last executing test programs:

1m3.675738674s ago: executing program 1 (id=729):
r0 = socket$inet6_icmp(0xa, 0x2, 0x3a)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e23, 0x1, @remote}, 0x18) (fail_nth: 3)

1m3.614659374s ago: executing program 1 (id=730):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup(r2)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$rtc(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r5, 0x89f1, &(0x7f0000000000)={'ip6gre0\x00', &(0x7f00000009c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x1, 0x2, 0x0, @rand_addr=' \x01\x00', @private1={0xfc, 0x1, '\x00', 0x1}, 0x8, 0x8000}})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r4}, 0x0, &(0x7f0000000040)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
readv(r3, &(0x7f00000004c0)=[{&(0x7f0000000180)=""/77, 0x4d}], 0x1)
ioctl$BTRFS_IOC_TREE_SEARCH(r3, 0x7005, 0x0)
socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_rdma(0x10, 0x3, 0x14)
syz_open_pts(0xffffffffffffffff, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r7}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x10)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="38000000031401002abd7000fedbdf250900020073017a31000000000800410072786500140033006c6f"], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000380)='./file0\x00', 0x2800800, &(0x7f0000000240)={[{@inode_readahead_blks}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100000}}, {@max_batch_time={'max_batch_time', 0x3d, 0x3ff}}, {@noinit_itable}, {@usrquota}, {@dioread_nolock}, {@noinit_itable}]}, 0x20, 0x4bc, &(0x7f0000000540)="$eJzs3U9vVF0ZAPDn3ra0lEJBWahRQUTREGbaARrCCjcaQ0iMxJULqO3QNJ3pNJ0p0sqifAcTSVzpR3Bh4sKElXt3unODCxNUoqEmLMbcO9M/lJnS96XMJJ3fL7m559wzzHPOTO45w9N2TgAD62JEbEbEiYh4GBGT7etJ+4g7rSN73JvXT+e2Xj+dS6LZvP+vJG/PrsWef5M51X7OsYj48Q8ifpa8H7e+vrE0W6mUV9v1YqO6Uqyvb1xbrM4ulBfKy6XSzPTM1K3rN0tHNtYL1d+9+v7i3Z/88Q9fe/nnze/+IuvWRLtt7ziOUmvoIztxMsMRcfdTBOuDofZ4TvS7I3wuaUR8ISIu5ff/ZAzl7yYAcJw1m5PRnNxb3zW8rw4AHA9pngNL0kI7FzARaVootHJ452M8rdTqjauPamvL861c2dkYSR8tVspT7Vzh2RhJsvp0Xt6tl/bVr0fEuYj45ejJvF6Yq1Xm+/nBBwAG2Kl96/9/R1vrPwBwzI31uwMAQM9Z/wFg8Fj/AWDwWP8BYPBY/wFg8Fj/AWDwWP8BYKD86N697Ghutb//ev7x+tpS7fG1+XJ9qVBdmyvM1VZXCgu12kL+nT3VDz1fpVZbmb4Ra0+KjXK9Uayvbzyo1taWGw/y7/V+UB7pyagAgIOcu/Dir0lEbN4+mR/R2svhTuS7VgDHWdrvDgB9M9TvDgB9Y7cvGFz+jw902KL3HV1/Rej50fcF6I0rX+6Y/8/5bADHm/w/DC75fxhc8v8wuJrNxB7/ADBg5PgBP/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAz24i4u1EJGmhvRf4RKRpoRBxOiLOxkjyaLFSnoqIMxHxl9GR0aw+3e9OAwAfKf1H0t7/68rk5Yn9rSeS/43m54j4+a/v/+rJbKOxOp1d//fO9cbz9vVSP/oPAHzI9jq9vY5ve/P66dz20cv+vPpea3PRLO5W+2i1DMdwfh6LkYgY/0/Srrdkn1eGjiD+5rOI+FKn8ScxkedAWjuf7o+fxT7d0/jpO/HTvK11zl6LLx5BX2DQvMjmnzud7r80Lubnzvf/WD5Dfbzt+W/rvfkv3Zn/hrrMfxcPG+PGn37Yte1ZxFeGO8VPduInXeJfPmT8v33165e6tTV/E3ElOsffG6vYqK4U6+sb1xarswvlhfJyqTQzPTN16/rNUjHPURe3M9Xv++ftq2cOGv94h/i7++J3H/+3Djn+3759+NNvHBD/O9/s/P6fPyB+1r9vHzL+7Pjvu27fncWf7/L6f+j9v3rI+C//vjF/yIcCAD1QX99Ymq1UyqsKeSHiVvQ26FC/h6yg0KHQ75kJ+NR2b/p+9wQAAAAAAAAAAAAAAOimF39O1O8xAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHz9PwAA///Mq9SX")
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r9}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='gtp\x00')

1m3.519957935s ago: executing program 1 (id=733):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000080)="13000000320081084e81f782db44b904021d08", 0x13}], 0x1}, 0x0) (fail_nth: 5)

1m3.232370417s ago: executing program 1 (id=734):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000640)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
rt_sigtimedwait(0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080)=0xffffffffffffffff, 0x4)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
setresuid(0x0, 0x0, 0x0)
quotactl_fd$Q_GETNEXTQUOTA(r3, 0xffffffff80000900, 0x0, 0x0)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000640)='/sys/power/pm_test', 0x42, 0x0)
io_setup(0x20, &(0x7f0000001140)=<r5=>0x0)
io_submit(r5, 0x1, &(0x7f00000001c0)=[&(0x7f0000002040)={0xf, 0x400000000000, 0x0, 0x1, 0x0, r4, 0x0}])
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x24, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='kfree\x00', r6}, 0x10)
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x40, 0x7ffc1ffb}]})
mq_notify(r7, 0x0)
io_uring_register$IORING_REGISTER_RESTRICTIONS(0xffffffffffffffff, 0xb, &(0x7f0000000480)=[@ioring_restriction_sqe_op={0x1, 0x1c}], 0x1)
r8 = io_uring_setup(0x4dc2, &(0x7f0000000400)={0x0, 0x0, 0x100})
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r8, 0x18, &(0x7f0000000000), 0x1)

1m3.023857618s ago: executing program 1 (id=741):
socket$pptp(0x18, 0x1, 0x2)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000007940)={0x0, 0x0, &(0x7f0000007900)={&(0x7f0000001f40)=@newtaction={0x284, 0x30, 0x216822a75a8bdd29, 0xffe4, 0x0, {}, [{0x270, 0x1, [@m_connmark={0xd8, 0x2, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x3, 0xd, 0x2, 0x0, 0x3}, 0x8}}]}, {0x89, 0x6, "0e1d6675dba3db3177bea3e4fa1006fb93a124a8a6984bc3e847bac1dbc3ed2b3c44379681ce9f1d54dc79baa46092c4ef8e6f6b1a67c04da43ac0fa57c335c28923d7e42d1703b1f56d68398feb6da0bc829a813716e7758108c3a446fbe384261e315b938518fe17305c3652ba3ac561527fa024358100b94309e1c46ea2786a0a6e747d"}, {0xc}, {0xc}}}, @m_sample={0xc0, 0x9, 0x0, 0x0, {{0xb}, {0xc, 0x2, 0x0, 0x1, [@TCA_SAMPLE_RATE={0x8, 0x3, 0x9}]}, {0x89, 0x6, "507d4c51e3dfa5738b731da3ec655ce47b48f5f110a30b9f304dbce973cb38ca347769d0043776a44c84b74fa92093cc248d3347ace0891ffc057721fde03f4ec27360bc219bfa6e54193239c6d1cc7fadb078c85695e47c5f46a4ce9b5a1ff7a28b964779ce078b9c02554b69e2e6425fc0bc3d836614ecfc60760fdc7d8114564c5d394f"}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}, @m_gact={0xd4, 0x3, 0x0, 0x0, {{0x9}, {0x58, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x1c5443aa, 0x0, 0x3, 0xe, 0x800}}, @TCA_GACT_PROB={0xc, 0x3, {0x0, 0x1d28, 0x1}}, @TCA_GACT_PARMS={0x18, 0x2, {0xb66, 0xb3, 0x10000000, 0x9, 0xffff}}, @TCA_GACT_PARMS={0x18, 0x2, {0x7ff, 0xd8, 0x0, 0x9, 0x100000e0}}]}, {0x52, 0x6, "a06b1d1931f3579c6d7c5159238a286074602c3726c701f3c0d5382de62a6e8c4fb714fcd674c66cd306a4f78d3d05530609c9b04b7483bd084d70df8e77e6fbd503917aa0a6c737cef0ed021b60"}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}, 0x284}, 0x1, 0x0, 0x0, 0xc000}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x13, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020642500000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000440)={&(0x7f0000000980)=ANY=[@ANYBLOB="9feb01001800000000000000240000002400000002000000000000000000000d020000000000000001000005fa0d"], &(0x7f0000000f40)=""/4089, 0x3e, 0xff9, 0x1, 0x1, 0x0, @void, @value}, 0x28)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
rseq(&(0x7f0000000400), 0x20, 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1018e58, &(0x7f0000000080)={[{@usrquota}, {@noblock_validity}, {@bh}, {@max_batch_time={'max_batch_time', 0x3d, 0x8c9}}, {@debug}, {@inlinecrypt}]}, 0x6, 0x5fd, &(0x7f0000000600)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySSvKy5fpI/b88zwxHx7dGIRyur6124cvXsdLXW8F7E/sVzF/cvXLm6b/7c9JnZM7Pnpw68cPDQ5ItTB6c2JM7t+fOx4689+fH7bz8/9111XxKH4+TguzOxIo6NMh7jcScPsbV8ICIOZYk2n8vDZguEUGqV/PdxMCIej7Go1HMNYzH/UaGNA3qqVomoASWV6P9QUs1xQPPYvrvj4JM9HpX0z60jjQOg1fEPNM6NxHD92Gjb7aTlyKhxbmPHBtSf1fHPtd2fZ49Ydh7iz7tbZ2AD6ulk6XpEPNEu/qTeth31SLP402XtSCJiMiKG8va98gBtSFrSvTgPs5b1xp9GxOH8OSs/us76x1fk+x0/AOV080i+I1/Kcvf2f9nYozn+iTbjn9E2+671KHr/13n819zfD9fPkacrxmHZmOVE+7ccXFnw04fHPu1Uf+v4L3tk9TfHgv1w63rE7hXxf5AFm49/sviTNts/W+XU4e7qePX7X451WlZ0/LUbEXvaHv/cG5VmqTWuT+6fm6/OTjZ+tq3j62/e+rJT/UXHn23/bR3ib9n+6crXZZ/JxS7r+OrEjXOdlo3eN/7056Gkcbw5lJe8M724eGkqYig5nq/SUn5g7bY012m+Rxb/3mfa9/9lv//Xl7/PSPNPZhcuvnH2dqdl69n+LReT79S6bEMnWfwz99/+q/p/VvZJl3X88eblpzotWyv+kQcJDAAAAAAAAEoorV+DTdKJu+k0nZhozJd9LLal1QsLi8/OXbh8fiZib/3/IQfT5pXusUY+yfJT+f/DNvMHVuSfi4idEfFZZaSenzh9oTpTdPAAAAAAAAAAAAAAAAAAAACwSWzP5/8371P9e6Ux/x8oiV7eYA7Y3PR/KK96/191iyegDOz/obz0fygv/R/KS/+H8tL/obz0fygv/R/KS/8HAAAAgC1p59M3f0wiYumlkfojM5QvMyMItrbBohsAFKZSdAOAwty99G+wD6XT1fj/r/zLAXvfHKAASbvC+uCgtnbnv9n2lQAAAAAAAAAAAABAD+zZ1Xn+v7nBsLWZ9gfl9QDz/311ADzkfPU/lJdjfOB+s/iHOy0w/x8AAAAAAAAAAAAA+ma0/kjSiXwu8Gik6cRExP8jYkcMJnPz1dnJiHgkIn6oDP4vy08V3WgAAAAAAAAAAAAAAAAAAADYYhauXD07Xa3OXmpN/L2qZGsnmndB7UNdL8d/fFUk/f9YRiKi8I3Ss8RAS0kSsZRt+U3RsEsLsTmaUU8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hziwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793iaJjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTv8GAAD//7V5QCw=")
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000380)='.\x00', 0x2042023, &(0x7f00000002c0)=ANY=[], 0xfc, 0x0, &(0x7f0000000000))
mount(0x0, &(0x7f0000000000)='.\x00', 0x0, 0x2012024, 0x0)
r2 = getpgrp(0xffffffffffffffff)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
kcmp(r2, r3, 0x5, 0xffffffffffffffff, 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
r4 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f00000001c0)=0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x0, 0xc, &(0x7f0000000540)=ANY=[@ANYRESHEX, @ANYRES16=0x0, @ANYBLOB="2100000000000000b7080000000000007b8af8ff00000000bfa20000000000000768cadd96ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x1, 0x0, 0x0, 0x41100, 0x24, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xfffffffffffffe52)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000600)='sys_enter\x00', r5}, 0x10)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f0000000000), 0x208e24b)
lseek(r6, 0xa, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000100)='kmem_cache_free\x00', r1, 0x0, 0x40}, 0x18)
r7 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r7, &(0x7f0000000280)={0x80000011})

1m2.955867959s ago: executing program 1 (id=744):
socket$inet_dccp(0x2, 0x6, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
io_pgetevents(0x0, 0x5, 0x9, 0x0, 0x0, 0x0)
unshare(0x62040200)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
eventfd2(0x0, 0x0)
io_submit(0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x100000008, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext={0x2, 0x800000000003}, 0x1320, 0xffffffff, 0x3, 0x6, 0xffffffffffffffff, 0x6, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, 0x0)
ioctl$PPPIOCSPASS(0xffffffffffffffff, 0x40107447, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
unshare(0x2040600)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
mlock2(&(0x7f0000cfb000/0x2000)=nil, 0x2000, 0x0)
unshare(0x2000400)
setxattr$trusted_overlay_upper(0x0, &(0x7f00000000c0), &(0x7f00000005c0)=ANY=[@ANYRES64=r2], 0x15, 0x3)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$IPT_SO_GET_INFO(r3, 0x0, 0x40, &(0x7f0000000000)={'security\x00', 0x7003, [0x80002, 0x40009, 0x5, 0x1]}, &(0x7f0000000100)=0x54)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0e000000040000000400000005"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000080)='mm_page_free\x00', r5}, 0x10)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000200)='./file0\x00', 0x0, &(0x7f00000001c0), 0xfe, 0x25e, &(0x7f0000000280)="$eJzs3T9o3FYcB/Cf7k9d16a47VIo/QOllNZg3KFQ6NIuLRhKMaUU2oJLKZ2CHXBssvkyZcmQzEnwlMWEbHEyhiwmSyCrk3hwlgwxGWIyJMMFne7C+Xwmjs93CtbnA7L09J70nkDfZ3mQHEBhjUXEDxFRjojxiKhGRNLe4LNsGWsWl4fXZiLq9d8eJ412WTnTOm4kImoR8V1EpVW3uPrX5tP1n788s1D94tLqn8ODur52W5sbv2xf/PX01alvFkvNfaPNdft1HKaky75KEvF+Pzp7QySVvEfAfkyfvHI3zf0HEfF5I//VKDUje3b+rZvV+PrCXseee3Tno0GOFTh89Xo1/R1YqwOFU2o8AyeliYjItkuliYnsGf5eOYljc/Mnxv+fW5j9L++ZCjgESS37u3fjp+tD10Y68v+wnOV/X77t80iBvkjz//v0yv10e7uc92iAgfg4W6X5H/9n6auQfygc+Yfikn8oLvmHI+CA2ZV/KC75h+KSfzjCqq2NWtdq+Yfikn8oro785/I+LpCP9vwDAMVSH8r7DWQgL3nPPwAAAAAAAAAAAAAAAAAAwG7Lw2szrWVQfd46H7H1Y0RUdvY/1KgtN/4fccTbjZ/vPEnSZi8l2WE9+fvTHk/Qo8s5v3397oN8+7/9SX/Oe2pncc9v2y3NRtTSxpOVyu77P2nefwf33ivqq//22MFrSjrK3/8x2P47PV/Jt/+p9Ygb6fwz2W3+K8WHjXX3+We0/RPLB3T8WY8nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYGBeBAAA//9hymrI")
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)

47.84638628s ago: executing program 32 (id=744):
socket$inet_dccp(0x2, 0x6, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
io_pgetevents(0x0, 0x5, 0x9, 0x0, 0x0, 0x0)
unshare(0x62040200)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
eventfd2(0x0, 0x0)
io_submit(0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x100000008, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext={0x2, 0x800000000003}, 0x1320, 0xffffffff, 0x3, 0x6, 0xffffffffffffffff, 0x6, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, 0x0)
ioctl$PPPIOCSPASS(0xffffffffffffffff, 0x40107447, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
unshare(0x2040600)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
mlock2(&(0x7f0000cfb000/0x2000)=nil, 0x2000, 0x0)
unshare(0x2000400)
setxattr$trusted_overlay_upper(0x0, &(0x7f00000000c0), &(0x7f00000005c0)=ANY=[@ANYRES64=r2], 0x15, 0x3)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$IPT_SO_GET_INFO(r3, 0x0, 0x40, &(0x7f0000000000)={'security\x00', 0x7003, [0x80002, 0x40009, 0x5, 0x1]}, &(0x7f0000000100)=0x54)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0e000000040000000400000005"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000080)='mm_page_free\x00', r5}, 0x10)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000200)='./file0\x00', 0x0, &(0x7f00000001c0), 0xfe, 0x25e, &(0x7f0000000280)="$eJzs3T9o3FYcB/Cf7k9d16a47VIo/QOllNZg3KFQ6NIuLRhKMaUU2oJLKZ2CHXBssvkyZcmQzEnwlMWEbHEyhiwmSyCrk3hwlgwxGWIyJMMFne7C+Xwmjs93CtbnA7L09J70nkDfZ3mQHEBhjUXEDxFRjojxiKhGRNLe4LNsGWsWl4fXZiLq9d8eJ412WTnTOm4kImoR8V1EpVW3uPrX5tP1n788s1D94tLqn8ODur52W5sbv2xf/PX01alvFkvNfaPNdft1HKaky75KEvF+Pzp7QySVvEfAfkyfvHI3zf0HEfF5I//VKDUje3b+rZvV+PrCXseee3Tno0GOFTh89Xo1/R1YqwOFU2o8AyeliYjItkuliYnsGf5eOYljc/Mnxv+fW5j9L++ZCjgESS37u3fjp+tD10Y68v+wnOV/X77t80iBvkjz//v0yv10e7uc92iAgfg4W6X5H/9n6auQfygc+Yfikn8oLvmHI+CA2ZV/KC75h+KSfzjCqq2NWtdq+Yfikn8oro785/I+LpCP9vwDAMVSH8r7DWQgL3nPPwAAAAAAAAAAAAAAAAAAwG7Lw2szrWVQfd46H7H1Y0RUdvY/1KgtN/4fccTbjZ/vPEnSZi8l2WE9+fvTHk/Qo8s5v3397oN8+7/9SX/Oe2pncc9v2y3NRtTSxpOVyu77P2nefwf33ivqq//22MFrSjrK3/8x2P47PV/Jt/+p9Ygb6fwz2W3+K8WHjXX3+We0/RPLB3T8WY8nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYGBeBAAA//9hymrI")
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)

11.98552217s ago: executing program 5 (id=1635):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x8, 0x3, 0x520, 0x340, 0x25, 0x148, 0x20000000, 0x60, 0x488, 0x2a8, 0x2a8, 0x488, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x0, 0x0, 0x9, 0x0, 0x80ffffff, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'syzkaller0\x00', 'veth0_to_team\x00'}, 0x0, 0xe8, 0x148, 0x0, {}, [@common=@set={{0x40}}, @common=@unspec=@statistic={{0x38}}]}, @common=@SET={0x60}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x580)

11.88394655s ago: executing program 5 (id=1639):
r0 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$tipc(0x0, r0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
getsockname$packet(r0, &(0x7f0000000600)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=@newlink={0x48, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, r3, 0x0, 0x20040}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @vxcan={{0xa}, {0x18, 0x2, 0x0, 0x1, @val={0x14, 0x1, {{0x0, 0x0, 0x0, r3, 0x225, 0x68020}}}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x40}, 0x0)

11.867152361s ago: executing program 5 (id=1640):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000022020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c3"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x515a02, 0x52abe154ad664fa4)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r4, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x4, 0x2, 0x0, 0x0, 0x7, 0x8}, {0x12, 0x3, 0x0, 0x1, 0x8001, 0x400}, 0xa5, 0x4, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}}, 0x44080)

11.758742661s ago: executing program 5 (id=1644):
r0 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route_sched(r0, 0x0, 0x0)

11.620518022s ago: executing program 5 (id=1648):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="480000001000030500"/20, @ANYRES32=r0, @ANYBLOB="0000000000000000280012800b0001006d61637365630000180002800c0004000100"], 0x48}}, 0x40000)

11.619938512s ago: executing program 5 (id=1649):
socket(0x1d, 0x2, 0x6)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_clone3(0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
socket$kcm(0x10, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0x6, 0x4, 0x1, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f0000000880)='sched_process_fork\x00', r3}, 0x10)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

7.099906122s ago: executing program 4 (id=1711):
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000480)={{}, &(0x7f0000000400), 0x0}, 0x20)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000020000000000000", @ANYRES32, @ANYBLOB="000400"/18, @ANYRES32], 0x50)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno='])
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x8, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f00000004c0)='kfree\x00', r4}, 0x10)
socket$pppl2tp(0x18, 0x1, 0x1)
r5 = creat(&(0x7f0000000380)='./file0\x00', 0x80)
write$qrtrtun(r5, &(0x7f0000000780)="fb", 0x9500)

7.032999733s ago: executing program 4 (id=1712):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x80000, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket(0x840000000002, 0x3, 0xff)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10)
sendmmsg$inet(r3, &(0x7f0000000440)=[{{&(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001580)=[{&(0x7f0000000200)="a9050000000074640000000000003552bde5c064c6", 0x15}, {&(0x7f0000000340)="174640b6d80fb2eedc81ba60ccbb9d", 0xf}], 0x2}}, {{&(0x7f00000004c0)={0x2, 0x4e22, @multicast1}, 0x10, &(0x7f0000001280)=[{&(0x7f0000000240)="5825be57aff9352b35d100000000000000e6caa7951d59f92880a43cffb90886c530c1939c97a51107bb8f19f66b0443b312bb38d6fb5d4dc41fef39272d12e70e324a4cf747d0c6c3d6b08148066a687f6119eef5da2a33769108a593d9d361617f87d5a632c20c40da3d921f3d25037341c271cfc21ab9dc4d1b2fc1c93f0734", 0x81}, {&(0x7f0000001380)="be8403", 0x3}], 0x2}}], 0x2, 0x4)

6.952578884s ago: executing program 4 (id=1714):
syz_open_dev$usbfs(&(0x7f0000000340), 0xfffffffffffffffd, 0x8401)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000480)={{}, &(0x7f0000000400), 0x0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000020000000000000", @ANYRES32, @ANYBLOB="000400"/18, @ANYRES32], 0x50)
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r3 = dup(r2)
write$P9_RLERRORu(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
r4 = creat(&(0x7f0000000380)='./file0\x00', 0x80)
write$qrtrtun(r4, &(0x7f0000000780)="fb", 0x1)

6.797437894s ago: executing program 4 (id=1717):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x0, 0x1}, 0x8002, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000280), 0x1, 0x0)
bpf$OBJ_GET_MAP(0x7, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
setns(0xffffffffffffffff, 0x24020000)
r3 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2000}, 0xc)
memfd_create(0x0, 0x7)
r4 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r4, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r5, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r6, 0x1, 0x70bd25, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x4040)
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000180)}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0)

3.739267455s ago: executing program 4 (id=1762):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x10, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r2, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8401, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

3.668802635s ago: executing program 4 (id=1763):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x0, 0x1}, 0x8002, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000280), 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
setns(0xffffffffffffffff, 0x24020000)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2000}, 0xc)
memfd_create(0x0, 0x7)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, 0x0, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r4, 0x1, 0x70bd25, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x4040)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000180)}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0)

1.51470684s ago: executing program 2 (id=1785):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r0}, 0x18)
syz_clone(0x800200, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
ioprio_set$uid(0x3, 0x0, 0x0)

822.804754ms ago: executing program 3 (id=1800):
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000480)={{}, &(0x7f0000000400), 0x0}, 0x20)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000020000000000000", @ANYRES32, @ANYBLOB="000400"/18, @ANYRES32], 0x50)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYRESHEX=r2])
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x8, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f00000004c0)='kfree\x00', r4}, 0x10)
socket$pppl2tp(0x18, 0x1, 0x1)
r5 = creat(&(0x7f0000000380)='./file0\x00', 0x80)
write$qrtrtun(r5, &(0x7f0000000780)="fb", 0x9500)

806.396714ms ago: executing program 0 (id=1801):
r0 = syz_clone(0x20a00000, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
ptrace$getregset(0x4204, r0, 0x202, &(0x7f0000000180)={0x0})

726.741225ms ago: executing program 3 (id=1802):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f00000002c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x4000800)
sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000980)=@delchain={0x34, 0x64, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xfff3, 0xffff}, {0x0, 0x1b}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@delchain={0x24, 0x11, 0x1, 0x1f, 0x0, {0x0, 0x0, 0x0, r4}}, 0x24}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)

726.413015ms ago: executing program 0 (id=1803):
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='net/anycast6\x00')
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = io_uring_setup(0x607f, &(0x7f0000000140)={0x0, 0x100caf8, 0x80, 0xbfffffff, 0x3b2, 0x0, r0})
close_range(r1, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$TIOCL_GETMOUSEREPORTING(0xffffffffffffffff, 0x5412, 0x0)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x9000)
openat(0xffffffffffffff9c, 0x0, 0x183843, 0x42)
syz_open_dev$tty1(0xc, 0x4, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={0x0, 0xffffffffffffffff, 0x0, 0x3}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet6(0xa, 0x2, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r2, 0x1, 0x2, 0x0, 0x0)
syz_read_part_table(0x593, &(0x7f00000005c0)="$eJzs0r1LK2kUB+A3A5c0e4lcLli4hWCwigqx0CIpRGJIY0RcsbAWLLQQLCwkEq39+AcUv0BsxD6lGEEUYiUpxXpBsUmVZdfZxmplUdnleZrhPefMHF5+E/hPi8Lv7XY7EUJoJ9//9m+nhbFS98TI5FQIiTAbQij8+stfnUQ88fdXz+NzOT6XktnG/vXo82nHTc9dPX0Yxf1aFMJaCGHh4Sj1b+/G/99Z/jK1vrFU3FzJz98XVx8H5/oKXVuFxZ2hg1xlujM3E/9Ytehz9qcbw8e37fLT7vf+b/VGK3sVz2USH7Ofr/U2/72f1Wa1Nd57sjyQ+dG8qGzHub/IHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+GBn+cvU+sZScXMlP39fXH0cnOsrdG0VFneGDnKV6c7cTPQ6V4s+Z3+6MXx82y4/7X7v/1ZvtLJX8Vwm8TH7+Vpv89/7WW1WW+O9J8sDmR/Ni8p2nPuL/AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf6gwVuqeGJmcCiERZkMIo1HH0Z/1dvK1n4jnzuNnOa6XktnG/vXo82nHTc9dPX04EddrUQhrIYSFh6PUp1+Gd/sjAAD///tch0s=") (fail_nth: 5)

725.995725ms ago: executing program 2 (id=1804):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB="020300090c000000000000000000000003001a"], 0x60}}, 0x0)
r2 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0)
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newqdisc={0x34, 0x24, 0xf0b, 0x4, 0x25dfdbfe, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0xd}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}}, 0x0)
bind$unix(r2, &(0x7f0000000040)=@file={0x1, './file0\x00'}, 0x6e)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x8942, &(0x7f0000000cc0)='lo:\x96o8\x14d\xa1\xba\xda\xd1\xa0J\x12tQ\xb16\xe3\xd7\\b\x8b\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00l \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x02\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00\xb1\x88\xebW_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xeb\xe1\xde\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xfc\xfa 6(%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x1f\x9c,\x113\x7f\x03\x93\xe1\xcc\xe7f\r\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0Z\x9f\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5<J\x1f\xba\xfc\x90(\x985\x93\xa8\xd4\xf0\xbdTy\x18\xc8\xa0\xbb\x99\x8c\xe0Q\xffCl\xbdX~3\xa1\xa2\xf4\xd9\xf7\xc7\xfb\xce\x959x\xfeW\r\xf0{\xcaT\xecp)=\x9d\xdfG8\xa1\xe3=\xa6\x00\x98\xc1\xb3\x91-\xab\'W\x8al?d<JN\xcb\xd4H\xb0_jO\xf3\x90\xe8/l\xdfg)\x8d#\xfdo\xa9L\xdeA*\xec\xa1\x14,\xe8\x8d^\xb9r=\xc0\x18\xd4\x11dU[Ry\xed\xd6\x97\x8a\xe8\xca\x99\x10\x8e\xc8P\xa3\xae/\xdaof\x06\x7f\xf7\x80$f\b\x92\xae\xeb\xdd\"\x89\xb8\xf0\xc3\b\x00\x00\x00\x00\a\xf6\xfc\x1d\xd4\x893\xeb)\xc1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00O!\xd2q\xda}\xe2\xa2\xfe\xfd)\\\xdf\x9aN\\\xaeyc\xe4g\xc0\x8a\n\v{\xa9H\\\xd1\x9d')
sendmsg$nl_route_sched(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000780)=@newtfilter={0x34, 0x2c, 0x400, 0x70bd2d, 0x255fdbfb, {0x0, 0x0, 0x0, r3, {0x1, 0xfff3}, {}, {0x5}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@bloom_filter={0x1e, 0x1, 0x3, 0x7fff, 0x100, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x1, 0x5, 0x1, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r5, <r6=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000d0039000000000000b4a518110000", @ANYRES32=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0e00000004000000040000000c"], 0x48)
fremovexattr(r6, &(0x7f0000000700)=@known='trusted.overlay.redirect\x00')
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, &(0x7f00000008c0)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB='\r\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="180000000004000000d26ad9c500"/28], 0x50)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000400)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb010018000000000000005400000054000000040000000200000004000085010400001000000001000000020000000b00000005000000f9ffffff0500000000000000090000000f000f0000000000020000000400000000000007000000000f0000000000001204000000005f0000"], &(0x7f0000000300)=""/176, 0x70, 0xb0, 0x1, 0x4, 0x0, @void, @value}, 0x28)
socket$inet(0x2, 0x4000000000000001, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000380)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x218014c4, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x5, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

471.595057ms ago: executing program 3 (id=1805):
r0 = syz_mount_image$ext4(&(0x7f0000000600)='ext4\x00', &(0x7f0000000740)='./cgroup\x00', 0x10, &(0x7f00000005c0)={[{@orlov}, {@sysvgroups}, {@dioread_lock}]}, 0x1, 0x510, &(0x7f0000000c40)="$eJzs3W1rHFsdAPD/TLJp2uaavSpSL3jvxXulvWg3yY333ijSVhB9VVDr+xqTTQjZZEMeahOKpvgBBBEV/AC+EfwAgvQjiFDQ96KiiLb6Ujsyu7Oah91kSTbZuvn94GTOmdk5/3OG7Ow8HGYCuLDejIg7ETEUEe9ExHgxPy1S7DZT/rnnzx7N5SmJLLv3tySSYl6rrrw8HBFXi9VGI+LrX4n4VnI47sb2zvJsrVZdL8oTmytrExvbOzeXVmYXq4vV1enpqfdnPph5b2YyK5yqn+WIuPWlP/3o+z/78q1ffebbv7//lxvfyZv1hY812x0Rc6cK0EGz7lJjW7Tk22j9LIL1Sd6f0lC/WwEAQDfyY/wPR8QnG8f/4zHUOJoDAAAABkl2eyz+lURkAAAAwMBKI2IskrRSjAUYizStVJpjeD8aV9JafWPz0wv1rdX5fFlEOUrpwlKtOlmMFS5HKcnLU8UY21b53QPl6Yh4NSJ+OH65Ua7M1Wvz/b74AQAAABfE1Tf2n///czxt5AEAAIABU+5YAAAAAAaFU34AAAAYfM7/AQAAYKB99e7dPGWt93jPP9jeWq4/uDlf3ViurGzNVebq62uVxXp9sfHMvpXj6qvV62ufjdWth63XCO7cX6lvrW7eX9r3CmwAAADgHL36xpPfJRGx+/nLjRTFcwAB9vljvxsA9NJQvxsA9M1wvxsA9E3p2E/YQ8CgS45ZfnjwTvNaYfz6bNoDAAD03vWPH77/P1IsO/7aAPD/zFgfALh43N2Di6t00hGA13rdEqBfPtScXOq0vOPDO7q4/9+8xpBlJ2oYAADQM2ONlKSV4jh9LNK0Uol4pfFagFKysFSrThbnB78dL13Ky1ONNZNjxwwDAAAAAAAAAAAAAAAAAAAAAAAAAE1ZlkQGAAAADLSI9M9J42n+EdfH3x7bf3XgwFu/fnrvxw9nNzfXpyJGkr+P57NGImLzJ8X8dzOvBAAAAICXQPM8vZhO9bs1AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAya588ezbXSecb96xcjotwu/nCMNqajUYqIK/9IYnjPeklEDPUg/u7jiLjWLn4SL7IsKxetaBf/8hnHLzc2Tfv4aURc7UF8uMie5PufO+2+f2m82Zi2//4NF+m0Ou//0v/u/4Y67H9eOVDu5LWnv5joGP9xxGvD7fc/rfhJM/6+EHnhrS77+M1v7Oy0XbCnynbx98aa2FxZm9jY3rm5tDK7WF2srk5PT70/88HMezOTEwtLtWrxt22YH3zily+O6v+VDvHL+/t/aPu/3VXvs/j304fPPtIslNrFv/FW+9/fax3ip8Vv36eKfL78eiu/28zv9frPf/P6Uf2f79D/0WP6f6Or/sfn3vna9/7QdsmhrQEAnIeN7Z3l2Vqtun5EZrSLz5xz5vbL0YweZuLlaEa/Mtl3m/+Pp6vnlKsfymSnWX04etCMkUPf06E4aYVJxG5eV5f/kAAAwID530H/UXeQAAAAAAAAAAAAAAAAAAAAgLN0oseSXdoYjYiu1zoYc7c/XQUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAONJ/AgAA//+KzM4J")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x123)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='devpts\x00', 0x0, 0x0)
mount$bpf(0x0, &(0x7f0000001080)='./file0\x00', 0x0, 0x1100020, &(0x7f0000000700)=ANY=[@ANYBLOB='uid=', @ANYRESHEX=0x0])
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='mounts\x00')
pread64(r2, &(0x7f0000003200)=""/4140, 0x102c, 0x7)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x3e, &(0x7f0000000440)=ANY=[], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
setsockopt$inet6_tcp_int(r1, 0x6, 0x5, &(0x7f00000000c0)=0x7, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYRESDEC, @ANYRES32=0x0, @ANYRES32, @ANYRES64=r0, @ANYRES32, @ANYRES32], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x35, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000340)='kfree\x00', r3}, 0x18)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
chdir(&(0x7f0000000000)='./cgroup\x00')
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f00000002c0)={'gretap0\x00', &(0x7f0000000380)={'syztnl1\x00', <r5=>0x0, 0x1, 0x8, 0x5, 0x2, {{0x1b, 0x4, 0x0, 0x2, 0x6c, 0x67, 0x0, 0x7, 0x2f, 0x0, @remote, @multicast1, {[@timestamp_addr={0x44, 0xc, 0xe1, 0x1, 0x4, [{@multicast1, 0x1000}]}, @noop, @timestamp_addr={0x44, 0x44, 0x2b, 0x1, 0x4, [{@multicast2, 0x1267}, {@empty, 0x6}, {@multicast2, 0x2}, {@empty, 0x9d1}, {@rand_addr=0x64010101, 0x7}, {@dev={0xac, 0x14, 0x14, 0xc}, 0x1}, {@remote, 0x3c4}, {@dev={0xac, 0x14, 0x14, 0x43}, 0x9}]}, @ra={0x94, 0x4, 0x1}]}}}}})
sendto$packet(0xffffffffffffffff, &(0x7f0000000140)="23f272feb3e5a300a21ee90e8d7cbd2deb54ee3665e1bb87904ba8f191bc9ab28feff3009ffe61f779977b989b8a6c9ff5503458faee806f38b91d9a2c2bdf0d14e1b9711d79569b8ef770019e09b46a238454658240ddff650b2f1d", 0x5c, 0x14004, &(0x7f00000004c0)={0x11, 0xf6, r5, 0x1, 0x2, 0x6, @broadcast}, 0x14)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r6, 0x6, 0xd, &(0x7f00000004c0)='dctcp\x00', 0x6)
bind$inet6(r6, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c)
r7 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
setsockopt$inet6_tcp_int(r6, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r6, &(0x7f0000000240)="3a00f6399ed615248f5e0b025aa9d00591c6472c7e307813c97ff12a61189e8c318b45b9921b2484835180a7a9850923f2c7f46503676358ce0391fc1a0b5c4d871090721ce0e28141de309e4b1151b7f0fd0de8eb28c5a87badb5008e31fd7cf7fbb0ec9e03d6df2ab2b322cd6e1aacd81693db0622dd42f8483cbdd96b7725c6c7", 0x82, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x398, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r6, 0x6, 0xd, &(0x7f0000000100)='cdg\x00', 0x4)
shutdown(r6, 0x1)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.stat\x00', 0x275a, 0x0)
preadv(r8, &(0x7f0000001f00)=[{&(0x7f0000000e80)=""/4096, 0x1000}], 0x1, 0x6, 0x100)
getpeername$inet6(r7, &(0x7f0000000500)={0xa, 0x0, 0x0, @private1}, &(0x7f0000000580)=0x1c)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000300)='itimer_state\x00', r9, 0x0, 0x9}, 0x18)
setitimer(0x2, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000d40)=ANY=[@ANYBLOB="000000004c90020052feffff03000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ebe0dd7defb321440000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00"/192])

443.382907ms ago: executing program 2 (id=1806):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d00000085000000230000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r4, &(0x7f00000002c0)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r5, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x4000800)
sendmsg$nl_route_sched(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000980)=@delchain={0x34, 0x64, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xfff3, 0xffff}, {0x0, 0x1b}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@delchain={0x24, 0x11, 0x1, 0x1f, 0x0, {0x0, 0x0, 0x0, r5}}, 0x24}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)

363.497567ms ago: executing program 3 (id=1807):
r0 = socket$inet6(0xa, 0x80002, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0x3e, &(0x7f0000000a40)={@broadcast, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x9, 0x1, 0x0, @private=0xa010102, @local}, @redirect={0x3, 0x0, 0x0, @broadcast=0x1000000, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x33, 0x0, @private, @empty}}}}}}, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x5}, 0x1c)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000001440)=ANY=[@ANYBLOB="0017"], 0xc0)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, 0x0, 0x0)

362.961257ms ago: executing program 0 (id=1808):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000001880)={'bond_slave_0\x00', <r1=>0x0}) (async)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0b00000005000000020000000400000005000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000000000000000000094b89e3120f2f4f1629aa5ba9fc1b447027f0108883b175a2d6d245644d97648b073a5cccb801351728c0376598072151e04746c56d91c589d64abc7f2e5608bec02049c607bcdfd180a7becbcbc0a779f3a1bfe6b0b3092b96b68c41b2bb087a0ffb391fc1e3440eb5e59901edc"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffe}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r3, 0x0, 0x8000000000000000}, 0x18) (async)
sendmsg$nl_route_sched(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x10, 0xd}}]}}, @TCA_RATE={0x6}]}, 0x4c}}, 0x0) (async)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x6}, 0x11320, 0xffffffff, 0x264, 0x5, 0x0, 0x1, 0xfffe, 0x0, 0x0, 0x0, 0x200000000005}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r4 = socket$netlink(0x10, 0x3, 0x0)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1) (async)
r5 = socket$nl_route(0x10, 0x3, 0x0) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'lo\x00', <r7=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYBLOB="2c00000014000100fffffffbffdbdf250a00a100", @ANYRES32=r7, @ANYBLOB="1400010000000000000000000000000000000001"], 0x2c}}, 0x24005040)
writev(r4, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)

313.600127ms ago: executing program 3 (id=1809):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000002c0)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000280012800b0001006d61637365630000180002800c0004000100000100c28000050003000f"], 0x48}}, 0x40000)

266.611648ms ago: executing program 3 (id=1810):
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180200000020702500000000002020207b1af8ff00000000bfa100000000000007010000dbffffffb702000000000000b703"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000fc0)='sched_switch\x00', r0}, 0x10)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x3, 0x801, 0x0, &(0x7f0000000040), 0x0)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = io_uring_setup(0x7d98, &(0x7f00000003c0)={0x0, 0xdf07, 0x2, 0x2})
r3 = socket$inet6(0xa, 0x6, 0x0)
listen(r3, 0x8957)
accept4(r3, 0x0, 0x0, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mlock2(&(0x7f0000ff8000/0x2000)=nil, 0x2000, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4040800)
r4 = fsopen(&(0x7f0000000140)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x0)
syz_clone3(&(0x7f0000000340)={0x200000000, 0x0, 0x0, 0x0, {0x3a}, 0x0, 0x0, 0x0, 0x0, 0x0, {r5}}, 0x58)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x4, &(0x7f0000000040)=@framed={{0xffffffb7, 0x5, 0x0, 0x0, 0x0, 0x79, 0x10, 0xa8}, [@ldst={0x5, 0x3, 0x0, 0xa}]}, &(0x7f00000002c0)='GPL\x00', 0x5, 0xfd90, &(0x7f0000000300)=""/188, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f3, 0x10, &(0x7f0000000080), 0xfffffffffffffc79, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2a)
munmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000)

245.963058ms ago: executing program 0 (id=1811):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup(r2)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$rtc(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r5, 0x89f1, &(0x7f0000000000)={'ip6gre0\x00', &(0x7f00000009c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x1, 0x2, 0x0, @rand_addr=' \x01\x00', @private1={0xfc, 0x1, '\x00', 0x1}, 0x8, 0x8000}})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r4}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r6}, 0x10)
readv(r3, &(0x7f00000004c0)=[{&(0x7f0000000180)=""/77, 0x4d}], 0x1)
ioctl$BTRFS_IOC_TREE_SEARCH(r3, 0x7005, 0x0)
socket$unix(0x1, 0x1, 0x0)
r7 = socket$nl_rdma(0x10, 0x3, 0x14)
syz_open_pts(0xffffffffffffffff, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r8}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r9}, 0x10)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="38000000031401002abd7000fedbdf250900020073017a3100000000080041007278650014003300"], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000380)='./file0\x00', 0x2800800, &(0x7f0000000240)={[{@inode_readahead_blks}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x100000}}, {@max_batch_time={'max_batch_time', 0x3d, 0x3ff}}, {@noinit_itable}, {@usrquota}, {@dioread_nolock}, {@noinit_itable}]}, 0x20, 0x4bc, &(0x7f0000000540)="$eJzs3U9vVF0ZAPDn3ra0lEJBWahRQUTREGbaARrCCjcaQ0iMxJULqO3QNJ3pNJ0p0sqifAcTSVzpR3Bh4sKElXt3unODCxNUoqEmLMbcO9M/lJnS96XMJJ3fL7m559wzzHPOTO45w9N2TgAD62JEbEbEiYh4GBGT7etJ+4g7rSN73JvXT+e2Xj+dS6LZvP+vJG/PrsWef5M51X7OsYj48Q8ifpa8H7e+vrE0W6mUV9v1YqO6Uqyvb1xbrM4ulBfKy6XSzPTM1K3rN0tHNtYL1d+9+v7i3Z/88Q9fe/nnze/+IuvWRLtt7ziOUmvoIztxMsMRcfdTBOuDofZ4TvS7I3wuaUR8ISIu5ff/ZAzl7yYAcJw1m5PRnNxb3zW8rw4AHA9pngNL0kI7FzARaVootHJ452M8rdTqjauPamvL861c2dkYSR8tVspT7Vzh2RhJsvp0Xt6tl/bVr0fEuYj45ejJvF6Yq1Xm+/nBBwAG2Kl96/9/R1vrPwBwzI31uwMAQM9Z/wFg8Fj/AWDwWP8BYPBY/wFg8Fj/AWDwWP8BYKD86N697Ghutb//ev7x+tpS7fG1+XJ9qVBdmyvM1VZXCgu12kL+nT3VDz1fpVZbmb4Ra0+KjXK9Uayvbzyo1taWGw/y7/V+UB7pyagAgIOcu/Dir0lEbN4+mR/R2svhTuS7VgDHWdrvDgB9M9TvDgB9Y7cvGFz+jw902KL3HV1/Rej50fcF6I0rX+6Y/8/5bADHm/w/DC75fxhc8v8wuJrNxB7/ADBg5PgBP/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAz24i4u1EJGmhvRf4RKRpoRBxOiLOxkjyaLFSnoqIMxHxl9GR0aw+3e9OAwAfKf1H0t7/68rk5Yn9rSeS/43m54j4+a/v/+rJbKOxOp1d//fO9cbz9vVSP/oPAHzI9jq9vY5ve/P66dz20cv+vPpea3PRLO5W+2i1DMdwfh6LkYgY/0/Srrdkn1eGjiD+5rOI+FKn8ScxkedAWjuf7o+fxT7d0/jpO/HTvK11zl6LLx5BX2DQvMjmnzud7r80Lubnzvf/WD5Dfbzt+W/rvfkv3Zn/hrrMfxcPG+PGn37Yte1ZxFeGO8VPduInXeJfPmT8v33165e6tTV/E3ElOsffG6vYqK4U6+sb1xarswvlhfJyqTQzPTN16/rNUjHPURe3M9Xv++ftq2cOGv94h/i7++J3H/+3Djn+3759+NNvHBD/O9/s/P6fPyB+1r9vHzL+7Pjvu27fncWf7/L6f+j9v3rI+C//vjF/yIcCAD1QX99Ymq1UyqsKeSHiVvQ26FC/h6yg0KHQ75kJ+NR2b/p+9wQAAAAAAAAAAAAAAOimF39O1O8xAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHz9PwAA///Mq9SX")
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r10}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='gtp\x00')

244.917778ms ago: executing program 2 (id=1812):
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000480)={{}, &(0x7f0000000400), 0x0}, 0x20)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000020000000000000", @ANYRES32, @ANYBLOB="000400"/18, @ANYRES32], 0x50)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB, @ANYRESHEX=r2])
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x8, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f00000004c0)='kfree\x00', r4}, 0x10)
socket$pppl2tp(0x18, 0x1, 0x1)
r5 = creat(&(0x7f0000000380)='./file0\x00', 0x80)
write$qrtrtun(r5, &(0x7f0000000780)="fb", 0x9500)

135.757169ms ago: executing program 2 (id=1813):
mkdir(0x0, 0x0)
getpriority(0x2, 0x0)
r0 = accept$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x1, 0x803, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r5=>0x0})
bind$can_j1939(r4, &(0x7f00000000c0)={0x1d, r5}, 0x18)
sendmmsg$inet(r4, &(0x7f0000002a80)=[{{&(0x7f0000002640)={0x2, 0x4e20, @remote}, 0x10, 0x0}}], 0x1, 0x4000004)
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='new default user:syz 00004093'], 0x2a, 0xfffffffffffffffc)
r7 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
add_key$user(&(0x7f0000000040), &(0x7f0000000000), &(0x7f00000002c0)='s', 0x1, 0xfffffffffffffffe)
keyctl$read(0xb, r7, &(0x7f0000000240)=""/112, 0x349b7f55)
r8 = socket$packet(0x11, 0x3, 0x300)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, 0x0, 0x4000000)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r8, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r10=>0x0})
setsockopt$inet6_IPV6_XFRM_POLICY(r6, 0x29, 0x23, &(0x7f00000003c0)={{{@in=@broadcast, @in=@multicast2, 0x4e20, 0x0, 0x800, 0x0, 0x2, 0x0, 0x0, 0x0, r10}, {0x7, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x2}, 0x0, 0x0, 0x1, 0x0, 0x3}, {{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x0, 0x6c}, 0x0, @in6=@local, 0x0, 0x0, 0x1, 0x0, 0x0, 0x200000}}, 0xe8)
connect$inet6(r6, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c)
r11 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)={0x34, r11, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_COALESCE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_COALESCE_RX_USECS_HIGH={0x8, 0x13, 0x2}]}, 0x34}}, 0x4000)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0xefff, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="58000000100003040000000000000000000000c8", @ANYRES32=0x0, @ANYBLOB="42420000000000002800128009000100766c616e00000000180002800c0002001f0000001f000000060001000100000008000500", @ANYRES32=r12, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r12], 0x58}, 0x1, 0x0, 0x0, 0x600}, 0x0)
sendto$packet(r0, &(0x7f0000000080)="063fcaca9327ed51e940d4b0bb75e128", 0x10, 0x4004, &(0x7f00000000c0)={0x11, 0xc, r12, 0x1, 0x7, 0x6, @local}, 0x14)

128.359439ms ago: executing program 2 (id=1814):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r0}, 0x18)
syz_clone(0x800200, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
ioprio_set$uid(0x3, 0x0, 0x0)

104.934359ms ago: executing program 0 (id=1815):
r0 = syz_clone(0x20a00000, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
ptrace$getregset(0x4204, r0, 0x202, &(0x7f0000000180)={0x0})

0s ago: executing program 0 (id=1816):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f00000002c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x4000800)
sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000980)=@delchain={0x34, 0x64, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xfff3, 0xffff}, {0x0, 0x1b}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@delchain={0x24, 0x11, 0x1, 0x1f, 0x0, {0x0, 0x0, 0x0, r4}}, 0x24}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)

kernel console output (not intermixed with test programs):

id=5959 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f0795a4d169 code=0x7ffc0000
[   74.859704][   T30] audit: type=1326 audit(2000000035.480:4468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5959 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0795a4d169 code=0x7ffc0000
[   74.882609][   T30] audit: type=1326 audit(2000000035.480:4469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5959 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0795a4d169 code=0x7ffc0000
[   74.886302][ T5966] netlink: 168 bytes leftover after parsing attributes in process `syz.2.887'.
[   74.905495][   T30] audit: type=1326 audit(2000000035.480:4470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5959 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7f0795a4d169 code=0x7ffc0000
[   74.905518][   T30] audit: type=1326 audit(2000000035.480:4471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5959 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0795a4d169 code=0x7ffc0000
[   75.001325][ T5973] netlink: 8 bytes leftover after parsing attributes in process `syz.0.890'.
[   75.103670][ T5973] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.114650][ T4000] kmmpd-loop4: attempt to access beyond end of device
[   75.114650][ T4000] loop4: rw=14337, sector=64, nr_sectors = 8 limit=64
[   75.128114][ T4000] Buffer I/O error on dev loop4, logical block 8, lost sync page write
[   75.165182][ T5973] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.307209][ T5973] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.345859][ T5973] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.378156][ T5988] lo speed is unknown, defaulting to 1000
[   75.401647][ T5973] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   75.419241][ T5973] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   75.452445][ T5973] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   75.466224][ T5993] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.477593][ T5988] lo speed is unknown, defaulting to 1000
[   75.485822][ T5973] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   75.502290][ T5995] netlink: 'syz.4.897': attribute type 10 has an invalid length.
[   75.510160][ T5995] netlink: 40 bytes leftover after parsing attributes in process `syz.4.897'.
[   75.546240][ T5993] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.585598][ T5993] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.635444][ T5993] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.697806][ T5993] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   75.725390][ T5993] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   75.748085][ T5993] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   75.779358][ T6003] netlink: 'syz.2.900': attribute type 10 has an invalid length.
[   75.790794][ T5993] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   75.893351][ T6005] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.914899][ T6007] vlan2: entered allmulticast mode
[   75.938743][ T6010] netlink: 'syz.2.901': attribute type 10 has an invalid length.
[   75.946721][ T6010] netlink: 40 bytes leftover after parsing attributes in process `syz.2.901'.
[   75.957046][ T6005] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.979095][ T6013] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   76.047173][ T6005] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.106041][ T6005] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.179484][ T6005] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   76.212043][ T6005] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   76.265679][ T6005] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   76.290506][ T6005] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   76.352692][ T6024] netlink: 'syz.2.907': attribute type 10 has an invalid length.
[   76.460013][ T6034] lo speed is unknown, defaulting to 1000
[   76.473900][ T6033] usb usb5: usbfs: process 6033 (+}[@) did not claim interface 0 before use
[   76.480968][ T6035] netlink: 28 bytes leftover after parsing attributes in process `syz.0.910'.
[   76.552054][ T6035] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   76.594865][ T6037] sch_tbf: peakrate 8 is lower than or equals to rate 12 !
[   76.655697][ T6034] lo speed is unknown, defaulting to 1000
[   77.261524][ T6054] netlink: 'syz.4.918': attribute type 10 has an invalid length.
[   77.269428][ T6054] netlink: 40 bytes leftover after parsing attributes in process `syz.4.918'.
[   77.307924][ T6057] loop9: detected capacity change from 0 to 7
[   77.333357][ T6057] Buffer I/O error on dev loop9, logical block 0, async page read
[   77.354241][ T6057] Buffer I/O error on dev loop9, logical block 0, async page read
[   77.367601][ T6057]  loop9: unable to read partition table
[   77.377222][ T6057] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[   77.377222][ T6057] 
U�������) failed (rc=-5)
[   77.504341][ T6067] usb usb5: usbfs: process 6067 (+}[@) did not claim interface 0 before use
[   77.634922][ T6079] FAULT_INJECTION: forcing a failure.
[   77.634922][ T6079] name failslab, interval 1, probability 0, space 0, times 0
[   77.647715][ T6079] CPU: 1 UID: 0 PID: 6079 Comm: syz.4.926 Not tainted 6.14.0-rc5-syzkaller-00214-g21e4543a2e2f #0
[   77.647736][ T6079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   77.647747][ T6079] Call Trace:
[   77.647752][ T6079]  <TASK>
[   77.647759][ T6079]  dump_stack_lvl+0xf2/0x150
[   77.647782][ T6079]  dump_stack+0x15/0x1a
[   77.647800][ T6079]  should_fail_ex+0x24a/0x260
[   77.647835][ T6079]  should_failslab+0x8f/0xb0
[   77.647858][ T6079]  kmem_cache_alloc_noprof+0x52/0x320
[   77.647875][ T6079]  ? alloc_empty_file+0xd0/0x200
[   77.647947][ T6079]  ? _raw_spin_unlock+0x26/0x50
[   77.648005][ T6079]  alloc_empty_file+0xd0/0x200
[   77.648024][ T6079]  alloc_file_pseudo+0xc9/0x160
[   77.648042][ T6079]  __shmem_file_setup+0x1bb/0x1f0
[   77.648068][ T6079]  shmem_file_setup+0x3b/0x50
[   77.648134][ T6079]  __se_sys_memfd_create+0x2e1/0x5a0
[   77.648171][ T6079]  __x64_sys_memfd_create+0x31/0x40
[   77.648194][ T6079]  x64_sys_call+0x2d4c/0x2dc0
[   77.648218][ T6079]  do_syscall_64+0xc9/0x1c0
[   77.648245][ T6079]  ? clear_bhb_loop+0x55/0xb0
[   77.648270][ T6079]  ? clear_bhb_loop+0x55/0xb0
[   77.648372][ T6079]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.648397][ T6079] RIP: 0033:0x7fb6261ed169
[   77.648411][ T6079] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   77.648427][ T6079] RSP: 002b:00007fb624850e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   77.648490][ T6079] RAX: ffffffffffffffda RBX: 000000000000050a RCX: 00007fb6261ed169
[   77.648502][ T6079] RDX: 00007fb624850ef0 RSI: 0000000000000000 RDI: 00007fb62626ec3c
[   77.648513][ T6079] RBP: 0000400000001600 R08: 00007fb624850bb7 R09: 00007fb624850e40
[   77.648524][ T6079] R10: 000000000000000a R11: 0000000000000202 R12: 0000400000000000
[   77.648535][ T6079] R13: 00007fb624850ef0 R14: 00007fb624850eb0 R15: 0000400000000280
[   77.648552][ T6079]  </TASK>
[   77.963308][ T6086] FAULT_INJECTION: forcing a failure.
[   77.963308][ T6086] name failslab, interval 1, probability 0, space 0, times 0
[   77.976015][ T6086] CPU: 1 UID: 0 PID: 6086 Comm: syz.3.929 Not tainted 6.14.0-rc5-syzkaller-00214-g21e4543a2e2f #0
[   77.976038][ T6086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   77.976071][ T6086] Call Trace:
[   77.976078][ T6086]  <TASK>
[   77.976085][ T6086]  dump_stack_lvl+0xf2/0x150
[   77.976139][ T6086]  dump_stack+0x15/0x1a
[   77.976160][ T6086]  should_fail_ex+0x24a/0x260
[   77.976188][ T6086]  should_failslab+0x8f/0xb0
[   77.976274][ T6086]  kmem_cache_alloc_noprof+0x52/0x320
[   77.976295][ T6086]  ? getname_flags+0x81/0x3b0
[   77.976367][ T6086]  getname_flags+0x81/0x3b0
[   77.976396][ T6086]  user_path_at+0x26/0x120
[   77.976485][ T6086]  __se_sys_mount+0x24b/0x2d0
[   77.976513][ T6086]  ? fput+0x1c4/0x200
[   77.976534][ T6086]  __x64_sys_mount+0x67/0x80
[   77.976561][ T6086]  x64_sys_call+0x2c84/0x2dc0
[   77.976583][ T6086]  do_syscall_64+0xc9/0x1c0
[   77.976665][ T6086]  ? clear_bhb_loop+0x55/0xb0
[   77.976738][ T6086]  ? clear_bhb_loop+0x55/0xb0
[   77.976821][ T6086]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.976841][ T6086] RIP: 0033:0x7f32816ad169
[   77.976856][ T6086] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   77.976931][ T6086] RSP: 002b:00007f327fd17038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   77.976946][ T6086] RAX: ffffffffffffffda RBX: 00007f32818c5fa0 RCX: 00007f32816ad169
[   77.976955][ T6086] RDX: 00004000000002c0 RSI: 0000400000000080 RDI: 0000000000000000
[   77.976965][ T6086] RBP: 00007f327fd17090 R08: 0000400000000400 R09: 0000000000000000
[   77.976974][ T6086] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   77.977033][ T6086] R13: 0000000000000000 R14: 00007f32818c5fa0 R15: 00007fff29c888f8
[   77.977050][ T6086]  </TASK>
[   78.192354][ T6090] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.274319][ T6093] netlink: 'syz.2.931': attribute type 10 has an invalid length.
[   78.282064][ T6093] netlink: 40 bytes leftover after parsing attributes in process `syz.2.931'.
[   78.345310][ T6090] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.395922][ T6090] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.446305][ T6090] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.454392][ T6101] netlink: 60 bytes leftover after parsing attributes in process `syz.4.934'.
[   78.710489][ T6107] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5838: Out of memory
[   78.719761][ T6107] EXT4-fs error (device loop4): ext4_ext_truncate:4457: inode #18: comm syz.4.935: mark_inode_dirty error
[   78.736572][ T6107] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5838: Out of memory
[   78.746832][ T6107] EXT4-fs error (device loop4): ext4_truncate:4240: inode #18: comm syz.4.935: mark_inode_dirty error
[   78.758733][ T6107] EXT4-fs error (device loop4) in ext4_setattr:5569: Out of memory
[   78.806949][ T6113] xt_CT: You must specify a L4 protocol and not use inversions on it
[   78.890290][ T6117] loop9: detected capacity change from 0 to 7
[   78.897333][ T6117] Buffer I/O error on dev loop9, logical block 0, async page read
[   78.905623][ T6117] Buffer I/O error on dev loop9, logical block 0, async page read
[   78.916880][ T6117]  loop9: unable to read partition table
[   78.923098][ T6117] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[   78.923098][ T6117] 
U�������) failed (rc=-5)
[   79.141084][ T6122] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.148256][ T6122] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.195129][ T6122] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   79.197353][ T6122] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   79.223370][ T6122] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[   79.231954][ T6122] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[   79.240490][ T6122] netdevsim netdevsim3 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[   79.249015][ T6122] netdevsim netdevsim3 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[   79.261248][ T6122] netdevsim netdevsim3 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[   79.269890][ T6122] netdevsim netdevsim3 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[   79.278357][ T6122] netdevsim netdevsim3 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[   79.286833][ T6122] netdevsim netdevsim3 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[   79.441908][ T6129] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[   79.450398][ T6129] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[   79.458673][ T6129] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[   79.467007][ T6129] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[   79.476396][ T6129] geneve2: entered promiscuous mode
[   79.481594][ T6129] geneve2: entered allmulticast mode
[   79.871634][   T30] kauditd_printk_skb: 451 callbacks suppressed
[   79.871646][   T30] audit: type=1326 audit(2000000040.570:4923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6139 comm="syz.4.952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6261ed169 code=0x7ffc0000
[   79.906125][   T30] audit: type=1400 audit(2000000040.580:4924): avc:  denied  { mounton } for  pid=6141 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[   79.927749][   T30] audit: type=1400 audit(2000000040.580:4925): avc:  denied  { module_request } for  pid=6141 comm="syz-executor" kmod="netdev-nr5" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[   79.949794][   T30] audit: type=1326 audit(2000000040.600:4926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6139 comm="syz.4.952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb6261ed169 code=0x7ffc0000
[   79.973101][   T30] audit: type=1326 audit(2000000040.600:4927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6139 comm="syz.4.952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6261ed169 code=0x7ffc0000
[   79.996485][   T30] audit: type=1326 audit(2000000040.600:4928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6139 comm="syz.4.952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6261ed169 code=0x7ffc0000
[   80.019774][   T30] audit: type=1326 audit(2000000040.600:4929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6139 comm="syz.4.952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb6261ed169 code=0x7ffc0000
[   80.043118][   T30] audit: type=1326 audit(2000000040.600:4930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6139 comm="syz.4.952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6261ed169 code=0x7ffc0000
[   80.066549][   T30] audit: type=1326 audit(2000000040.600:4931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6139 comm="syz.4.952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6261ed169 code=0x7ffc0000
[   80.089983][   T30] audit: type=1326 audit(2000000040.600:4932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6139 comm="syz.4.952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb6261ed169 code=0x7ffc0000
[   80.134072][ T6149] syzkaller0: entered promiscuous mode
[   80.139592][ T6149] syzkaller0: entered allmulticast mode
[   80.153996][ T4000] kmmpd-loop4: attempt to access beyond end of device
[   80.153996][ T4000] loop4: rw=14337, sector=64, nr_sectors = 8 limit=64
[   80.158471][ T6090] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   80.167412][ T4000] Buffer I/O error on dev loop4, logical block 8, lost sync page write
[   80.209493][ T6090] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   80.221855][   T12] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   80.236027][ T6090] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   80.249641][ T6090] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   80.276747][   T12] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   80.332394][   T12] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   80.359752][ T6141] lo speed is unknown, defaulting to 1000
[   80.366803][ T6164] netlink: 4 bytes leftover after parsing attributes in process `syz.3.955'.
[   80.406722][ T6171] netdevsim netdevsim2 eth0: set [1, 1] type 2 family 0 port 20000 - 0
[   80.415111][ T6171] netdevsim netdevsim2 eth1: set [1, 1] type 2 family 0 port 20000 - 0
[   80.423438][ T6171] netdevsim netdevsim2 eth2: set [1, 1] type 2 family 0 port 20000 - 0
[   80.431865][ T6171] netdevsim netdevsim2 eth3: set [1, 1] type 2 family 0 port 20000 - 0
[   80.454071][ T6171] geneve3: entered promiscuous mode
[   80.459332][ T6171] geneve3: entered allmulticast mode
[   80.469533][   T12] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   80.509807][ T6175] loop9: detected capacity change from 0 to 7
[   80.529746][ T6177] netlink: 'syz.3.961': attribute type 10 has an invalid length.
[   80.557730][ T6175] Buffer I/O error on dev loop9, logical block 0, async page read
[   80.576099][ T6141] lo speed is unknown, defaulting to 1000
[   80.606869][   T12] bridge_slave_1: left allmulticast mode
[   80.612542][   T12] bridge_slave_1: left promiscuous mode
[   80.618299][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[   80.634491][ T6175] Buffer I/O error on dev loop9, logical block 0, async page read
[   80.642839][ T6175]  loop9: unable to read partition table
[   80.652757][   T12] bridge_slave_0: left allmulticast mode
[   80.658478][   T12] bridge_slave_0: left promiscuous mode
[   80.664223][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[   80.672286][ T6175] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[   80.672286][ T6175] 
U�������) failed (rc=-5)
[   80.726205][   T12] team0: Port device geneve1 removed
[   80.785850][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   80.795683][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   80.809320][   T12] bond0 (unregistering): Released all slaves
[   80.878569][   T12] tipc: Left network mode
[   80.959979][ T6197] xt_CT: You must specify a L4 protocol and not use inversions on it
[   80.997633][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   81.005073][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[   81.016830][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   81.024262][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[   81.041088][   T12] veth1_macvtap: left promiscuous mode
[   81.047457][   T12] veth0_macvtap: left promiscuous mode
[   81.096487][   T12] team0 (unregistering): Port device team_slave_1 removed
[   81.108027][   T12] team0 (unregistering): Port device team_slave_0 removed
[   81.131508][ T6148] syz.0.951 (6148) used greatest stack depth: 6368 bytes left
[   81.148163][    T9] lo speed is unknown, defaulting to 1000
[   81.153978][    T9] infiniband �yz0: ib_query_port failed (-19)
[   81.161304][ T6141] chnl_net:caif_netlink_parms(): no params data found
[   81.172816][ T6207] netlink: 'syz.0.964': attribute type 10 has an invalid length.
[   81.180614][ T6207] netlink: 40 bytes leftover after parsing attributes in process `syz.0.964'.
[   81.208593][ T6141] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.215765][ T6141] bridge0: port 1(bridge_slave_0) entered disabled state
[   81.223165][ T6141] bridge_slave_0: entered allmulticast mode
[   81.229578][ T6141] bridge_slave_0: entered promiscuous mode
[   81.241229][ T6141] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.248487][ T6141] bridge0: port 2(bridge_slave_1) entered disabled state
[   81.255759][ T6141] bridge_slave_1: entered allmulticast mode
[   81.262079][ T6141] bridge_slave_1: entered promiscuous mode
[   81.284028][ T6141] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   81.305466][ T6141] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   81.335545][ T6227] x_tables: duplicate underflow at hook 3
[   81.352570][ T6141] team0: Port device team_slave_0 added
[   81.381970][ T6141] team0: Port device team_slave_1 added
[   81.424445][ T6141] batman_adv: batadv0: Adding interface: batadv_slave_0
[   81.431411][ T6141] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   81.457548][ T6141] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   81.479492][ T6141] batman_adv: batadv0: Adding interface: batadv_slave_1
[   81.486490][ T6141] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   81.512445][ T6141] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   81.527496][ T6242] geneve2: entered promiscuous mode
[   81.532702][ T6242] geneve2: entered allmulticast mode
[   81.534065][ T6240] netlink: 'syz.2.972': attribute type 10 has an invalid length.
[   81.540644][ T6246] FAULT_INJECTION: forcing a failure.
[   81.540644][ T6246] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   81.558835][ T6246] CPU: 1 UID: 0 PID: 6246 Comm: syz.0.974 Not tainted 6.14.0-rc5-syzkaller-00214-g21e4543a2e2f #0
[   81.558923][ T6246] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   81.558930][ T6246] Call Trace:
[   81.558933][ T6246]  <TASK>
[   81.558937][ T6246]  dump_stack_lvl+0xf2/0x150
[   81.558953][ T6246]  dump_stack+0x15/0x1a
[   81.558964][ T6246]  should_fail_ex+0x24a/0x260
[   81.558979][ T6246]  should_fail+0xb/0x10
[   81.559033][ T6246]  should_fail_usercopy+0x1a/0x20
[   81.559049][ T6246]  _copy_to_user+0x20/0xa0
[   81.559165][ T6246]  simple_read_from_buffer+0xa0/0x110
[   81.559180][ T6246]  proc_fail_nth_read+0xf9/0x140
[   81.559195][ T6246]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   81.559210][ T6246]  vfs_read+0x19b/0x6f0
[   81.559222][ T6246]  ? __rcu_read_unlock+0x4e/0x70
[   81.559237][ T6246]  ? __fget_files+0x17c/0x1c0
[   81.559253][ T6246]  ksys_read+0xe8/0x1b0
[   81.559266][ T6246]  __x64_sys_read+0x42/0x50
[   81.559406][ T6246]  x64_sys_call+0x2874/0x2dc0
[   81.559419][ T6246]  do_syscall_64+0xc9/0x1c0
[   81.559444][ T6246]  ? clear_bhb_loop+0x55/0xb0
[   81.559459][ T6246]  ? clear_bhb_loop+0x55/0xb0
[   81.559542][ T6246]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.559556][ T6246] RIP: 0033:0x7f5ffc44bb7c
[   81.559573][ T6246] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   81.559583][ T6246] RSP: 002b:00007f5ffaab1030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   81.559593][ T6246] RAX: ffffffffffffffda RBX: 00007f5ffc665fa0 RCX: 00007f5ffc44bb7c
[   81.559599][ T6246] RDX: 000000000000000f RSI: 00007f5ffaab10a0 RDI: 0000000000000004
[   81.559606][ T6246] RBP: 00007f5ffaab1090 R08: 0000000000000000 R09: 0000000000000000
[   81.559612][ T6246] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   81.559689][ T6246] R13: 0000000000000000 R14: 00007f5ffc665fa0 R15: 00007ffd4d24fd28
[   81.559698][ T6246]  </TASK>
[   81.785757][ T6141] hsr_slave_0: entered promiscuous mode
[   81.791820][ T6141] hsr_slave_1: entered promiscuous mode
[   81.835982][ T6262] rdma_rxe: rxe_newlink: failed to add lo
[   81.892315][ T6269] netlink: 'syz.4.979': attribute type 10 has an invalid length.
[   81.942320][ T6141] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   81.955027][ T6141] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   81.971486][ T6282] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[   81.986189][ T6141] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   81.996028][ T6141] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   82.023084][ T6289] netlink: 'syz.3.984': attribute type 10 has an invalid length.
[   82.030893][ T6289] netlink: 40 bytes leftover after parsing attributes in process `syz.3.984'.
[   82.056921][ T6292] netlink: 'syz.4.986': attribute type 10 has an invalid length.
[   82.058351][ T6282] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[   82.100017][ T6141] 8021q: adding VLAN 0 to HW filter on device bond0
[   82.133060][ T6282] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[   82.155814][ T6141] 8021q: adding VLAN 0 to HW filter on device team0
[   82.174762][   T29] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.181798][   T29] bridge0: port 1(bridge_slave_0) entered forwarding state
[   82.207864][ T6310] futex_wake_op: syz.0.989 tries to shift op by 144; fix this program
[   82.216603][ T6282] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[   82.240411][  T144] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.247631][  T144] bridge0: port 2(bridge_slave_1) entered forwarding state
[   82.260425][ T6321] FAULT_INJECTION: forcing a failure.
[   82.260425][ T6321] name failslab, interval 1, probability 0, space 0, times 0
[   82.273156][ T6321] CPU: 1 UID: 0 PID: 6321 Comm: syz.4.993 Not tainted 6.14.0-rc5-syzkaller-00214-g21e4543a2e2f #0
[   82.273179][ T6321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   82.273253][ T6321] Call Trace:
[   82.273260][ T6321]  <TASK>
[   82.273266][ T6321]  dump_stack_lvl+0xf2/0x150
[   82.273293][ T6321]  dump_stack+0x15/0x1a
[   82.273313][ T6321]  should_fail_ex+0x24a/0x260
[   82.273342][ T6321]  should_failslab+0x8f/0xb0
[   82.273374][ T6321]  kmem_cache_alloc_noprof+0x52/0x320
[   82.273395][ T6321]  ? __break_lease+0x7a/0xf60
[   82.273420][ T6321]  __break_lease+0x7a/0xf60
[   82.273443][ T6321]  ? selinux_inode_permission+0x341/0x410
[   82.273532][ T6321]  ? security_inode_permission+0x4e/0xc0
[   82.273556][ T6321]  break_lease+0x7b/0x90
[   82.273596][ T6321]  vfs_truncate+0x1ba/0x230
[   82.273655][ T6321]  do_sys_truncate+0x95/0x130
[   82.273687][ T6321]  __x64_sys_truncate+0x31/0x40
[   82.273764][ T6321]  x64_sys_call+0x26d0/0x2dc0
[   82.273857][ T6321]  do_syscall_64+0xc9/0x1c0
[   82.273881][ T6321]  ? clear_bhb_loop+0x55/0xb0
[   82.273903][ T6321]  ? clear_bhb_loop+0x55/0xb0
[   82.273923][ T6321]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.273975][ T6321] RIP: 0033:0x7fb6261ed169
[   82.273988][ T6321] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   82.274030][ T6321] RSP: 002b:00007fb624851038 EFLAGS: 00000246 ORIG_RAX: 000000000000004c
[   82.274047][ T6321] RAX: ffffffffffffffda RBX: 00007fb626405fa0 RCX: 00007fb6261ed169
[   82.274058][ T6321] RDX: 0000000000000000 RSI: 0000000000001104 RDI: 0000400000000000
[   82.274148][ T6321] RBP: 00007fb624851090 R08: 0000000000000000 R09: 0000000000000000
[   82.274158][ T6321] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   82.274173][ T6321] R13: 0000000000000000 R14: 00007fb626405fa0 R15: 00007ffc866d2e08
[   82.274186][ T6321]  </TASK>
[   82.478984][ T6282] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[   82.502538][ T6282] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[   82.528030][ T6141] 8021q: adding VLAN 0 to HW filter on device batadv0
[   82.549907][ T6282] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[   82.584811][ T6282] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[   82.675737][ T6382] x_tables: duplicate underflow at hook 3
[   82.702261][ T6141] veth0_vlan: entered promiscuous mode
[   82.711419][ T6141] veth1_vlan: entered promiscuous mode
[   82.727707][ T6141] veth0_macvtap: entered promiscuous mode
[   82.753323][ T6141] veth1_macvtap: entered promiscuous mode
[   82.773102][ T6141] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   82.783838][ T6141] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.793688][ T6141] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   82.804260][ T6141] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.814198][ T6141] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   82.824681][ T6141] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.840059][ T6141] batman_adv: batadv0: Interface activated: batadv_slave_0
[   82.851024][ T6141] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   82.861473][ T6141] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.871539][ T6141] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   82.882082][ T6141] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.891962][ T6141] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   82.902433][ T6141] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.914214][ T6141] batman_adv: batadv0: Interface activated: batadv_slave_1
[   82.923657][ T6141] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   82.932481][ T6141] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   82.935287][ T6410] netlink: 'syz.3.1003': attribute type 1 has an invalid length.
[   82.941312][ T6141] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   82.957624][ T6141] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   83.145920][ T6429] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1007'.
[   83.155358][ T6429] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1007'.
[   83.195966][ T6439] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.205971][ T6439] netdevsim netdevsim2 eth3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[   83.245356][ T6442] netlink: 'syz.2.1009': attribute type 10 has an invalid length.
[   83.253199][ T6442] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1009'.
[   83.271326][ T6439] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.281181][ T6439] netdevsim netdevsim2 eth2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[   83.336143][ T6439] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.340168][ T6446] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=46 sclass=netlink_xfrm_socket pid=6446 comm=syz.5.1011
[   83.345964][ T6439] netdevsim netdevsim2 eth1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[   83.426341][ T6439] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.436222][ T6439] netdevsim netdevsim2 eth0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[   83.459936][ T6463] rdma_rxe: rxe_newlink: failed to add lo
[   83.538714][ T6465] Invalid ELF header magic: != ELF
[   83.611128][ T6479] xt_CT: You must specify a L4 protocol and not use inversions on it
[   83.658204][ T6486] random: crng reseeded on system resumption
[   83.817118][ T6501] rdma_rxe: rxe_newlink: failed to add lo
[   83.862013][ T6506] FAULT_INJECTION: forcing a failure.
[   83.862013][ T6506] name failslab, interval 1, probability 0, space 0, times 0
[   83.874814][ T6506] CPU: 0 UID: 0 PID: 6506 Comm: syz.0.1033 Not tainted 6.14.0-rc5-syzkaller-00214-g21e4543a2e2f #0
[   83.874895][ T6506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   83.874906][ T6506] Call Trace:
[   83.874912][ T6506]  <TASK>
[   83.874918][ T6506]  dump_stack_lvl+0xf2/0x150
[   83.874965][ T6506]  dump_stack+0x15/0x1a
[   83.874981][ T6506]  should_fail_ex+0x24a/0x260
[   83.875010][ T6506]  should_failslab+0x8f/0xb0
[   83.875103][ T6506]  kmem_cache_alloc_noprof+0x52/0x320
[   83.875121][ T6506]  ? getname_kernel+0x3d/0x1f0
[   83.875137][ T6506]  getname_kernel+0x3d/0x1f0
[   83.875151][ T6506]  kern_path+0x21/0x120
[   83.875167][ T6506]  create_local_trace_uprobe+0x55/0x2d0
[   83.875192][ T6506]  perf_uprobe_init+0xc2/0x140
[   83.875274][ T6506]  perf_uprobe_event_init+0xe2/0x140
[   83.875345][ T6506]  perf_try_init_event+0xcb/0x4f0
[   83.875369][ T6506]  ? perf_event_alloc+0xac6/0x12d0
[   83.875386][ T6506]  perf_event_alloc+0xad1/0x12d0
[   83.875408][ T6506]  __se_sys_perf_event_open+0x7f2/0x2230
[   83.875431][ T6506]  ? vfs_write+0x644/0x920
[   83.875521][ T6506]  __x64_sys_perf_event_open+0x67/0x80
[   83.875538][ T6506]  x64_sys_call+0x1deb/0x2dc0
[   83.875636][ T6506]  do_syscall_64+0xc9/0x1c0
[   83.875662][ T6506]  ? clear_bhb_loop+0x55/0xb0
[   83.875687][ T6506]  ? clear_bhb_loop+0x55/0xb0
[   83.875703][ T6506]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.875773][ T6506] RIP: 0033:0x7f5ffc44d169
[   83.875781][ T6506] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   83.875791][ T6506] RSP: 002b:00007f5ffaab1038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[   83.875802][ T6506] RAX: ffffffffffffffda RBX: 00007f5ffc665fa0 RCX: 00007f5ffc44d169
[   83.875808][ T6506] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000400000000000
[   83.875815][ T6506] RBP: 00007f5ffaab1090 R08: 0000000000000003 R09: 0000000000000000
[   83.875821][ T6506] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[   83.875827][ T6506] R13: 0000000000000000 R14: 00007f5ffc665fa0 R15: 00007ffd4d24fd28
[   83.875891][ T6506]  </TASK>
[   84.096442][ T6439] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[   84.104824][ T6439] netdevsim netdevsim2 eth0: set [1, 1] type 2 family 0 port 6081 - 0
[   84.116154][ T6439] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[   84.124485][ T6439] netdevsim netdevsim2 eth1: set [1, 1] type 2 family 0 port 6081 - 0
[   84.136050][ T6439] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[   84.144448][ T6439] netdevsim netdevsim2 eth2: set [1, 1] type 2 family 0 port 6081 - 0
[   84.155810][ T6439] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[   84.164109][ T6439] netdevsim netdevsim2 eth3: set [1, 1] type 2 family 0 port 6081 - 0
[   84.303659][ T6521] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1039'.
[   84.496372][ T6526] usb usb1: usbfs: process 6526 (syz.5.1040) did not claim interface 0 before use
[   84.534923][ T6531] netlink: 'syz.3.1042': attribute type 10 has an invalid length.
[   84.542766][ T6531] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1042'.
[   84.592982][ T6538] rdma_rxe: rxe_newlink: failed to add lo
[   84.706308][ T6557] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   84.805032][ T6565] netlink: 'syz.5.1056': attribute type 10 has an invalid length.
[   84.812890][ T6565] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1056'.
[   84.825921][ T6565] team0: Port device geneve1 added
[   84.969859][   T30] kauditd_printk_skb: 349 callbacks suppressed
[   84.969874][   T30] audit: type=1400 audit(2000000045.670:5282): avc:  denied  { setopt } for  pid=6579 comm="syz.5.1063" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   85.087159][ T6596] netdevsim netdevsim5 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[   85.096077][ T6596] netdevsim netdevsim5 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[   85.105023][ T6596] netdevsim netdevsim5 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[   85.113915][ T6596] netdevsim netdevsim5 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[   85.123079][ T6596] geneve2: entered promiscuous mode
[   85.128570][ T6596] geneve2: entered allmulticast mode
[   85.194039][ T4000] kmmpd-loop4: attempt to access beyond end of device
[   85.194039][ T4000] loop4: rw=14337, sector=64, nr_sectors = 8 limit=64
[   85.207553][ T4000] Buffer I/O error on dev loop4, logical block 8, lost sync page write
[   85.242178][   T30] audit: type=1400 audit(2000000045.940:5283): avc:  denied  { write } for  pid=6609 comm="syz.5.1073" path="socket:[18029]" dev="sockfs" ino=18029 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   85.266029][   T30] audit: type=1400 audit(2000000045.940:5284): avc:  denied  { write } for  pid=6609 comm="syz.5.1073" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   85.334132][   T30] audit: type=1326 audit(2000000046.040:5285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6613 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1809ead169 code=0x7ffc0000
[   85.357893][   T30] audit: type=1326 audit(2000000046.060:5286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6613 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=162 compat=0 ip=0x7f1809ead169 code=0x7ffc0000
[   85.410154][ T6615] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   85.451915][   T30] audit: type=1326 audit(2000000046.150:5287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6613 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1809ead169 code=0x7ffc0000
[   85.474881][   T30] audit: type=1326 audit(2000000046.150:5288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6613 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1809ead169 code=0x7ffc0000
[   85.542457][ T6614] netlink: 964 bytes leftover after parsing attributes in process `+}[@'.
[   85.558481][ T6621] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1078'.
[   85.559113][   T30] audit: type=1326 audit(2000000046.210:5289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6613 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f1809ead169 code=0x7ffc0000
[   85.590408][   T30] audit: type=1326 audit(2000000046.210:5290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6613 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f1809ead1a3 code=0x7ffc0000
[   85.604209][ T6621] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1078'.
[   85.613309][   T30] audit: type=1326 audit(2000000046.210:5291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6613 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f1809eabc1f code=0x7ffc0000
[   85.688445][ T6626] netlink: 'syz.5.1080': attribute type 4 has an invalid length.
[   85.703217][ T6626] netlink: 'syz.5.1080': attribute type 4 has an invalid length.
[   85.843274][ T6637] netlink: 'syz.5.1085': attribute type 4 has an invalid length.
[   85.854344][ T6637] FAULT_INJECTION: forcing a failure.
[   85.854344][ T6637] name failslab, interval 1, probability 0, space 0, times 0
[   85.866995][ T6637] CPU: 1 UID: 0 PID: 6637 Comm: syz.5.1085 Not tainted 6.14.0-rc5-syzkaller-00214-g21e4543a2e2f #0
[   85.867017][ T6637] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   85.867027][ T6637] Call Trace:
[   85.867043][ T6637]  <TASK>
[   85.867050][ T6637]  dump_stack_lvl+0xf2/0x150
[   85.867075][ T6637]  dump_stack+0x15/0x1a
[   85.867094][ T6637]  should_fail_ex+0x24a/0x260
[   85.867122][ T6637]  should_failslab+0x8f/0xb0
[   85.867150][ T6637]  kmem_cache_alloc_node_noprof+0x59/0x320
[   85.867237][ T6637]  ? __alloc_skb+0x10b/0x310
[   85.867257][ T6637]  __alloc_skb+0x10b/0x310
[   85.867277][ T6637]  netlink_alloc_large_skb+0xad/0xe0
[   85.867304][ T6637]  netlink_sendmsg+0x3b4/0x6e0
[   85.867377][ T6637]  ? __pfx_netlink_sendmsg+0x10/0x10
[   85.867406][ T6637]  __sock_sendmsg+0x140/0x180
[   85.867443][ T6637]  sock_write_iter+0x15e/0x1a0
[   85.867473][ T6637]  do_iter_readv_writev+0x403/0x4b0
[   85.867549][ T6637]  vfs_writev+0x2d9/0x880
[   85.867566][ T6637]  ? htab_map_delete_elem+0x28d/0x400
[   85.867658][ T6637]  do_writev+0xf4/0x220
[   85.867674][ T6637]  __x64_sys_writev+0x45/0x50
[   85.867697][ T6637]  x64_sys_call+0x1fab/0x2dc0
[   85.867779][ T6637]  do_syscall_64+0xc9/0x1c0
[   85.867886][ T6637]  ? clear_bhb_loop+0x55/0xb0
[   85.867909][ T6637]  ? clear_bhb_loop+0x55/0xb0
[   85.868004][ T6637]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.868028][ T6637] RIP: 0033:0x7f1809ead169
[   85.868118][ T6637] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   85.868209][ T6637] RSP: 002b:00007f1808517038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[   85.868272][ T6637] RAX: ffffffffffffffda RBX: 00007f180a0c5fa0 RCX: 00007f1809ead169
[   85.868284][ T6637] RDX: 0000000000000001 RSI: 0000400000000300 RDI: 0000000000000006
[   85.868296][ T6637] RBP: 00007f1808517090 R08: 0000000000000000 R09: 0000000000000000
[   85.868306][ T6637] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   85.868318][ T6637] R13: 0000000000000000 R14: 00007f180a0c5fa0 R15: 00007ffdf3a278c8
[   85.868335][ T6637]  </TASK>
[   86.128281][ T6641] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.157369][ T6644] FAULT_INJECTION: forcing a failure.
[   86.157369][ T6644] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   86.170514][ T6644] CPU: 0 UID: 0 PID: 6644 Comm: syz.5.1087 Not tainted 6.14.0-rc5-syzkaller-00214-g21e4543a2e2f #0
[   86.170536][ T6644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   86.170602][ T6644] Call Trace:
[   86.170606][ T6644]  <TASK>
[   86.170613][ T6644]  dump_stack_lvl+0xf2/0x150
[   86.170639][ T6644]  dump_stack+0x15/0x1a
[   86.170657][ T6644]  should_fail_ex+0x24a/0x260
[   86.170684][ T6644]  should_fail+0xb/0x10
[   86.170769][ T6644]  should_fail_usercopy+0x1a/0x20
[   86.170797][ T6644]  _copy_to_user+0x20/0xa0
[   86.170815][ T6644]  simple_read_from_buffer+0xa0/0x110
[   86.170840][ T6644]  proc_fail_nth_read+0xf9/0x140
[   86.170936][ T6644]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   86.171019][ T6644]  vfs_read+0x19b/0x6f0
[   86.171175][ T6644]  ? __rcu_read_unlock+0x4e/0x70
[   86.171197][ T6644]  ? __fget_files+0x17c/0x1c0
[   86.171295][ T6644]  ksys_read+0xe8/0x1b0
[   86.171397][ T6644]  __x64_sys_read+0x42/0x50
[   86.171420][ T6644]  x64_sys_call+0x2874/0x2dc0
[   86.171463][ T6644]  do_syscall_64+0xc9/0x1c0
[   86.171491][ T6644]  ? clear_bhb_loop+0x55/0xb0
[   86.171542][ T6644]  ? clear_bhb_loop+0x55/0xb0
[   86.171567][ T6644]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.171591][ T6644] RIP: 0033:0x7f1809eabb7c
[   86.171636][ T6644] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   86.171653][ T6644] RSP: 002b:00007f1808517030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   86.171671][ T6644] RAX: ffffffffffffffda RBX: 00007f180a0c5fa0 RCX: 00007f1809eabb7c
[   86.171682][ T6644] RDX: 000000000000000f RSI: 00007f18085170a0 RDI: 0000000000000007
[   86.171694][ T6644] RBP: 00007f1808517090 R08: 0000000000000000 R09: 0000000000000000
[   86.171705][ T6644] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   86.171738][ T6644] R13: 0000000000000000 R14: 00007f180a0c5fa0 R15: 00007ffdf3a278c8
[   86.171755][ T6644]  </TASK>
[   86.177295][ T6645] netlink: 'syz.0.1086': attribute type 10 has an invalid length.
[   86.374893][ T6645] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1086'.
[   86.416792][ T6641] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.486990][ T6641] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.488595][ T6654] netlink: 'syz.5.1090': attribute type 10 has an invalid length.
[   86.504998][ T6654] hsr_slave_0: left promiscuous mode
[   86.510958][ T6654] hsr_slave_1: left promiscuous mode
[   86.574090][ T6641] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.611677][ T6656] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1091'.
[   86.621091][ T6656] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1091'.
[   86.682008][ T6641] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   86.709028][ T6641] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   86.731086][ T6641] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   86.787914][ T6641] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   86.863391][ T6663] FAULT_INJECTION: forcing a failure.
[   86.863391][ T6663] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   86.876772][ T6663] CPU: 1 UID: 0 PID: 6663 Comm: syz.3.1095 Not tainted 6.14.0-rc5-syzkaller-00214-g21e4543a2e2f #0
[   86.876831][ T6663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   86.876842][ T6663] Call Trace:
[   86.876847][ T6663]  <TASK>
[   86.876854][ T6663]  dump_stack_lvl+0xf2/0x150
[   86.876954][ T6663]  dump_stack+0x15/0x1a
[   86.876973][ T6663]  should_fail_ex+0x24a/0x260
[   86.877000][ T6663]  should_fail+0xb/0x10
[   86.877021][ T6663]  should_fail_usercopy+0x1a/0x20
[   86.877081][ T6663]  _copy_from_user+0x1c/0xa0
[   86.877099][ T6663]  copy_msghdr_from_user+0x54/0x2a0
[   86.877181][ T6663]  ? __fget_files+0x17c/0x1c0
[   86.877213][ T6663]  __sys_sendmmsg+0x1e8/0x4b0
[   86.877257][ T6663]  __x64_sys_sendmmsg+0x57/0x70
[   86.877325][ T6663]  x64_sys_call+0x29aa/0x2dc0
[   86.877349][ T6663]  do_syscall_64+0xc9/0x1c0
[   86.877397][ T6663]  ? clear_bhb_loop+0x55/0xb0
[   86.877422][ T6663]  ? clear_bhb_loop+0x55/0xb0
[   86.877445][ T6663]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.877469][ T6663] RIP: 0033:0x7f32816ad169
[   86.877484][ T6663] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.877556][ T6663] RSP: 002b:00007f327fd17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   86.877574][ T6663] RAX: ffffffffffffffda RBX: 00007f32818c5fa0 RCX: 00007f32816ad169
[   86.877584][ T6663] RDX: 04000000000001f2 RSI: 0000400000000000 RDI: 0000000000000003
[   86.877595][ T6663] RBP: 00007f327fd17090 R08: 0000000000000000 R09: 0000000000000000
[   86.877607][ T6663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   86.877646][ T6663] R13: 0000000000000000 R14: 00007f32818c5fa0 R15: 00007fff29c888f8
[   86.877662][ T6663]  </TASK>
[   87.083647][ T6665] xt_CT: You must specify a L4 protocol and not use inversions on it
[   87.200242][ T6671] netlink: 'syz.0.1096': attribute type 10 has an invalid length.
[   87.360411][ T6683] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1102'.
[   87.370101][ T6683] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1102'.
[   87.439534][ T6687] netdevsim netdevsim4 eth0: set [1, 1] type 2 family 0 port 20000 - 0
[   87.447848][ T6687] netdevsim netdevsim4 eth1: set [1, 1] type 2 family 0 port 20000 - 0
[   87.456127][ T6687] netdevsim netdevsim4 eth2: set [1, 1] type 2 family 0 port 20000 - 0
[   87.464393][ T6687] netdevsim netdevsim4 eth3: set [1, 1] type 2 family 0 port 20000 - 0
[   87.474656][ T6687] geneve2: entered promiscuous mode
[   87.479874][ T6687] geneve2: entered allmulticast mode
[   87.555976][ T6695] xt_CT: You must specify a L4 protocol and not use inversions on it
[   87.607683][ T6697] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   87.624670][ T6697] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   87.632143][ T6697] batman_adv: batadv0: Removing interface: batadv_slave_0
[   87.648682][ T6697] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   87.656141][ T6697] batman_adv: batadv0: Removing interface: batadv_slave_1
[   87.709000][ T6701] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5838: Out of memory
[   87.721050][ T6701] EXT4-fs error (device loop4): ext4_ext_truncate:4457: inode #18: comm syz.4.1110: mark_inode_dirty error
[   87.735160][ T6701] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5838: Out of memory
[   87.744502][ T6701] EXT4-fs error (device loop4): ext4_truncate:4240: inode #18: comm syz.4.1110: mark_inode_dirty error
[   87.756632][ T6701] EXT4-fs error (device loop4) in ext4_setattr:5569: Out of memory
[   87.875505][ T6707] FAULT_INJECTION: forcing a failure.
[   87.875505][ T6707] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   87.888672][ T6707] CPU: 1 UID: 0 PID: 6707 Comm: syz.4.1113 Not tainted 6.14.0-rc5-syzkaller-00214-g21e4543a2e2f #0
[   87.888696][ T6707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   87.888775][ T6707] Call Trace:
[   87.888780][ T6707]  <TASK>
[   87.888787][ T6707]  dump_stack_lvl+0xf2/0x150
[   87.888813][ T6707]  dump_stack+0x15/0x1a
[   87.888833][ T6707]  should_fail_ex+0x24a/0x260
[   87.888870][ T6707]  should_fail+0xb/0x10
[   87.888892][ T6707]  should_fail_usercopy+0x1a/0x20
[   87.888916][ T6707]  _copy_from_user+0x1c/0xa0
[   87.888932][ T6707]  __sys_bpf+0x14e/0x7a0
[   87.889027][ T6707]  __x64_sys_bpf+0x43/0x50
[   87.889050][ T6707]  x64_sys_call+0x2914/0x2dc0
[   87.889080][ T6707]  do_syscall_64+0xc9/0x1c0
[   87.889167][ T6707]  ? clear_bhb_loop+0x55/0xb0
[   87.889198][ T6707]  ? clear_bhb_loop+0x55/0xb0
[   87.889280][ T6707]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.889305][ T6707] RIP: 0033:0x7fb6261ed169
[   87.889319][ T6707] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   87.889398][ T6707] RSP: 002b:00007fb624851038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   87.889417][ T6707] RAX: ffffffffffffffda RBX: 00007fb626405fa0 RCX: 00007fb6261ed169
[   87.889428][ T6707] RDX: 0000000000000050 RSI: 0000400000000840 RDI: 0000000000000000
[   87.889439][ T6707] RBP: 00007fb624851090 R08: 0000000000000000 R09: 0000000000000000
[   87.889451][ T6707] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   87.889462][ T6707] R13: 0000000000000000 R14: 00007fb626405fa0 R15: 00007ffc866d2e08
[   87.889480][ T6707]  </TASK>
[   88.096825][ T6711] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1114'.
[   88.237354][ T6717] netlink: 'syz.3.1116': attribute type 10 has an invalid length.
[   88.283020][ T6719] netlink: 'syz.4.1117': attribute type 10 has an invalid length.
[   88.338126][ T6725] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[   88.361956][ T6725] gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue
[   88.377623][ T6725] gretap1: entered promiscuous mode
[   88.382838][ T6725] gretap1: entered allmulticast mode
[   88.392270][ T6730] netlink: 'syz.0.1123': attribute type 10 has an invalid length.
[   88.438148][ T6732] FAULT_INJECTION: forcing a failure.
[   88.438148][ T6732] name failslab, interval 1, probability 0, space 0, times 0
[   88.451237][ T6732] CPU: 1 UID: 0 PID: 6732 Comm: syz.4.1122 Not tainted 6.14.0-rc5-syzkaller-00214-g21e4543a2e2f #0
[   88.451260][ T6732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   88.451273][ T6732] Call Trace:
[   88.451278][ T6732]  <TASK>
[   88.451285][ T6732]  dump_stack_lvl+0xf2/0x150
[   88.451317][ T6732]  dump_stack+0x15/0x1a
[   88.451337][ T6732]  should_fail_ex+0x24a/0x260
[   88.451365][ T6732]  should_failslab+0x8f/0xb0
[   88.451393][ T6732]  kmem_cache_alloc_noprof+0x52/0x320
[   88.451506][ T6732]  ? getname_flags+0x81/0x3b0
[   88.451534][ T6732]  getname_flags+0x81/0x3b0
[   88.451564][ T6732]  __x64_sys_rename+0x33/0x70
[   88.451593][ T6732]  x64_sys_call+0x2b1c/0x2dc0
[   88.451625][ T6732]  do_syscall_64+0xc9/0x1c0
[   88.451700][ T6732]  ? clear_bhb_loop+0x55/0xb0
[   88.451725][ T6732]  ? clear_bhb_loop+0x55/0xb0
[   88.451750][ T6732]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.451775][ T6732] RIP: 0033:0x7fb6261ed169
[   88.451787][ T6732] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   88.451802][ T6732] RSP: 002b:00007fb624851038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[   88.451818][ T6732] RAX: ffffffffffffffda RBX: 00007fb626405fa0 RCX: 00007fb6261ed169
[   88.451831][ T6732] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000400000000f80
[   88.451842][ T6732] RBP: 00007fb624851090 R08: 0000000000000000 R09: 0000000000000000
[   88.451895][ T6732] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   88.451906][ T6732] R13: 0000000000000000 R14: 00007fb626405fa0 R15: 00007ffc866d2e08
[   88.451923][ T6732]  </TASK>
[   88.728818][ T6749] netlink: 'syz.4.1130': attribute type 10 has an invalid length.
[   88.766487][ T6741] rdma_rxe: rxe_newlink: failed to add lo
[   89.122338][ T6781] x_tables: duplicate underflow at hook 3
[   89.180815][ T6778] s
z1: rxe_newlink: already configured on lo
[   89.211096][ T6789] pim6reg: entered allmulticast mode
[   89.302496][ T6804] SELinux:  Context system_u:object_r:net_conf_t:s0 is not valid (left unmapped).
[   89.328712][ T6809] cgroup: Unknown subsys name 'cpuset'
[   89.428874][ T6818] x_tables: duplicate underflow at hook 3
[   89.467861][ T6815] rdma_rxe: rxe_newlink: failed to add lo
[   89.877386][ T6853] lo speed is unknown, defaulting to 1000
[   90.007525][ T6856] syz_tun: refused to change device tx_queue_len
[   90.013943][ T6856] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[   90.170461][   T30] kauditd_printk_skb: 265 callbacks suppressed
[   90.170475][   T30] audit: type=1400 audit(2000000050.870:5557): avc:  denied  { write } for  pid=6855 comm="syz.5.1170" dev="sockfs" ino=19655 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   90.234616][ T4000] kmmpd-loop4: attempt to access beyond end of device
[   90.234616][ T4000] loop4: rw=14337, sector=64, nr_sectors = 8 limit=64
[   90.248336][ T4000] Buffer I/O error on dev loop4, logical block 8, lost sync page write
[   90.688750][ T6861] rdma_rxe: rxe_newlink: failed to add lo
[   90.786189][ T6865] validate_nla: 5 callbacks suppressed
[   90.786203][ T6865] netlink: 'syz.3.1173': attribute type 4 has an invalid length.
[   90.840777][ T6868] netlink: 'syz.5.1174': attribute type 10 has an invalid length.
[   91.077704][ T6883] __nla_validate_parse: 11 callbacks suppressed
[   91.077763][ T6883] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1181'.
[   91.096934][ T6883] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1181'.
[   91.243954][ T6887] rdma_rxe: rxe_newlink: failed to add lo
[   91.312583][ T6892] netlink: 'syz.4.1184': attribute type 10 has an invalid length.
[   91.320440][ T6892] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1184'.
[   91.417474][ T6896] lo speed is unknown, defaulting to 1000
[   91.995386][ T6917] rdma_rxe: rxe_newlink: failed to add lo
[   92.052311][   T30] audit: type=1400 audit(2000000052.740:5558): avc:  denied  { map } for  pid=6918 comm="syz.5.1195" path="/dev/usbmon0" dev="devtmpfs" ino=141 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   92.150335][ T6926] xt_CT: You must specify a L4 protocol and not use inversions on it
[   92.159562][   T30] audit: type=1326 audit(2000000052.830:5559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6924 comm="syz.5.1198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1809ead169 code=0x7ffc0000
[   92.183252][   T30] audit: type=1326 audit(2000000052.830:5560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6924 comm="syz.5.1198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1809ead169 code=0x7ffc0000
[   92.206822][   T30] audit: type=1326 audit(2000000052.840:5561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6924 comm="syz.5.1198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1809ead169 code=0x7ffc0000
[   92.230482][   T30] audit: type=1326 audit(2000000052.840:5562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6924 comm="syz.5.1198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1809ead169 code=0x7ffc0000
[   92.254167][   T30] audit: type=1326 audit(2000000052.840:5563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6924 comm="syz.5.1198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1809ead169 code=0x7ffc0000
[   92.277724][   T30] audit: type=1326 audit(2000000052.840:5564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6924 comm="syz.5.1198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1809ead169 code=0x7ffc0000
[   92.301217][   T30] audit: type=1326 audit(2000000052.840:5565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6924 comm="syz.5.1198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1809ead169 code=0x7ffc0000
[   92.324782][   T30] audit: type=1326 audit(2000000052.840:5566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6924 comm="syz.5.1198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f1809ead169 code=0x7ffc0000
[   92.501654][ T6945] rdma_rxe: rxe_newlink: failed to add lo
[   92.802056][ T6966] rdma_rxe: rxe_newlink: failed to add lo
[   93.229983][ T6994] netlink: 'syz.5.1220': attribute type 10 has an invalid length.
[   93.265383][ T6988] xt_CT: You must specify a L4 protocol and not use inversions on it
[   93.532606][ T7019] rdma_rxe: rxe_newlink: failed to add lo
[   93.560064][ T7026] FAULT_INJECTION: forcing a failure.
[   93.560064][ T7026] name failslab, interval 1, probability 0, space 0, times 0
[   93.572806][ T7026] CPU: 0 UID: 0 PID: 7026 Comm: syz.5.1225 Not tainted 6.14.0-rc5-syzkaller-00214-g21e4543a2e2f #0
[   93.572855][ T7026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   93.572866][ T7026] Call Trace:
[   93.572873][ T7026]  <TASK>
[   93.572880][ T7026]  dump_stack_lvl+0xf2/0x150
[   93.572926][ T7026]  dump_stack+0x15/0x1a
[   93.572945][ T7026]  should_fail_ex+0x24a/0x260
[   93.573022][ T7026]  should_failslab+0x8f/0xb0
[   93.573049][ T7026]  __kmalloc_node_track_caller_noprof+0xa8/0x410
[   93.573153][ T7026]  ? avc_has_perm+0xd4/0x160
[   93.573200][ T7026]  ? rds_rm_size+0x2bd/0x480
[   93.573218][ T7026]  krealloc_noprof+0xb6/0x2c0
[   93.573239][ T7026]  rds_rm_size+0x2bd/0x480
[   93.573260][ T7026]  rds_sendmsg+0x815/0x1400
[   93.573328][ T7026]  ? __pfx_rds_sendmsg+0x10/0x10
[   93.573346][ T7026]  __sock_sendmsg+0x140/0x180
[   93.573375][ T7026]  ____sys_sendmsg+0x326/0x4b0
[   93.573475][ T7026]  __sys_sendmsg+0x19d/0x230
[   93.573509][ T7026]  __x64_sys_sendmsg+0x46/0x50
[   93.573529][ T7026]  x64_sys_call+0x2734/0x2dc0
[   93.573549][ T7026]  do_syscall_64+0xc9/0x1c0
[   93.573591][ T7026]  ? clear_bhb_loop+0x55/0xb0
[   93.573617][ T7026]  ? clear_bhb_loop+0x55/0xb0
[   93.573639][ T7026]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.573716][ T7026] RIP: 0033:0x7f1809ead169
[   93.573731][ T7026] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.573755][ T7026] RSP: 002b:00007f1808517038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   93.573773][ T7026] RAX: ffffffffffffffda RBX: 00007f180a0c5fa0 RCX: 00007f1809ead169
[   93.573783][ T7026] RDX: 0000000000000000 RSI: 0000400000000080 RDI: 0000000000000003
[   93.573793][ T7026] RBP: 00007f1808517090 R08: 0000000000000000 R09: 0000000000000000
[   93.573805][ T7026] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   93.573816][ T7026] R13: 0000000000000000 R14: 00007f180a0c5fa0 R15: 00007ffdf3a278c8
[   93.573832][ T7026]  </TASK>
[   94.081862][ T7050] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.087485][ T7053] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1228'.
[   94.092185][ T7050] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[   94.211613][ T7050] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.222002][ T7050] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[   94.318299][ T7050] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.328664][ T7050] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[   94.412320][ T7050] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.422958][ T7050] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[   94.531765][ T7050] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[   94.540090][ T7050] netdevsim netdevsim5 eth0: set [1, 1] type 2 family 0 port 6081 - 0
[   94.552954][ T7050] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[   94.561422][ T7050] netdevsim netdevsim5 eth1: set [1, 1] type 2 family 0 port 6081 - 0
[   94.575786][ T7050] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[   94.584114][ T7050] netdevsim netdevsim5 eth2: set [1, 1] type 2 family 0 port 6081 - 0
[   94.610722][ T7050] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[   94.619046][ T7050] netdevsim netdevsim5 eth3: set [1, 1] type 2 family 0 port 6081 - 0
[   94.814784][ T7096] netlink: 'syz.5.1231': attribute type 10 has an invalid length.
[   94.911354][ T7113] IPv6: Can't replace route, no match found
[   95.104547][ T6996] syz.2.1218 (6996) used greatest stack depth: 6304 bytes left
[   95.225899][   T30] kauditd_printk_skb: 32 callbacks suppressed
[   95.225913][   T30] audit: type=1400 audit(2000000055.930:5599): avc:  denied  { write } for  pid=7130 comm="syz.2.1235" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   95.263907][ T4000] kmmpd-loop4: attempt to access beyond end of device
[   95.263907][ T4000] loop4: rw=14337, sector=64, nr_sectors = 8 limit=64
[   95.277457][ T4000] Buffer I/O error on dev loop4, logical block 8, lost sync page write
[   95.277471][   T30] audit: type=1326 audit(2000000055.960:5600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7130 comm="syz.2.1235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0795a4d169 code=0x7ffc0000
[   95.309165][   T30] audit: type=1326 audit(2000000055.960:5601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7130 comm="syz.2.1235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0795a4d169 code=0x7ffc0000
[   95.332638][   T30] audit: type=1326 audit(2000000055.960:5602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7130 comm="syz.2.1235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0795a4d169 code=0x7ffc0000
[   95.356035][   T30] audit: type=1326 audit(2000000055.960:5603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7130 comm="syz.2.1235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=217 compat=0 ip=0x7f0795a4d169 code=0x7ffc0000
[   95.379454][   T30] audit: type=1326 audit(2000000055.960:5604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7130 comm="syz.2.1235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0795a4d169 code=0x7ffc0000
[   95.402836][   T30] audit: type=1326 audit(2000000055.960:5605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7130 comm="syz.2.1235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f0795a4d169 code=0x7ffc0000
[   95.426412][   T30] audit: type=1326 audit(2000000055.960:5606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7130 comm="syz.2.1235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0795a4d169 code=0x7ffc0000
[   95.449849][   T30] audit: type=1326 audit(2000000055.960:5607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7130 comm="syz.2.1235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=43 compat=0 ip=0x7f0795a4d169 code=0x7ffc0000
[   95.473147][   T30] audit: type=1326 audit(2000000055.960:5608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7130 comm="syz.2.1235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0795a4d169 code=0x7ffc0000
[   95.511989][ T7131] team0 (unregistering): Port device team_slave_0 removed
[   95.524434][ T7132] rdma_rxe: rxe_newlink: failed to add lo
[   95.537166][ T7131] team0 (unregistering): Port device team_slave_1 removed
[   95.547914][ T7131] team0 (unregistering): Port device geneve1 removed
[   95.815212][ T7153] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1239'.
[   95.837864][ T7155] xt_CT: You must specify a L4 protocol and not use inversions on it
[   95.844693][ T7153] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1239'.
[   95.865480][ T7158] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[   95.875534][ T7158] netdevsim netdevsim2 eth3 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[   95.931327][ T7158] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[   95.941611][ T7158] netdevsim netdevsim2 eth2 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[   96.059111][ T7158] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[   96.069080][ T7158] netdevsim netdevsim2 eth1 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[   96.128334][ T7158] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[   96.132462][ T7168] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1244'.
[   96.138391][ T7158] netdevsim netdevsim2 eth0 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[   96.210516][ T7168] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1244'.
[   96.253712][ T7158] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[   96.262421][ T7158] netdevsim netdevsim2 eth0: set [1, 1] type 2 family 0 port 6081 - 0
[   96.274745][ T7158] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[   96.283033][ T7158] netdevsim netdevsim2 eth1: set [1, 1] type 2 family 0 port 6081 - 0
[   96.317227][ T7158] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[   96.325622][ T7158] netdevsim netdevsim2 eth2: set [1, 1] type 2 family 0 port 6081 - 0
[   96.340065][ T7158] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[   96.348842][ T7158] netdevsim netdevsim2 eth3: set [1, 1] type 2 family 0 port 6081 - 0
[   96.533681][ T7179] netlink: 'syz.5.1248': attribute type 13 has an invalid length.
[   96.541580][ T7179] netlink: 152 bytes leftover after parsing attributes in process `syz.5.1248'.
[   96.564392][ T7179] syz_tun: refused to change device tx_queue_len
[   96.570762][ T7179] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[   96.818323][ T7198] xt_CT: You must specify a L4 protocol and not use inversions on it
[   97.076105][ T7205] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1259'.
[   97.113984][ T7205] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1259'.
[   97.398610][ T7210] usb usb5: usbfs: process 7210 (+}[@) did not claim interface 0 before use
[   97.647705][ T7222] netlink: 'syz.2.1267': attribute type 10 has an invalid length.
[   97.655969][ T7222] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1267'.
[   97.684721][ T7222] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[   97.734914][ T7224] xt_CT: You must specify a L4 protocol and not use inversions on it
[   97.785770][ T7230] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1270'.
[   97.817534][ T7234] 9pnet_fd: Insufficient options for proto=fd
[   97.828455][ T7233] netlink: 'syz.2.1271': attribute type 10 has an invalid length.
[   97.977942][ T7242] usb usb5: usbfs: process 7242 (+}[@) did not claim interface 0 before use
[   98.345880][ T7263] SELinux: ebitmap: truncated map
[   98.405478][ T7263] SELinux: failed to load policy
[   98.433529][ T7270] netlink: 'syz.2.1287': attribute type 13 has an invalid length.
[   98.441463][ T7270] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1287'.
[   98.481788][ T7270] syz_tun: refused to change device tx_queue_len
[   98.488434][ T7270] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[   98.621964][ T7281] xt_CT: You must specify a L4 protocol and not use inversions on it
[   98.728054][ T7287] team0 (unregistering): Port device team_slave_0 removed
[   98.754690][ T7289] netlink: 'syz.2.1296': attribute type 10 has an invalid length.
[   98.756633][ T7287] team0 (unregistering): Port device team_slave_1 removed
[   98.787956][ T7287] team0 (unregistering): Port device geneve1 removed
[   98.811308][ T7293] 9pnet_fd: Insufficient options for proto=fd
[   98.977776][ T7303] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1303'.
[   99.057289][ T7307] usb usb5: usbfs: process 7307 (+}[@) did not claim interface 0 before use
[   99.213294][ T7318] netlink: 'syz.5.1310': attribute type 10 has an invalid length.
[   99.214251][ T7315] 9pnet_fd: Insufficient options for proto=fd
[   99.409834][ T7329] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[   99.419730][ T7329] netdevsim netdevsim2 eth3 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[   99.525016][ T7329] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[   99.534954][ T7329] netdevsim netdevsim2 eth2 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[   99.581050][ T7329] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[   99.591052][ T7329] netdevsim netdevsim2 eth1 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[   99.628469][ T7341] rdma_rxe: rxe_newlink: failed to add lo
[   99.659249][ T7329] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[   99.669182][ T7329] netdevsim netdevsim2 eth0 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[   99.695945][ T7345] 9pnet_fd: Insufficient options for proto=fd
[   99.708525][    T9] hid-generic 0080:0000:0000.0002: unknown main item tag 0x1
[   99.716053][    T9] hid-generic 0080:0000:0000.0002: unknown main item tag 0x0
[   99.723477][    T9] hid-generic 0080:0000:0000.0002: unknown main item tag 0x0
[   99.730892][    T9] hid-generic 0080:0000:0000.0002: unknown main item tag 0x0
[   99.738288][    T9] hid-generic 0080:0000:0000.0002: unknown main item tag 0x0
[   99.745678][    T9] hid-generic 0080:0000:0000.0002: unknown main item tag 0x0
[   99.753146][    T9] hid-generic 0080:0000:0000.0002: unknown main item tag 0x4
[   99.760526][    T9] hid-generic 0080:0000:0000.0002: unknown main item tag 0x0
[   99.767973][    T9] hid-generic 0080:0000:0000.0002: unknown main item tag 0x0
[   99.775380][    T9] hid-generic 0080:0000:0000.0002: unknown main item tag 0x4
[   99.782757][    T9] hid-generic 0080:0000:0000.0002: unknown main item tag 0x0
[   99.790152][    T9] hid-generic 0080:0000:0000.0002: unknown main item tag 0x0
[   99.797658][    T9] hid-generic 0080:0000:0000.0002: unknown main item tag 0x0
[   99.805078][    T9] hid-generic 0080:0000:0000.0002: unknown main item tag 0x0
[   99.812458][    T9] hid-generic 0080:0000:0000.0002: unknown main item tag 0x0
[   99.819869][    T9] hid-generic 0080:0000:0000.0002: unknown main item tag 0x4
[   99.827279][    T9] hid-generic 0080:0000:0000.0002: unknown main item tag 0x0
[   99.834662][    T9] hid-generic 0080:0000:0000.0002: unknown main item tag 0x0
[   99.842034][    T9] hid-generic 0080:0000:0000.0002: unknown main item tag 0x0
[   99.849485][    T9] hid-generic 0080:0000:0000.0002: unknown main item tag 0x0
[   99.856878][    T9] hid-generic 0080:0000:0000.0002: unknown main item tag 0x0
[   99.864268][    T9] hid-generic 0080:0000:0000.0002: unknown main item tag 0x0
[   99.871659][    T9] hid-generic 0080:0000:0000.0002: unknown main item tag 0x0
[   99.879039][    T9] hid-generic 0080:0000:0000.0002: unknown main item tag 0x0
[   99.886476][    T9] hid-generic 0080:0000:0000.0002: unknown main item tag 0x0
[   99.893867][    T9] hid-generic 0080:0000:0000.0002: unknown main item tag 0x0
[   99.901242][    T9] hid-generic 0080:0000:0000.0002: unknown main item tag 0x0
[   99.908636][    T9] hid-generic 0080:0000:0000.0002: unknown main item tag 0x0
[   99.916062][    T9] hid-generic 0080:0000:0000.0002: unknown main item tag 0x0
[   99.923426][    T9] hid-generic 0080:0000:0000.0002: unknown main item tag 0x0
[   99.930835][    T9] hid-generic 0080:0000:0000.0002: unknown main item tag 0x0
[   99.938224][    T9] hid-generic 0080:0000:0000.0002: unknown main item tag 0x0
[   99.945641][    T9] hid-generic 0080:0000:0000.0002: unknown main item tag 0x0
[   99.953013][    T9] hid-generic 0080:0000:0000.0002: unknown main item tag 0x0
[   99.960409][    T9] hid-generic 0080:0000:0000.0002: unknown main item tag 0x0
[   99.967807][    T9] hid-generic 0080:0000:0000.0002: unknown main item tag 0x0
[   99.975187][    T9] hid-generic 0080:0000:0000.0002: unknown main item tag 0x0
[   99.983628][    T9] hid-generic 0080:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.01 Device [syz0] on syz1
[  100.207259][ T7360] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1328'.
[  100.268942][ T7329] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[  100.277274][ T7329] netdevsim netdevsim2 eth0: set [1, 1] type 2 family 0 port 6081 - 0
[  100.290776][ T7329] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[  100.299189][ T7329] netdevsim netdevsim2 eth1: set [1, 1] type 2 family 0 port 6081 - 0
[  100.308137][ T4000] kmmpd-loop4: attempt to access beyond end of device
[  100.308137][ T4000] loop4: rw=14337, sector=64, nr_sectors = 8 limit=64
[  100.321624][ T4000] Buffer I/O error on dev loop4, logical block 8, lost sync page write
[  100.341879][ T7329] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[  100.350351][ T7329] netdevsim netdevsim2 eth2: set [1, 1] type 2 family 0 port 6081 - 0
[  100.363457][ T7329] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[  100.372300][ T7329] netdevsim netdevsim2 eth3: set [1, 1] type 2 family 0 port 6081 - 0
[  100.431076][ T7371] 9pnet_fd: Insufficient options for proto=fd
[  100.506475][ T7374] rdma_rxe: rxe_newlink: failed to add lo
[  100.598877][ T7378] netlink: 'syz.4.1336': attribute type 10 has an invalid length.
[  100.756878][ T7382] netlink: 'syz.5.1338': attribute type 1 has an invalid length.
[  100.788266][ T7389] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5838: Out of memory
[  100.815754][ T7389] EXT4-fs error (device loop4): ext4_ext_truncate:4457: inode #18: comm syz.4.1341: mark_inode_dirty error
[  100.837294][ T7389] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5838: Out of memory
[  100.846603][ T7389] EXT4-fs error (device loop4): ext4_truncate:4240: inode #18: comm syz.4.1341: mark_inode_dirty error
[  100.904776][ T7389] EXT4-fs error (device loop4) in ext4_setattr:5569: Out of memory
[  100.974907][ T7397] 9pnet_fd: Insufficient options for proto=fd
[  101.189484][ T7407] __nla_validate_parse: 6 callbacks suppressed
[  101.189498][ T7407] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1349'.
[  101.204586][   T30] kauditd_printk_skb: 324 callbacks suppressed
[  101.204663][   T30] audit: type=1326 audit(2000000061.870:5933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7410 comm="syz.3.1352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32816ad169 code=0x7ffc0000
[  101.234291][   T30] audit: type=1326 audit(2000000061.870:5934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7410 comm="syz.3.1352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f32816ad169 code=0x7ffc0000
[  101.257657][   T30] audit: type=1326 audit(2000000061.870:5935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7410 comm="syz.3.1352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32816ad169 code=0x7ffc0000
[  101.281101][   T30] audit: type=1326 audit(2000000061.870:5936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7410 comm="syz.3.1352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=235 compat=0 ip=0x7f32816ad169 code=0x7ffc0000
[  101.304684][   T30] audit: type=1326 audit(2000000061.870:5937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7410 comm="syz.3.1352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32816ad169 code=0x7ffc0000
[  101.328070][   T30] audit: type=1326 audit(2000000061.870:5938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7410 comm="syz.3.1352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f32816ad169 code=0x7ffc0000
[  101.351463][   T30] audit: type=1326 audit(2000000061.870:5939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7410 comm="syz.3.1352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32816ad169 code=0x7ffc0000
[  101.374949][   T30] audit: type=1326 audit(2000000061.870:5940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7410 comm="syz.3.1352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f32816ad169 code=0x7ffc0000
[  101.398326][   T30] audit: type=1326 audit(2000000061.870:5941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7410 comm="syz.3.1352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32816ad169 code=0x7ffc0000
[  101.421794][   T30] audit: type=1326 audit(2000000061.870:5942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7410 comm="syz.3.1352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f32816ad169 code=0x7ffc0000
[  101.515752][ T7431] 9pnet_fd: Insufficient options for proto=fd
[  101.582189][ T7435] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1360'.
[  101.592880][ T7433] netlink: 'syz.3.1363': attribute type 10 has an invalid length.
[  101.614884][ T7435] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1360'.
[  101.615081][ T7439] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1362'.
[  101.803781][ T7446] rdma_rxe: rxe_newlink: failed to add lo
[  101.877939][ T7463] 9pnet_fd: Insufficient options for proto=fd
[  101.951051][ T7474] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1378'.
[  101.988739][ T7474] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1378'.
[  102.023329][ T7478] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1380'.
[  102.047800][ T7481] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1381'.
[  102.088265][ T7481] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1381'.
[  102.134661][ T7485] s
z1: rxe_newlink: already configured on lo
[  102.189768][ T7491] 9pnet_fd: Insufficient options for proto=fd
[  102.283385][ T7505] netlink: 'syz.2.1387': attribute type 13 has an invalid length.
[  102.311285][ T7505] gretap0: refused to change device tx_queue_len
[  102.318518][ T7505] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  102.342233][ T3376] lo speed is unknown, defaulting to 1000
[  102.350916][ T3376] lo speed is unknown, defaulting to 1000
[  102.372761][ T7514] FAULT_INJECTION: forcing a failure.
[  102.372761][ T7514] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  102.386646][ T7514] CPU: 0 UID: 0 PID: 7514 Comm: syz.5.1394 Not tainted 6.14.0-rc5-syzkaller-00214-g21e4543a2e2f #0
[  102.386697][ T7514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  102.386755][ T7514] Call Trace:
[  102.386760][ T7514]  <TASK>
[  102.386767][ T7514]  dump_stack_lvl+0xf2/0x150
[  102.386793][ T7514]  dump_stack+0x15/0x1a
[  102.386812][ T7514]  should_fail_ex+0x24a/0x260
[  102.386941][ T7514]  should_fail+0xb/0x10
[  102.386963][ T7514]  should_fail_usercopy+0x1a/0x20
[  102.386990][ T7514]  _copy_to_user+0x20/0xa0
[  102.387008][ T7514]  simple_read_from_buffer+0xa0/0x110
[  102.387060][ T7514]  proc_fail_nth_read+0xf9/0x140
[  102.387094][ T7514]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  102.387142][ T7514]  vfs_read+0x19b/0x6f0
[  102.387162][ T7514]  ? 0xffffffff81000000
[  102.387173][ T7514]  ? sock_common_getsockopt+0x5b/0x70
[  102.387203][ T7514]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  102.387301][ T7514]  ? do_sock_getsockopt+0x1ca/0x260
[  102.387322][ T7514]  ? 0xffffffff81000000
[  102.387334][ T7514]  ksys_read+0xe8/0x1b0
[  102.387356][ T7514]  __x64_sys_read+0x42/0x50
[  102.387397][ T7514]  x64_sys_call+0x2874/0x2dc0
[  102.387420][ T7514]  do_syscall_64+0xc9/0x1c0
[  102.387448][ T7514]  ? clear_bhb_loop+0x55/0xb0
[  102.387470][ T7514]  ? clear_bhb_loop+0x55/0xb0
[  102.387557][ T7514]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.387595][ T7514] RIP: 0033:0x7f1809eabb7c
[  102.387608][ T7514] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  102.387625][ T7514] RSP: 002b:00007f1808517030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  102.387642][ T7514] RAX: ffffffffffffffda RBX: 00007f180a0c5fa0 RCX: 00007f1809eabb7c
[  102.387654][ T7514] RDX: 000000000000000f RSI: 00007f18085170a0 RDI: 0000000000000004
[  102.387665][ T7514] RBP: 00007f1808517090 R08: 0000000000000000 R09: 0000000000000000
[  102.387676][ T7514] R10: ffffffff81000000 R11: 0000000000000246 R12: 0000000000000001
[  102.387715][ T7514] R13: 0000000000000000 R14: 00007f180a0c5fa0 R15: 00007ffdf3a278c8
[  102.387729][ T7514]  ? 0xffffffff81000000
[  102.387745][ T7514]  </TASK>
[  102.714320][ T7527] s
z1: rxe_newlink: already configured on lo
[  102.726625][ T7529] 9pnet_fd: Insufficient options for proto=fd
[  102.898682][ T7547] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1408'.
[  103.063643][ T7553] rdma_rxe: rxe_newlink: failed to add lo
[  103.098929][ T7556] 9pnet_fd: Insufficient options for proto=fd
[  103.195415][ T7562] netlink: 'syz.5.1416': attribute type 10 has an invalid length.
[  103.383011][ T7580] rdma_rxe: rxe_newlink: failed to add lo
[  103.387645][ T7586] 9pnet_fd: Insufficient options for proto=fd
[  103.676491][ T7606] netlink: 'syz.5.1432': attribute type 10 has an invalid length.
[  103.765937][ T7615] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  103.775880][ T7615] netdevsim netdevsim5 eth3 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  103.861853][ T7615] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  103.871784][ T7615] netdevsim netdevsim5 eth2 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  103.930464][ T7615] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  103.940492][ T7615] netdevsim netdevsim5 eth1 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  104.013412][ T7615] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  104.023354][ T7615] netdevsim netdevsim5 eth0 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  104.186857][ T7615] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[  104.195601][ T7615] netdevsim netdevsim5 eth0: set [1, 1] type 2 family 0 port 6081 - 0
[  104.209546][ T7615] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[  104.217890][ T7615] netdevsim netdevsim5 eth1: set [1, 1] type 2 family 0 port 6081 - 0
[  104.239932][ T7615] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[  104.248393][ T7615] netdevsim netdevsim5 eth2: set [1, 1] type 2 family 0 port 6081 - 0
[  104.263156][ T7615] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[  104.271990][ T7615] netdevsim netdevsim5 eth3: set [1, 1] type 2 family 0 port 6081 - 0
[  104.414693][ T7638] team0 (unregistering): Port device team_slave_0 removed
[  104.432835][ T7638] team0 (unregistering): Port device team_slave_1 removed
[  104.463176][ T7638] team0 (unregistering): Port device geneve1 removed
[  105.343827][ T4000] kmmpd-loop4: attempt to access beyond end of device
[  105.343827][ T4000] loop4: rw=14337, sector=64, nr_sectors = 8 limit=64
[  105.357261][ T4000] Buffer I/O error on dev loop4, logical block 8, lost sync page write
[  106.836001][   T30] kauditd_printk_skb: 102 callbacks suppressed
[  106.836021][   T30] audit: type=1326 audit(2000000067.540:6045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7657 comm="syz.0.1452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ffc44d169 code=0x7ffc0000
[  106.868832][   T30] audit: type=1326 audit(2000000067.570:6046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7657 comm="syz.0.1452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ffc44d169 code=0x7ffc0000
[  106.896443][   T30] audit: type=1326 audit(2000000067.570:6047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7657 comm="syz.0.1452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f5ffc44d169 code=0x7ffc0000
[  106.919940][   T30] audit: type=1326 audit(2000000067.570:6048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7657 comm="syz.0.1452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f5ffc44d1a3 code=0x7ffc0000
[  106.943202][   T30] audit: type=1326 audit(2000000067.570:6049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7657 comm="syz.0.1452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f5ffc44bc1f code=0x7ffc0000
[  106.966546][   T30] audit: type=1326 audit(2000000067.580:6050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7657 comm="syz.0.1452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f5ffc44d1f7 code=0x7ffc0000
[  106.989973][   T30] audit: type=1326 audit(2000000067.590:6051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7657 comm="syz.0.1452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5ffc44bad0 code=0x7ffc0000
[  107.013401][   T30] audit: type=1326 audit(2000000067.590:6052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7657 comm="syz.0.1452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f5ffc44bdca code=0x7ffc0000
[  107.036655][   T30] audit: type=1326 audit(2000000067.600:6053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7657 comm="syz.0.1452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ffc44d169 code=0x7ffc0000
[  107.060093][   T30] audit: type=1326 audit(2000000067.600:6054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7657 comm="syz.0.1452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ffc44d169 code=0x7ffc0000
[  107.093489][ T7663] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  107.162013][ T7663] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  107.244330][ T7663] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  107.276576][ T7673] __nla_validate_parse: 8 callbacks suppressed
[  107.276589][ T7673] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1457'.
[  107.315239][ T7663] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  107.336910][ T7673] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1457'.
[  107.417803][ T7663] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[  107.432338][ T7663] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[  107.450934][ T7663] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[  107.473576][ T7663] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[  107.525661][ T7684] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1461'.
[  107.821015][ T7713] netlink: 'syz.3.1475': attribute type 10 has an invalid length.
[  107.832429][ T7714] rdma_rxe: rxe_newlink: failed to add lo
[  107.872058][ T7717] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1476'.
[  107.938675][ T7723] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1479'.
[  107.983422][ T7723] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1479'.
[  108.031120][ T7728] devpts: called with bogus options
[  108.042374][ T7728] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5838: Out of memory
[  108.053053][ T7728] EXT4-fs error (device loop4): ext4_ext_truncate:4457: inode #18: comm syz.4.1482: mark_inode_dirty error
[  108.065508][ T7728] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5838: Out of memory
[  108.079165][ T7728] EXT4-fs error (device loop4): ext4_truncate:4240: inode #18: comm syz.4.1482: mark_inode_dirty error
[  108.092357][ T7728] EXT4-fs error (device loop4) in ext4_setattr:5569: Out of memory
[  110.384408][ T4000] kmmpd-loop4: attempt to access beyond end of device
[  110.384408][ T4000] loop4: rw=14337, sector=64, nr_sectors = 8 limit=64
[  110.397857][ T4000] Buffer I/O error on dev loop4, logical block 8, lost sync page write
[  110.791423][ T7748] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1491'.
[  110.795416][ T7739] rdma_rxe: rxe_newlink: failed to add lo
[  110.817018][ T7748] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1491'.
[  110.875097][ T7753] netlink: 'syz.4.1493': attribute type 10 has an invalid length.
[  110.899439][ T7755] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1494'.
[  111.450196][ T7780] rdma_rxe: rxe_newlink: failed to add lo
[  111.650277][ T7795] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1509'.
[  111.718710][ T7799] devpts: called with bogus options
[  111.731874][ T7799] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5838: Out of memory
[  111.741184][ T7799] EXT4-fs error (device loop4): ext4_ext_truncate:4457: inode #18: comm syz.4.1511: mark_inode_dirty error
[  111.753145][ T7799] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5838: Out of memory
[  111.762390][ T7799] EXT4-fs error (device loop4): ext4_truncate:4240: inode #18: comm syz.4.1511: mark_inode_dirty error
[  111.773769][ T7799] EXT4-fs error (device loop4) in ext4_setattr:5569: Out of memory
[  111.871232][   T30] kauditd_printk_skb: 1312 callbacks suppressed
[  111.871245][   T30] audit: type=1400 audit(2000000072.570:7367): avc:  denied  { connect } for  pid=7804 comm="syz.2.1514" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  112.220692][ T7828] devpts: called with bogus options
[  112.310690][ T7838] __nla_validate_parse: 2 callbacks suppressed
[  112.310733][ T7838] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1529'.
[  112.352861][ T7838] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1529'.
[  112.447242][ T7847] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1533'.
[  112.458195][ T7847] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1533'.
[  112.550935][ T7850] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1536'.
[  112.587332][ T7852] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1535'.
[  112.617092][ T7852] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1535'.
[  112.644189][ T7858] devpts: called with bogus options
[  112.676509][ T7862] 9pnet_fd: Insufficient options for proto=fd
[  112.727313][ T7868] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7868 comm=syz.2.1541
[  112.739723][   T30] audit: type=1400 audit(2000000073.430:7368): avc:  denied  { read } for  pid=7865 comm="syz.0.1543" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  112.765884][ T7868] netlink: 'syz.2.1541': attribute type 1 has an invalid length.
[  112.799650][ T7874] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1545'.
[  112.827828][ T7868] 8021q: adding VLAN 0 to HW filter on device bond1
[  112.836613][ T7874] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1545'.
[  112.871448][   T30] audit: type=1400 audit(2000000073.570:7369): avc:  denied  { lock } for  pid=7867 comm="syz.2.1541" path="socket:[22864]" dev="sockfs" ino=22864 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=udp_socket permissive=1
[  112.899030][ T7868] vlan0: entered promiscuous mode
[  112.904109][ T7868] bond1: entered promiscuous mode
[  112.909341][ T7868] vlan0: entered allmulticast mode
[  112.914502][ T7868] bond1: entered allmulticast mode
[  112.971398][ T7884] devpts: called with bogus options
[  113.000702][ T7888] audit: audit_lost=2 audit_rate_limit=0 audit_backlog_limit=64
[  113.008402][ T7888] audit: out of memory in audit_log_start
[  113.028663][ T7886] s
z1: rxe_newlink: already configured on lo
[  113.067976][ T7893] 9pnet_fd: Insufficient options for proto=fd
[  113.254449][ T7910] bond2: entered promiscuous mode
[  113.259514][ T7910] bond2: entered allmulticast mode
[  113.267003][ T7910] 8021q: adding VLAN 0 to HW filter on device bond2
[  113.281334][ T7910] bond2 (unregistering): Released all slaves
[  113.295057][ T7917] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1562'.
[  113.382525][ T7921] 9pnet_fd: Insufficient options for proto=fd
[  113.384994][ T7919] rdma_rxe: rxe_newlink: failed to add lo
[  113.734638][ T7953] 9pnet_fd: Insufficient options for proto=fd
[  113.803225][ T7951] rdma_rxe: rxe_newlink: failed to add lo
[  113.822125][ T7960] batman_adv: batadv0: Removing interface: batadv_slave_0
[  113.849776][ T7960] batman_adv: batadv0: Removing interface: batadv_slave_1
[  113.952782][   T30] audit: type=1400 audit(2000000074.650:7370): avc:  denied  { listen } for  pid=7945 comm="syz.3.1575" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  114.071447][ T7980] 9pnet_fd: Insufficient options for proto=fd
[  114.165042][ T7985] devpts: called with bogus options
[  114.251833][   T30] audit: type=1326 audit(2000000074.950:7371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7996 comm="syz.2.1597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0795a4d169 code=0x7ffc0000
[  114.333962][   T30] audit: type=1326 audit(2000000074.980:7372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7996 comm="syz.2.1597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f0795a4d169 code=0x7ffc0000
[  114.357572][   T30] audit: type=1326 audit(2000000074.980:7373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7996 comm="syz.2.1597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0795a4d169 code=0x7ffc0000
[  114.381011][   T30] audit: type=1326 audit(2000000075.000:7374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7996 comm="syz.2.1597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=207 compat=0 ip=0x7f0795a4d169 code=0x7ffc0000
[  114.452012][ T8011] 9pnet_fd: Insufficient options for proto=fd
[  114.574303][ T8022] devpts: called with bogus options
[  114.586920][ T8022] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5838: Out of memory
[  114.612424][ T8022] EXT4-fs error (device loop4): ext4_ext_truncate:4457: inode #18: comm syz.4.1605: mark_inode_dirty error
[  114.632431][ T8022] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5838: Out of memory
[  114.676016][ T8022] EXT4-fs error (device loop4): ext4_truncate:4240: inode #18: comm syz.4.1605: mark_inode_dirty error
[  114.688415][ T8022] EXT4-fs error (device loop4) in ext4_setattr:5569: Out of memory
[  114.992512][ T8044] usb usb5: usbfs: process 8044 (syz.5.1614) did not claim interface 0 before use
[  115.039334][ T8046] FAULT_INJECTION: forcing a failure.
[  115.039334][ T8046] name failslab, interval 1, probability 0, space 0, times 0
[  115.052738][ T8046] CPU: 1 UID: 0 PID: 8046 Comm: syz.3.1617 Not tainted 6.14.0-rc5-syzkaller-00214-g21e4543a2e2f #0
[  115.052792][ T8046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  115.052876][ T8046] Call Trace:
[  115.052882][ T8046]  <TASK>
[  115.052890][ T8046]  dump_stack_lvl+0xf2/0x150
[  115.052918][ T8046]  dump_stack+0x15/0x1a
[  115.052976][ T8046]  should_fail_ex+0x24a/0x260
[  115.052999][ T8046]  should_failslab+0x8f/0xb0
[  115.053028][ T8046]  __kmalloc_node_noprof+0xad/0x410
[  115.053051][ T8046]  ? __kvmalloc_node_noprof+0x72/0x170
[  115.053156][ T8046]  __kvmalloc_node_noprof+0x72/0x170
[  115.053185][ T8046]  simple_xattr_set+0x6e/0x2a0
[  115.053203][ T8046]  kernfs_vfs_xattr_set+0x68/0xb0
[  115.053264][ T8046]  ? __pfx_kernfs_vfs_xattr_set+0x10/0x10
[  115.053284][ T8046]  __vfs_setxattr+0x2e5/0x310
[  115.053308][ T8046]  __vfs_setxattr_noperm+0xed/0x420
[  115.053373][ T8046]  __vfs_setxattr_locked+0x1af/0x1d0
[  115.053399][ T8046]  vfs_setxattr+0x140/0x290
[  115.053429][ T8046]  filename_setxattr+0x1a6/0x2a0
[  115.053525][ T8046]  path_setxattrat+0x284/0x310
[  115.053556][ T8046]  __x64_sys_lsetxattr+0x71/0x90
[  115.053583][ T8046]  x64_sys_call+0x29c8/0x2dc0
[  115.053643][ T8046]  do_syscall_64+0xc9/0x1c0
[  115.053666][ T8046]  ? clear_bhb_loop+0x55/0xb0
[  115.053749][ T8046]  ? clear_bhb_loop+0x55/0xb0
[  115.053772][ T8046]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.053794][ T8046] RIP: 0033:0x7f32816ad169
[  115.053806][ T8046] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  115.053853][ T8046] RSP: 002b:00007f327fd17038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[  115.053868][ T8046] RAX: ffffffffffffffda RBX: 00007f32818c5fa0 RCX: 00007f32816ad169
[  115.053880][ T8046] RDX: 0000000000000000 RSI: 0000400000000140 RDI: 0000400000000040
[  115.053892][ T8046] RBP: 00007f327fd17090 R08: 0000000000000000 R09: 0000000000000000
[  115.053904][ T8046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  115.053916][ T8046] R13: 0000000000000000 R14: 00007f32818c5fa0 R15: 00007fff29c888f8
[  115.053935][ T8046]  </TASK>
[  115.327154][ T8051] netlink: 'syz.2.1619': attribute type 10 has an invalid length.
[  115.425822][ T4000] kmmpd-loop4: attempt to access beyond end of device
[  115.425822][ T4000] loop4: rw=14337, sector=64, nr_sectors = 8 limit=64
[  115.439259][ T4000] Buffer I/O error on dev loop4, logical block 8, lost sync page write
[  115.645180][ T8077] team0 (unregistering): Port device team_slave_0 removed
[  115.666913][ T8077] team0 (unregistering): Port device team_slave_1 removed
[  115.704257][ T8077] team0 (unregistering): Port device geneve1 removed
[  116.147468][ T8123] usb usb5: usbfs: process 8123 (syz.0.1646) did not claim interface 0 before use
[  116.891062][ T8158] devpts: called with bogus options
[  116.956473][   T30] kauditd_printk_skb: 112 callbacks suppressed
[  116.956488][   T30] audit: type=1326 audit(2000000077.660:7487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8162 comm="syz.3.1664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32816ad169 code=0x7ffc0000
[  117.027363][   T30] audit: type=1326 audit(2000000077.660:7488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8162 comm="syz.3.1664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f32816ad169 code=0x7ffc0000
[  117.051154][   T30] audit: type=1326 audit(2000000077.660:7489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8162 comm="syz.3.1664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32816ad169 code=0x7ffc0000
[  117.074567][   T30] audit: type=1326 audit(2000000077.660:7490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8162 comm="syz.3.1664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=207 compat=0 ip=0x7f32816ad169 code=0x7ffc0000
[  117.111599][   T30] audit: type=1326 audit(2000000077.810:7491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8162 comm="syz.3.1664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32816ad169 code=0x7ffc0000
[  117.135130][   T30] audit: type=1326 audit(2000000077.810:7492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8162 comm="syz.3.1664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32816ad169 code=0x7ffc0000
[  117.199348][   T30] audit: type=1400 audit(2000000077.900:7493): avc:  denied  { setopt } for  pid=8166 comm="syz.4.1666" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  117.315295][   T30] audit: type=1400 audit(2000000078.010:7494): avc:  denied  { compute_member } for  pid=8171 comm="syz.4.1668" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  117.399959][   T30] audit: type=1326 audit(2000000078.100:7495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8177 comm="syz.3.1671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32816ad169 code=0x7ffc0000
[  117.467330][   T30] audit: type=1326 audit(2000000078.100:7496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8177 comm="syz.3.1671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32816ad169 code=0x7ffc0000
[  117.580494][ T8190] __nla_validate_parse: 16 callbacks suppressed
[  117.580602][ T8190] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1674'.
[  117.583242][ T8188] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5838: Out of memory
[  117.605718][ T8188] EXT4-fs error (device loop4): ext4_ext_truncate:4457: inode #18: comm syz.4.1676: mark_inode_dirty error
[  117.633579][ T8188] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5838: Out of memory
[  117.653043][ T8188] EXT4-fs error (device loop4): ext4_truncate:4240: inode #18: comm syz.4.1676: mark_inode_dirty error
[  117.684507][ T8188] EXT4-fs error (device loop4) in ext4_setattr:5569: Out of memory
[  117.764947][ T8200] FAULT_INJECTION: forcing a failure.
[  117.764947][ T8200] name failslab, interval 1, probability 0, space 0, times 0
[  117.777849][ T8200] CPU: 0 UID: 0 PID: 8200 Comm: syz.4.1680 Not tainted 6.14.0-rc5-syzkaller-00214-g21e4543a2e2f #0
[  117.777920][ T8200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  117.777929][ T8200] Call Trace:
[  117.777934][ T8200]  <TASK>
[  117.777940][ T8200]  dump_stack_lvl+0xf2/0x150
[  117.778033][ T8200]  dump_stack+0x15/0x1a
[  117.778049][ T8200]  should_fail_ex+0x24a/0x260
[  117.778166][ T8200]  ? p9_fd_create+0xc6/0x260
[  117.778192][ T8200]  should_failslab+0x8f/0xb0
[  117.778221][ T8200]  __kmalloc_cache_noprof+0x4e/0x320
[  117.778242][ T8200]  p9_fd_create+0xc6/0x260
[  117.778266][ T8200]  p9_client_create+0x5ee/0xb90
[  117.778348][ T8200]  v9fs_session_init+0xf9/0xda0
[  117.778379][ T8200]  ? should_fail_ex+0xd7/0x260
[  117.778405][ T8200]  ? v9fs_mount+0x53/0x570
[  117.778421][ T8200]  ? should_failslab+0x8f/0xb0
[  117.778476][ T8200]  ? __kmalloc_cache_noprof+0x186/0x320
[  117.778499][ T8200]  v9fs_mount+0x69/0x570
[  117.778518][ T8200]  ? __pfx_v9fs_mount+0x10/0x10
[  117.778542][ T8200]  legacy_get_tree+0x77/0xd0
[  117.778567][ T8200]  vfs_get_tree+0x56/0x1e0
[  117.778593][ T8200]  do_new_mount+0x227/0x690
[  117.778619][ T8200]  path_mount+0x49b/0xb30
[  117.778670][ T8200]  __se_sys_mount+0x27f/0x2d0
[  117.778709][ T8200]  ? fput+0x1c4/0x200
[  117.778727][ T8200]  __x64_sys_mount+0x67/0x80
[  117.778823][ T8200]  x64_sys_call+0x2c84/0x2dc0
[  117.778847][ T8200]  do_syscall_64+0xc9/0x1c0
[  117.778918][ T8200]  ? clear_bhb_loop+0x55/0xb0
[  117.778940][ T8200]  ? clear_bhb_loop+0x55/0xb0
[  117.778960][ T8200]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.779000][ T8200] RIP: 0033:0x7fb6261ed169
[  117.779023][ T8200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  117.779039][ T8200] RSP: 002b:00007fb624851038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  117.779057][ T8200] RAX: ffffffffffffffda RBX: 00007fb626405fa0 RCX: 00007fb6261ed169
[  117.779069][ T8200] RDX: 00004000000002c0 RSI: 0000400000000080 RDI: 0000000000000000
[  117.779142][ T8200] RBP: 00007fb624851090 R08: 0000400000000400 R09: 0000000000000000
[  117.779153][ T8200] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  117.779163][ T8200] R13: 0000000000000000 R14: 00007fb626405fa0 R15: 00007ffc866d2e08
[  117.779233][ T8200]  </TASK>
[  117.792115][ T8197] lo speed is unknown, defaulting to 1000
[  118.661612][ T8211] lo speed is unknown, defaulting to 1000
[  119.065956][ T8228] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1689'.
[  119.229848][ T8235] bond0: (slave team0): Releasing backup interface
[  119.242607][ T8235] team0 (unregistering): Port device team_slave_0 removed
[  119.257180][ T8235] team0 (unregistering): Port device team_slave_1 removed
[  119.268780][ T8235] team0 (unregistering): Port device geneve1 removed
[  119.308193][ T8230] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.318150][ T8230] netdevsim netdevsim4 eth3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  119.395616][ T8230] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.405461][ T8230] netdevsim netdevsim4 eth2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  119.467667][ T8245] x_tables: ip_tables: udp match: only valid for protocol 17
[  119.500546][ T8230] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.510546][ T8230] netdevsim netdevsim4 eth1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  119.595747][ T8230] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.606008][ T8230] netdevsim netdevsim4 eth0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  119.656797][ T8250] 9pnet_fd: Insufficient options for proto=fd
[  119.912221][ T8230] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[  119.920952][ T8230] netdevsim netdevsim4 eth0: set [1, 1] type 2 family 0 port 6081 - 0
[  119.969261][ T8230] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[  119.978125][ T8230] netdevsim netdevsim4 eth1: set [1, 1] type 2 family 0 port 6081 - 0
[  119.995619][ T8254] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1700'.
[  120.010170][ T8230] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[  120.018572][ T8230] netdevsim netdevsim4 eth2: set [1, 1] type 2 family 0 port 6081 - 0
[  120.051234][ T8230] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[  120.059798][ T8230] netdevsim netdevsim4 eth3: set [1, 1] type 2 family 0 port 6081 - 0
[  120.210115][ T8273] FAULT_INJECTION: forcing a failure.
[  120.210115][ T8273] name failslab, interval 1, probability 0, space 0, times 0
[  120.223803][ T8273] CPU: 1 UID: 0 PID: 8273 Comm: syz.4.1707 Not tainted 6.14.0-rc5-syzkaller-00214-g21e4543a2e2f #0
[  120.223822][ T8273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  120.223831][ T8273] Call Trace:
[  120.223836][ T8273]  <TASK>
[  120.223841][ T8273]  dump_stack_lvl+0xf2/0x150
[  120.223865][ T8273]  dump_stack+0x15/0x1a
[  120.223882][ T8273]  should_fail_ex+0x24a/0x260
[  120.223908][ T8273]  should_failslab+0x8f/0xb0
[  120.223932][ T8273]  kmem_cache_alloc_noprof+0x52/0x320
[  120.223950][ T8273]  ? vm_area_dup+0x98/0x130
[  120.223971][ T8273]  vm_area_dup+0x98/0x130
[  120.223989][ T8273]  __split_vma+0xf7/0x6a0
[  120.224013][ T8273]  vma_modify+0x17d/0x1e0
[  120.224039][ T8273]  vma_modify_flags_name+0xf6/0x120
[  120.224061][ T8273]  do_madvise+0x18dc/0x2ad0
[  120.224081][ T8273]  ? __fget_files+0x17c/0x1c0
[  120.224107][ T8273]  ? ksys_write+0x176/0x1b0
[  120.224128][ T8273]  __x64_sys_madvise+0x61/0x70
[  120.224145][ T8273]  x64_sys_call+0x23ab/0x2dc0
[  120.224166][ T8273]  do_syscall_64+0xc9/0x1c0
[  120.224190][ T8273]  ? clear_bhb_loop+0x55/0xb0
[  120.224212][ T8273]  ? clear_bhb_loop+0x55/0xb0
[  120.224231][ T8273]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.224250][ T8273] RIP: 0033:0x7fb6261ed169
[  120.224262][ T8273] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  120.224275][ T8273] RSP: 002b:00007fb624851038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[  120.224289][ T8273] RAX: ffffffffffffffda RBX: 00007fb626405fa0 RCX: 00007fb6261ed169
[  120.224300][ T8273] RDX: 000000000000000a RSI: 0000000000002000 RDI: 00004000002d6000
[  120.224311][ T8273] RBP: 00007fb624851090 R08: 0000000000000000 R09: 0000000000000000
[  120.224337][ T8273] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  120.224348][ T8273] R13: 0000000000000000 R14: 00007fb626405fa0 R15: 00007ffc866d2e08
[  120.224366][ T8273]  </TASK>
[  120.494282][ T4000] kmmpd-loop4: attempt to access beyond end of device
[  120.494282][ T4000] loop4: rw=14337, sector=64, nr_sectors = 8 limit=64
[  120.507714][ T4000] Buffer I/O error on dev loop4, logical block 8, lost sync page write
[  120.547943][ T8278] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1709'.
[  120.598643][ T8282] 9pnet_fd: Insufficient options for proto=fd
[  120.659616][ T8278] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1709'.
[  120.963863][ T8299] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1718'.
[  121.025025][ T8298] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  121.034986][ T8298] netdevsim netdevsim4 eth3 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  121.136400][ T8298] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  121.146292][ T8298] netdevsim netdevsim4 eth2 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  121.216828][ T8298] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  121.227083][ T8298] netdevsim netdevsim4 eth1 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  121.238989][ T8308] 9pnet_fd: Insufficient options for proto=fd
[  121.286196][ T8310] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  121.296084][ T8310] netdevsim netdevsim2 eth3 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  121.336410][ T8298] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  121.346288][ T8298] netdevsim netdevsim4 eth0 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  121.396236][ T8310] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  121.406203][ T8310] netdevsim netdevsim2 eth2 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  121.485243][ T8310] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  121.495209][ T8310] netdevsim netdevsim2 eth1 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  121.553508][ T8258] syz.0.1702 (8258) used greatest stack depth: 6272 bytes left
[  121.578630][ T8310] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  121.588554][ T8310] netdevsim netdevsim2 eth0 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  121.815856][ T8310] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[  121.824178][ T8310] netdevsim netdevsim2 eth0: set [1, 1] type 2 family 0 port 6081 - 0
[  121.843674][ T8310] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[  121.852196][ T8310] netdevsim netdevsim2 eth1: set [1, 1] type 2 family 0 port 6081 - 0
[  121.869702][ T8310] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[  121.878098][ T8310] netdevsim netdevsim2 eth2: set [1, 1] type 2 family 0 port 6081 - 0
[  121.895097][ T8310] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[  121.903389][ T8310] netdevsim netdevsim2 eth3: set [1, 1] type 2 family 0 port 6081 - 0
[  122.626937][ T8361] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.703452][ T8361] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.806457][ T8361] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.868244][ T8361] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.994434][   T30] kauditd_printk_skb: 92 callbacks suppressed
[  122.994448][   T30] audit: type=1400 audit(2000000083.690:7589): avc:  denied  { setopt } for  pid=8378 comm="syz.3.1752" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  123.042463][ T8361] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  123.057128][ T8361] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  123.078121][ T8361] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  123.089383][ T8379] pim6reg: left allmulticast mode
[  123.106847][ T8361] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  123.195100][   T30] audit: type=1400 audit(2000000083.900:7590): avc:  denied  { accept } for  pid=8378 comm="syz.3.1752" lport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  123.220418][ T8383] geneve2: entered promiscuous mode
[  123.226267][ T8383] geneve2: entered allmulticast mode
[  123.245904][   T30] audit: type=1400 audit(2000000083.950:7591): avc:  denied  { read } for  pid=8378 comm="syz.3.1752" lport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  123.805610][ T8298] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[  123.813916][ T8298] netdevsim netdevsim4 eth0: set [1, 1] type 2 family 0 port 6081 - 0
[  123.834171][ T8298] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[  123.842460][ T8298] netdevsim netdevsim4 eth1: set [1, 1] type 2 family 0 port 6081 - 0
[  123.856879][ T8298] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[  123.865371][ T8298] netdevsim netdevsim4 eth2: set [1, 1] type 2 family 0 port 6081 - 0
[  123.882030][ T8298] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[  123.890326][ T8298] netdevsim netdevsim4 eth3: set [1, 1] type 2 family 0 port 6081 - 0
[  124.066223][ T8407] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  124.076195][ T8407] netdevsim netdevsim4 eth3 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  124.091053][ T8409] netlink: 'syz.2.1764': attribute type 10 has an invalid length.
[  124.170835][ T8407] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  124.180730][ T8407] netdevsim netdevsim4 eth2 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  124.251688][ T8407] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  124.262081][ T8407] netdevsim netdevsim4 eth1 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  124.356776][ T8407] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[  124.366656][ T8407] netdevsim netdevsim4 eth0 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  124.434038][ T8427] geneve2: entered promiscuous mode
[  124.439278][ T8427] geneve2: entered allmulticast mode
[  124.489098][   T30] audit: type=1326 audit(2000000085.190:7592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8428 comm="syz.2.1772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0795a4d169 code=0x7ffc0000
[  124.544737][   T30] audit: type=1326 audit(2000000085.220:7593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8428 comm="syz.2.1772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0795a4d169 code=0x7ffc0000
[  124.568279][   T30] audit: type=1326 audit(2000000085.220:7594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8428 comm="syz.2.1772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0795a4d169 code=0x7ffc0000
[  124.591781][   T30] audit: type=1326 audit(2000000085.220:7595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8428 comm="syz.2.1772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0795a4d169 code=0x7ffc0000
[  124.615254][   T30] audit: type=1326 audit(2000000085.220:7596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8428 comm="syz.2.1772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0795a4d169 code=0x7ffc0000
[  124.638724][   T30] audit: type=1326 audit(2000000085.220:7597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8428 comm="syz.2.1772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=160 compat=0 ip=0x7f0795a4d169 code=0x7ffc0000
[  124.662142][   T30] audit: type=1326 audit(2000000085.220:7598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8428 comm="syz.2.1772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0795a4d169 code=0x7ffc0000
[  124.749888][ T8434] FAULT_INJECTION: forcing a failure.
[  124.749888][ T8434] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  124.763271][ T8434] CPU: 1 UID: 0 PID: 8434 Comm: syz.2.1774 Not tainted 6.14.0-rc5-syzkaller-00214-g21e4543a2e2f #0
[  124.763293][ T8434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  124.763303][ T8434] Call Trace:
[  124.763309][ T8434]  <TASK>
[  124.763315][ T8434]  dump_stack_lvl+0xf2/0x150
[  124.763342][ T8434]  dump_stack+0x15/0x1a
[  124.763434][ T8434]  should_fail_ex+0x24a/0x260
[  124.763461][ T8434]  should_fail_alloc_page+0xfd/0x110
[  124.763559][ T8434]  __alloc_frozen_pages_noprof+0x109/0x340
[  124.763590][ T8434]  alloc_pages_mpol+0xb4/0x260
[  124.763611][ T8434]  alloc_pages_noprof+0xe8/0x130
[  124.763653][ T8434]  __pud_alloc+0x4b/0x440
[  124.763673][ T8434]  handle_mm_fault+0x1916/0x2ac0
[  124.763738][ T8434]  ? __rcu_read_unlock+0x4e/0x70
[  124.763760][ T8434]  ? mt_find+0x72a/0x890
[  124.763784][ T8434]  ? check_vma_flags+0x222/0x310
[  124.763807][ T8434]  __get_user_pages+0xf6a/0x2350
[  124.763838][ T8434]  ? down_read+0x171/0x4b0
[  124.763940][ T8434]  get_user_pages_remote+0x1df/0x790
[  124.764010][ T8434]  get_arg_page+0x96/0x1e0
[  124.764030][ T8434]  copy_string_kernel+0x128/0x2b0
[  124.764061][ T8434]  do_execveat_common+0x615/0x7e0
[  124.764088][ T8434]  __x64_sys_execveat+0x75/0x90
[  124.764114][ T8434]  x64_sys_call+0x291e/0x2dc0
[  124.764137][ T8434]  do_syscall_64+0xc9/0x1c0
[  124.764237][ T8434]  ? clear_bhb_loop+0x55/0xb0
[  124.764261][ T8434]  ? clear_bhb_loop+0x55/0xb0
[  124.764285][ T8434]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.764309][ T8434] RIP: 0033:0x7f0795a4d169
[  124.764323][ T8434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  124.764377][ T8434] RSP: 002b:00007f07940b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[  124.764394][ T8434] RAX: ffffffffffffffda RBX: 00007f0795c65fa0 RCX: 00007f0795a4d169
[  124.764404][ T8434] RDX: 0000000000000000 RSI: 0000400000000000 RDI: 0000000000000007
[  124.764414][ T8434] RBP: 00007f07940b7090 R08: 0000000000001000 R09: 0000000000000000
[  124.764423][ T8434] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  124.764434][ T8434] R13: 0000000000000000 R14: 00007f0795c65fa0 R15: 00007ffd8ce023a8
[  124.764452][ T8434]  </TASK>
[  125.093402][ T8442] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1777'.
[  125.514581][ T4000] kmmpd-loop4: attempt to access beyond end of device
[  125.514581][ T4000] loop4: rw=14337, sector=64, nr_sectors = 8 limit=64
[  125.528019][ T4000] Buffer I/O error on dev loop4, logical block 8, lost sync page write
[  126.265681][ T8466] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1787'.
[  126.293141][ T8466] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1787'.
[  126.381411][ T8473] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1790'.
[  126.445633][ T8473] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1790'.
[  126.610590][ T8484] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1795'.
[  126.668177][ T8484] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1795'.
[  126.888519][ T8498] 9pnet_fd: Insufficient options for proto=fd
[  126.955341][ T8503] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1802'.
[  126.966271][ T8503] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1802'.
[  126.990605][ T8505] FAULT_INJECTION: forcing a failure.
[  126.990605][ T8505] name failslab, interval 1, probability 0, space 0, times 0
[  127.003260][ T8505] CPU: 0 UID: 0 PID: 8505 Comm: syz.0.1803 Not tainted 6.14.0-rc5-syzkaller-00214-g21e4543a2e2f #0
[  127.003279][ T8505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  127.003312][ T8505] Call Trace:
[  127.003317][ T8505]  <TASK>
[  127.003322][ T8505]  dump_stack_lvl+0xf2/0x150
[  127.003365][ T8505]  dump_stack+0x15/0x1a
[  127.003381][ T8505]  should_fail_ex+0x24a/0x260
[  127.003408][ T8505]  should_failslab+0x8f/0xb0
[  127.003432][ T8505]  kmem_cache_alloc_lru_noprof+0x57/0x320
[  127.003453][ T8505]  ? __d_alloc+0x3d/0x350
[  127.003476][ T8505]  __d_alloc+0x3d/0x350
[  127.003497][ T8505]  d_alloc_pseudo+0x1e/0x80
[  127.003515][ T8505]  alloc_file_pseudo+0x73/0x160
[  127.003535][ T8505]  __shmem_file_setup+0x1bb/0x1f0
[  127.003614][ T8505]  shmem_file_setup+0x3b/0x50
[  127.003630][ T8505]  __se_sys_memfd_create+0x2e1/0x5a0
[  127.003654][ T8505]  __x64_sys_memfd_create+0x31/0x40
[  127.003723][ T8505]  x64_sys_call+0x2d4c/0x2dc0
[  127.003811][ T8505]  do_syscall_64+0xc9/0x1c0
[  127.003838][ T8505]  ? clear_bhb_loop+0x55/0xb0
[  127.003862][ T8505]  ? clear_bhb_loop+0x55/0xb0
[  127.003886][ T8505]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.003910][ T8505] RIP: 0033:0x7f5ffc44d169
[  127.003950][ T8505] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  127.003964][ T8505] RSP: 002b:00007f5ffaab0d68 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  127.003980][ T8505] RAX: ffffffffffffffda RBX: 0000000000000593 RCX: 00007f5ffc44d169
[  127.003991][ T8505] RDX: 00007f5ffaab0dec RSI: 0000000000000000 RDI: 00007f5ffc4cec3c
[  127.004002][ T8505] RBP: 00004000000005c0 R08: 00007f5ffaab0b07 R09: 00007f5ffaab101f
[  127.004038][ T8505] R10: 000000000000000a R11: 0000000000000202 R12: 0000000000000001
[  127.004049][ T8505] R13: 00007f5ffaab0dec R14: 00007f5ffaab0df0 R15: 00007ffd4d24fd28
[  127.004074][ T8505]  </TASK>
[  127.301110][ T8511] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1806'.
[  127.470424][ T8526] 9pnet_fd: Insufficient options for proto=fd
[  127.652008][ T8533] ==================================================================
[  127.660107][ T8533] BUG: KCSAN: data-race in getrusage / vms_clear_ptes
[  127.666870][ T8533] 
[  127.669180][ T8533] write to 0xffff8881084c16f8 of 8 bytes by task 8529 on cpu 1:
[  127.676793][ T8533]  vms_clear_ptes+0x1a2/0x300
[  127.681460][ T8533]  vms_complete_munmap_vmas+0x17b/0x480
[  127.687010][ T8533]  do_vmi_align_munmap+0x344/0x390
[  127.692118][ T8533]  do_vmi_munmap+0x1eb/0x230
[  127.696708][ T8533]  do_munmap+0x8b/0xc0
[  127.700777][ T8533]  __se_sys_mremap+0xa72/0xf10
[  127.705537][ T8533]  __x64_sys_mremap+0x67/0x80
[  127.710204][ T8533]  x64_sys_call+0x27e8/0x2dc0
[  127.714878][ T8533]  do_syscall_64+0xc9/0x1c0
[  127.719378][ T8533]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.725264][ T8533] 
[  127.727573][ T8533] read to 0xffff8881084c16f8 of 8 bytes by task 8533 on cpu 0:
[  127.735102][ T8533]  getrusage+0xa15/0xb70
[  127.739331][ T8533]  io_sq_thread+0x5f9/0x1100
[  127.743913][ T8533]  ret_from_fork+0x4b/0x60
[  127.748318][ T8533]  ret_from_fork_asm+0x1a/0x30
[  127.753071][ T8533] 
[  127.755377][ T8533] value changed: 0x00000000000014e5 -> 0x00000000000016b0
[  127.762464][ T8533] 
[  127.764770][ T8533] Reported by Kernel Concurrency Sanitizer on:
[  127.770906][ T8533] CPU: 0 UID: 0 PID: 8533 Comm: iou-sqp-8524 Not tainted 6.14.0-rc5-syzkaller-00214-g21e4543a2e2f #0
[  127.781736][ T8533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  127.791774][ T8533] ==================================================================
[  128.508342][ T8407] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[  128.516649][ T8407] netdevsim netdevsim4 eth0: set [1, 1] type 2 family 0 port 6081 - 0
[  128.531320][ T8407] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[  128.539691][ T8407] netdevsim netdevsim4 eth1: set [1, 1] type 2 family 0 port 6081 - 0
[  128.554884][ T8407] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[  128.563240][ T8407] netdevsim netdevsim4 eth2: set [1, 1] type 2 family 0 port 6081 - 0
[  128.577863][ T8407] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[  128.586152][ T8407] netdevsim netdevsim4 eth3: set [1, 1] type 2 family 0 port 6081 - 0
[  130.544994][ T4000] kmmpd-loop4: attempt to access beyond end of device
[  130.544994][ T4000] loop4: rw=14337, sector=64, nr_sectors = 8 limit=64
[  130.558472][ T4000] Buffer I/O error on dev loop4, logical block 8, lost sync page write
[  135.583848][ T4000] kmmpd-loop4: attempt to access beyond end of device
[  135.583848][ T4000] loop4: rw=14337, sector=64, nr_sectors = 8 limit=64
[  135.597304][ T4000] Buffer I/O error on dev loop4, logical block 8, lost sync page write