][ T3595] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.49: bg 0: block 393: padding at end of block bitmap is not set
[   42.430591][   T57] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   42.451008][ T3595] EXT4-fs (loop4): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 186 with error 117
[   42.464958][ T3595] EXT4-fs (loop4): This should not happen!! Data will be lost
[   42.464958][ T3595] 
[   42.496534][ T3616] netlink: 'syz.3.55': attribute type 4 has an invalid length.
[   42.530915][ T3595] syz.4.49 (3595) used greatest stack depth: 9840 bytes left
[   42.532488][ T3616] netlink: 4 bytes leftover after parsing attributes in process `syz.3.55'.
[   42.572610][ T3616] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   42.580187][ T3616] batman_adv: batadv0: Removing interface: batadv_slave_0
[   42.604079][ T3326] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.622771][ T3616] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   42.630364][ T3616] batman_adv: batadv0: Removing interface: batadv_slave_1
[   42.829529][ T3638] loop1: detected capacity change from 0 to 128
[   42.858262][ T3648] netlink: 12 bytes leftover after parsing attributes in process `syz.3.70'.
[   42.879565][ T3638] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   42.966959][   T31] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   43.072423][ T3667] FAULT_INJECTION: forcing a failure.
[   43.072423][ T3667] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   43.085861][ T3667] CPU: 0 UID: 0 PID: 3667 Comm: syz.2.78 Not tainted 6.15.0-syzkaller-07774-g90b83efa6701 #0 PREEMPT(voluntary) 
[   43.085908][ T3667] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   43.085925][ T3667] Call Trace:
[   43.085933][ T3667]  <TASK>
[   43.085951][ T3667]  __dump_stack+0x1d/0x30
[   43.085987][ T3667]  dump_stack_lvl+0xe8/0x140
[   43.086051][ T3667]  dump_stack+0x15/0x1b
[   43.086078][ T3667]  should_fail_ex+0x265/0x280
[   43.086184][ T3667]  should_fail+0xb/0x20
[   43.086221][ T3667]  should_fail_usercopy+0x1a/0x20
[   43.086324][ T3667]  _copy_from_user+0x1c/0xb0
[   43.086425][ T3667]  sctp_setsockopt+0x154/0xe30
[   43.086445][ T3667]  sock_common_setsockopt+0x66/0x80
[   43.086489][ T3667]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   43.086535][ T3667]  __sys_setsockopt+0x184/0x200
[   43.086609][ T3667]  __x64_sys_setsockopt+0x64/0x80
[   43.086633][ T3667]  x64_sys_call+0x2bd5/0x2fb0
[   43.086660][ T3667]  do_syscall_64+0xd2/0x200
[   43.086691][ T3667]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   43.086768][ T3667]  ? clear_bhb_loop+0x40/0x90
[   43.086833][ T3667]  ? clear_bhb_loop+0x40/0x90
[   43.086855][ T3667]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   43.086943][ T3667] RIP: 0033:0x7f63fd2ae969
[   43.086962][ T3667] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   43.086986][ T3667] RSP: 002b:00007f63fb917038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   43.087078][ T3667] RAX: ffffffffffffffda RBX: 00007f63fd4d5fa0 RCX: 00007f63fd2ae969
[   43.087095][ T3667] RDX: 0000000000000072 RSI: 0000000000000084 RDI: 0000000000000003
[   43.087111][ T3667] RBP: 00007f63fb917090 R08: 000000000000000c R09: 0000000000000000
[   43.087127][ T3667] R10: 0000200000000240 R11: 0000000000000246 R12: 0000000000000001
[   43.087143][ T3667] R13: 0000000000000000 R14: 00007f63fd4d5fa0 R15: 00007ffe039ce2b8
[   43.087165][ T3667]  </TASK>
[   43.354933][ T3676] loop3: detected capacity change from 0 to 256
[   43.407464][ T3678] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   43.464721][ T3678] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   43.515432][ T3678] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   43.544217][ T3685] loop3: detected capacity change from 0 to 128
[   43.566106][ T3678] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   43.607316][ T3685] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   43.665612][ T3678] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   43.679496][ T3678] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   43.713494][ T3678] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   43.726036][ T3678] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   43.767214][   T31] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   43.941937][   T29] kauditd_printk_skb: 328 callbacks suppressed
[   43.941953][   T29] audit: type=1400 audit(1748534060.436:417): avc:  denied  { prog_load } for  pid=3698 comm="syz.3.90" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   44.012497][   T29] audit: type=1326 audit(1748534060.436:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3697 comm="syz.1.89" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f25223bd2d0 code=0x7ffc0000
[   44.036194][   T29] audit: type=1400 audit(1748534060.436:419): avc:  denied  { read write } for  pid=3697 comm="syz.1.89" name="loop8" dev="devtmpfs" ino=108 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[   44.060515][   T29] audit: type=1326 audit(1748534060.436:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3697 comm="syz.1.89" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25223be969 code=0x7ffc0000
[   44.084212][   T29] audit: type=1326 audit(1748534060.436:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3697 comm="syz.1.89" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25223be969 code=0x7ffc0000
[   44.108406][   T29] audit: type=1326 audit(1748534060.436:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3697 comm="syz.1.89" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7f25223be969 code=0x7ffc0000
[   44.132466][   T29] audit: type=1326 audit(1748534060.436:423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3697 comm="syz.1.89" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25223be969 code=0x7ffc0000
[   44.156850][   T29] audit: type=1326 audit(1748534060.436:424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3697 comm="syz.1.89" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f25223be969 code=0x7ffc0000
[   44.180467][   T29] audit: type=1400 audit(1748534060.456:425): avc:  denied  { prog_load } for  pid=3698 comm="syz.3.90" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   44.199881][   T29] audit: type=1326 audit(1748534060.466:426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3697 comm="syz.1.89" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25223be969 code=0x7ffc0000
[   44.330226][ T3719] netlink: 'syz.2.96': attribute type 4 has an invalid length.
[   44.364877][ T3719] netlink: 4 bytes leftover after parsing attributes in process `syz.2.96'.
[   44.421455][ T3721] netlink: 'syz.2.97': attribute type 4 has an invalid length.
[   44.836190][ T3726] netlink: 4 bytes leftover after parsing attributes in process `syz.2.97'.
[   45.167744][ T3744] FAULT_INJECTION: forcing a failure.
[   45.167744][ T3744] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   45.181176][ T3744] CPU: 0 UID: 0 PID: 3744 Comm: syz.3.107 Not tainted 6.15.0-syzkaller-07774-g90b83efa6701 #0 PREEMPT(voluntary) 
[   45.181278][ T3744] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   45.181291][ T3744] Call Trace:
[   45.181299][ T3744]  <TASK>
[   45.181307][ T3744]  __dump_stack+0x1d/0x30
[   45.181390][ T3744]  dump_stack_lvl+0xe8/0x140
[   45.181416][ T3744]  dump_stack+0x15/0x1b
[   45.181438][ T3744]  should_fail_ex+0x265/0x280
[   45.181476][ T3744]  should_fail+0xb/0x20
[   45.181517][ T3744]  should_fail_usercopy+0x1a/0x20
[   45.181557][ T3744]  strncpy_from_user+0x25/0x230
[   45.181587][ T3744]  ? kmem_cache_alloc_noprof+0x186/0x310
[   45.181617][ T3744]  ? getname_flags+0x80/0x3b0
[   45.181682][ T3744]  getname_flags+0xae/0x3b0
[   45.181712][ T3744]  path_removexattrat+0xf5/0x570
[   45.181751][ T3744]  __x64_sys_removexattr+0x38/0x50
[   45.181823][ T3744]  x64_sys_call+0x2c7a/0x2fb0
[   45.181851][ T3744]  do_syscall_64+0xd2/0x200
[   45.181885][ T3744]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   45.181915][ T3744]  ? clear_bhb_loop+0x40/0x90
[   45.181950][ T3744]  ? clear_bhb_loop+0x40/0x90
[   45.181994][ T3744]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   45.182032][ T3744] RIP: 0033:0x7fe18eb4e969
[   45.182050][ T3744] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   45.182067][ T3744] RSP: 002b:00007fe18d1b7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c5
[   45.182100][ T3744] RAX: ffffffffffffffda RBX: 00007fe18ed75fa0 RCX: 00007fe18eb4e969
[   45.182117][ T3744] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000200000000040
[   45.182132][ T3744] RBP: 00007fe18d1b7090 R08: 0000000000000000 R09: 0000000000000000
[   45.182146][ T3744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   45.182157][ T3744] R13: 0000000000000000 R14: 00007fe18ed75fa0 R15: 00007ffdaa5809f8
[   45.182175][ T3744]  </TASK>
[   45.584928][ T3753] netlink: 'syz.2.108': attribute type 4 has an invalid length.
[   45.653994][ T3753] netlink: 4 bytes leftover after parsing attributes in process `syz.2.108'.
[   45.782542][ T3759] ALSA: seq fatal error: cannot create timer (-19)
[   46.117719][ T3787] netlink: 'syz.0.121': attribute type 4 has an invalid length.
[   46.222563][ T3787] netlink: 4 bytes leftover after parsing attributes in process `syz.0.121'.
[   46.227288][ T3793] FAULT_INJECTION: forcing a failure.
[   46.227288][ T3793] name failslab, interval 1, probability 0, space 0, times 0
[   46.245237][ T3793] CPU: 1 UID: 0 PID: 3793 Comm: syz.1.124 Not tainted 6.15.0-syzkaller-07774-g90b83efa6701 #0 PREEMPT(voluntary) 
[   46.245276][ T3793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   46.245293][ T3793] Call Trace:
[   46.245302][ T3793]  <TASK>
[   46.245311][ T3793]  __dump_stack+0x1d/0x30
[   46.245337][ T3793]  dump_stack_lvl+0xe8/0x140
[   46.245362][ T3793]  dump_stack+0x15/0x1b
[   46.245459][ T3793]  should_fail_ex+0x265/0x280
[   46.245501][ T3793]  should_failslab+0x8c/0xb0
[   46.245529][ T3793]  kmem_cache_alloc_noprof+0x50/0x310
[   46.245563][ T3793]  ? getname_flags+0x80/0x3b0
[   46.245614][ T3793]  getname_flags+0x80/0x3b0
[   46.245640][ T3793]  path_setxattrat+0x223/0x310
[   46.245680][ T3793]  __x64_sys_setxattr+0x6e/0x90
[   46.245717][ T3793]  x64_sys_call+0x28a7/0x2fb0
[   46.245746][ T3793]  do_syscall_64+0xd2/0x200
[   46.245780][ T3793]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   46.245830][ T3793]  ? clear_bhb_loop+0x40/0x90
[   46.245855][ T3793]  ? clear_bhb_loop+0x40/0x90
[   46.245889][ T3793]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   46.245926][ T3793] RIP: 0033:0x7f25223be969
[   46.245968][ T3793] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   46.245989][ T3793] RSP: 002b:00007f2520a27038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[   46.246020][ T3793] RAX: ffffffffffffffda RBX: 00007f25225e5fa0 RCX: 00007f25223be969
[   46.246033][ T3793] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000200000000000
[   46.246050][ T3793] RBP: 00007f2520a27090 R08: 0000000000000001 R09: 0000000000000000
[   46.246068][ T3793] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   46.246084][ T3793] R13: 0000000000000000 R14: 00007f25225e5fa0 R15: 00007ffe208a4268
[   46.246108][ T3793]  </TASK>
[   46.845845][ T3820] netlink: 88 bytes leftover after parsing attributes in process `syz.0.134'.
[   47.056380][ T3831] netlink: 'syz.2.139': attribute type 4 has an invalid length.
[   47.107089][ T3831] netlink: 4 bytes leftover after parsing attributes in process `syz.2.139'.
[   47.600821][ T3865] netlink: 'syz.1.155': attribute type 4 has an invalid length.
[   47.631290][ T3865] netlink: 4 bytes leftover after parsing attributes in process `syz.1.155'.
[   47.749385][ T3880] ÿÿÿÿÿÿ: renamed from vlan1 (while UP)
[   47.762786][ T3880] FAULT_INJECTION: forcing a failure.
[   47.762786][ T3880] name failslab, interval 1, probability 0, space 0, times 0
[   47.775776][ T3880] CPU: 1 UID: 0 PID: 3880 Comm: syz.0.161 Not tainted 6.15.0-syzkaller-07774-g90b83efa6701 #0 PREEMPT(voluntary) 
[   47.775885][ T3880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   47.775902][ T3880] Call Trace:
[   47.775909][ T3880]  <TASK>
[   47.775918][ T3880]  __dump_stack+0x1d/0x30
[   47.775946][ T3880]  dump_stack_lvl+0xe8/0x140
[   47.775970][ T3880]  dump_stack+0x15/0x1b
[   47.775992][ T3880]  should_fail_ex+0x265/0x280
[   47.776092][ T3880]  should_failslab+0x8c/0xb0
[   47.776120][ T3880]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[   47.776230][ T3880]  ? kstrdup_const+0x3e/0x50
[   47.776335][ T3880]  kstrdup+0x3e/0xd0
[   47.776363][ T3880]  kstrdup_const+0x3e/0x50
[   47.776392][ T3880]  kernfs_rename_ns+0x261/0x410
[   47.776423][ T3880]  sysfs_rename_dir_ns+0x4d/0x70
[   47.776457][ T3880]  kobject_rename+0x28b/0x350
[   47.776489][ T3880]  ? sysfs_rename_link_ns+0x106/0x120
[   47.776600][ T3880]  device_rename+0x11f/0x180
[   47.776635][ T3880]  netif_change_name+0x1eb/0x6b0
[   47.776759][ T3880]  dev_change_name+0xc0/0x170
[   47.776843][ T3880]  dev_ifsioc+0x302/0xaa0
[   47.776874][ T3880]  dev_ioctl+0x4a7/0x960
[   47.776902][ T3880]  sock_do_ioctl+0x197/0x220
[   47.776942][ T3880]  sock_ioctl+0x41b/0x610
[   47.777061][ T3880]  ? __pfx_sock_ioctl+0x10/0x10
[   47.777090][ T3880]  __se_sys_ioctl+0xce/0x140
[   47.777128][ T3880]  __x64_sys_ioctl+0x43/0x50
[   47.777157][ T3880]  x64_sys_call+0x19a8/0x2fb0
[   47.777187][ T3880]  do_syscall_64+0xd2/0x200
[   47.777216][ T3880]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   47.777249][ T3880]  ? clear_bhb_loop+0x40/0x90
[   47.777283][ T3880]  ? clear_bhb_loop+0x40/0x90
[   47.777308][ T3880]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   47.777330][ T3880] RIP: 0033:0x7f71b773e969
[   47.777349][ T3880] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   47.777371][ T3880] RSP: 002b:00007f71b5da7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   47.777393][ T3880] RAX: ffffffffffffffda RBX: 00007f71b7965fa0 RCX: 00007f71b773e969
[   47.777476][ T3880] RDX: 0000200000000000 RSI: 0000000000008923 RDI: 0000000000000004
[   47.777494][ T3880] RBP: 00007f71b5da7090 R08: 0000000000000000 R09: 0000000000000000
[   47.777509][ T3880] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   47.777524][ T3880] R13: 0000000000000000 R14: 00007f71b7965fa0 R15: 00007ffe1272b6c8
[   47.777548][ T3880]  </TASK>
[   48.323187][ T3913] FAULT_INJECTION: forcing a failure.
[   48.323187][ T3913] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   48.336819][ T3913] CPU: 0 UID: 0 PID: 3913 Comm: syz.2.179 Not tainted 6.15.0-syzkaller-07774-g90b83efa6701 #0 PREEMPT(voluntary) 
[   48.336858][ T3913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   48.336937][ T3913] Call Trace:
[   48.336947][ T3913]  <TASK>
[   48.336955][ T3913]  __dump_stack+0x1d/0x30
[   48.336976][ T3913]  dump_stack_lvl+0xe8/0x140
[   48.337038][ T3913]  dump_stack+0x15/0x1b
[   48.337079][ T3913]  should_fail_ex+0x265/0x280
[   48.337113][ T3913]  should_fail+0xb/0x20
[   48.337141][ T3913]  should_fail_usercopy+0x1a/0x20
[   48.337206][ T3913]  _copy_from_user+0x1c/0xb0
[   48.337234][ T3913]  __x64_sys_clock_adjtime+0x67/0x1d0
[   48.337329][ T3913]  x64_sys_call+0x2839/0x2fb0
[   48.337350][ T3913]  do_syscall_64+0xd2/0x200
[   48.337375][ T3913]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   48.337406][ T3913]  ? clear_bhb_loop+0x40/0x90
[   48.337444][ T3913]  ? clear_bhb_loop+0x40/0x90
[   48.337473][ T3913]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   48.337501][ T3913] RIP: 0033:0x7f63fd2ae969
[   48.337521][ T3913] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   48.337540][ T3913] RSP: 002b:00007f63fb917038 EFLAGS: 00000246 ORIG_RAX: 0000000000000131
[   48.337574][ T3913] RAX: ffffffffffffffda RBX: 00007f63fd4d5fa0 RCX: 00007f63fd2ae969
[   48.337592][ T3913] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000000
[   48.337616][ T3913] RBP: 00007f63fb917090 R08: 0000000000000000 R09: 0000000000000000
[   48.337628][ T3913] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   48.337640][ T3913] R13: 0000000000000000 R14: 00007f63fd4d5fa0 R15: 00007ffe039ce2b8
[   48.337657][ T3913]  </TASK>
[   48.642605][ T3927] netlink: 52 bytes leftover after parsing attributes in process `syz.1.183'.
[   48.721773][ T3932] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[   48.728736][ T3932] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   48.737191][ T3932] vhci_hcd vhci_hcd.0: Device attached
[   48.856049][ T3937] vhci_hcd: connection closed
[   48.873357][   T57] vhci_hcd: stop threads
[   48.882694][   T57] vhci_hcd: release socket
[   48.887676][   T57] vhci_hcd: disconnect device
[   49.018227][ T3046] audit_log_start: 8456 callbacks suppressed
[   49.018243][ T3046] audit: audit_backlog=65 > audit_backlog_limit=64
[   49.027715][   T29] audit: type=1400 audit(1748534065.256:8181): avc:  denied  { prog_load } for  pid=3935 comm="syz.2.186" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   49.031895][ T3046] audit: audit_lost=236 audit_rate_limit=0 audit_backlog_limit=64
[   49.050790][   T29] audit: type=1400 audit(1748534065.256:8182): avc:  denied  { read write } for  pid=3935 comm="syz.2.186" name="loop2" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[   49.063555][ T3046] audit: backlog limit exceeded
[   49.086797][   T29] audit: type=1400 audit(1748534065.276:8183): avc:  denied  { read } for  pid=3046 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   49.113801][   T29] audit: type=1400 audit(1748534065.276:8184): avc:  denied  { read } for  pid=3046 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   49.135933][   T29] audit: type=1400 audit(1748534065.276:8185): avc:  denied  { read } for  pid=3046 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   49.158098][   T29] audit: type=1400 audit(1748534065.276:8186): avc:  denied  { read } for  pid=3046 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   49.180179][   T29] audit: type=1400 audit(1748534065.276:8187): avc:  denied  { read } for  pid=3046 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   49.463337][ T3953] netlink: 'syz.1.191': attribute type 4 has an invalid length.
[   49.509982][ T3953] netlink: 4 bytes leftover after parsing attributes in process `syz.1.191'.
[   49.646508][ T3960] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[   49.833632][ T3965] netlink: 6492 bytes leftover after parsing attributes in process `gtp'.
[   49.833662][ T3970] netlink: 6492 bytes leftover after parsing attributes in process `syz.3.198'.
[   50.106423][ T3987] FAULT_INJECTION: forcing a failure.
[   50.106423][ T3987] name failslab, interval 1, probability 0, space 0, times 0
[   50.121327][ T3987] CPU: 1 UID: 0 PID: 3987 Comm: syz.1.205 Not tainted 6.15.0-syzkaller-07774-g90b83efa6701 #0 PREEMPT(voluntary) 
[   50.121415][ T3987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   50.121428][ T3987] Call Trace:
[   50.121435][ T3987]  <TASK>
[   50.121445][ T3987]  __dump_stack+0x1d/0x30
[   50.121472][ T3987]  dump_stack_lvl+0xe8/0x140
[   50.121557][ T3987]  dump_stack+0x15/0x1b
[   50.121578][ T3987]  should_fail_ex+0x265/0x280
[   50.121669][ T3987]  should_failslab+0x8c/0xb0
[   50.121698][ T3987]  kmem_cache_alloc_noprof+0x50/0x310
[   50.121783][ T3987]  ? sk_prot_alloc+0x3f/0x190
[   50.121816][ T3987]  sk_prot_alloc+0x3f/0x190
[   50.121841][ T3987]  sk_alloc+0x34/0x360
[   50.121864][ T3987]  unix_create1+0xa5/0x430
[   50.121935][ T3987]  ? inode_init_always_gfp+0x4cd/0x500
[   50.121969][ T3987]  unix_create+0xff/0x130
[   50.122029][ T3987]  __sock_create+0x2ec/0x5b0
[   50.122056][ T3987]  __sys_socketpair+0x1bc/0x430
[   50.122083][ T3987]  __x64_sys_socketpair+0x52/0x60
[   50.122110][ T3987]  x64_sys_call+0x23f2/0x2fb0
[   50.122136][ T3987]  do_syscall_64+0xd2/0x200
[   50.122229][ T3987]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   50.122263][ T3987]  ? clear_bhb_loop+0x40/0x90
[   50.122292][ T3987]  ? clear_bhb_loop+0x40/0x90
[   50.122320][ T3987]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   50.122409][ T3987] RIP: 0033:0x7f25223c08ba
[   50.122425][ T3987] Code: 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 49 89 ca b8 35 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   50.122443][ T3987] RSP: 002b:00007f2520a26f78 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[   50.122469][ T3987] RAX: ffffffffffffffda RBX: 00007f25225e5f01 RCX: 00007f25223c08ba
[   50.122485][ T3987] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001
[   50.122501][ T3987] RBP: 00007f2520a27090 R08: 0000000000000000 R09: 0000000000000000
[   50.122517][ T3987] R10: 00007f2520a26f98 R11: 0000000000000246 R12: 0000000000000005
[   50.122534][ T3987] R13: 0000000000000000 R14: 00007f25225e5fa0 R15: 00007ffe208a4268
[   50.122556][ T3987]  </TASK>
[   50.333463][ T3989] netlink: 'syz.3.207': attribute type 39 has an invalid length.
[   50.336620][ T3983] wg2: entered promiscuous mode
[   50.347495][ T3983] wg2: entered allmulticast mode
[   50.372599][ T3989] veth1_macvtap: left promiscuous mode
[   50.543369][ T3994] FAULT_INJECTION: forcing a failure.
[   50.543369][ T3994] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   50.556838][ T3994] CPU: 0 UID: 0 PID: 3994 Comm: syz.0.209 Not tainted 6.15.0-syzkaller-07774-g90b83efa6701 #0 PREEMPT(voluntary) 
[   50.556875][ T3994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   50.556892][ T3994] Call Trace:
[   50.556900][ T3994]  <TASK>
[   50.556911][ T3994]  __dump_stack+0x1d/0x30
[   50.556948][ T3994]  dump_stack_lvl+0xe8/0x140
[   50.556973][ T3994]  dump_stack+0x15/0x1b
[   50.556992][ T3994]  should_fail_ex+0x265/0x280
[   50.557047][ T3994]  should_fail_alloc_page+0xf2/0x100
[   50.557078][ T3994]  __alloc_frozen_pages_noprof+0xff/0x360
[   50.557124][ T3994]  alloc_pages_mpol+0xb3/0x250
[   50.557192][ T3994]  folio_alloc_mpol_noprof+0x39/0x80
[   50.557222][ T3994]  shmem_get_folio_gfp+0x3cf/0xd60
[   50.557265][ T3994]  shmem_write_begin+0xa8/0x190
[   50.557329][ T3994]  generic_perform_write+0x181/0x490
[   50.557361][ T3994]  shmem_file_write_iter+0xc5/0xf0
[   50.557390][ T3994]  iter_file_splice_write+0x5f2/0x970
[   50.557507][ T3994]  ? __pfx_iter_file_splice_write+0x10/0x10
[   50.557614][ T3994]  do_splice+0x977/0x10b0
[   50.557676][ T3994]  ? __rcu_read_unlock+0x4f/0x70
[   50.557715][ T3994]  ? __fget_files+0x184/0x1c0
[   50.557741][ T3994]  __se_sys_splice+0x26c/0x3a0
[   50.557781][ T3994]  __x64_sys_splice+0x78/0x90
[   50.557818][ T3994]  x64_sys_call+0xb0a/0x2fb0
[   50.557850][ T3994]  do_syscall_64+0xd2/0x200
[   50.557961][ T3994]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   50.558006][ T3994]  ? clear_bhb_loop+0x40/0x90
[   50.558031][ T3994]  ? clear_bhb_loop+0x40/0x90
[   50.558060][ T3994]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   50.558098][ T3994] RIP: 0033:0x7f71b773e969
[   50.558118][ T3994] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   50.558172][ T3994] RSP: 002b:00007f71b5da7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000113
[   50.558191][ T3994] RAX: ffffffffffffffda RBX: 00007f71b7965fa0 RCX: 00007f71b773e969
[   50.558204][ T3994] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000005
[   50.558215][ T3994] RBP: 00007f71b5da7090 R08: 00000000088000cc R09: 0000000000000000
[   50.558227][ T3994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   50.558242][ T3994] R13: 0000000000000000 R14: 00007f71b7965fa0 R15: 00007ffe1272b6c8
[   50.558265][ T3994]  </TASK>
[   50.990364][ T4011] FAULT_INJECTION: forcing a failure.
[   50.990364][ T4011] name failslab, interval 1, probability 0, space 0, times 0
[   51.003220][ T4011] CPU: 0 UID: 0 PID: 4011 Comm: syz.1.216 Not tainted 6.15.0-syzkaller-07774-g90b83efa6701 #0 PREEMPT(voluntary) 
[   51.003272][ T4011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   51.003328][ T4011] Call Trace:
[   51.003338][ T4011]  <TASK>
[   51.003348][ T4011]  __dump_stack+0x1d/0x30
[   51.003378][ T4011]  dump_stack_lvl+0xe8/0x140
[   51.003406][ T4011]  dump_stack+0x15/0x1b
[   51.003424][ T4011]  should_fail_ex+0x265/0x280
[   51.003502][ T4011]  should_failslab+0x8c/0xb0
[   51.003542][ T4011]  kmem_cache_alloc_noprof+0x50/0x310
[   51.003633][ T4011]  ? __proc_create+0x265/0x500
[   51.003669][ T4011]  __proc_create+0x265/0x500
[   51.003724][ T4011]  proc_create_data+0xa3/0x1e0
[   51.003756][ T4011]  recent_mt_check+0x779/0x8f0
[   51.003785][ T4011]  recent_mt_check_v0+0x67/0x90
[   51.003899][ T4011]  xt_check_match+0x2ad/0x4f0
[   51.003931][ T4011]  ? strnlen+0x28/0x50
[   51.003970][ T4011]  ? strcmp+0x22/0x50
[   51.004007][ T4011]  ? xt_find_match+0x1d1/0x210
[   51.004117][ T4011]  translate_table+0xb4b/0x1070
[   51.004252][ T4011]  ? _copy_from_user+0x89/0xb0
[   51.004281][ T4011]  do_ip6t_set_ctl+0x678/0x840
[   51.004302][ T4011]  ? kstrtoull+0x111/0x140
[   51.004333][ T4011]  ? __rcu_read_unlock+0x4f/0x70
[   51.004368][ T4011]  nf_setsockopt+0x199/0x1b0
[   51.004409][ T4011]  ipv6_setsockopt+0x11a/0x130
[   51.004488][ T4011]  tcp_setsockopt+0x95/0xb0
[   51.004539][ T4011]  sock_common_setsockopt+0x66/0x80
[   51.004587][ T4011]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   51.004627][ T4011]  __sys_setsockopt+0x184/0x200
[   51.004743][ T4011]  __x64_sys_setsockopt+0x64/0x80
[   51.004778][ T4011]  x64_sys_call+0x2bd5/0x2fb0
[   51.004811][ T4011]  do_syscall_64+0xd2/0x200
[   51.004846][ T4011]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   51.004881][ T4011]  ? clear_bhb_loop+0x40/0x90
[   51.005024][ T4011]  ? clear_bhb_loop+0x40/0x90
[   51.005050][ T4011]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   51.005147][ T4011] RIP: 0033:0x7f25223be969
[   51.005170][ T4011] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   51.005197][ T4011] RSP: 002b:00007f2520a27038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   51.005224][ T4011] RAX: ffffffffffffffda RBX: 00007f25225e5fa0 RCX: 00007f25223be969
[   51.005244][ T4011] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[   51.005263][ T4011] RBP: 00007f2520a27090 R08: 0000000000000458 R09: 0000000000000000
[   51.005321][ T4011] R10: 0000200000000c80 R11: 0000000000000246 R12: 0000000000000001
[   51.005335][ T4011] R13: 0000000000000000 R14: 00007f25225e5fa0 R15: 00007ffe208a4268
[   51.005354][ T4011]  </TASK>
[   51.552646][ T4018] FAULT_INJECTION: forcing a failure.
[   51.552646][ T4018] name failslab, interval 1, probability 0, space 0, times 0
[   51.565349][ T4018] CPU: 0 UID: 0 PID: 4018 Comm: syz.0.218 Not tainted 6.15.0-syzkaller-07774-g90b83efa6701 #0 PREEMPT(voluntary) 
[   51.565412][ T4018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   51.565425][ T4018] Call Trace:
[   51.565434][ T4018]  <TASK>
[   51.565519][ T4018]  __dump_stack+0x1d/0x30
[   51.565610][ T4018]  dump_stack_lvl+0xe8/0x140
[   51.565636][ T4018]  dump_stack+0x15/0x1b
[   51.565656][ T4018]  should_fail_ex+0x265/0x280
[   51.565686][ T4018]  should_failslab+0x8c/0xb0
[   51.565765][ T4018]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[   51.565804][ T4018]  ? cond_bools_copy+0x30/0x80
[   51.565837][ T4018]  ? __pfx_cond_bools_destroy+0x10/0x10
[   51.565894][ T4018]  kmemdup_noprof+0x2b/0x70
[   51.565918][ T4018]  ? __pfx_cond_bools_destroy+0x10/0x10
[   51.565987][ T4018]  cond_bools_copy+0x30/0x80
[   51.566018][ T4018]  ? __pfx_cond_bools_destroy+0x10/0x10
[   51.566055][ T4018]  hashtab_duplicate+0x11b/0x360
[   51.566144][ T4018]  ? __pfx_cond_bools_copy+0x10/0x10
[   51.566183][ T4018]  cond_policydb_dup+0xd2/0x4e0
[   51.566227][ T4018]  security_set_bools+0xa0/0x340
[   51.566301][ T4018]  sel_commit_bools_write+0x1ea/0x270
[   51.566343][ T4018]  vfs_writev+0x406/0x8b0
[   51.566367][ T4018]  ? __pfx_sel_commit_bools_write+0x10/0x10
[   51.566451][ T4018]  ? mutex_lock+0xd/0x30
[   51.566477][ T4018]  do_writev+0xe7/0x210
[   51.566505][ T4018]  __x64_sys_writev+0x45/0x50
[   51.566556][ T4018]  x64_sys_call+0x2006/0x2fb0
[   51.566585][ T4018]  do_syscall_64+0xd2/0x200
[   51.566618][ T4018]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   51.566652][ T4018]  ? clear_bhb_loop+0x40/0x90
[   51.566718][ T4018]  ? clear_bhb_loop+0x40/0x90
[   51.566740][ T4018]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   51.566812][ T4018] RIP: 0033:0x7f71b773e969
[   51.566832][ T4018] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   51.566853][ T4018] RSP: 002b:00007f71b5da7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[   51.566873][ T4018] RAX: ffffffffffffffda RBX: 00007f71b7965fa0 RCX: 00007f71b773e969
[   51.566891][ T4018] RDX: 0000000000000002 RSI: 00002000000025c0 RDI: 0000000000000003
[   51.566907][ T4018] RBP: 00007f71b5da7090 R08: 0000000000000000 R09: 0000000000000000
[   51.566923][ T4018] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   51.566979][ T4018] R13: 0000000000000000 R14: 00007f71b7965fa0 R15: 00007ffe1272b6c8
[   51.566996][ T4018]  </TASK>
[   51.858173][ T4026] FAULT_INJECTION: forcing a failure.
[   51.858173][ T4026] name failslab, interval 1, probability 0, space 0, times 0
[   51.871448][ T4026] CPU: 0 UID: 0 PID: 4026 Comm: syz.2.223 Not tainted 6.15.0-syzkaller-07774-g90b83efa6701 #0 PREEMPT(voluntary) 
[   51.871491][ T4026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   51.871504][ T4026] Call Trace:
[   51.871511][ T4026]  <TASK>
[   51.871519][ T4026]  __dump_stack+0x1d/0x30
[   51.871564][ T4026]  dump_stack_lvl+0xe8/0x140
[   51.871589][ T4026]  dump_stack+0x15/0x1b
[   51.871612][ T4026]  should_fail_ex+0x265/0x280
[   51.871709][ T4026]  should_failslab+0x8c/0xb0
[   51.871779][ T4026]  kmem_cache_alloc_noprof+0x50/0x310
[   51.871805][ T4026]  ? dst_alloc+0xbd/0x100
[   51.871851][ T4026]  dst_alloc+0xbd/0x100
[   51.871878][ T4026]  ip_route_output_key_hash_rcu+0xf16/0x1440
[   51.871907][ T4026]  ip_route_output_flow+0x7b/0x130
[   51.871952][ T4026]  udp_sendmsg+0x1197/0x13b0
[   51.872018][ T4026]  ? __pfx_ip_generic_getfrag+0x10/0x10
[   51.872109][ T4026]  ? __rcu_read_unlock+0x4f/0x70
[   51.872145][ T4026]  ? __pfx_udp_sendmsg+0x10/0x10
[   51.872332][ T4026]  inet_sendmsg+0xac/0xd0
[   51.872364][ T4026]  __sock_sendmsg+0x102/0x180
[   51.872474][ T4026]  ____sys_sendmsg+0x345/0x4e0
[   51.872541][ T4026]  ___sys_sendmsg+0x17b/0x1d0
[   51.872577][ T4026]  __sys_sendmmsg+0x178/0x300
[   51.872612][ T4026]  __x64_sys_sendmmsg+0x57/0x70
[   51.872637][ T4026]  x64_sys_call+0x2f2f/0x2fb0
[   51.872665][ T4026]  do_syscall_64+0xd2/0x200
[   51.872745][ T4026]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   51.872784][ T4026]  ? clear_bhb_loop+0x40/0x90
[   51.872806][ T4026]  ? clear_bhb_loop+0x40/0x90
[   51.872839][ T4026]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   51.872860][ T4026] RIP: 0033:0x7f63fd2ae969
[   51.872877][ T4026] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   51.872901][ T4026] RSP: 002b:00007f63fb917038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   51.872921][ T4026] RAX: ffffffffffffffda RBX: 00007f63fd4d5fa0 RCX: 00007f63fd2ae969
[   51.872933][ T4026] RDX: 0000000000000001 RSI: 0000200000000780 RDI: 0000000000000003
[   51.872966][ T4026] RBP: 00007f63fb917090 R08: 0000000000000000 R09: 0000000000000000
[   51.872982][ T4026] R10: 0000000004008804 R11: 0000000000000246 R12: 0000000000000001
[   51.872998][ T4026] R13: 0000000000000000 R14: 00007f63fd4d5fa0 R15: 00007ffe039ce2b8
[   51.873020][ T4026]  </TASK>
[   52.120203][ T4032] netlink: 'syz.0.224': attribute type 4 has an invalid length.
[   52.350573][ T4055] FAULT_INJECTION: forcing a failure.
[   52.350573][ T4055] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   52.364740][ T4055] CPU: 0 UID: 0 PID: 4055 Comm: syz.4.235 Not tainted 6.15.0-syzkaller-07774-g90b83efa6701 #0 PREEMPT(voluntary) 
[   52.364775][ T4055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   52.364792][ T4055] Call Trace:
[   52.364801][ T4055]  <TASK>
[   52.364811][ T4055]  __dump_stack+0x1d/0x30
[   52.364833][ T4055]  dump_stack_lvl+0xe8/0x140
[   52.364938][ T4055]  dump_stack+0x15/0x1b
[   52.364960][ T4055]  should_fail_ex+0x265/0x280
[   52.365012][ T4055]  should_fail+0xb/0x20
[   52.365044][ T4055]  should_fail_usercopy+0x1a/0x20
[   52.365086][ T4055]  _copy_from_user+0x1c/0xb0
[   52.365113][ T4055]  kstrtouint_from_user+0x69/0xf0
[   52.365195][ T4055]  ? 0xffffffff81000000
[   52.365209][ T4055]  ? selinux_file_permission+0x1e4/0x320
[   52.365235][ T4055]  proc_fail_nth_write+0x50/0x160
[   52.365272][ T4055]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   52.365419][ T4055]  vfs_write+0x269/0x8e0
[   52.365459][ T4055]  ? vfs_read+0x47f/0x6f0
[   52.365496][ T4055]  ? __rcu_read_unlock+0x4f/0x70
[   52.365525][ T4055]  ? __fget_files+0x184/0x1c0
[   52.365572][ T4055]  ksys_write+0xda/0x1a0
[   52.365611][ T4055]  __x64_sys_write+0x40/0x50
[   52.365727][ T4055]  x64_sys_call+0x2cdd/0x2fb0
[   52.365757][ T4055]  do_syscall_64+0xd2/0x200
[   52.365792][ T4055]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   52.365853][ T4055]  ? clear_bhb_loop+0x40/0x90
[   52.365882][ T4055]  ? clear_bhb_loop+0x40/0x90
[   52.365912][ T4055]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.365941][ T4055] RIP: 0033:0x7f655b0dd41f
[   52.365961][ T4055] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   52.365979][ T4055] RSP: 002b:00007f6559747030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   52.366011][ T4055] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f655b0dd41f
[   52.366025][ T4055] RDX: 0000000000000001 RSI: 00007f65597470a0 RDI: 0000000000000003
[   52.366041][ T4055] RBP: 00007f6559747090 R08: 0000000000000000 R09: 0000000000000000
[   52.366057][ T4055] R10: 0000200000000640 R11: 0000000000000293 R12: 0000000000000001
[   52.366117][ T4055] R13: 0000000000000000 R14: 00007f655b305fa0 R15: 00007ffdb9ae0548
[   52.366141][ T4055]  </TASK>
[   52.645866][ T4062] mmap: syz.2.234 (4062) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   52.678082][ T4063] netlink: 'syz.4.237': attribute type 13 has an invalid length.
[   52.799430][ T4063] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.807698][ T4063] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.945244][ T4063] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   52.985021][ T4063] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   53.065462][ T4063] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   53.074520][ T4063] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   53.083992][ T4063] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   53.093523][ T4063] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   53.233225][ T4083] netlink: 4 bytes leftover after parsing attributes in process `syz.2.245'.
[   53.603711][ T4107] (unnamed net_device) (uninitialized): option packets_per_slave: mode dependency failed, not supported in mode broadcast(3)
[   53.651873][ T4107] Zero length message leads to an empty skb
[   53.769021][ T4116] FAULT_INJECTION: forcing a failure.
[   53.769021][ T4116] name failslab, interval 1, probability 0, space 0, times 0
[   53.782375][ T4116] CPU: 1 UID: 0 PID: 4116 Comm: syz.4.259 Not tainted 6.15.0-syzkaller-07774-g90b83efa6701 #0 PREEMPT(voluntary) 
[   53.782409][ T4116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   53.782426][ T4116] Call Trace:
[   53.782435][ T4116]  <TASK>
[   53.782473][ T4116]  __dump_stack+0x1d/0x30
[   53.782518][ T4116]  dump_stack_lvl+0xe8/0x140
[   53.782543][ T4116]  dump_stack+0x15/0x1b
[   53.782582][ T4116]  should_fail_ex+0x265/0x280
[   53.782681][ T4116]  ? assoc_array_insert+0x2e0/0x1990
[   53.782741][ T4116]  should_failslab+0x8c/0xb0
[   53.782763][ T4116]  __kmalloc_cache_noprof+0x4c/0x320
[   53.782792][ T4116]  assoc_array_insert+0x2e0/0x1990
[   53.782819][ T4116]  ? keyring_compare_object+0xda/0x100
[   53.782868][ T4116]  ? assoc_array_delete+0x6e2/0x950
[   53.782890][ T4116]  __key_link_begin+0x8a/0x140
[   53.782917][ T4116]  key_move+0x160/0x550
[   53.782945][ T4116]  ? __pfx_lookup_user_key_possessed+0x10/0x10
[   53.782986][ T4116]  ? __pfx_keyring_search_iterator+0x10/0x10
[   53.783033][ T4116]  keyctl_keyring_move+0xd6/0x110
[   53.783059][ T4116]  __se_sys_keyctl+0x5f7/0xb80
[   53.783098][ T4116]  ? __rcu_read_unlock+0x4f/0x70
[   53.783119][ T4116]  ? __fget_files+0x184/0x1c0
[   53.783213][ T4116]  ? fput+0x8f/0xc0
[   53.783241][ T4116]  __x64_sys_keyctl+0x67/0x80
[   53.783268][ T4116]  x64_sys_call+0x2e7f/0x2fb0
[   53.783338][ T4116]  do_syscall_64+0xd2/0x200
[   53.783372][ T4116]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   53.783455][ T4116]  ? clear_bhb_loop+0x40/0x90
[   53.783478][ T4116]  ? clear_bhb_loop+0x40/0x90
[   53.783522][ T4116]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.783548][ T4116] RIP: 0033:0x7f655b0de969
[   53.783594][ T4116] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   53.783612][ T4116] RSP: 002b:00007f6559747038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[   53.783634][ T4116] RAX: ffffffffffffffda RBX: 00007f655b305fa0 RCX: 00007f655b0de969
[   53.783651][ T4116] RDX: ffffffffffffffff RSI: 000000003379a2f0 RDI: 000000000000001e
[   53.783668][ T4116] RBP: 00007f6559747090 R08: 0000000000000000 R09: 0000000000000000
[   53.783684][ T4116] R10: 000000003d908bb7 R11: 0000000000000246 R12: 0000000000000001
[   53.783726][ T4116] R13: 0000000000000000 R14: 00007f655b305fa0 R15: 00007ffdb9ae0548
[   53.783748][ T4116]  </TASK>
[   54.032222][   T29] kauditd_printk_skb: 13383 callbacks suppressed
[   54.032241][   T29] audit: type=1400 audit(1748534070.516:18338): avc:  denied  { read } for  pid=3046 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   54.060093][   T29] audit: type=1400 audit(1748534070.516:18339): avc:  denied  { read } for  pid=3046 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   54.063736][ T3046] audit: audit_backlog=65 > audit_backlog_limit=64
[   54.081786][   T29] audit: type=1400 audit(1748534070.516:18340): avc:  denied  { read } for  pid=3046 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   54.088398][ T3046] audit: audit_lost=1315 audit_rate_limit=0 audit_backlog_limit=64
[   54.109927][   T29] audit: type=1400 audit(1748534070.516:18341): avc:  denied  { read } for  pid=3046 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   54.117843][ T3046] audit: backlog limit exceeded
[   54.139738][   T29] audit: type=1400 audit(1748534070.516:18342): avc:  denied  { read } for  pid=3046 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   54.154084][ T4119] netlink: 'syz.2.260': attribute type 12 has an invalid length.
[   54.167242][   T29] audit: type=1400 audit(1748534070.516:18343): avc:  denied  { read } for  pid=3046 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   54.197444][   T29] audit: type=1400 audit(1748534070.516:18344): avc:  denied  { read } for  pid=3046 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   54.533993][ T4144] netlink: 68 bytes leftover after parsing attributes in process `syz.4.268'.
[   54.647897][ T4149] bond0: entered promiscuous mode
[   54.653386][ T4149] bond_slave_0: entered promiscuous mode
[   54.659242][ T4149] bond_slave_1: entered promiscuous mode
[   54.690034][ T4149] batadv0: entered promiscuous mode
[   54.721923][ T4149] hsr1: Slave A (bond0) is not up; please bring it up to get a fully working HSR network
[   54.732898][ T4149] hsr1: Slave B (batadv0) is not up; please bring it up to get a fully working HSR network
[   54.752344][ T4149] 8021q: adding VLAN 0 to HW filter on device hsr1
[   54.775061][ T4149] bond0: left promiscuous mode
[   54.779937][ T4149] bond_slave_0: left promiscuous mode
[   54.785874][ T4149] bond_slave_1: left promiscuous mode
[   54.812060][ T4149] batadv0: left promiscuous mode
[   55.131805][ T4179] netlink: 72 bytes leftover after parsing attributes in process `syz.2.282'.
[   55.439137][ T4177] FAULT_INJECTION: forcing a failure.
[   55.439137][ T4177] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   55.452720][ T4177] CPU: 0 UID: 0 PID: 4177 Comm: syz.3.281 Not tainted 6.15.0-syzkaller-07774-g90b83efa6701 #0 PREEMPT(voluntary) 
[   55.452791][ T4177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   55.452808][ T4177] Call Trace:
[   55.452818][ T4177]  <TASK>
[   55.452827][ T4177]  __dump_stack+0x1d/0x30
[   55.452855][ T4177]  dump_stack_lvl+0xe8/0x140
[   55.452879][ T4177]  dump_stack+0x15/0x1b
[   55.452926][ T4177]  should_fail_ex+0x265/0x280
[   55.452975][ T4177]  should_fail+0xb/0x20
[   55.453012][ T4177]  should_fail_usercopy+0x1a/0x20
[   55.453104][ T4177]  _copy_from_user+0x1c/0xb0
[   55.453125][ T4177]  do_ip6t_get_ctl+0x1a2/0xb60
[   55.453146][ T4177]  ? path_openat+0x1bf8/0x2170
[   55.453219][ T4177]  ? should_fail_ex+0xdb/0x280
[   55.453293][ T4177]  ? do_ipv6_getsockopt+0xc95/0x1470
[   55.453327][ T4177]  ? avc_has_perm_noaudit+0x1b1/0x200
[   55.453358][ T4177]  nf_getsockopt+0x190/0x1b0
[   55.453397][ T4177]  ipv6_getsockopt+0x178/0x1e0
[   55.453485][ T4177]  udpv6_getsockopt+0x76/0x90
[   55.453516][ T4177]  sock_common_getsockopt+0x60/0x70
[   55.453590][ T4177]  ? __pfx_sock_common_getsockopt+0x10/0x10
[   55.453629][ T4177]  do_sock_getsockopt+0x1fd/0x240
[   55.453664][ T4177]  __x64_sys_getsockopt+0x11e/0x1a0
[   55.453835][ T4177]  x64_sys_call+0x12aa/0x2fb0
[   55.453865][ T4177]  do_syscall_64+0xd2/0x200
[   55.453972][ T4177]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   55.454008][ T4177]  ? clear_bhb_loop+0x40/0x90
[   55.454034][ T4177]  ? clear_bhb_loop+0x40/0x90
[   55.454119][ T4177]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   55.454247][ T4177] RIP: 0033:0x7fe18eb4e969
[   55.454263][ T4177] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   55.454281][ T4177] RSP: 002b:00007fe18d1b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[   55.454299][ T4177] RAX: ffffffffffffffda RBX: 00007fe18ed75fa0 RCX: 00007fe18eb4e969
[   55.454313][ T4177] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[   55.454326][ T4177] RBP: 00007fe18d1b7090 R08: 0000200000000040 R09: 0000000000000000
[   55.454405][ T4177] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[   55.454419][ T4177] R13: 0000000000000000 R14: 00007fe18ed75fa0 R15: 00007ffdaa5809f8
[   55.454441][ T4177]  </TASK>
[   55.767425][ T4202] FAULT_INJECTION: forcing a failure.
[   55.767425][ T4202] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   55.780703][ T4202] CPU: 1 UID: 0 PID: 4202 Comm: syz.2.287 Not tainted 6.15.0-syzkaller-07774-g90b83efa6701 #0 PREEMPT(voluntary) 
[   55.780731][ T4202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   55.780760][ T4202] Call Trace:
[   55.780768][ T4202]  <TASK>
[   55.780778][ T4202]  __dump_stack+0x1d/0x30
[   55.780805][ T4202]  dump_stack_lvl+0xe8/0x140
[   55.780892][ T4202]  dump_stack+0x15/0x1b
[   55.780914][ T4202]  should_fail_ex+0x265/0x280
[   55.780946][ T4202]  should_fail+0xb/0x20
[   55.780974][ T4202]  should_fail_usercopy+0x1a/0x20
[   55.781073][ T4202]  _copy_to_user+0x20/0xa0
[   55.781097][ T4202]  simple_read_from_buffer+0xb5/0x130
[   55.781134][ T4202]  proc_fail_nth_read+0x100/0x140
[   55.781178][ T4202]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   55.781274][ T4202]  vfs_read+0x1a0/0x6f0
[   55.781341][ T4202]  ? __rcu_read_unlock+0x4f/0x70
[   55.781409][ T4202]  ? __fget_files+0x184/0x1c0
[   55.781435][ T4202]  ksys_read+0xda/0x1a0
[   55.781469][ T4202]  __x64_sys_read+0x40/0x50
[   55.781511][ T4202]  x64_sys_call+0x2d77/0x2fb0
[   55.781596][ T4202]  do_syscall_64+0xd2/0x200
[   55.781632][ T4202]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   55.781666][ T4202]  ? clear_bhb_loop+0x40/0x90
[   55.781696][ T4202]  ? clear_bhb_loop+0x40/0x90
[   55.781723][ T4202]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   55.781804][ T4202] RIP: 0033:0x7f63fd2ad37c
[   55.781824][ T4202] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   55.781849][ T4202] RSP: 002b:00007f63fb917030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   55.781960][ T4202] RAX: ffffffffffffffda RBX: 00007f63fd4d5fa0 RCX: 00007f63fd2ad37c
[   55.781978][ T4202] RDX: 000000000000000f RSI: 00007f63fb9170a0 RDI: 0000000000000003
[   55.781995][ T4202] RBP: 00007f63fb917090 R08: 0000000000000000 R09: 0000000000000000
[   55.782010][ T4202] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001
[   55.782027][ T4202] R13: 0000000000000000 R14: 00007f63fd4d5fa0 R15: 00007ffe039ce2b8
[   55.782045][ T4202]  </TASK>
[   56.074256][ T4206] syz.3.288 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   56.130962][ T4208] capability: warning: `syz.4.292' uses 32-bit capabilities (legacy support in use)
[   56.164307][ T4212] netlink: 8 bytes leftover after parsing attributes in process `syz.2.291'.
[   56.543367][ T4239] netlink: 4 bytes leftover after parsing attributes in process `syz.4.304'.
[   56.720377][ T4253] netlink: 8 bytes leftover after parsing attributes in process `GPL'.
[   56.751227][ T4255] netem: incorrect gi model size
[   56.756670][ T4255] netem: change failed
[   57.019761][ T4279] netlink: 4 bytes leftover after parsing attributes in process `syz.2.316'.
[   57.193418][ T4294] FAULT_INJECTION: forcing a failure.
[   57.193418][ T4294] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   57.207186][ T4294] CPU: 1 UID: 0 PID: 4294 Comm: syz.1.323 Not tainted 6.15.0-syzkaller-07774-g90b83efa6701 #0 PREEMPT(voluntary) 
[   57.207272][ T4294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   57.207285][ T4294] Call Trace:
[   57.207293][ T4294]  <TASK>
[   57.207302][ T4294]  __dump_stack+0x1d/0x30
[   57.207330][ T4294]  dump_stack_lvl+0xe8/0x140
[   57.207355][ T4294]  dump_stack+0x15/0x1b
[   57.207376][ T4294]  should_fail_ex+0x265/0x280
[   57.207466][ T4294]  should_fail+0xb/0x20
[   57.207503][ T4294]  should_fail_usercopy+0x1a/0x20
[   57.207546][ T4294]  _copy_from_user+0x1c/0xb0
[   57.207617][ T4294]  kstrtouint_from_user+0x69/0xf0
[   57.207648][ T4294]  ? 0xffffffff81000000
[   57.207680][ T4294]  ? selinux_file_permission+0x1e4/0x320
[   57.207762][ T4294]  proc_fail_nth_write+0x50/0x160
[   57.207891][ T4294]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   57.207942][ T4294]  vfs_write+0x269/0x8e0
[   57.207976][ T4294]  ? vfs_read+0x47f/0x6f0
[   57.208016][ T4294]  ? __rcu_read_unlock+0x4f/0x70
[   57.208112][ T4294]  ? __fget_files+0x184/0x1c0
[   57.208137][ T4294]  ksys_write+0xda/0x1a0
[   57.208180][ T4294]  __x64_sys_write+0x40/0x50
[   57.208247][ T4294]  x64_sys_call+0x2cdd/0x2fb0
[   57.208305][ T4294]  do_syscall_64+0xd2/0x200
[   57.208392][ T4294]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   57.208425][ T4294]  ? clear_bhb_loop+0x40/0x90
[   57.208518][ T4294]  ? clear_bhb_loop+0x40/0x90
[   57.208548][ T4294]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   57.208598][ T4294] RIP: 0033:0x7f25223bd41f
[   57.208617][ T4294] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   57.208716][ T4294] RSP: 002b:00007f2520a27030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   57.208758][ T4294] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f25223bd41f
[   57.208815][ T4294] RDX: 0000000000000001 RSI: 00007f2520a270a0 RDI: 0000000000000003
[   57.208842][ T4294] RBP: 00007f2520a27090 R08: 0000000000000000 R09: 0000000000000000
[   57.208903][ T4294] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[   57.208939][ T4294] R13: 0000000000000000 R14: 00007f25225e5fa0 R15: 00007ffe208a4268
[   57.208962][ T4294]  </TASK>
[   57.575441][ T4306] FAULT_INJECTION: forcing a failure.
[   57.575441][ T4306] name failslab, interval 1, probability 0, space 0, times 0
[   57.588837][ T4306] CPU: 0 UID: 0 PID: 4306 Comm: syz.4.327 Not tainted 6.15.0-syzkaller-07774-g90b83efa6701 #0 PREEMPT(voluntary) 
[   57.588875][ T4306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   57.588892][ T4306] Call Trace:
[   57.588901][ T4306]  <TASK>
[   57.588911][ T4306]  __dump_stack+0x1d/0x30
[   57.588939][ T4306]  dump_stack_lvl+0xe8/0x140
[   57.589014][ T4306]  dump_stack+0x15/0x1b
[   57.589034][ T4306]  should_fail_ex+0x265/0x280
[   57.589082][ T4306]  ? audit_log_d_path+0x8d/0x150
[   57.589129][ T4306]  should_failslab+0x8c/0xb0
[   57.589158][ T4306]  __kmalloc_cache_noprof+0x4c/0x320
[   57.589197][ T4306]  audit_log_d_path+0x8d/0x150
[   57.589321][ T4306]  audit_log_d_path_exe+0x42/0x70
[   57.589365][ T4306]  audit_log_task+0x1e9/0x250
[   57.589397][ T4306]  ? __get_user_8+0x14/0x30
[   57.589418][ T4306]  audit_seccomp+0x61/0x100
[   57.589529][ T4306]  ? __seccomp_filter+0x68c/0x10d0
[   57.589557][ T4306]  __seccomp_filter+0x69d/0x10d0
[   57.589609][ T4306]  ? kernelmode_fixup_or_oops+0x59/0xb0
[   57.589656][ T4306]  ? exc_page_fault+0x62/0xa0
[   57.589720][ T4306]  ? kernelmode_fixup_or_oops+0x59/0xb0
[   57.589768][ T4306]  __secure_computing+0x82/0x150
[   57.589807][ T4306]  syscall_trace_enter+0xcf/0x1e0
[   57.589903][ T4306]  do_syscall_64+0xac/0x200
[   57.589934][ T4306]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   57.589972][ T4306]  ? clear_bhb_loop+0x40/0x90
[   57.590067][ T4306]  ? clear_bhb_loop+0x40/0x90
[   57.590096][ T4306]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   57.590123][ T4306] RIP: 0033:0x7f655b0dd37c
[   57.590142][ T4306] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   57.590160][ T4306] RSP: 002b:00007f6559747030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   57.590198][ T4306] RAX: ffffffffffffffda RBX: 00007f655b305fa0 RCX: 00007f655b0dd37c
[   57.590215][ T4306] RDX: 000000000000000f RSI: 00007f65597470a0 RDI: 0000000000000003
[   57.590231][ T4306] RBP: 00007f6559747090 R08: 0000000000000000 R09: 0000000000000000
[   57.590247][ T4306] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   57.590264][ T4306] R13: 0000000000000000 R14: 00007f655b305fa0 R15: 00007ffdb9ae0548
[   57.590301][ T4306]  </TASK>
[   57.886860][ T4314] FAULT_INJECTION: forcing a failure.
[   57.886860][ T4314] name failslab, interval 1, probability 0, space 0, times 0
[   57.899951][ T4314] CPU: 1 UID: 0 PID: 4314 Comm: syz.4.332 Not tainted 6.15.0-syzkaller-07774-g90b83efa6701 #0 PREEMPT(voluntary) 
[   57.899983][ T4314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   57.899996][ T4314] Call Trace:
[   57.900004][ T4314]  <TASK>
[   57.900011][ T4314]  __dump_stack+0x1d/0x30
[   57.900032][ T4314]  dump_stack_lvl+0xe8/0x140
[   57.900094][ T4314]  dump_stack+0x15/0x1b
[   57.900122][ T4314]  should_fail_ex+0x265/0x280
[   57.900162][ T4314]  ? snd_timer_instance_new+0x31/0x160
[   57.900208][ T4314]  should_failslab+0x8c/0xb0
[   57.900234][ T4314]  __kmalloc_cache_noprof+0x4c/0x320
[   57.900368][ T4314]  snd_timer_instance_new+0x31/0x160
[   57.900412][ T4314]  snd_seq_timer_open+0x12f/0x330
[   57.900474][ T4314]  ? __kmalloc_cache_noprof+0x189/0x320
[   57.900501][ T4314]  ? _raw_spin_lock_irqsave+0x3a/0x90
[   57.900569][ T4314]  ? snd_seq_timer_defaults+0x1c1/0x1e0
[   57.900659][ T4314]  snd_seq_queue_alloc+0x269/0x420
[   57.900682][ T4314]  snd_seq_ioctl_create_queue+0x4d/0x1b0
[   57.900720][ T4314]  snd_seq_ioctl+0x17a/0x2e0
[   57.900793][ T4314]  ? __pfx_snd_seq_ioctl+0x10/0x10
[   57.900858][ T4314]  __se_sys_ioctl+0xce/0x140
[   57.900893][ T4314]  __x64_sys_ioctl+0x43/0x50
[   57.900979][ T4314]  x64_sys_call+0x19a8/0x2fb0
[   57.901035][ T4314]  do_syscall_64+0xd2/0x200
[   57.901060][ T4314]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   57.901088][ T4314]  ? clear_bhb_loop+0x40/0x90
[   57.901122][ T4314]  ? clear_bhb_loop+0x40/0x90
[   57.901180][ T4314]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   57.901201][ T4314] RIP: 0033:0x7f655b0de969
[   57.901231][ T4314] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   57.901255][ T4314] RSP: 002b:00007f6559747038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   57.901280][ T4314] RAX: ffffffffffffffda RBX: 00007f655b305fa0 RCX: 00007f655b0de969
[   57.901297][ T4314] RDX: 00002000000001c0 RSI: 00000000c08c5332 RDI: 0000000000000003
[   57.901313][ T4314] RBP: 00007f6559747090 R08: 0000000000000000 R09: 0000000000000000
[   57.901329][ T4314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   57.901345][ T4314] R13: 0000000000000000 R14: 00007f655b305fa0 R15: 00007ffdb9ae0548
[   57.901368][ T4314]  </TASK>
[   58.191898][ T4312] netlink: 4 bytes leftover after parsing attributes in process `syz.0.330'.
[   58.206216][ T4320] netem: incorrect gi model size
[   58.211235][ T4320] netem: change failed
[   58.357531][ T4340] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.341'.
[   58.373723][ T4333] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.341'.
[   58.502602][ T4343] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   58.584952][ T4348] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4348 comm=syz.3.346
[   58.634786][ T4355] netlink: 4 bytes leftover after parsing attributes in process `syz.3.349'.
[   58.696577][ T4360] ==================================================================
[   58.706030][ T4360] BUG: KCSAN: data-race in mas_state_walk / mas_wmb_replace
[   58.713446][ T4360] 
[   58.715888][ T4360] write to 0xffff88810417bc00 of 8 bytes by task 4358 on cpu 1:
[   58.723804][ T4360]  mas_wmb_replace+0x20e/0x14a0
[   58.728883][ T4360]  mas_wr_store_entry+0x17ae/0x2b60
[   58.734492][ T4360]  mas_store_prealloc+0x74d/0x9e0
[   58.740601][ T4360]  vma_iter_store_new+0x1c5/0x200
[   58.746784][ T4360]  vma_complete+0x125/0x570
[   58.752481][ T4360]  __split_vma+0x594/0x610
[   58.757544][ T4360]  vma_modify+0x1a4/0x210
[   58.762458][ T4360]  vma_modify_flags+0x101/0x130
[   58.767767][ T4360]  mprotect_fixup+0x2cc/0x570
[   58.772816][ T4360]  do_mprotect_pkey+0x6d6/0x980
[   58.777777][ T4360]  __x64_sys_mprotect+0x48/0x60
[   58.782655][ T4360]  x64_sys_call+0x2794/0x2fb0
[   58.787430][ T4360]  do_syscall_64+0xd2/0x200
[   58.792428][ T4360]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.799068][ T4360] 
[   58.801432][ T4360] read to 0xffff88810417bc00 of 8 bytes by task 4360 on cpu 0:
[   58.809172][ T4360]  mas_state_walk+0x485/0x650
[   58.814327][ T4360]  mas_walk+0x30/0x120
[   58.818591][ T4360]  lock_vma_under_rcu+0xa2/0x2f0
[   58.823921][ T4360]  do_user_addr_fault+0x233/0x1090
[   58.829360][ T4360]  exc_page_fault+0x62/0xa0
[   58.834146][ T4360]  asm_exc_page_fault+0x26/0x30
[   58.839552][ T4360] 
[   58.842239][ T4360] value changed: 0xffff888103e08601 -> 0xffff88810417bc00
[   58.849937][ T4360] 
[   58.852402][ T4360] Reported by Kernel Concurrency Sanitizer on:
[   58.858841][ T4360] CPU: 0 UID: 0 PID: 4360 Comm: syz.3.352 Not tainted 6.15.0-syzkaller-07774-g90b83efa6701 #0 PREEMPT(voluntary) 
[   58.871545][ T4360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   58.882235][ T4360] ==================================================================
[   58.928240][ T4363] FAULT_INJECTION: forcing a failure.
[   58.928240][ T4363] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   58.941638][ T4363] CPU: 1 UID: 0 PID: 4363 Comm: syz.0.351 Not tainted 6.15.0-syzkaller-07774-g90b83efa6701 #0 PREEMPT(voluntary) 
[   58.941675][ T4363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   58.941688][ T4363] Call Trace:
[   58.941716][ T4363]  <TASK>
[   58.941725][ T4363]  __dump_stack+0x1d/0x30
[   58.941753][ T4363]  dump_stack_lvl+0xe8/0x140
[   58.941808][ T4363]  dump_stack+0x15/0x1b
[   58.941828][ T4363]  should_fail_ex+0x265/0x280
[   58.941869][ T4363]  should_fail+0xb/0x20
[   58.941906][ T4363]  should_fail_usercopy+0x1a/0x20
[   58.941962][ T4363]  _copy_to_user+0x20/0xa0
[   58.941994][ T4363]  simple_read_from_buffer+0xb5/0x130
[   58.942034][ T4363]  proc_fail_nth_read+0x100/0x140
[   58.942143][ T4363]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   58.942220][ T4363]  vfs_read+0x1a0/0x6f0
[   58.942289][ T4363]  ? __rcu_read_unlock+0x4f/0x70
[   58.942318][ T4363]  ? __fget_files+0x184/0x1c0
[   58.942346][ T4363]  ksys_read+0xda/0x1a0
[   58.942389][ T4363]  __x64_sys_read+0x40/0x50
[   58.942440][ T4363]  x64_sys_call+0x2d77/0x2fb0
[   58.942463][ T4363]  do_syscall_64+0xd2/0x200
[   58.942497][ T4363]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   58.942528][ T4363]  ? clear_bhb_loop+0x40/0x90
[   58.942558][ T4363]  ? clear_bhb_loop+0x40/0x90
[   58.942641][ T4363]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.942665][ T4363] RIP: 0033:0x7f71b773d37c
[   58.942685][ T4363] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   58.942778][ T4363] RSP: 002b:00007f71b5da7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   58.942805][ T4363] RAX: ffffffffffffffda RBX: 00007f71b7965fa0 RCX: 00007f71b773d37c
[   58.942822][ T4363] RDX: 000000000000000f RSI: 00007f71b5da70a0 RDI: 0000000000000004
[   58.942839][ T4363] RBP: 00007f71b5da7090 R08: 0000000000000000 R09: 0000000000000000
[   58.942856][ T4363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   58.942916][ T4363] R13: 0000000000000000 R14: 00007f71b7965fa0 R15: 00007ffe1272b6c8
[   58.942941][ T4363]  </TASK>
[   59.166944][   T29] kauditd_printk_skb: 10108 callbacks suppressed
[   59.166964][   T29] audit: type=1400 audit(1748534075.656:27031): avc:  denied  { create } for  pid=4358 comm="syz.3.352" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=0
[   59.208926][ T3046] audit: audit_backlog=65 > audit_backlog_limit=64
[   59.216006][ T3046] audit: audit_lost=1790 audit_rate_limit=0 audit_backlog_limit=64
[   59.224291][ T3046] audit: backlog limit exceeded
[   59.239541][ T4365] audit: audit_backlog=65 > audit_backlog_limit=64
[   59.246696][ T4365] audit: audit_lost=1791 audit_rate_limit=0 audit_backlog_limit=64
[   59.254946][ T4365] audit: backlog limit exceeded
[   59.260754][   T29] audit: type=1400 audit(1748534075.686:27032): avc:  denied  { create } for  pid=4358 comm="syz.3.352" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=0
[   59.280923][   T29] audit: type=1400 audit(1748534075.686:27033): avc:  denied  { prog_load } for  pid=4358 comm="syz.3.352" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   59.300260][   T29] audit: type=1400 audit(1748534075.696:27034): avc:  denied  { create } for  pid=4358 comm="syz.3.352" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=0
[   64.171713][   T29] kauditd_printk_skb: 40559 callbacks suppressed
[   64.171733][   T29] audit: type=1400 audit(1748534080.656:67594): avc:  denied  { read } for  pid=3046 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   64.180560][ T3046] audit: audit_backlog=65 > audit_backlog_limit=64
[   64.202599][   T29] audit: type=1400 audit(1748534080.666:67595): avc:  denied  { read } for  pid=3046 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   64.207698][ T3046] audit: audit_lost=1792 audit_rate_limit=0 audit_backlog_limit=64
[   64.229500][   T29] audit: type=1400 audit(1748534080.666:67596): avc:  denied  { read } for  pid=3046 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   64.237512][ T3046] audit: backlog limit exceeded
[   64.238129][ T3046] audit: audit_backlog=65 > audit_backlog_limit=64
[   64.259841][   T29] audit: type=1400 audit(1748534080.666:67597): avc:  denied  { read } for  pid=3046 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   64.259875][   T29] audit: type=1400 audit(1748534080.666:67598): avc:  denied  { read } for  pid=3046 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   64.265030][ T3046] audit: audit_lost=1793 audit_rate_limit=0 audit_backlog_limit=64