last executing test programs:

1.426200539s ago: executing program 1 (id=2396):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0xfffffead, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8e7, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r0}, &(0x7f0000000040), &(0x7f0000000080)}, 0x20)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0a00000005000000020000000700000000000000", @ANYRES32=0x1, @ANYBLOB="0000000000000000000000110000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000740), 0x75, r1}, 0x38)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000280), 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x0, 0x23, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r2}, 0x18)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r3, &(0x7f0000000140)={0x28, 0x0, 0x0, @host}, 0x10)

1.32496646s ago: executing program 1 (id=2400):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000000), 0x1, 0x512, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tcuTEXE1f9tURHztyxHfTA7Gbe7sri/WatWtvFxp1TcrzZ3d62v1xdXqanVjfn7ujYU3F15fmM1yT9TOUi/zky99/vanv/W7G3++9u12tT73kShEXztOUrfphc626Glvo63TCDYCE3l7CqOuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymvRHz+NiMunHL/U2TTD4189gfgwzu60+5+3Bn3/0nip8zr4+zeZpyc1vP9L88jPd/q5Qf3fswfWVh8Y44V7P6sMjX8r4oXJwf1Pr/9NhsR/+cDa/pVl2cEY3/j67u6w+NmPI2YG/v4kj8WqtOqblebO7vW1+uJqdbW6MT8/98bCmwuvL8xWVtZq1fzvwBjf+9jPHx7W/isD4v/2N93+97D2vzJspX3+c+/m/Q91s4VB8a+9PPD3dyqGxE/z375P5vn2/Jlefq+b3+/Fn9598bD2Lw/Z/kd9/teO2f5Xv/rd3x9zUQDgDDR3dtcXa7Xq1iGZqWMs8zRmfjF1Lqrxf2ay73Q/ufNSn/ebae+tPprSa9U5qNi+THZmsSbinDT5f5mRdksAAMApeLTTP+qaAAAAAAAAAAAAAAAAAAAAwPg6i9uJ9cfcG01TAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO9d8AAAD//ysA4A0=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000004000000b703000008000040850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000002c0)='sys_enter\x00', r2}, 0x10)
modify_ldt$read(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
r3 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r4=>0x0})
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x18)
r7 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
close(r7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r10}, &(0x7f0000000000), &(0x7f0000000080)=r7}, 0x20)
recvmsg$unix(r8, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)=""/179, 0x33fe0}], 0x1, 0x0, 0x0, 0x300}, 0x0)
sendmsg$inet(r9, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000500)=@newqdisc={0x40, 0x24, 0x3fe3aa0262d8c583, 0x1, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}, {0x0, 0xa}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0xc, 0x2, [@TCA_FQ_CODEL_CE_THRESHOLD_SELECTOR={0x5, 0xa, 0x1}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x80884}, 0x20000000)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
shmat(0x0, &(0x7f0000ff7000/0x3000)=nil, 0x400c)
r11 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x82482, 0x0)
ioctl$TCSETS(r11, 0x5402, &(0x7f0000000000)={0x401, 0x0, 0x10000, 0xb998, 0x0, "194f2f83c2e798c3584770116cddc8819592b1"})
write$binfmt_aout(r11, &(0x7f0000000000)=ANY=[], 0xff2e)
ioctl$TCSETS(r11, 0x5402, &(0x7f0000000080)={0xa04c, 0x35e8b531, 0x1, 0x9, 0x13, "53af0f0b4ecf6c29bf81c173f4a8f5f73eb62f"})

1.137361243s ago: executing program 0 (id=2407):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000004c0)})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$packet(0x11, 0x3, 0x300)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000880)={0x6, &(0x7f0000000840)=[{0x1, 0x0, 0x7, 0x8000}, {0x9, 0x9, 0x1, 0x7ff}, {0x9, 0x1, 0x9, 0x7}, {0x2, 0x9, 0xfe, 0xb44a}, {0x1, 0xf1, 0x9, 0x70d8}, {0x116, 0xe, 0x4, 0x2}]})
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000040000000000000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{0xffffffffffffffff, <r2=>0xffffffffffffffff}, &(0x7f00000004c0), &(0x7f0000000540)}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000005c0)=ANY=[@ANYRES32=r1, @ANYRES32=r2, @ANYBLOB="f17186aaa8433f197cb9fbc5c7ba2ace25bc5f1439f09b0d8b8affd1326afd5d0b684427e121e53bbe2848d4e8c5a7d7bbe42e199fa1369578576dcc8e7afc30415ed12fd9bfac9f18dd35c1e3d698522214b0430f428149f0be77eae1b3becd60260345e4fdce5af17b9501dbf1a07e"], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000040)={{}, {{@in=@initdev}, 0x0, @in6=@mcast1}}, &(0x7f0000000140)=0xe8)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
personality(0x4000000)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000)={0x2001}, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000800), 0xffffffffffffffff)
r4 = gettid()
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff})
pipe(&(0x7f00000008c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
splice(r5, 0x0, r6, 0x0, 0x7, 0x9)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f0000000040)=@raw={'raw\x00', 0x3c1, 0x3, 0x3f8, 0x1c8, 0xc8, 0x8, 0x1c8, 0x5803, 0x328, 0x2e8, 0x2e8, 0x328, 0x2e8, 0x3, 0x0, {[{{@ipv6={@local, @private1, [0xffffff00, 0xff000000], [0xff, 0x34da508f3e8fb0eb, 0xff000000, 0xff], 'veth0_to_batadv\x00', 'veth1_to_team\x00', {0xff}, {0xff}, 0x89, 0x7, 0x7, 0x38}, 0x0, 0x190, 0x1c8, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@string={{0xc0}, {0x0, 0x100, 'bm\x00', "cfcaf80c672f61cd17ae5119b5135c2aee0500000000000000ecef50c3234e082555f67222476147864fa03182f5cf11d8c348cbd06d7d4e252c3394fed47bf78c70f607b0178fa5ea3350ebc989f1f34a214e67442ce98bbaa8e0f7323a4ca0a7be6c60c527bac2b500", 0x1, 0x3}}, @common=@hl={{0x28}, {0x3, 0x11}}]}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0x3, 0x6, 0x7}, {0x3, 0x3, 0x6}, {0x1, 0x1, 0x2}, 0x3, 0x29b}}}, {{@ipv6={@remote, @loopback, [], [], 'macvtap0\x00', 'syzkaller1\x00', {}, {0xff}, 0x16, 0x0, 0x2}, 0x0, 0xf8, 0x160, 0x0, {}, [@inet=@rpfilter={{0x28}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00', {0xfffffffffffffffd}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x458)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r6, 0x89f2, &(0x7f00000007c0)={'syztnl2\x00', &(0x7f0000000740)={'ip6gre0\x00', <r8=>0x0, 0x4, 0x80, 0x3, 0x6, 0x56, @private1={0xfc, 0x1, '\x00', 0x1}, @private0={0xfc, 0x0, '\x00', 0x8}, 0xa1, 0x7, 0x8}})
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r8, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
write$P9_RWRITE(r6, &(0x7f0000000040)={0xb, 0x77, 0x87}, 0x10c00)

1.032785915s ago: executing program 3 (id=2410):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x5, [@type_tag={0xf, 0x0, 0x0, 0x12, 0x2}, @fwd={0x3}, @ptr={0x6, 0x0, 0x0, 0x2, 0x3}]}, {0x0, [0x30, 0x5f, 0x0]}}, &(0x7f0000000a00)=""/4096, 0x41, 0x1000, 0x1, 0xfffffff8, 0x10000, @value}, 0x28)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x6f, &(0x7f0000000180)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000140)={'sit0\x00', &(0x7f00000002c0)={'syztnl0\x00', 0x0, 0x8, 0x700, 0x4, 0x8, {{0x2c, 0x4, 0x1, 0x32, 0xb0, 0x67, 0x0, 0x7f, 0x2b, 0x0, @multicast2, @private=0xa010100, {[@noop, @cipso={0x86, 0x3e, 0x0, [{0x2, 0x4, 'CW'}, {0x6, 0xb, "adba76f5eab3c7d136"}, {0x6, 0x7, "5be96df14c"}, {0x0, 0xf, "c44c8fb6ef9d18579e85a8350c"}, {0x1, 0x8, "e97e2a368516"}, {0x5, 0xb, "da86133e4581f47d10"}]}, @generic={0x88, 0x10, "58481af10f0667e98de77df9f7f4"}, @generic={0x44, 0x9, "aabec7148dd102"}, @cipso={0x86, 0x43, 0x0, [{0x7, 0x12, "7eb4d0e1f17e999099ddc4f25e8d2f7a"}, {0x5, 0x6, "c23f40a2"}, {0x5, 0x6, "5708deb0"}, {0x6, 0x2}, {0x1, 0x8, "7cd7cfe02f4c"}, {0x6, 0xa, "8b5e14243bf44767"}, {0x2, 0xb, "759ee279698cc2578d"}]}]}}}}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})

1.031681495s ago: executing program 3 (id=2412):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0xfffffead, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8e7, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r0}, &(0x7f0000000040), &(0x7f0000000080)}, 0x20)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0a00000005000000020000000700000000000000", @ANYRES32=0x1, @ANYBLOB="0000000000000000000000110000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000740), 0x75, r1}, 0x38)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000280), 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x0, 0x23, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r2}, 0x18)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r3, &(0x7f0000000140)={0x28, 0x0, 0x0, @host}, 0x10)

1.004494375s ago: executing program 3 (id=2413):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000540)=ANY=[@ANYBLOB="0000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000000000000000400000000000000b20a00000000000001000080000000003063000000000000000000000000000000000000000000000000000000000000165100000a0000000300000000000000ffffff7f0000000004000000000000005cb400"/576])
r1 = socket$netlink(0x10, 0x3, 0xf)
r2 = socket$netlink(0x10, 0x3, 0xf)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000080)=0x100, 0x4)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000), 0x4)
sendmsg$NFT_BATCH(r1, &(0x7f00000074c0)={0x0, 0x2800, &(0x7f0000007480)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_DELRULE={0x14, 0x8, 0xa, 0x301, 0x0, 0x0, {0x2, 0x0, 0xa}}, @NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x201, 0x0, 0x0, {0xa, 0x0, 0x17}}], {0x14}}, 0x50}, 0x1, 0x0, 0x0, 0x20040000}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000300)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
r5 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
r6 = memfd_create(&(0x7f0000000780)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5', 0x1)
ioctl$LOOP_CHANGE_FD(r5, 0x4c00, r6)
process_madvise(0xffffffffffffffff, 0x0, 0x0, 0xc, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
io_setup(0x5, &(0x7f0000000000)=<r7=>0x0)
r8 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r8, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
r9 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r9, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r10=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r8, 0x84, 0x84, &(0x7f0000000140)={r10, @in={{0x2, 0x4e21, @empty}}}, &(0x7f0000000200)=0x90)
r11 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0)
io_submit(r7, 0x1, &(0x7f0000000680)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0xfff7, r11, 0x0, 0x0, 0xc224, 0x0, 0x2}])
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000040), 0xfe, 0x4f2, &(0x7f0000000b00)="$eJzs3d9rHFsdAPDvTHbvbdpcN1d9uF6wLbaSFO0maWwbfKgKok8Ftb7XmGxDyCZbkk3bhKIp/gGCiAq+6JMvgn+AIP0TRCjou6gooq0++FAd2d3ZmKa7+UE3u97s5wMnc8782O85GebsnJlhJ4ChdTEiJiMiy7LsSkSU8vlpnmKnlRrrvXj+eKGRksiyO39LIsnntT/r7Xx6Lt/sTER87csR30xej7uxtb0yX61W1vPyVH01eZll21eXV+eXKkuVtdnZmRtzN+euz033pJ3jEXHri3/6wXd/9qVbv/r0w9/f/cvkt1oNbNnbjl5qNb3Y/F+0FSJi/SSCDUih2cKW6wOuCwAAB2uc7384Ij4REVeiFCPNszkAAADgNMk+NxYvk9b9PwAAAOB0SiNiLJK0nD/vOxZpWi63nuH9aJxNq7WN+qey0u71gvEopveWq5Xp/NmB8SgmjfJM/oxtu3xtX3k2It6NiO+XRpvl8kKtujjQKx8AAAAwPM7tG///s9Qa/wMAAACnzPigKwAAAACcOON/AAAAOP2M/wEAAOBU+8rt242Utd9/vfhga3Ol9uDqYmVjpby6uVBeqK3fLy/VakvN3+xbPezzqrXa/c/E2uajqXploz61sbV9d7W2uVa/u/zKK7ABAACAPnr3wtPfJRGx89nRNCKyZM+yYkQ2snflQv/rB5yc9Dgr//Hk6gH038igKwAMjFN6GF7FQVcAGLjD+oGuD+/8uvd1AQAATsbEx3bv/zdTw1v5smSgNQNOWn7/P3Gsw/Bx/x+Gl/t/MLyKB50BGBTAqZce4VB/8/v/WXasSgEAAD031kxJWs7HAWORpuVyxDvN1wIUk3vL1cp0RHwoIn5bKr7dKM80t0xcHgAAAAAAAAAAAAAAAAAAAAAAAACAI8qyJLIuRnfXAQAAAD7IItI/J/n7vyZKl8f2Xx94K/lXqTmNiIc/vvPDR/P1+vpMY/7fd+fXf5TPv9bvqxcAAABAJ+1xenscDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC99OL544V26mfcv34hIsY7xS/Emeb0TBQj4uw/kijs2S6JiJEexN95EhHvdYqfNKoV43kt9sdPI2J0wPHP9SA+DLOnjf7n852OvzQuNqedj79Cnt5U9/4v3e3/Rrr0f+90+sD09VnvP/vFVNf4TyLeL3Tuf9rxky7xLx2xjd/4+vZ2t2XZTyMmOn7/JK/EmkoK96c2travLq/OL1WWKmuzszM35m7OXZ+bnrq3XK3kfzvG+N7Hf/mfg9p/tkv88UPaf/mI7f/3s0fPP9LKFvctKsZPsmzyUuf9/16X+O3vvk/mu7tRnmjnd1r5vc7//DfnLxzQ/sUu7T9s/08esf1XvvqdPxxxVQCgDza2tlfmq9XK+vEyScTOG2wuM1yZ0ehj0Pk4aJ32SWwf6vPtPNT/xS44dmZwfRIAAHAy/nfSP+iaAAAAAAAAAAAAAAAAAAAAwPA67GfAogc/J7Y/5s5gmgoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcKD/BgAA//+6ychX")

894.473057ms ago: executing program 3 (id=2417):
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r0, 0x402, 0x8000001f)
r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r1, 0x402, 0x8000003d)
close_range(r0, r1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'ip_vti0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000640)=ANY=[@ANYBLOB="180100001000010400"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000f80012800800010076746900ec00028008000500ac1e0001080003002b000000080002000800000008000200000800000800030003000000080003000500000008000100", @ANYRESHEX=r2, @ANYBLOB="08000300050000000800012b71a48e472b75fdda19b3c2d9a13fb3f293902eb6828c1b599b28dd3b9ea8a26a79a76fff71bc185d89f1e9d357669d657da002538d1d63d3ac5f2d1cecc7b62854e500ebe2e8d7f0e77fa4143ac1c7c88e528b0e3510a2169d37aff0d2369d04ece3806b5435ece1593366265fafffe902677c82aa16ac3a632feefb1798b1deaa212e", @ANYRES32=r4, @ANYBLOB="08000400640101020800050000000000080006"], 0x119}}, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000080)={0x0, r1}, 0x8)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000240)={0x0, 0xfffffff9, 0x18}, 0xc)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0x89f8, &(0x7f00000003c0)={'gre0\x00', &(0x7f0000000340)={'sit0\x00', r4, 0x8, 0x1, 0xff, 0x80000001, {{0x14, 0x4, 0x1, 0x1, 0x50, 0x65, 0x0, 0x8, 0x2f, 0x0, @empty, @rand_addr=0x64010101, {[@ssrr={0x89, 0x1b, 0x58, [@remote, @empty, @multicast2, @private=0xa010102, @private=0xa010102, @private=0xa010101]}, @timestamp={0x44, 0x20, 0xd7, 0x0, 0x4, [0x5, 0x3, 0x9, 0x9, 0xffffffff, 0x40, 0x6]}]}}}}})
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYRES16=<r7=>0xffffffffffffffff], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='sched_switch\x00', r6}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
openat$cgroup_procs(r0, 0x0, 0x2, 0x0)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r9 = openat$cgroup_procs(r8, &(0x7f0000000840)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r9, &(0x7f0000000880), 0x12)
r10 = socket$l2tp6(0xa, 0x2, 0x73)
ioprio_set$uid(0x3, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x0)
ioprio_get$pid(0x3, 0x0)
syz_emit_ethernet(0x5e, &(0x7f0000000300)=ANY=[@ANYRESOCT=r7], 0x0)
bind$l2tp6(r10, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x20)
syz_emit_ethernet(0x46, &(0x7f0000000440)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd60f91e2e00107300fc040000000000000000000000000000ff02000000000000000000000000000100000000ff"], 0x0)
read(r10, &(0x7f0000001240)=""/4096, 0x1000)

868.886937ms ago: executing program 3 (id=2419):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000780)='comm\x00')
setrlimit(0x1, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff})
ftruncate(r1, 0x7fffffffffffffff)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000007940)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x33f}, 0x1, 0x0, 0x0, 0xc0d0}, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xb8af, @void, @value}, 0xa5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000600)='kfree\x00', r3}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x10, 0x2, &(0x7f00000004c0)=ANY=[@ANYBLOB="911023000000000095"], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
rt_sigsuspend(&(0x7f0000000340)={[0x3]}, 0x8)
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, r2, {}, 0xa}}, 0x26)
r4 = accept$unix(0xffffffffffffffff, &(0x7f0000000180), &(0x7f0000000080)=0x6e)
signalfd4(r4, &(0x7f0000000240)={[0x101]}, 0x8, 0x1000)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000005f80)=[{{0x0, 0x0, &(0x7f0000005dc0)=[{&(0x7f00000010c0)="7d5107673289eeae3f806c5c62db497a0299399ab6101c3b", 0x1}], 0x1}}], 0x4000000000001ce, 0x8040)

718.33559ms ago: executing program 4 (id=2426):
r0 = socket$netlink(0x10, 0x3, 0xf)
r1 = socket$netlink(0x10, 0x3, 0xf)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000080)=0x100, 0x4)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x4)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000160000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r3}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f00000074c0)={0x0, 0x2800, &(0x7f0000007480)={&(0x7f0000001000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a14000000080a010300000000000000000200000a14000000000a010200000000000000000a000017140000001100010000000000000000000000000a9976761bcbc5c050c80b8d35fe8e75a05c9d9353a124a772f1aa96c3750afd4b7b86fcb80c5ead1702f968b43f8bff464ca7a4192b8f6ba76a8614d3ad637dccfae416fdbe3b895f44d6da0305bb6180d98bc6063c5de79be028230c59127eb62ae8c10a8ecf3751d0e80857b949312579ea8827151b8425c9b4c26030cfc2efd1716c05ca5ff1d1ff07e5f431811c13e3d1c73bd464cc0ca3ce89a5dca6127f88c4564d51ac12e9c2b286cd824078421c6069d1899c0696c90af75d3cdab747400be2ce601964363aea97217543fd601e2d23396fdf2fb83dbcf5c07d5ab78c4f4b2e7cd33cf8"], 0x50}, 0x1, 0x0, 0x0, 0x20040000}, 0x0)

673.83061ms ago: executing program 4 (id=2428):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48) (async)
r1 = socket$inet6(0xa, 0x5, 0x0)
getsockopt$sock_buf(r1, 0x1, 0x1c, 0x0, &(0x7f0000000000)) (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0x1c, &(0x7f0000000740)=ANY=[@ANYBLOB="1838000002000000000000000000000095000000000000007c35f8fff0ffffffb7080000000000007b8af8ff00000000b7080000040000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000850000000e00000018120000ee51172b1b2ce71a299d3a3fbf8d3192196709bd410aa71f6d95196c5eb9f658e684c85b9dd46812ed6d3437bc2f3c60e4a323ea3579bd43c4f3c7ef8881de68d42f7fa1db9ae4cf1cea61cb47ef73503422f1b4e92c6591f80c2396ab7df348d6c101fe23275b95c468f69f27c8f63d55462eaa1d9145f03e89890a5dc21e9994df3a01b0deffe19da29481d0a03cb1b505b54b5348fb39bf95ccd6", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000018120000", @ANYRES64=r0, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x7, 0x26, &(0x7f0000000080)=""/38, 0x0, 0x72, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x3, 0x4}, 0x8, 0x10, &(0x7f0000000340)={0x1, 0x8, 0x10001, 0xde}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000380)=[{0x2, 0x2, 0xfffffffd, 0xc}, {0x2, 0x2, 0x6, 0xc}, {0x2, 0x3, 0xf, 0xa}, {0x0, 0x3, 0x0, 0x2}, {0x1, 0x4, 0x10, 0x6}, {0x1, 0x3, 0xc, 0x9}], 0x10, 0x6, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a) (async)
socket$netlink(0x10, 0x3, 0x0)
pipe(&(0x7f0000000400)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$MRT_FLUSH(r3, 0x0, 0xd4, &(0x7f0000000580)=0x7, 0x4)

628.222821ms ago: executing program 4 (id=2430):
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r0 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0xc2f00, 0x4d, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000980)='mm_page_free\x00', r2}, 0x18)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r3 = io_uring_setup(0x3454, &(0x7f0000000080)={0x0, 0xffffeffe, 0x400, 0x2})
io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r0, 0x0)

574.574582ms ago: executing program 4 (id=2433):
perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x4c, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket(0x10, 0x3, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000000c0)="d800000018008103e00312ba0d8105040a600300ff0f040b067c55a1bc000900b80006990700000015000500fef32702d3001500030001400200000901ac040098007f6f94007100a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b11602b2a10c11ce1b14d6d930dfe1d9d322fe04000000730d7a5025ccca262f3d40fad95667e04adcdf634c1f215ce3bb9ad809d5e1cace81ed0b66bce0b42a9ecbee5de6ccd40dd6e4edef3d93452a92307f00000e970300"/216, 0xd8}], 0x1}, 0x48002)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000040)='sys_enter\x00', r5}, 0x10)
time(0x0)

252.787837ms ago: executing program 4 (id=2434):
bpf$TOKEN_CREATE(0x24, &(0x7f0000000100), 0x8)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000740)={'erspan0\x00', &(0x7f00000005c0)={'tunl0\x00', <r0=>0x0, 0x7, 0x80, 0x2, 0x2, {{0x1d, 0x4, 0x2, 0x2f, 0x74, 0x65, 0x0, 0x8, 0x29, 0x0, @dev={0xac, 0x14, 0x14, 0x35}, @rand_addr=0x64010100, {[@timestamp_addr={0x44, 0x24, 0x36, 0x1, 0x5, [{@remote, 0x64e}, {@dev={0xac, 0x14, 0x14, 0x20}, 0xfffffff5}, {@multicast1, 0x95}, {@loopback, 0xffffff01}]}, @rr={0x7, 0x2b, 0xb0, [@private=0xa010101, @rand_addr=0x64010100, @loopback, @remote, @multicast1, @multicast2, @multicast1, @empty, @dev={0xac, 0x14, 0x14, 0xf}, @broadcast]}, @ssrr={0x89, 0xb, 0x4f, [@multicast2, @local]}, @noop, @ra={0x94, 0x4}]}}}}})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYRESOCT], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', r0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x3b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x3f)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000011c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getpid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = memfd_create(&(0x7f0000000240)='+\x8b\x8a\xa9\x16\x11\x91J\xbc+  \x18\x17\xc2:}\xa3\x9bO\xdd\xdf\xdf\x92\xd5\xed\xb4\x17\xe5\xd6\x9a\xb2\xd8\x9ba\xde\xb2.F\xc0\x99}|\xaf\xd3\x1d\x84[*_\x9f\x9d\xb0rYP\x1b\x9f \xe0\x9cgq\x103\x89\x11\x87Rv\x169\xdf\xe3>B\x04\x00\x00\x00W\xd3\xec\xfb\xdf?\xa2\x90+\xa4!\xb2\xf2\xff\x90\a\xc3\x12\xc4;\xffh\xf1x=\xb9c\xce\x03h\xdap\x88U\x1788\x82\xd7\xfd\x83\x00Sx\x91%\x99_\xfe\xd4c\x83\x86\x0f\xa4a-\xaf\x9e\xd9\xef\xe0)]\x00F\xfa\x03\xbc4\xc4\x9a\v\x03\x8b\xa4\xf3\x8f\xf4\"\'\xd3\a9\x14H}j&~\xe9\x16\x83o\xbd\xab\xcd[\xbd\xcb\x04\xfc\xe7\xe3\x9e?\x12\xf0\xf4\x83M3\xd88\x92?@\v\xe6\xd1\xd2\xe4\xde\xdaUeJ\x9fR\xd1`\xfa\xc8\v\xed\xfd\x0e\xc8\x89W\x847\x88\x82\x94\x14\xe33\xb7H\xc8b\xd6@3F#\xb7\x04C\x8dm\t\x16a\x0fI\xf4\xfe\xf8\x06j\x19Pz&\xb8\x0f\x98`W\xdb\xc6\"81A\xa4\x8bT\xf1\xcb\xab\xa3\t\xef\xdf&\x0e\xad\x03\x123.\xc2V\xaa\xd5\xf8\xde\x8aV\xa4p{\xcez\xa2\x92\xdb8*wLO\f\x97X\x05\x9a\xc2\xe8\x85\x9d\xcb\xc8\xf0\xc4\x01\x03\xe3?\x9f1\xf4\xfb\xa5y`KB\xdf\xae#\x94C\a\x04\xea\xccG\xf2\b\x8f\xf7\xb1\xe96\x90\xf5P\xa4\'\xce\xe3\xa24\x196\xc5Q\xa1K\x95\xd6\xfal\xe9\xd1\\\r&\xb2c\xb3\x8d\xa7\xb7\xa8\x03S\xbd\xdd\b{\xae\f\x10\xc2\xbb\xd0\xdd*\xa3\xb4\fJ\x00X\xab`N; LF\xa5D\xee\xdf\x7f\x80p\xf6o\x1c\xbdXR\xf2\xa0\x81a\xa1\xe1B\x93Xn\xaf\xfc\x05?\xab\xac\x91x\xa8#\xe1\xbeQ\xd1^\x9b\xb9)\xd3\n\xf7(3!\x18\b\xc0\xaampRl\xfdQ\x03\x8c\xd5\xe4\\\xed\x9a\xd1?\xd21\xc8\x90\x1dl|\xd1\x14\xbc3\xe0\x1e\x0e\xe6\x88Y\x99K\x93\x1c@_P\x8c\xc7\x9eZ\xb74KT:\x8a\xdbJ#w\x18\x14\x00\x93\x86\xa5wo\xf6M\xe7D\xf4*\xe3X\x1d\x19\x83\xa7w\xc7+7\x89s\xed\x8a\xd7O\xdd\rhh`\xc0\xa8$\x06pu\xa0\xd0L\x0ez@I\xb8\x83\xb2f\x93j\a0I\xc8l\xe5\x9b\x06\xb5\xac`d\xa3\xcf/\x14\x10\xab\xab\t\xec\xc1c\fA\xaf\x14\xef\xbap@*7\x86\xdf\',\x03Y\xb1$\xf0\xb5}\xf0\x82%)9`\x8f\x04\x85m\x80\xd2\xcf@\x06}\xea\xe7w`\xa5\x11\x9f\x9b\x9e\x8f\xb7cb\x1a\xe1\xcf\x87\x1c\\\xf5\xc21\xf7\x82C*\xd5;\x00\x00\x00\x00\x03\xba\xe3\xdc\x92\'\x8e\xd5\x7fG\xfd.\x91\x89T\x99t\xd4d,\xd5\x92O\xf1\xafT!Y\x8e\\\xac\xf7\x11R\x05p\x1a\"\r\xe9\xe5\x8b&\x0f\x8c\xfb\xef\xf8\xd5\x18\xde\xeb\xe5\x19\xdd\xebQ8\xc5iS+\x06D\x16\xfe\xf5.\xe5\v\x89\xb0\"\xa3M\xe9\x81\x11P\xdb\xc4\xc2y\x14\x04\x06\xf6\f\xb0\xecz\x8d`\xb5\x9b\xb43\xcc1\xa7\x9e\xa8\xb5\'\xc6MAe\x0f\xd1\xfcG\xc2/\xe8\xe9t\xcaQ\xf1\fI\x1chM\xc1\x92\xe3\xc3\x01M\xc8/\xefJ\xcb\xd0]\f\xff\xf5\x92\xce\x97Z\xea\xe8\x99\xfa\x96\xce\xa7\x02\xad\xa2\xce\x955\xeaNg\x02\xcd\xfd\x1a}.\xd3\"x\x89/8H\xc2\x93B\na)\x86\xa9U\xa0\xb7\x18\xfb\xe9\xd1\x97', 0x3)
write$binfmt_misc(r4, &(0x7f0000000740), 0xff67)
sendfile(r3, r4, &(0x7f0000000000), 0xfffb)
fcntl$addseals(r4, 0x409, 0x8)
lseek(r4, 0x100000, 0x3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000002c0)='mm_page_free\x00', r2, 0x0, 0x6}, 0x18)

252.361157ms ago: executing program 2 (id=2435):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000004c0), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000340)={0x0, 0x0, 0x0, 'queue0\x00'})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000004180)=ANY=[], 0x48)
r2 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x0, 0x3, 0x3}, 0x10)
getsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_SERVICES(r4, 0x0, 0x34, &(0x7f0000001640)=""/139, &(0x7f0000000100)=0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r3}, 0x10)
quotactl_fd$Q_QUOTAOFF(0xffffffffffffffff, 0xffffffff80000300, 0x0, 0x0)

229.392117ms ago: executing program 2 (id=2436):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c30000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4b, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000002c0)=@newqdisc={0x38, 0x24, 0xd0f, 0x470bd2d, 0xfffffffd, {0x60, 0x0, 0x0, r4, {0x0, 0xfff2}, {0xfff1, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0xe}]}, 0x38}, 0x1, 0x0, 0x0, 0x24000040}, 0x44080)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x4000)

194.492657ms ago: executing program 0 (id=2437):
syz_io_uring_setup(0x29c4, &(0x7f0000000380)={0x0, 0xaf0a, 0x1, 0x2, 0xfc}, &(0x7f0000000740)=<r0=>0x0, &(0x7f0000000580))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x110, &(0x7f0000000680)=0x2, 0x0, 0x4)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x2010, 0xffffffffffffffff, 0x4000)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x9, 0x8, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="020000000400000008000000"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x91, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r2}, 0x10)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0xfffffe00, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)

194.085597ms ago: executing program 1 (id=2438):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0xfffffead, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r0}, &(0x7f0000000040), &(0x7f0000000080)=r1}, 0x20)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0a00000005000000020000000700000000000000", @ANYRES32=0x1, @ANYBLOB="0000000000000000000000110000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000740), 0x75, r2}, 0x38)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000280), 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x0, 0x23, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r3}, 0x18)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, &(0x7f0000000140)={0x28, 0x0, 0x0, @host}, 0x10)

192.926848ms ago: executing program 0 (id=2439):
syz_emit_ethernet(0x4a, &(0x7f0000000800)={@local, @multicast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x3, 0x3c, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010102, @local}, {{0x4001, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0xa, 0x0, 0x0, 0x0, 0x0, {[@md5sig={0x13, 0x12, "623eebe039a1f617fd02722e3486ebd9"}]}}}}}}}, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa20000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e8500000005"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, 0x0, &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r2}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x11, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r3, &(0x7f00000005c0), 0x10)
sendmsg$can_raw(r3, &(0x7f0000000640)={0x0, 0xfffffffffffffdee, &(0x7f0000000ff0)={&(0x7f000000a000)=@canfd={{0x5}, 0x2, 0x0, 0x0, 0x0, "0327e1b22b5fcef7739c699f5ff986ca08990039576a7d5cb2bdac3fa80acf584ecb5fee496e6866856b76b5ee00000000000000094e2f9663a918fa1efd9b0b"}, 0x48}, 0x2}, 0x24000895)

180.744798ms ago: executing program 2 (id=2440):
r0 = socket$netlink(0x10, 0x3, 0xf)
r1 = socket$netlink(0x10, 0x3, 0xf)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000080)=0x100, 0x4)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x4)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r3}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f00000074c0)={0x0, 0x2800, &(0x7f0000007480)={&(0x7f0000001000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a14000000080a010300000000000000000200000a14000000000a010200000000000000000a000017140000001100010000000000000000000000000a9976761bcbc5c050c80b8d35fe8e75a05c9d9353a124a772f1aa96c3750afd4b7b86fcb80c5ead1702f968b43f8bff464ca7a4192b8f6ba76a8614d3ad637dccfae416fdbe3b895f44d6da0305bb6180d98bc6063c5de79be028230c59127eb62ae8c10a8ecf3751d0e80857b949312579ea8827151b8425c9b4c26030cfc2efd1716c05ca5ff1d1ff07e5f431811c13e3d1c73bd464cc0ca3ce89a5dca6127f88c4564d51ac12e9c2b286cd824078421c6069d1899c0696c90af75d3cdab747400be2ce601964363aea97217543fd601e2d23396fdf2fb83dbcf5c07d5ab78c4f4b2e7cd33cf8"], 0x50}, 0x1, 0x0, 0x0, 0x20040000}, 0x0)

129.797649ms ago: executing program 1 (id=2441):
r0 = socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x5a, 0x1, 0x0, 0x0, 0x0, 0x1000f0, 0x82, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b78, 0x1, @perf_config_ext={0x7ff, 0xd}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x4, 0xfffffff0, 0x1, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xb, &(0x7f0000000c00)=ANY=[@ANYBLOB="18000000000000000000000023ed0000180100002820702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}]}, 0x0)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r4, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r5=>0x0}, &(0x7f00000004c0)=0x27)
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r3, 0x84, 0x71, &(0x7f0000000200)={r5, 0x796}, &(0x7f0000000380)=0x8)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, &(0x7f00000001c0)={0x5, 0x4, 0x1bb, 0xf, r5}, 0x10)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x8, 0x3, 0x308, 0xf0, 0xffffffff, 0xffffffff, 0xf0, 0xffffffff, 0x390, 0xffffffff, 0xffffffff, 0x390, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00', {}, {}, 0x2f, 0x0, 0x3}, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@local, 'nicvf0\x00', {0x3f66}}}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3d}}, [0xffffffff], [], 'wg1\x00', 'gre0\x00', {}, {0xff}}, 0x0, 0x100, 0x148, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x563e4515, 0x0, 0x7, 0x3fc, 0x20}}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00', 0x2, 0x5, {0x6}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x368)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r6, 0x0, 0x22, 0x0, &(0x7f0000000380)="f6f4e9a1d78ad62ceef1884386dd78bb3fb7dbfc8180ca8395ccfda2e499b3dcf581", 0x0, 0xa1b, 0x0, 0x2f, 0x0, &(0x7f0000000700)="010a", 0x0}, 0x50)
r7 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40000100, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x0, 0x800, 0xfffffffc, 0x7, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f00000001c0)={'sit0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r10, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x4}}, @TCA_RATE={0x6}]}, 0x38}, 0x1, 0x0, 0x0, 0x48801}, 0x0)
r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r11, &(0x7f0000000180)=ANY=[], 0x118)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x0, 0x20000000000002b8, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x8000, 0x0, 0x0, 0x41000, 0x0, '\x00', r10, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r8}, &(0x7f0000000180), &(0x7f00000001c0)=r7}, 0x20)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r12}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000880)=ANY=[])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000068abc1a91b14860a00ffdbdf250a0014e20500000417000044"], 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
r13 = socket$kcm(0x29, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r13, 0x89e2, &(0x7f00000000c0)={r0})

128.548318ms ago: executing program 0 (id=2442):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x13, 0xf, &(0x7f0000000340)=ANY=[@ANYRES64=r0, @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000140000e0b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='rxrpc_call_complete\x00', r1}, 0x18)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0xfd, 0x7fff0006}]})
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r4}, 0x18)
openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r5 = syz_io_uring_setup(0x10b, &(0x7f0000000580)={0x0, 0xd736, 0x8, 0x0, 0x3d9}, &(0x7f00000003c0)=<r6=>0x0, &(0x7f0000000340)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f00000002c0)=0x9, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f0000000180)=@IORING_OP_STATX={0x15, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x80, 0x6000})
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000008000000bca30000000000002403000020feffff620af0fff8ffffff71a4f2ff000000001f03000000000000e5000500000000002604fdffff02000014010000033800001d13f8ff000000007a0af0ff0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101a3062cd54f9ff51d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2740000000000000000000000000000000000000000000a0009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d2ff8a642ca50934b3fbe44b0abeba9df209566984a29dfc0466e439a94e177b3c4d5f6e92b8176b9d6ddeeeb196fa964217f88e1acc180aaa4"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xffffffffffffffe7, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r8}, 0x4)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x10, &(0x7f0000000840)=@framed={{}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r8}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r9}, 0x10)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0a0000000400000004000000050000"], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{r10, <r11=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)='%ps    \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000ee791a14dd839e88eb692df6fdc817f8fb199d686080848a76908914849b7912d5fb87db50a6b574755c1936e0d2d0ce9d9a72dca84f6775b679017a0c150f69df2458022630705eb8839836df5916ea0d9a4e5c1d8c3fe596cbecce6bfedc8c27b30303e62ba6748821352774b56001906e9647fcba1c2a55e6c954b6441887b49f12cbef9316dcf2eb250a63f2443de5e03f5db8c05a59aa0a7e129b28ff810478ba81247db5afe7a53f00"/204, @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r12}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, 0x0)
io_uring_enter(r5, 0x1c3a, 0xe176, 0x22, 0x0, 0x0)

127.890709ms ago: executing program 2 (id=2443):
r0 = socket$inet6(0xa, 0x3, 0xc)
sendmmsg$inet6(r0, &(0x7f0000004580)=[{{&(0x7f0000000080)={0xa, 0x0, 0x0, @mcast2}, 0x1c, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='$\x00\x00\x00\x00\x00\x00\x00)\x00\x00\x00'], 0x28}}], 0x1, 0x0)

64.93136ms ago: executing program 1 (id=2444):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
add_key$fscrypt_v1(&(0x7f0000000040), 0x0, &(0x7f00000000c0)={0xfffffe00, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x48, 0xffffffffffffffff)

64.24618ms ago: executing program 0 (id=2445):
perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x4c, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket(0x10, 0x3, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000000c0)="d800000018008103e00312ba0d8105040a600300ff0f040b067c55a1bc000900b80006990700000015000500fef32702d3001500030001400200000901ac040098007f6f94007100a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b11602b2a10c11ce1b14d6d930dfe1d9d322fe04000000730d7a5025ccca262f3d40fad95667e04adcdf634c1f215ce3bb9ad809d5e1cace81ed0b66bce0b42a9ecbee5de6ccd40dd6e4edef3d93452a92307f00000e970300"/216, 0xd8}], 0x1}, 0x48002)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000040)='sys_enter\x00', r5}, 0x10)
time(0x0)

63.583919ms ago: executing program 2 (id=2446):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000300)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@jqfmt_vfsold}, {@minixdf}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_DEL_NAN_FUNCTION(r3, &(0x7f00000003c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000340)={0x4c, r4, 0x300, 0x70bd28, 0x25dfdbff, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0xb}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x30}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x14}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x1e}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x20000004)
sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x30, r2, 0x400, 0x70bd29, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r5}, @val={0xc, 0x99, {0x5, 0x7}}}}, [@NL80211_ATTR_BEACON_INTERVAL={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x81}, 0x4008000)
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
utimes(&(0x7f0000001ac0)='./file1\x00', 0x0)

55.9201ms ago: executing program 0 (id=2447):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$EVIOCGRAB(0xffffffffffffffff, 0x40044590, 0x0)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
read(r0, &(0x7f00000003c0)=""/4096, 0x1000) (fail_nth: 3)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000780)=ANY=[@ANYRESOCT, @ANYRESOCT, @ANYRESOCT], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x21, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

50.2959ms ago: executing program 1 (id=2448):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000000)={0x0, &(0x7f0000000040)})
r1 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x121602, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYRES32=r2, @ANYBLOB="0000000000000000b704000008000000850000009500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000001680)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000001640)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00', r3}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a80)={0x0, 0xffffffffffffffff, 0x0, 0x4}, 0x18)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x2)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (fail_nth: 2)

1.34511ms ago: executing program 2 (id=2449):
unshare(0x20040600) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a000000020000000110000007"], 0x50) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(0xffffffffffffffff, 0xc0105303, 0x0) (async)
syz_usb_connect(0x0, 0x2d, 0x0, 0x0) (async)
r0 = socket$pppl2tp(0x18, 0x1, 0x1) (async)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x2, 0x0, 0x4}}, 0x2e)
connect$inet6(r1, &(0x7f00000001c0)={0xa, 0x4e24, 0x1, @mcast2, 0x9}, 0x1c) (async)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r2, &(0x7f0000000640)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x2, 0x4, 0x4, 0x5, {0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, 0xffff}}}, 0x3a) (async)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x41100, 0x52, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r4, 0x40047438, &(0x7f0000000180)=""/246)
writev(r4, &(0x7f0000000440)=[{&(0x7f0000000280)="c021", 0x1700}], 0x1) (async)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x28, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)

654.5µs ago: executing program 4 (id=2450):
syz_io_uring_setup(0x29c4, &(0x7f0000000380)={0x0, 0xaf0a, 0x1, 0x2, 0xfc}, &(0x7f0000000740)=<r0=>0x0, &(0x7f0000000580))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x110, &(0x7f0000000680)=0x2, 0x0, 0x4)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x2010, 0xffffffffffffffff, 0x4000)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x9, 0x8, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="020000000400000008000000"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x91, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
getpid()
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r2}, 0x10)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0xfffffe00, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)

0s ago: executing program 3 (id=2451):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000100)={0x0, r0}, 0x8)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000740)={'erspan0\x00', &(0x7f00000005c0)={'tunl0\x00', <r1=>0x0, 0x7, 0x80, 0x2, 0x2, {{0x1c, 0x4, 0x2, 0x2f, 0x70, 0x65, 0x0, 0x8, 0x29, 0x0, @dev={0xac, 0x14, 0x14, 0x35}, @rand_addr=0x64010100, {[@timestamp_addr={0x44, 0x24, 0x36, 0x1, 0x5, [{@remote, 0x64e}, {@dev={0xac, 0x14, 0x14, 0x20}, 0xfffffff5}, {@multicast1, 0x95}, {@loopback, 0xffffff01}]}, @rr={0x7, 0x27, 0xb0, [@private=0xa010101, @rand_addr=0x64010100, @loopback, @multicast1, @multicast2, @multicast1, @empty, @dev={0xac, 0x14, 0x14, 0xf}, @broadcast]}, @ssrr={0x89, 0xb, 0x4f, [@multicast2, @local]}, @noop, @ra={0x94, 0x4}]}}}}})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYRESOCT], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', r1, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x3b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x3f)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000011c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = memfd_create(&(0x7f0000000240)='+\x8b\x8a\xa9\x16\x11\x91J\xbc+  \x18\x17\xc2:}\xa3\x9bO\xdd\xdf\xdf\x92\xd5\xed\xb4\x17\xe5\xd6\x9a\xb2\xd8\x9ba\xde\xb2.F\xc0\x99}|\xaf\xd3\x1d\x84[*_\x9f\x9d\xb0rYP\x1b\x9f \xe0\x9cgq\x103\x89\x11\x87Rv\x169\xdf\xe3>B\x04\x00\x00\x00W\xd3\xec\xfb\xdf?\xa2\x90+\xa4!\xb2\xf2\xff\x90\a\xc3\x12\xc4;\xffh\xf1x=\xb9c\xce\x03h\xdap\x88U\x1788\x82\xd7\xfd\x83\x00Sx\x91%\x99_\xfe\xd4c\x83\x86\x0f\xa4a-\xaf\x9e\xd9\xef\xe0)]\x00F\xfa\x03\xbc4\xc4\x9a\v\x03\x8b\xa4\xf3\x8f\xf4\"\'\xd3\a9\x14H}j&~\xe9\x16\x83o\xbd\xab\xcd[\xbd\xcb\x04\xfc\xe7\xe3\x9e?\x12\xf0\xf4\x83M3\xd88\x92?@\v\xe6\xd1\xd2\xe4\xde\xdaUeJ\x9fR\xd1`\xfa\xc8\v\xed\xfd\x0e\xc8\x89W\x847\x88\x82\x94\x14\xe33\xb7H\xc8b\xd6@3F#\xb7\x04C\x8dm\t\x16a\x0fI\xf4\xfe\xf8\x06j\x19Pz&\xb8\x0f\x98`W\xdb\xc6\"81A\xa4\x8bT\xf1\xcb\xab\xa3\t\xef\xdf&\x0e\xad\x03\x123.\xc2V\xaa\xd5\xf8\xde\x8aV\xa4p{\xcez\xa2\x92\xdb8*wLO\f\x97X\x05\x9a\xc2\xe8\x85\x9d\xcb\xc8\xf0\xc4\x01\x03\xe3?\x9f1\xf4\xfb\xa5y`KB\xdf\xae#\x94C\a\x04\xea\xccG\xf2\b\x8f\xf7\xb1\xe96\x90\xf5P\xa4\'\xce\xe3\xa24\x196\xc5Q\xa1K\x95\xd6\xfal\xe9\xd1\\\r&\xb2c\xb3\x8d\xa7\xb7\xa8\x03S\xbd\xdd\b{\xae\f\x10\xc2\xbb\xd0\xdd*\xa3\xb4\fJ\x00X\xab`N; LF\xa5D\xee\xdf\x7f\x80p\xf6o\x1c\xbdXR\xf2\xa0\x81a\xa1\xe1B\x93Xn\xaf\xfc\x05?\xab\xac\x91x\xa8#\xe1\xbeQ\xd1^\x9b\xb9)\xd3\n\xf7(3!\x18\b\xc0\xaampRl\xfdQ\x03\x8c\xd5\xe4\\\xed\x9a\xd1?\xd21\xc8\x90\x1dl|\xd1\x14\xbc3\xe0\x1e\x0e\xe6\x88Y\x99K\x93\x1c@_P\x8c\xc7\x9eZ\xb74KT:\x8a\xdbJ#w\x18\x14\x00\x93\x86\xa5wo\xf6M\xe7D\xf4*\xe3X\x1d\x19\x83\xa7w\xc7+7\x89s\xed\x8a\xd7O\xdd\rhh`\xc0\xa8$\x06pu\xa0\xd0L\x0ez@I\xb8\x83\xb2f\x93j\a0I\xc8l\xe5\x9b\x06\xb5\xac`d\xa3\xcf/\x14\x10\xab\xab\t\xec\xc1c\fA\xaf\x14\xef\xbap@*7\x86\xdf\',\x03Y\xb1$\xf0\xb5}\xf0\x82%)9`\x8f\x04\x85m\x80\xd2\xcf@\x06}\xea\xe7w`\xa5\x11\x9f\x9b\x9e\x8f\xb7cb\x1a\xe1\xcf\x87\x1c\\\xf5\xc21\xf7\x82C*\xd5;\x00\x00\x00\x00\x03\xba\xe3\xdc\x92\'\x8e\xd5\x7fG\xfd.\x91\x89T\x99t\xd4d,\xd5\x92O\xf1\xafT!Y\x8e\\\xac\xf7\x11R\x05p\x1a\"\r\xe9\xe5\x8b&\x0f\x8c\xfb\xef\xf8\xd5\x18\xde\xeb\xe5\x19\xdd\xebQ8\xc5iS+\x06D\x16\xfe\xf5.\xe5\v\x89\xb0\"\xa3M\xe9\x81\x11P\xdb\xc4\xc2y\x14\x04\x06\xf6\f\xb0\xecz\x8d`\xb5\x9b\xb43\xcc1\xa7\x9e\xa8\xb5\'\xc6MAe\x0f\xd1\xfcG\xc2/\xe8\xe9t\xcaQ\xf1\fI\x1chM\xc1\x92\xe3\xc3\x01M\xc8/\xefJ\xcb\xd0]\f\xff\xf5\x92\xce\x97Z\xea\xe8\x99\xfa\x96\xce\xa7\x02\xad\xa2\xce\x955\xeaNg\x02\xcd\xfd\x1a}.\xd3\"x\x89/8H\xc2\x93B\na)\x86\xa9U\xa0\xb7\x18\xfb\xe9\xd1\x97', 0x3)
write$binfmt_misc(r6, &(0x7f0000000740), 0xff67)
sendfile(r5, r6, &(0x7f0000000000), 0xfffb)
fcntl$addseals(r6, 0x409, 0x8)
lseek(r6, 0x100000, 0x3)
write(r6, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000002c0)='mm_page_free\x00', r3, 0x0, 0x6}, 0x18)
openat$random(0xffffffffffffff9c, &(0x7f0000000440), 0x40200, 0x0)

kernel console output (not intermixed with test programs):

265/0x280
[  126.898385][ T7897]  should_failslab+0x8c/0xb0
[  126.898408][ T7897]  __kvmalloc_node_noprof+0x123/0x4e0
[  126.898507][ T7897]  ? io_pin_pages+0x9a/0x170
[  126.898530][ T7897]  ? __kmalloc_noprof+0x1dd/0x3e0
[  126.898617][ T7897]  io_pin_pages+0x9a/0x170
[  126.898635][ T7897]  io_sqe_buffer_register+0x17c/0x1310
[  126.898662][ T7897]  ? _parse_integer+0x27/0x40
[  126.898695][ T7897]  __io_register_rsrc_update+0x31b/0xac0
[  126.898787][ T7897]  ? get_pid_task+0x96/0xd0
[  126.898812][ T7897]  ? should_fail_ex+0xdb/0x280
[  126.898848][ T7897]  io_register_rsrc_update+0x10a/0x120
[  126.898949][ T7897]  __se_sys_io_uring_register+0x6d9/0xeb0
[  126.898976][ T7897]  ? fput+0x8f/0xc0
[  126.899007][ T7897]  ? ksys_write+0x192/0x1a0
[  126.899060][ T7897]  __x64_sys_io_uring_register+0x55/0x70
[  126.899082][ T7897]  x64_sys_call+0xc91/0x2fb0
[  126.899108][ T7897]  do_syscall_64+0xd2/0x200
[  126.899176][ T7897]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  126.899224][ T7897]  ? clear_bhb_loop+0x40/0x90
[  126.899245][ T7897]  ? clear_bhb_loop+0x40/0x90
[  126.899265][ T7897]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.899323][ T7897] RIP: 0033:0x7f45363ce929
[  126.899338][ T7897] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  126.899357][ T7897] RSP: 002b:00007f4534a37038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab
[  126.899380][ T7897] RAX: ffffffffffffffda RBX: 00007f45365f5fa0 RCX: 00007f45363ce929
[  126.899408][ T7897] RDX: 0000200000000240 RSI: 0000000000000010 RDI: 0000000000000003
[  126.899420][ T7897] RBP: 00007f4534a37090 R08: 0000000000000000 R09: 0000000000000000
[  126.899431][ T7897] R10: 0000000000000020 R11: 0000000000000246 R12: 0000000000000001
[  126.899442][ T7897] R13: 0000000000000000 R14: 00007f45365f5fa0 R15: 00007ffed3e61f88
[  126.899464][ T7897]  </TASK>
[  126.899835][ T7875] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1339'.
[  127.087687][ T7907] loop4: detected capacity change from 0 to 512
[  127.155469][ T7907] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  127.323569][ T7911] netlink: 'syz.1.1353': attribute type 10 has an invalid length.
[  127.331712][ T7911] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1353'.
[  127.347426][ T7914] netlink: 'syz.3.1354': attribute type 27 has an invalid length.
[  127.355819][ T7907] EXT4-fs (loop4): 1 truncate cleaned up
[  127.362355][ T7907] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  127.404769][ T7913] netlink: 'syz.0.1352': attribute type 27 has an invalid length.
[  127.458327][ T7907] usb usb1: usbfs: process 7907 (syz.4.1347) did not claim interface 0 before use
[  127.468258][ T7913] ipvlan0: left promiscuous mode
[  127.505109][ T7916] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1354'.
[  127.514092][ T7916] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1354'.
[  127.547327][ T7913] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1352'.
[  127.554984][ T7916] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1354'.
[  127.556611][ T7913] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1352'.
[  127.589147][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.662057][ T7913] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1352'.
[  127.682460][ T7914] 8021q: adding VLAN 0 to HW filter on device bond0
[  127.720118][ T7914] 8021q: adding VLAN 0 to HW filter on device team0
[  127.752276][ T7914] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  127.787349][ T7917] 8021q: adding VLAN 0 to HW filter on device bond0
[  127.829482][ T7917] 8021q: adding VLAN 0 to HW filter on device team0
[  127.902083][ T7917] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  128.008773][ T7950] x_tables: duplicate underflow at hook 4
[  128.046709][ T7950] loop4: detected capacity change from 0 to 2048
[  128.121754][ T7950] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 not in group (block 65284)!
[  128.132330][ T7950] EXT4-fs (loop4): group descriptors corrupted!
[  128.202522][ T7957] netlink: 'syz.2.1366': attribute type 10 has an invalid length.
[  128.535271][ T7963] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  128.560303][ T7963] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  128.699021][ T7972] netlink: 'syz.1.1374': attribute type 27 has an invalid length.
[  128.735832][ T7972] ipvlan2: left promiscuous mode
[  128.741390][   T10] lo speed is unknown, defaulting to 1000
[  128.747318][   T10] syz0: Port: 1 Link DOWN
[  128.771751][ T7975] 8021q: adding VLAN 0 to HW filter on device bond0
[  128.788943][ T7975] 8021q: adding VLAN 0 to HW filter on device team0
[  128.812636][ T7975] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  128.832124][   T10] lo speed is unknown, defaulting to 1000
[  128.837898][   T10] syz0: Port: 1 Link ACTIVE
[  128.955402][ T7988] loop4: detected capacity change from 0 to 256
[  129.104126][   T29] kauditd_printk_skb: 254 callbacks suppressed
[  129.104145][   T29] audit: type=1400 audit(1750461664.214:2800): avc:  denied  { open } for  pid=7989 comm="syz.0.1379" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  129.129801][   T29] audit: type=1400 audit(1750461664.214:2801): avc:  denied  { kernel } for  pid=7989 comm="syz.0.1379" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  129.253282][ T7994] audit: audit_lost=3 audit_rate_limit=0 audit_backlog_limit=64
[  129.261049][ T7994] audit: out of memory in audit_log_start
[  129.308996][   T29] audit: type=1400 audit(1750461664.394:2802): avc:  denied  { allowed } for  pid=7992 comm="syz.0.1380" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  129.329234][   T29] audit: type=1400 audit(1750461664.404:2803): avc:  denied  { create } for  pid=7992 comm="syz.0.1380" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  129.351972][   T29] audit: type=1326 audit(1750461664.404:2804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7992 comm="syz.0.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bab7de929 code=0x7ffc0000
[  129.376924][   T29] audit: type=1326 audit(1750461664.404:2805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7992 comm="syz.0.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bab7de929 code=0x7ffc0000
[  129.400479][   T29] audit: type=1326 audit(1750461664.404:2806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7992 comm="syz.0.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5bab7de929 code=0x7ffc0000
[  129.424752][   T29] audit: type=1326 audit(1750461664.404:2807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7992 comm="syz.0.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bab7de929 code=0x7ffc0000
[  130.179699][ T8030] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  130.190853][ T8030] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  130.202281][ T8034] loop0: detected capacity change from 0 to 512
[  130.223734][ T8034] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  130.263105][ T8034] EXT4-fs (loop0): 1 truncate cleaned up
[  130.269379][ T8034] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.537066][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.591706][ T8052] 9pnet_fd: Insufficient options for proto=fd
[  130.678008][ T8056] loop0: detected capacity change from 0 to 2048
[  130.697057][ T8056] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  130.718265][ T8056] netlink: 'syz.0.1403': attribute type 27 has an invalid length.
[  130.825233][ T8061] 8021q: adding VLAN 0 to HW filter on device bond0
[  130.840415][ T8061] 8021q: adding VLAN 0 to HW filter on device team0
[  130.884438][ T8061] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  131.002492][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.184863][ T8086] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  131.203915][ T8086] FAULT_INJECTION: forcing a failure.
[  131.203915][ T8086] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  131.217114][ T8086] CPU: 1 UID: 0 PID: 8086 Comm: syz.2.1410 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(voluntary) 
[  131.217140][ T8086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  131.217153][ T8086] Call Trace:
[  131.217159][ T8086]  <TASK>
[  131.217166][ T8086]  __dump_stack+0x1d/0x30
[  131.217229][ T8086]  dump_stack_lvl+0xe8/0x140
[  131.217246][ T8086]  dump_stack+0x15/0x1b
[  131.217260][ T8086]  should_fail_ex+0x265/0x280
[  131.217289][ T8086]  should_fail+0xb/0x20
[  131.217312][ T8086]  should_fail_usercopy+0x1a/0x20
[  131.217458][ T8086]  _copy_from_user+0x1c/0xb0
[  131.217485][ T8086]  kstrtouint_from_user+0x69/0xf0
[  131.217575][ T8086]  ? 0xffffffff81000000
[  131.217591][ T8086]  ? selinux_file_permission+0x1e4/0x320
[  131.217615][ T8086]  proc_fail_nth_write+0x50/0x160
[  131.217633][ T8086]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  131.217683][ T8086]  vfs_write+0x269/0x8e0
[  131.217711][ T8086]  ? vfs_read+0x47f/0x6f0
[  131.217738][ T8086]  ? __rcu_read_unlock+0x4f/0x70
[  131.217805][ T8086]  ? __fget_files+0x184/0x1c0
[  131.217825][ T8086]  ksys_write+0xda/0x1a0
[  131.217841][ T8086]  __x64_sys_write+0x40/0x50
[  131.217861][ T8086]  x64_sys_call+0x2cdd/0x2fb0
[  131.217881][ T8086]  do_syscall_64+0xd2/0x200
[  131.217911][ T8086]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  131.217933][ T8086]  ? clear_bhb_loop+0x40/0x90
[  131.217952][ T8086]  ? clear_bhb_loop+0x40/0x90
[  131.217975][ T8086]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.218033][ T8086] RIP: 0033:0x7f926f3ad3df
[  131.218046][ T8086] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  131.218156][ T8086] RSP: 002b:00007f926da17030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  131.218179][ T8086] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f926f3ad3df
[  131.218189][ T8086] RDX: 0000000000000001 RSI: 00007f926da170a0 RDI: 000000000000000a
[  131.218200][ T8086] RBP: 00007f926da17090 R08: 0000000000000000 R09: 0000000000000000
[  131.218210][ T8086] R10: 0000000800000009 R11: 0000000000000293 R12: 0000000000000001
[  131.218220][ T8086] R13: 0000000000000000 R14: 00007f926f5d5fa0 R15: 00007fff4d825208
[  131.218237][ T8086]  </TASK>
[  131.466943][ T8090] FAULT_INJECTION: forcing a failure.
[  131.466943][ T8090] name failslab, interval 1, probability 0, space 0, times 0
[  131.480606][ T8090] CPU: 0 UID: 0 PID: 8090 Comm: syz.4.1411 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(voluntary) 
[  131.480684][ T8090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  131.480700][ T8090] Call Trace:
[  131.480707][ T8090]  <TASK>
[  131.480733][ T8090]  __dump_stack+0x1d/0x30
[  131.480758][ T8090]  dump_stack_lvl+0xe8/0x140
[  131.480781][ T8090]  dump_stack+0x15/0x1b
[  131.480809][ T8090]  should_fail_ex+0x265/0x280
[  131.480848][ T8090]  should_failslab+0x8c/0xb0
[  131.480877][ T8090]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  131.480957][ T8090]  ? pidfs_alloc_inode+0x36/0x70
[  131.480992][ T8090]  ? __pfx_pidfs_alloc_inode+0x10/0x10
[  131.481030][ T8090]  pidfs_alloc_inode+0x36/0x70
[  131.481093][ T8090]  alloc_inode+0x40/0x170
[  131.481166][ T8092] 9pnet_fd: Insufficient options for proto=fd
[  131.481174][ T8090]  path_from_stashed+0x119/0x4f0
[  131.481196][ T8090]  pidfs_register_pid+0x95/0x120
[  131.481228][ T8090]  unix_socketpair+0x7c/0x440
[  131.481253][ T8090]  __sys_socketpair+0x21a/0x430
[  131.481297][ T8090]  __x64_sys_socketpair+0x52/0x60
[  131.481377][ T8090]  x64_sys_call+0x23f2/0x2fb0
[  131.481407][ T8090]  do_syscall_64+0xd2/0x200
[  131.481476][ T8090]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  131.481561][ T8090]  ? clear_bhb_loop+0x40/0x90
[  131.481590][ T8090]  ? clear_bhb_loop+0x40/0x90
[  131.481621][ T8090]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.481650][ T8090] RIP: 0033:0x7f470527e929
[  131.481671][ T8090] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  131.481703][ T8090] RSP: 002b:00007f47038e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[  131.481741][ T8090] RAX: ffffffffffffffda RBX: 00007f47054a5fa0 RCX: 00007f470527e929
[  131.481759][ T8090] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001
[  131.481843][ T8090] RBP: 00007f47038e7090 R08: 0000000000000000 R09: 0000000000000000
[  131.481860][ T8090] R10: 00002000000029c0 R11: 0000000000000246 R12: 0000000000000002
[  131.481877][ T8090] R13: 0000000000000000 R14: 00007f47054a5fa0 R15: 00007ffd15847c58
[  131.481903][ T8090]  </TASK>
[  131.557847][ T8094] loop4: detected capacity change from 0 to 1024
[  131.741721][ T8094] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  131.773395][ T8094] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4113: comm syz.4.1413: Allocating blocks 497-513 which overlap fs metadata
[  131.796733][ T8093] EXT4-fs (loop4): pa ffff888106e301c0: logic 128, phys. 273, len 15
[  131.805087][ T8093] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  131.841638][ T8110] loop0: detected capacity change from 0 to 128
[  131.848878][ T8110] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  131.860825][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.870501][ T8110] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  131.880349][ T8114] __nla_validate_parse: 33 callbacks suppressed
[  131.880364][ T8114] netlink: 2036 bytes leftover after parsing attributes in process `syz.2.1415'.
[  131.895977][ T8114] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1415'.
[  131.931516][ T8122] FAULT_INJECTION: forcing a failure.
[  131.931516][ T8122] name failslab, interval 1, probability 0, space 0, times 0
[  131.944367][ T8122] CPU: 1 UID: 0 PID: 8122 Comm: syz.0.1420 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(voluntary) 
[  131.944439][ T8122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  131.944453][ T8122] Call Trace:
[  131.944462][ T8122]  <TASK>
[  131.944471][ T8122]  __dump_stack+0x1d/0x30
[  131.944518][ T8122]  dump_stack_lvl+0xe8/0x140
[  131.944537][ T8122]  dump_stack+0x15/0x1b
[  131.944552][ T8122]  should_fail_ex+0x265/0x280
[  131.944586][ T8122]  should_failslab+0x8c/0xb0
[  131.944622][ T8122]  __kmalloc_noprof+0xa5/0x3e0
[  131.944651][ T8122]  ? genl_family_rcv_msg_attrs_parse+0x75/0x190
[  131.944724][ T8122]  genl_family_rcv_msg_attrs_parse+0x75/0x190
[  131.944759][ T8122]  genl_family_rcv_msg_doit+0x48/0x1b0
[  131.944785][ T8122]  ? security_capable+0x83/0x90
[  131.944932][ T8122]  ? ns_capable+0x7d/0xb0
[  131.945020][ T8122]  genl_rcv_msg+0x422/0x460
[  131.945053][ T8122]  ? __pfx_hwsim_del_radio_nl+0x10/0x10
[  131.945102][ T8122]  netlink_rcv_skb+0x123/0x220
[  131.945144][ T8122]  ? __pfx_genl_rcv_msg+0x10/0x10
[  131.945224][ T8122]  genl_rcv+0x28/0x40
[  131.945246][ T8122]  netlink_unicast+0x59e/0x670
[  131.945338][ T8122]  netlink_sendmsg+0x58b/0x6b0
[  131.945360][ T8122]  ? __pfx_netlink_sendmsg+0x10/0x10
[  131.945381][ T8122]  __sock_sendmsg+0x145/0x180
[  131.945415][ T8122]  ____sys_sendmsg+0x31e/0x4e0
[  131.945517][ T8122]  ___sys_sendmsg+0x17b/0x1d0
[  131.945574][ T8122]  __x64_sys_sendmsg+0xd4/0x160
[  131.945673][ T8122]  x64_sys_call+0x2999/0x2fb0
[  131.945700][ T8122]  do_syscall_64+0xd2/0x200
[  131.945723][ T8122]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  131.945801][ T8122]  ? clear_bhb_loop+0x40/0x90
[  131.945828][ T8122]  ? clear_bhb_loop+0x40/0x90
[  131.945854][ T8122]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.945941][ T8122] RIP: 0033:0x7f5bab7de929
[  131.945960][ T8122] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  131.945982][ T8122] RSP: 002b:00007f5ba9e47038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  131.946005][ T8122] RAX: ffffffffffffffda RBX: 00007f5baba05fa0 RCX: 00007f5bab7de929
[  131.946021][ T8122] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000004
[  131.946051][ T8122] RBP: 00007f5ba9e47090 R08: 0000000000000000 R09: 0000000000000000
[  131.946063][ T8122] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  131.946075][ T8122] R13: 0000000000000000 R14: 00007f5baba05fa0 R15: 00007ffe90d55508
[  131.946096][ T8122]  </TASK>
[  132.358427][ T8141] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1427'.
[  132.367492][ T8141] bridge_slave_1: left allmulticast mode
[  132.373214][ T8141] bridge_slave_1: left promiscuous mode
[  132.378856][ T8141] bridge0: port 2(bridge_slave_1) entered disabled state
[  132.386564][ T8141] bridge_slave_0: left allmulticast mode
[  132.392260][ T8141] bridge_slave_0: left promiscuous mode
[  132.397957][ T8141] bridge0: port 1(bridge_slave_0) entered disabled state
[  132.738287][ T8169] netlink: 'syz.3.1435': attribute type 10 has an invalid length.
[  132.746334][ T8169] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1435'.
[  133.112359][ T8193] netlink: 'syz.3.1445': attribute type 11 has an invalid length.
[  133.120366][ T8193] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1445'.
[  133.145180][ T8198] netlink: 'syz.2.1446': attribute type 13 has an invalid length.
[  133.195185][ T8207] netlink: 'syz.0.1449': attribute type 13 has an invalid length.
[  133.205225][ T8208] FAULT_INJECTION: forcing a failure.
[  133.205225][ T8208] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  133.218412][ T8208] CPU: 1 UID: 0 PID: 8208 Comm: syz.2.1446 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(voluntary) 
[  133.218497][ T8208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  133.218514][ T8208] Call Trace:
[  133.218522][ T8208]  <TASK>
[  133.218531][ T8208]  __dump_stack+0x1d/0x30
[  133.218557][ T8208]  dump_stack_lvl+0xe8/0x140
[  133.218582][ T8208]  dump_stack+0x15/0x1b
[  133.218603][ T8208]  should_fail_ex+0x265/0x280
[  133.218706][ T8208]  should_fail+0xb/0x20
[  133.218766][ T8208]  should_fail_usercopy+0x1a/0x20
[  133.218872][ T8208]  _copy_from_user+0x1c/0xb0
[  133.218898][ T8208]  ucma_get_event+0x77/0x3e0
[  133.218925][ T8208]  ? kstrtouint_from_user+0x9f/0xf0
[  133.219015][ T8208]  ? should_fail_ex+0xdb/0x280
[  133.219048][ T8208]  ucma_write+0x1b3/0x250
[  133.219070][ T8208]  ? __pfx_ucma_write+0x10/0x10
[  133.219152][ T8208]  vfs_write+0x269/0x8e0
[  133.219235][ T8208]  ? __rcu_read_unlock+0x4f/0x70
[  133.219262][ T8208]  ? __fget_files+0x184/0x1c0
[  133.219290][ T8208]  ksys_write+0xda/0x1a0
[  133.219385][ T8208]  __x64_sys_write+0x40/0x50
[  133.219466][ T8208]  x64_sys_call+0x2cdd/0x2fb0
[  133.219487][ T8208]  do_syscall_64+0xd2/0x200
[  133.219562][ T8208]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  133.219591][ T8208]  ? clear_bhb_loop+0x40/0x90
[  133.219655][ T8208]  ? clear_bhb_loop+0x40/0x90
[  133.219716][ T8208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.219742][ T8208] RIP: 0033:0x7f926f3ae929
[  133.219760][ T8208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  133.219849][ T8208] RSP: 002b:00007f926d9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  133.219867][ T8208] RAX: ffffffffffffffda RBX: 00007f926f5d6080 RCX: 00007f926f3ae929
[  133.219879][ T8208] RDX: 0000000000000010 RSI: 0000200000000080 RDI: 0000000000000009
[  133.219890][ T8208] RBP: 00007f926d9f6090 R08: 0000000000000000 R09: 0000000000000000
[  133.219949][ T8208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  133.220013][ T8208] R13: 0000000000000000 R14: 00007f926f5d6080 R15: 00007fff4d825208
[  133.220036][ T8208]  </TASK>
[  133.461439][ T8213] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1452'.
[  133.506810][ T8211] netlink: 'syz.3.1451': attribute type 27 has an invalid length.
[  133.528224][ T8218] FAULT_INJECTION: forcing a failure.
[  133.528224][ T8218] name failslab, interval 1, probability 0, space 0, times 0
[  133.541143][ T8218] CPU: 1 UID: 0 PID: 8218 Comm: syz.1.1455 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(voluntary) 
[  133.541172][ T8218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  133.541184][ T8218] Call Trace:
[  133.541190][ T8218]  <TASK>
[  133.541198][ T8218]  __dump_stack+0x1d/0x30
[  133.541235][ T8218]  dump_stack_lvl+0xe8/0x140
[  133.541260][ T8218]  dump_stack+0x15/0x1b
[  133.541281][ T8218]  should_fail_ex+0x265/0x280
[  133.541318][ T8218]  should_failslab+0x8c/0xb0
[  133.541418][ T8218]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  133.541456][ T8218]  ? v9fs_session_init+0x4b/0xde0
[  133.541490][ T8218]  kstrdup+0x3e/0xd0
[  133.541514][ T8218]  v9fs_session_init+0x4b/0xde0
[  133.541557][ T8218]  ? obj_cgroup_charge_account+0x122/0x1a0
[  133.541596][ T8218]  ? __rcu_read_unlock+0x4f/0x70
[  133.541670][ T8218]  ? should_fail_ex+0xdb/0x280
[  133.541698][ T8218]  ? v9fs_mount+0x51/0x590
[  133.541729][ T8218]  ? should_failslab+0x8c/0xb0
[  133.541813][ T8218]  ? __kmalloc_cache_noprof+0x189/0x320
[  133.541863][ T8218]  v9fs_mount+0x67/0x590
[  133.541902][ T8218]  ? __pfx_v9fs_mount+0x10/0x10
[  133.541976][ T8218]  legacy_get_tree+0x75/0xd0
[  133.542009][ T8218]  vfs_get_tree+0x57/0x1d0
[  133.542031][ T8218]  do_new_mount+0x207/0x680
[  133.542075][ T8218]  path_mount+0x4a4/0xb20
[  133.542190][ T8218]  ? user_path_at+0x109/0x130
[  133.542220][ T8218]  __se_sys_mount+0x28f/0x2e0
[  133.542236][ T8218]  ? fput+0x8f/0xc0
[  133.542261][ T8218]  __x64_sys_mount+0x67/0x80
[  133.542361][ T8218]  x64_sys_call+0xd36/0x2fb0
[  133.542387][ T8218]  do_syscall_64+0xd2/0x200
[  133.542410][ T8218]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  133.542456][ T8218]  ? clear_bhb_loop+0x40/0x90
[  133.542482][ T8218]  ? clear_bhb_loop+0x40/0x90
[  133.542509][ T8218]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.542603][ T8218] RIP: 0033:0x7f45363ce929
[  133.542617][ T8218] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  133.542634][ T8218] RSP: 002b:00007f4534a37038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  133.542652][ T8218] RAX: ffffffffffffffda RBX: 00007f45365f5fa0 RCX: 00007f45363ce929
[  133.542706][ T8218] RDX: 0000200000000040 RSI: 0000200000000080 RDI: 0000000000000000
[  133.542717][ T8218] RBP: 00007f4534a37090 R08: 0000200000000400 R09: 0000000000000000
[  133.542728][ T8218] R10: 0000000000008080 R11: 0000000000000246 R12: 0000000000000002
[  133.542740][ T8218] R13: 0000000000000000 R14: 00007f45365f5fa0 R15: 00007ffed3e61f88
[  133.542760][ T8218]  </TASK>
[  133.832466][ T8233] 8021q: adding VLAN 0 to HW filter on device bond0
[  133.841368][ T8233] 8021q: adding VLAN 0 to HW filter on device team0
[  133.853346][ T8233] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  133.875660][ T8211] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1451'.
[  133.884839][ T8211] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1451'.
[  133.894836][ T8211] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1451'.
[  133.917007][ T8237] netlink: 'syz.1.1462': attribute type 1 has an invalid length.
[  133.934454][ T8211] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1451'.
[  134.145972][ T8272] loop0: detected capacity change from 0 to 1024
[  134.162043][   T29] kauditd_printk_skb: 115 callbacks suppressed
[  134.162122][   T29] audit: type=1400 audit(1750461669.284:2923): avc:  denied  { bind } for  pid=8273 comm="syz.1.1476" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  134.165912][ T8272] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  134.168488][   T29] audit: type=1400 audit(1750461669.294:2924): avc:  denied  { name_bind } for  pid=8273 comm="syz.1.1476" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  134.221685][   T29] audit: type=1400 audit(1750461669.294:2925): avc:  denied  { node_bind } for  pid=8273 comm="syz.1.1476" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1
[  134.248165][   T29] audit: type=1400 audit(1750461669.374:2926): avc:  denied  { name_connect } for  pid=8273 comm="syz.1.1476" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[  134.264536][ T8272] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz.0.1475: Allocating blocks 497-513 which overlap fs metadata
[  134.284543][ T8271] EXT4-fs (loop0): pa ffff888106e64930: logic 128, phys. 273, len 15
[  134.292821][ T8271] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  134.315635][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.345714][ T8285] SELinux:  policydb magic number 0x4c5047 does not match expected magic number 0xf97cff8c
[  134.345637][   T29] audit: type=1400 audit(1750461669.474:2927): avc:  denied  { load_policy } for  pid=8284 comm="syz.0.1479" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  134.379637][ T8285] SELinux: failed to load policy
[  134.406361][   T29] audit: type=1326 audit(1750461669.534:2928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8288 comm="syz.0.1483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bab7de929 code=0x7ffc0000
[  134.429926][   T29] audit: type=1326 audit(1750461669.534:2929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8288 comm="syz.0.1483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=82 compat=0 ip=0x7f5bab7de929 code=0x7ffc0000
[  134.454239][   T29] audit: type=1326 audit(1750461669.534:2930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8288 comm="syz.0.1483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bab7de929 code=0x7ffc0000
[  134.477931][   T29] audit: type=1326 audit(1750461669.534:2931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8288 comm="syz.0.1483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=268 compat=0 ip=0x7f5bab7de929 code=0x7ffc0000
[  134.501386][   T29] audit: type=1326 audit(1750461669.534:2932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8288 comm="syz.0.1483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bab7de929 code=0x7ffc0000
[  134.570192][ T8305] netlink: 'syz.3.1488': attribute type 10 has an invalid length.
[  134.644029][ T8318] FAULT_INJECTION: forcing a failure.
[  134.644029][ T8318] name failslab, interval 1, probability 0, space 0, times 0
[  134.657156][ T8318] CPU: 0 UID: 0 PID: 8318 Comm: syz.3.1493 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(voluntary) 
[  134.657199][ T8318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  134.657210][ T8318] Call Trace:
[  134.657216][ T8318]  <TASK>
[  134.657223][ T8318]  __dump_stack+0x1d/0x30
[  134.657241][ T8318]  dump_stack_lvl+0xe8/0x140
[  134.657259][ T8318]  dump_stack+0x15/0x1b
[  134.657280][ T8318]  should_fail_ex+0x265/0x280
[  134.657310][ T8318]  should_failslab+0x8c/0xb0
[  134.657331][ T8318]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  134.657386][ T8318]  ? alloc_inode+0x9a/0x170
[  134.657492][ T8318]  alloc_inode+0x9a/0x170
[  134.657521][ T8318]  new_inode+0x1d/0xe0
[  134.657538][ T8318]  ramfs_get_inode+0x24/0x1b0
[  134.657561][ T8318]  ramfs_mknod+0x35/0xe0
[  134.657582][ T8318]  ramfs_create+0x2c/0x40
[  134.657627][ T8318]  ? __pfx_ramfs_create+0x10/0x10
[  134.657651][ T8318]  path_openat+0x1105/0x2170
[  134.657733][ T8318]  do_filp_open+0x109/0x230
[  134.657856][ T8318]  do_sys_openat2+0xa6/0x110
[  134.657881][ T8318]  __x64_sys_openat+0xf2/0x120
[  134.657907][ T8318]  x64_sys_call+0x1af/0x2fb0
[  134.657926][ T8318]  do_syscall_64+0xd2/0x200
[  134.658016][ T8318]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  134.658141][ T8318]  ? clear_bhb_loop+0x40/0x90
[  134.658215][ T8318]  ? clear_bhb_loop+0x40/0x90
[  134.658234][ T8318]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.658310][ T8318] RIP: 0033:0x7fa55798e929
[  134.658324][ T8318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  134.658340][ T8318] RSP: 002b:00007fa555ff7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  134.658356][ T8318] RAX: ffffffffffffffda RBX: 00007fa557bb5fa0 RCX: 00007fa55798e929
[  134.658367][ T8318] RDX: 00000000000026e1 RSI: 0000200000000180 RDI: ffffffffffffff9c
[  134.658378][ T8318] RBP: 00007fa555ff7090 R08: 0000000000000000 R09: 0000000000000000
[  134.658389][ T8318] R10: 00000000fffffffb R11: 0000000000000246 R12: 0000000000000001
[  134.658400][ T8318] R13: 0000000000000000 R14: 00007fa557bb5fa0 R15: 00007fff939a60b8
[  134.658464][ T8318]  </TASK>
[  134.920386][ T8328] sch_tbf: burst 128 is lower than device ip6tnl0 mtu (1452) !
[  134.948174][ T8328] netlink: 'syz.2.1496': attribute type 9 has an invalid length.
[  134.956213][ T8328] netlink: 'syz.2.1496': attribute type 7 has an invalid length.
[  135.816483][ T8419] validate_nla: 2 callbacks suppressed
[  135.816499][ T8419] netlink: 'syz.3.1531': attribute type 4 has an invalid length.
[  135.833161][ T8419] netlink: 'syz.3.1531': attribute type 4 has an invalid length.
[  135.866148][ T8421] netlink: 'syz.2.1533': attribute type 4 has an invalid length.
[  135.884180][ T8421] netlink: 'syz.2.1533': attribute type 4 has an invalid length.
[  135.911151][ T8421] FAULT_INJECTION: forcing a failure.
[  135.911151][ T8421] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  135.924460][ T8421] CPU: 0 UID: 0 PID: 8421 Comm: syz.2.1533 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(voluntary) 
[  135.924533][ T8421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  135.924548][ T8421] Call Trace:
[  135.924555][ T8421]  <TASK>
[  135.924564][ T8421]  __dump_stack+0x1d/0x30
[  135.924588][ T8421]  dump_stack_lvl+0xe8/0x140
[  135.924613][ T8421]  dump_stack+0x15/0x1b
[  135.924645][ T8421]  should_fail_ex+0x265/0x280
[  135.924736][ T8421]  should_fail+0xb/0x20
[  135.924768][ T8421]  should_fail_usercopy+0x1a/0x20
[  135.924806][ T8421]  _copy_from_user+0x1c/0xb0
[  135.924829][ T8421]  copy_from_sockptr+0x5e/0xa0
[  135.924882][ T8421]  do_ip_setsockopt+0x1a90/0x2240
[  135.924915][ T8421]  ip_setsockopt+0x58/0x110
[  135.924945][ T8421]  udp_setsockopt+0x99/0xb0
[  135.925012][ T8421]  sock_common_setsockopt+0x66/0x80
[  135.925040][ T8421]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  135.925068][ T8421]  __sys_setsockopt+0x181/0x200
[  135.925153][ T8421]  __x64_sys_setsockopt+0x64/0x80
[  135.925268][ T8421]  x64_sys_call+0x2bd5/0x2fb0
[  135.925290][ T8421]  do_syscall_64+0xd2/0x200
[  135.925355][ T8421]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  135.925397][ T8421]  ? clear_bhb_loop+0x40/0x90
[  135.925418][ T8421]  ? clear_bhb_loop+0x40/0x90
[  135.925503][ T8421]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.925525][ T8421] RIP: 0033:0x7f926f3ae929
[  135.925542][ T8421] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  135.925562][ T8421] RSP: 002b:00007f926da17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  135.925607][ T8421] RAX: ffffffffffffffda RBX: 00007f926f5d5fa0 RCX: 00007f926f3ae929
[  135.925621][ T8421] RDX: 0000000000000024 RSI: 0000000000000000 RDI: 0000000000000003
[  135.925634][ T8421] RBP: 00007f926da17090 R08: 000000000000000c R09: 0000000000000000
[  135.925647][ T8421] R10: 0000200000000440 R11: 0000000000000246 R12: 0000000000000001
[  135.925659][ T8421] R13: 0000000000000000 R14: 00007f926f5d5fa0 R15: 00007fff4d825208
[  135.925680][ T8421]  </TASK>
[  135.925953][ T8425] netlink: 'syz.3.1534': attribute type 4 has an invalid length.
[  135.962445][ T8426] netlink: 'syz.3.1534': attribute type 4 has an invalid length.
[  136.898607][ T8514] FAULT_INJECTION: forcing a failure.
[  136.898607][ T8514] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  136.912004][ T8514] CPU: 1 UID: 0 PID: 8514 Comm: syz.2.1565 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(voluntary) 
[  136.912039][ T8514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  136.912092][ T8514] Call Trace:
[  136.912100][ T8514]  <TASK>
[  136.912110][ T8514]  __dump_stack+0x1d/0x30
[  136.912136][ T8514]  dump_stack_lvl+0xe8/0x140
[  136.912160][ T8514]  dump_stack+0x15/0x1b
[  136.912178][ T8514]  should_fail_ex+0x265/0x280
[  136.912262][ T8514]  should_fail_alloc_page+0xf2/0x100
[  136.912367][ T8514]  __alloc_frozen_pages_noprof+0xff/0x360
[  136.912414][ T8514]  alloc_pages_mpol+0xb3/0x250
[  136.912483][ T8514]  folio_alloc_mpol_noprof+0x39/0x80
[  136.912513][ T8514]  shmem_get_folio_gfp+0x3cf/0xd60
[  136.912571][ T8514]  shmem_write_begin+0xa8/0x190
[  136.912692][ T8514]  generic_perform_write+0x184/0x490
[  136.912723][ T8514]  shmem_file_write_iter+0xc5/0xf0
[  136.912751][ T8514]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  136.912778][ T8514]  vfs_write+0x4a0/0x8e0
[  136.912825][ T8514]  ksys_write+0xda/0x1a0
[  136.912903][ T8514]  __x64_sys_write+0x40/0x50
[  136.912924][ T8514]  x64_sys_call+0x2cdd/0x2fb0
[  136.913005][ T8514]  do_syscall_64+0xd2/0x200
[  136.913043][ T8514]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  136.913076][ T8514]  ? clear_bhb_loop+0x40/0x90
[  136.913102][ T8514]  ? clear_bhb_loop+0x40/0x90
[  136.913140][ T8514]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  136.913176][ T8514] RIP: 0033:0x7f926f3ae929
[  136.913254][ T8514] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  136.913271][ T8514] RSP: 002b:00007f926da17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  136.913366][ T8514] RAX: ffffffffffffffda RBX: 00007f926f5d5fa0 RCX: 00007f926f3ae929
[  136.913421][ T8514] RDX: 0000000000040010 RSI: 0000200000000180 RDI: 0000000000000004
[  136.913433][ T8514] RBP: 00007f926da17090 R08: 0000000000000000 R09: 0000000000000000
[  136.913444][ T8514] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  136.913456][ T8514] R13: 0000000000000000 R14: 00007f926f5d5fa0 R15: 00007fff4d825208
[  136.913477][ T8514]  </TASK>
[  137.201039][ T8518] netlink: 'syz.2.1568': attribute type 10 has an invalid length.
[  137.209019][ T8518] __nla_validate_parse: 10 callbacks suppressed
[  137.209036][ T8518] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1568'.
[  137.294669][ T8520] FAULT_INJECTION: forcing a failure.
[  137.294669][ T8520] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  137.307832][ T8520] CPU: 0 UID: 0 PID: 8520 Comm: syz.3.1569 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(voluntary) 
[  137.307861][ T8520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  137.307873][ T8520] Call Trace:
[  137.307880][ T8520]  <TASK>
[  137.307887][ T8520]  __dump_stack+0x1d/0x30
[  137.307921][ T8520]  dump_stack_lvl+0xe8/0x140
[  137.307953][ T8520]  dump_stack+0x15/0x1b
[  137.307974][ T8520]  should_fail_ex+0x265/0x280
[  137.308013][ T8520]  should_fail+0xb/0x20
[  137.308047][ T8520]  should_fail_usercopy+0x1a/0x20
[  137.308149][ T8520]  copy_folio_from_iter_atomic+0x575/0x1170
[  137.308183][ T8520]  ? shmem_write_begin+0xa8/0x190
[  137.308268][ T8520]  ? shmem_write_begin+0xe1/0x190
[  137.308330][ T8520]  generic_perform_write+0x2c2/0x490
[  137.308357][ T8520]  shmem_file_write_iter+0xc5/0xf0
[  137.308377][ T8520]  do_iter_readv_writev+0x421/0x4c0
[  137.308400][ T8520]  vfs_writev+0x2df/0x8b0
[  137.308517][ T8520]  __x64_sys_pwritev+0xfd/0x1c0
[  137.308545][ T8520]  x64_sys_call+0x2752/0x2fb0
[  137.308571][ T8520]  do_syscall_64+0xd2/0x200
[  137.308662][ T8520]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  137.308736][ T8520]  ? clear_bhb_loop+0x40/0x90
[  137.308763][ T8520]  ? clear_bhb_loop+0x40/0x90
[  137.308790][ T8520]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.308835][ T8520] RIP: 0033:0x7fa55798e929
[  137.308854][ T8520] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  137.308872][ T8520] RSP: 002b:00007fa555ff7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000128
[  137.308910][ T8520] RAX: ffffffffffffffda RBX: 00007fa557bb5fa0 RCX: 00007fa55798e929
[  137.308927][ T8520] RDX: 0000000000000007 RSI: 0000200000001980 RDI: 0000000000000004
[  137.308950][ T8520] RBP: 00007fa555ff7090 R08: 0000000000000365 R09: 0000000000000000
[  137.308965][ T8520] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001
[  137.308981][ T8520] R13: 0000000000000000 R14: 00007fa557bb5fa0 R15: 00007fff939a60b8
[  137.309003][ T8520]  </TASK>
[  137.873267][ T8559] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1583'.
[  137.896568][ T8552] netlink: 'syz.2.1580': attribute type 27 has an invalid length.
[  137.945554][ T8552] macvlan1: left allmulticast mode
[  137.972075][ T8565] 8021q: adding VLAN 0 to HW filter on device bond0
[  137.982772][ T8565] 8021q: adding VLAN 0 to HW filter on device team0
[  138.006072][ T8565] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  139.176505][   T29] kauditd_printk_skb: 658 callbacks suppressed
[  139.176522][   T29] audit: type=1400 audit(1750461674.284:3591): avc:  denied  { prog_load } for  pid=8652 comm="syz.2.1620" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  139.201916][   T29] audit: type=1400 audit(1750461674.284:3592): avc:  denied  { prog_load } for  pid=8652 comm="syz.2.1620" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  139.221109][   T29] audit: type=1400 audit(1750461674.304:3593): avc:  denied  { prog_load } for  pid=8655 comm="syz.2.1621" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  139.240332][   T29] audit: type=1400 audit(1750461674.304:3594): avc:  denied  { prog_load } for  pid=8655 comm="syz.2.1621" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  139.259618][   T29] audit: type=1400 audit(1750461674.304:3595): avc:  denied  { prog_load } for  pid=8655 comm="syz.2.1621" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  139.279281][   T29] audit: type=1400 audit(1750461674.324:3596): avc:  denied  { create } for  pid=8657 comm="syz.2.1622" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=0
[  139.300271][   T29] audit: type=1400 audit(1750461674.324:3597): avc:  denied  { prog_load } for  pid=8657 comm="syz.2.1622" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  139.309154][ T8666] netlink: 'syz.3.1626': attribute type 10 has an invalid length.
[  139.319637][   T29] audit: type=1400 audit(1750461674.344:3598): avc:  denied  { prog_load } for  pid=8659 comm="syz.2.1623" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  139.327304][ T8666] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1626'.
[  139.355852][   T29] audit: type=1400 audit(1750461674.344:3599): avc:  denied  { prog_load } for  pid=8659 comm="syz.2.1623" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  139.375196][   T29] audit: type=1400 audit(1750461674.354:3600): avc:  denied  { read } for  pid=8661 comm="syz.2.1624" name="event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=0
[  139.610111][ T8673] FAULT_INJECTION: forcing a failure.
[  139.610111][ T8673] name failslab, interval 1, probability 0, space 0, times 0
[  139.622928][ T8673] CPU: 0 UID: 0 PID: 8673 Comm: syz.3.1628 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(voluntary) 
[  139.623022][ T8673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  139.623034][ T8673] Call Trace:
[  139.623040][ T8673]  <TASK>
[  139.623048][ T8673]  __dump_stack+0x1d/0x30
[  139.623140][ T8673]  dump_stack_lvl+0xe8/0x140
[  139.623156][ T8673]  dump_stack+0x15/0x1b
[  139.623170][ T8673]  should_fail_ex+0x265/0x280
[  139.623226][ T8673]  should_failslab+0x8c/0xb0
[  139.623283][ T8673]  kmem_cache_alloc_node_noprof+0x57/0x320
[  139.623310][ T8673]  ? __alloc_skb+0x101/0x320
[  139.623338][ T8673]  __alloc_skb+0x101/0x320
[  139.623440][ T8673]  rtmsg_ifinfo_build_skb+0x5f/0x1b0
[  139.623471][ T8673]  ? __rcu_read_unlock+0x4f/0x70
[  139.623561][ T8673]  ? __pfx_rtnetlink_event+0x10/0x10
[  139.623589][ T8673]  rtnetlink_event+0x18c/0x200
[  139.623646][ T8673]  raw_notifier_call_chain+0x6f/0x1b0
[  139.623663][ T8673]  ? call_netdevice_notifiers_info+0x9c/0x100
[  139.623688][ T8673]  call_netdevice_notifiers_info+0xae/0x100
[  139.623710][ T8673]  netif_set_mac_address+0x204/0x260
[  139.623813][ T8673]  dev_set_mac_address_user+0xd7/0x190
[  139.623839][ T8673]  dev_ifsioc+0x9b3/0xaa0
[  139.623854][ T8673]  ? __rcu_read_unlock+0x4f/0x70
[  139.623873][ T8673]  dev_ioctl+0x70a/0x960
[  139.623889][ T8673]  sock_do_ioctl+0x197/0x220
[  139.623920][ T8673]  sock_ioctl+0x41b/0x610
[  139.623941][ T8673]  ? __pfx_sock_ioctl+0x10/0x10
[  139.624015][ T8673]  __se_sys_ioctl+0xce/0x140
[  139.624055][ T8673]  __x64_sys_ioctl+0x43/0x50
[  139.624167][ T8673]  x64_sys_call+0x19a8/0x2fb0
[  139.624186][ T8673]  do_syscall_64+0xd2/0x200
[  139.624202][ T8673]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  139.624225][ T8673]  ? clear_bhb_loop+0x40/0x90
[  139.624290][ T8673]  ? clear_bhb_loop+0x40/0x90
[  139.624338][ T8673]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.624356][ T8673] RIP: 0033:0x7fa55798e929
[  139.624370][ T8673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  139.624386][ T8673] RSP: 002b:00007fa555ff7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  139.624403][ T8673] RAX: ffffffffffffffda RBX: 00007fa557bb5fa0 RCX: 00007fa55798e929
[  139.624414][ T8673] RDX: 0000200000000000 RSI: 0000000000008924 RDI: 0000000000000004
[  139.624491][ T8673] RBP: 00007fa555ff7090 R08: 0000000000000000 R09: 0000000000000000
[  139.624502][ T8673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  139.624623][ T8673] R13: 0000000000000000 R14: 00007fa557bb5fa0 R15: 00007fff939a60b8
[  139.624652][ T8673]  </TASK>
[  139.954578][ T8683] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1633'.
[  139.964982][ T8685] netlink: 'syz.3.1633': attribute type 12 has an invalid length.
[  139.972987][ T8685] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1633'.
[  139.982820][ T8683] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1633'.
[  140.001026][ T8687] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1634'.
[  140.040942][ T8690] FAULT_INJECTION: forcing a failure.
[  140.040942][ T8690] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  140.054458][ T8690] CPU: 0 UID: 0 PID: 8690 Comm: syz.4.1635 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(voluntary) 
[  140.054535][ T8690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  140.054550][ T8690] Call Trace:
[  140.054558][ T8690]  <TASK>
[  140.054567][ T8690]  __dump_stack+0x1d/0x30
[  140.054590][ T8690]  dump_stack_lvl+0xe8/0x140
[  140.054611][ T8690]  dump_stack+0x15/0x1b
[  140.054629][ T8690]  should_fail_ex+0x265/0x280
[  140.054675][ T8690]  should_fail+0xb/0x20
[  140.054721][ T8690]  should_fail_usercopy+0x1a/0x20
[  140.054760][ T8690]  _copy_to_user+0x20/0xa0
[  140.054785][ T8690]  simple_read_from_buffer+0xb5/0x130
[  140.054824][ T8690]  proc_fail_nth_read+0x100/0x140
[  140.054851][ T8690]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  140.054893][ T8690]  vfs_read+0x1a0/0x6f0
[  140.054929][ T8690]  ? __rcu_read_unlock+0x4f/0x70
[  140.054955][ T8690]  ? __fget_files+0x184/0x1c0
[  140.055045][ T8690]  ksys_read+0xda/0x1a0
[  140.055084][ T8690]  __x64_sys_read+0x40/0x50
[  140.055122][ T8690]  x64_sys_call+0x2d77/0x2fb0
[  140.055149][ T8690]  do_syscall_64+0xd2/0x200
[  140.055205][ T8690]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  140.055237][ T8690]  ? clear_bhb_loop+0x40/0x90
[  140.055264][ T8690]  ? clear_bhb_loop+0x40/0x90
[  140.055293][ T8690]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  140.055324][ T8690] RIP: 0033:0x7f470527d33c
[  140.055342][ T8690] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  140.055366][ T8690] RSP: 002b:00007f47038e7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  140.055410][ T8690] RAX: ffffffffffffffda RBX: 00007f47054a5fa0 RCX: 00007f470527d33c
[  140.055426][ T8690] RDX: 000000000000000f RSI: 00007f47038e70a0 RDI: 0000000000000006
[  140.055443][ T8690] RBP: 00007f47038e7090 R08: 0000000000000000 R09: 0000000000000000
[  140.055459][ T8690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  140.055475][ T8690] R13: 0000000000000000 R14: 00007f47054a5fa0 R15: 00007ffd15847c58
[  140.055529][ T8690]  </TASK>
[  140.055531][ T8692] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1637'.
[  140.919750][ T8743] validate_nla: 2 callbacks suppressed
[  140.919766][ T8743] netlink: 'syz.0.1646': attribute type 21 has an invalid length.
[  140.919857][ T8743] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1646'.
[  140.954541][ T8744] netlink: 180 bytes leftover after parsing attributes in process `syz.1.1656'.
[  140.984513][ T8751] FAULT_INJECTION: forcing a failure.
[  140.984513][ T8751] name failslab, interval 1, probability 0, space 0, times 0
[  140.984616][ T8751] CPU: 1 UID: 0 PID: 8751 Comm: syz.0.1658 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(voluntary) 
[  140.984711][ T8751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  140.984729][ T8751] Call Trace:
[  140.984738][ T8751]  <TASK>
[  140.984750][ T8751]  __dump_stack+0x1d/0x30
[  140.984780][ T8751]  dump_stack_lvl+0xe8/0x140
[  140.984869][ T8751]  dump_stack+0x15/0x1b
[  140.984893][ T8751]  should_fail_ex+0x265/0x280
[  140.984959][ T8751]  should_failslab+0x8c/0xb0
[  140.984993][ T8751]  kmem_cache_alloc_noprof+0x50/0x310
[  140.985088][ T8751]  ? audit_log_start+0x365/0x6c0
[  140.985134][ T8751]  audit_log_start+0x365/0x6c0
[  140.985192][ T8751]  audit_seccomp+0x48/0x100
[  140.985230][ T8751]  ? __seccomp_filter+0x68c/0x10d0
[  140.985261][ T8751]  __seccomp_filter+0x69d/0x10d0
[  140.985311][ T8751]  ? update_load_avg+0x1da/0x820
[  140.985348][ T8751]  ? __list_add_valid_or_report+0x38/0xe0
[  140.985382][ T8751]  ? _raw_spin_unlock+0x26/0x50
[  140.985417][ T8751]  __secure_computing+0x82/0x150
[  140.985454][ T8751]  syscall_trace_enter+0xcf/0x1e0
[  140.985488][ T8751]  do_syscall_64+0xac/0x200
[  140.985512][ T8751]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  140.985547][ T8751]  ? clear_bhb_loop+0x40/0x90
[  140.985638][ T8751]  ? clear_bhb_loop+0x40/0x90
[  140.985667][ T8751]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  140.985696][ T8751] RIP: 0033:0x7f5bab7dd33c
[  140.985718][ T8751] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  140.985742][ T8751] RSP: 002b:00007f5ba9e47030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  140.985772][ T8751] RAX: ffffffffffffffda RBX: 00007f5baba05fa0 RCX: 00007f5bab7dd33c
[  140.985789][ T8751] RDX: 000000000000000f RSI: 00007f5ba9e470a0 RDI: 0000000000000004
[  140.985806][ T8751] RBP: 00007f5ba9e47090 R08: 0000000000000000 R09: 0000000000000000
[  140.985822][ T8751] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  140.985839][ T8751] R13: 0000000000000000 R14: 00007f5baba05fa0 R15: 00007ffe90d55508
[  140.985864][ T8751]  </TASK>
[  141.610288][ T8788] lo speed is unknown, defaulting to 1000
[  141.887941][ T8805] IPv6: Can't replace route, no match found
[  142.271198][ T8834] __nla_validate_parse: 2 callbacks suppressed
[  142.271215][ T8834] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1693'.
[  142.655479][ T8862] lo speed is unknown, defaulting to 1000
[  143.023694][ T8877] macvlan2: entered allmulticast mode
[  143.029196][ T8877] bond0: entered allmulticast mode
[  143.034387][ T8877] bond_slave_0: entered allmulticast mode
[  143.040198][ T8877] bond_slave_1: entered allmulticast mode
[  143.046669][ T8877] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  143.054880][ T8877] bond0: left allmulticast mode
[  143.059827][ T8877] bond_slave_0: left allmulticast mode
[  143.065376][ T8877] bond_slave_1: left allmulticast mode
[  143.145976][ T8884] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1712'.
[  143.198907][ T8893] ÿÿÿÿÿÿ: renamed from vlan1
[  143.232669][ T8899] futex_wake_op: syz.4.1719 tries to shift op by -1; fix this program
[  143.425366][ T8924] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1728'.
[  143.507178][ T8934] FAULT_INJECTION: forcing a failure.
[  143.507178][ T8934] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  143.520393][ T8934] CPU: 1 UID: 0 PID: 8934 Comm: syz.0.1731 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(voluntary) 
[  143.520487][ T8934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  143.520499][ T8934] Call Trace:
[  143.520506][ T8934]  <TASK>
[  143.520514][ T8934]  __dump_stack+0x1d/0x30
[  143.520539][ T8934]  dump_stack_lvl+0xe8/0x140
[  143.520562][ T8934]  dump_stack+0x15/0x1b
[  143.520581][ T8934]  should_fail_ex+0x265/0x280
[  143.520667][ T8934]  should_fail+0xb/0x20
[  143.520701][ T8934]  should_fail_usercopy+0x1a/0x20
[  143.520797][ T8934]  _copy_from_user+0x1c/0xb0
[  143.520822][ T8934]  kstrtouint_from_user+0x69/0xf0
[  143.520860][ T8934]  ? 0xffffffff81000000
[  143.520877][ T8934]  ? selinux_file_permission+0x1e4/0x320
[  143.521010][ T8934]  proc_fail_nth_write+0x50/0x160
[  143.521034][ T8934]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  143.521059][ T8934]  vfs_write+0x269/0x8e0
[  143.521170][ T8934]  ? vfs_read+0x47f/0x6f0
[  143.521208][ T8934]  ? __rcu_read_unlock+0x4f/0x70
[  143.521235][ T8934]  ? __fget_files+0x184/0x1c0
[  143.521332][ T8934]  ksys_write+0xda/0x1a0
[  143.521356][ T8934]  __x64_sys_write+0x40/0x50
[  143.521373][ T8934]  x64_sys_call+0x2cdd/0x2fb0
[  143.521469][ T8934]  do_syscall_64+0xd2/0x200
[  143.521539][ T8934]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  143.521578][ T8934]  ? clear_bhb_loop+0x40/0x90
[  143.521605][ T8934]  ? clear_bhb_loop+0x40/0x90
[  143.521627][ T8934]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  143.521647][ T8934] RIP: 0033:0x7f5bab7dd3df
[  143.521661][ T8934] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  143.521726][ T8934] RSP: 002b:00007f5ba9e47030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  143.521751][ T8934] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f5bab7dd3df
[  143.521768][ T8934] RDX: 0000000000000001 RSI: 00007f5ba9e470a0 RDI: 0000000000000003
[  143.521783][ T8934] RBP: 00007f5ba9e47090 R08: 0000000000000000 R09: 0000000000000000
[  143.521798][ T8934] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  143.521816][ T8934] R13: 0000000000000000 R14: 00007f5baba05fa0 R15: 00007ffe90d55508
[  143.521838][ T8934]  </TASK>
[  144.109789][ T8964] xt_CT: No such helper "pptp"
[  144.226543][   T29] kauditd_printk_skb: 1317 callbacks suppressed
[  144.226562][   T29] audit: type=1400 audit(1750461679.354:4916): avc:  denied  { read } for  pid=8973 comm="syz.2.1749" dev="nsfs" ino=4026532831 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=0
[  144.387247][   T29] audit: type=1326 audit(1750461679.514:4917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8966 comm="syz.4.1746" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f470527e929 code=0x7ffc0000
[  144.411455][   T29] audit: type=1326 audit(1750461679.514:4918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8966 comm="syz.4.1746" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f470527e929 code=0x7ffc0000
[  144.444337][   T29] audit: type=1400 audit(1750461679.574:4919): avc:  denied  { read write } for  pid=3303 comm="syz-executor" name="loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  144.470784][   T29] audit: type=1400 audit(1750461679.604:4920): avc:  denied  { create } for  pid=8976 comm="syz.4.1750" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=0
[  144.490950][   T29] audit: type=1400 audit(1750461679.604:4921): avc:  denied  { create } for  pid=8976 comm="syz.4.1750" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=0
[  144.511675][   T29] audit: type=1400 audit(1750461679.614:4922): avc:  denied  { read write } for  pid=8976 comm="syz.4.1750" name="loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  144.536290][   T29] audit: type=1400 audit(1750461679.624:4923): avc:  denied  { create } for  pid=8976 comm="syz.4.1750" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=0
[  144.556782][   T29] audit: type=1400 audit(1750461679.624:4924): avc:  denied  { prog_load } for  pid=8976 comm="syz.4.1750" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  144.576056][   T29] audit: type=1400 audit(1750461679.624:4925): avc:  denied  { map_create } for  pid=8976 comm="syz.4.1750" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  144.793238][ T9011] netlink: 'syz.3.1765': attribute type 27 has an invalid length.
[  144.830006][ T9011] 8021q: adding VLAN 0 to HW filter on device bond0
[  144.838280][ T9011] 8021q: adding VLAN 0 to HW filter on device team0
[  144.847831][ T9011] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  145.542932][ T9057] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  145.725363][ T9061] netlink: 'syz.0.1786': attribute type 8 has an invalid length.
[  145.733251][ T9061] netlink: 'syz.0.1786': attribute type 39 has an invalid length.
[  145.808295][ T9081] x_tables: ip6_tables: icmp6 match: only valid for protocol 58
[  145.910171][ T9095] netlink: 176 bytes leftover after parsing attributes in process `syz.1.1799'.
[  145.974929][ T9101] lo speed is unknown, defaulting to 1000
[  146.012304][ T9108] FAULT_INJECTION: forcing a failure.
[  146.012304][ T9108] name failslab, interval 1, probability 0, space 0, times 0
[  146.025120][ T9108] CPU: 1 UID: 0 PID: 9108 Comm: syz.1.1805 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(voluntary) 
[  146.025155][ T9108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  146.025172][ T9108] Call Trace:
[  146.025181][ T9108]  <TASK>
[  146.025257][ T9108]  __dump_stack+0x1d/0x30
[  146.025282][ T9108]  dump_stack_lvl+0xe8/0x140
[  146.025306][ T9108]  dump_stack+0x15/0x1b
[  146.025327][ T9108]  should_fail_ex+0x265/0x280
[  146.025366][ T9108]  should_failslab+0x8c/0xb0
[  146.025396][ T9108]  kmem_cache_alloc_noprof+0x50/0x310
[  146.025429][ T9108]  ? skb_clone+0x151/0x1f0
[  146.025503][ T9108]  skb_clone+0x151/0x1f0
[  146.025525][ T9108]  __netlink_deliver_tap+0x2c9/0x500
[  146.025561][ T9108]  netlink_sendskb+0x126/0x150
[  146.025590][ T9108]  netlink_unicast+0x28a/0x670
[  146.025643][ T9108]  netlink_ack+0x4c8/0x500
[  146.025679][ T9108]  netlink_rcv_skb+0x192/0x220
[  146.025710][ T9108]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  146.025785][ T9108]  rtnetlink_rcv+0x1c/0x30
[  146.025804][ T9108]  netlink_unicast+0x59e/0x670
[  146.025835][ T9108]  netlink_sendmsg+0x58b/0x6b0
[  146.025868][ T9108]  ? __pfx_netlink_sendmsg+0x10/0x10
[  146.025887][ T9108]  __sock_sendmsg+0x145/0x180
[  146.026015][ T9108]  ____sys_sendmsg+0x345/0x4e0
[  146.026050][ T9108]  ___sys_sendmsg+0x17b/0x1d0
[  146.026278][ T9108]  __sys_sendmmsg+0x178/0x300
[  146.026310][ T9108]  __x64_sys_sendmmsg+0x57/0x70
[  146.026400][ T9108]  x64_sys_call+0x2f2f/0x2fb0
[  146.026427][ T9108]  do_syscall_64+0xd2/0x200
[  146.026513][ T9108]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  146.026544][ T9108]  ? clear_bhb_loop+0x40/0x90
[  146.026571][ T9108]  ? clear_bhb_loop+0x40/0x90
[  146.026606][ T9108]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.026626][ T9108] RIP: 0033:0x7f45363ce929
[  146.026642][ T9108] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  146.026663][ T9108] RSP: 002b:00007f4534a37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  146.026687][ T9108] RAX: ffffffffffffffda RBX: 00007f45365f5fa0 RCX: 00007f45363ce929
[  146.026763][ T9108] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000003
[  146.026790][ T9108] RBP: 00007f4534a37090 R08: 0000000000000000 R09: 0000000000000000
[  146.026807][ T9108] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  146.026819][ T9108] R13: 0000000000000000 R14: 00007f45365f5fa0 R15: 00007ffed3e61f88
[  146.026838][ T9108]  </TASK>
[  146.323083][ T9113] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1807'.
[  146.332280][ T9113] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1807'.
[  146.341302][ T9113] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1807'.
[  146.847549][ T9142] lo speed is unknown, defaulting to 1000
[  146.962528][ T9148] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9148 comm=syz.1.1823
[  147.251328][ T9176] syzkaller0: entered promiscuous mode
[  147.256946][ T9176] syzkaller0: entered allmulticast mode
[  147.358758][ T9191] bond_slave_1: mtu less than device minimum
[  147.715711][ T9237] netlink: 176 bytes leftover after parsing attributes in process `syz.4.1860'.
[  147.902868][ T9266] FAULT_INJECTION: forcing a failure.
[  147.902868][ T9266] name failslab, interval 1, probability 0, space 0, times 0
[  147.915837][ T9266] CPU: 0 UID: 0 PID: 9266 Comm: syz.0.1871 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(voluntary) 
[  147.915865][ T9266] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  147.915957][ T9266] Call Trace:
[  147.915963][ T9266]  <TASK>
[  147.915970][ T9266]  __dump_stack+0x1d/0x30
[  147.915991][ T9266]  dump_stack_lvl+0xe8/0x140
[  147.916014][ T9266]  dump_stack+0x15/0x1b
[  147.916035][ T9266]  should_fail_ex+0x265/0x280
[  147.916075][ T9266]  should_failslab+0x8c/0xb0
[  147.916151][ T9266]  kmem_cache_alloc_node_noprof+0x57/0x320
[  147.916197][ T9266]  ? __alloc_skb+0x101/0x320
[  147.916304][ T9266]  ? __rtnl_unlock+0x95/0xb0
[  147.916454][ T9266]  __alloc_skb+0x101/0x320
[  147.916482][ T9266]  netlink_ack+0xfd/0x500
[  147.916587][ T9266]  netlink_rcv_skb+0x192/0x220
[  147.916617][ T9266]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  147.916649][ T9266]  rtnetlink_rcv+0x1c/0x30
[  147.916674][ T9266]  netlink_unicast+0x59e/0x670
[  147.916769][ T9266]  netlink_sendmsg+0x58b/0x6b0
[  147.916796][ T9266]  ? __pfx_netlink_sendmsg+0x10/0x10
[  147.916901][ T9266]  __sock_sendmsg+0x145/0x180
[  147.916933][ T9266]  ____sys_sendmsg+0x31e/0x4e0
[  147.916979][ T9266]  ___sys_sendmsg+0x17b/0x1d0
[  147.917083][ T9266]  __x64_sys_sendmsg+0xd4/0x160
[  147.917131][ T9266]  x64_sys_call+0x2999/0x2fb0
[  147.917151][ T9266]  do_syscall_64+0xd2/0x200
[  147.917228][ T9266]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  147.917263][ T9266]  ? clear_bhb_loop+0x40/0x90
[  147.917356][ T9266]  ? clear_bhb_loop+0x40/0x90
[  147.917385][ T9266]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.917404][ T9266] RIP: 0033:0x7f5bab7de929
[  147.917419][ T9266] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  147.917483][ T9266] RSP: 002b:00007f5ba9e47038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  147.917502][ T9266] RAX: ffffffffffffffda RBX: 00007f5baba05fa0 RCX: 00007f5bab7de929
[  147.917518][ T9266] RDX: 0000000020008154 RSI: 00002000000012c0 RDI: 0000000000000004
[  147.917532][ T9266] RBP: 00007f5ba9e47090 R08: 0000000000000000 R09: 0000000000000000
[  147.917547][ T9266] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  147.917591][ T9266] R13: 0000000000000000 R14: 00007f5baba05fa0 R15: 00007ffe90d55508
[  147.917612][ T9266]  </TASK>
[  148.173120][ T9272] netlink: 176 bytes leftover after parsing attributes in process `syz.0.1873'.
[  148.280755][ T9284] netlink: 'syz.0.1879': attribute type 27 has an invalid length.
[  148.370422][ T9288] 8021q: adding VLAN 0 to HW filter on device bond0
[  148.379154][ T9288] 8021q: adding VLAN 0 to HW filter on device team0
[  148.389664][ T9288] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  148.449967][ T9301] FAULT_INJECTION: forcing a failure.
[  148.449967][ T9301] name failslab, interval 1, probability 0, space 0, times 0
[  148.462801][ T9301] CPU: 0 UID: 0 PID: 9301 Comm: syz.3.1884 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(voluntary) 
[  148.462883][ T9301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  148.462895][ T9301] Call Trace:
[  148.462943][ T9301]  <TASK>
[  148.462952][ T9301]  __dump_stack+0x1d/0x30
[  148.462980][ T9301]  dump_stack_lvl+0xe8/0x140
[  148.463005][ T9301]  dump_stack+0x15/0x1b
[  148.463022][ T9301]  should_fail_ex+0x265/0x280
[  148.463104][ T9301]  should_failslab+0x8c/0xb0
[  148.463181][ T9301]  __kmalloc_noprof+0xa5/0x3e0
[  148.463251][ T9301]  ? fib6_info_alloc+0x2e/0x90
[  148.463293][ T9301]  fib6_info_alloc+0x2e/0x90
[  148.463356][ T9301]  ip6_route_info_create+0xe7/0x390
[  148.463448][ T9301]  inet6_rtm_newroute+0x35e/0x1020
[  148.463486][ T9301]  ? __memcg_slab_free_hook+0x135/0x230
[  148.463597][ T9301]  ? __pfx_inet6_rtm_newroute+0x10/0x10
[  148.463639][ T9301]  rtnetlink_rcv_msg+0x5fe/0x6d0
[  148.463714][ T9301]  netlink_rcv_skb+0x123/0x220
[  148.463782][ T9301]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  148.463815][ T9301]  rtnetlink_rcv+0x1c/0x30
[  148.463833][ T9301]  netlink_unicast+0x59e/0x670
[  148.463886][ T9301]  netlink_sendmsg+0x58b/0x6b0
[  148.463911][ T9301]  ? __pfx_netlink_sendmsg+0x10/0x10
[  148.463929][ T9301]  __sock_sendmsg+0x145/0x180
[  148.463984][ T9301]  ____sys_sendmsg+0x31e/0x4e0
[  148.464031][ T9301]  ___sys_sendmsg+0x17b/0x1d0
[  148.464077][ T9301]  __x64_sys_sendmsg+0xd4/0x160
[  148.464149][ T9301]  x64_sys_call+0x2999/0x2fb0
[  148.464174][ T9301]  do_syscall_64+0xd2/0x200
[  148.464197][ T9301]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  148.464261][ T9301]  ? clear_bhb_loop+0x40/0x90
[  148.464326][ T9301]  ? clear_bhb_loop+0x40/0x90
[  148.464347][ T9301]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.464368][ T9301] RIP: 0033:0x7fa55798e929
[  148.464386][ T9301] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.464476][ T9301] RSP: 002b:00007fa555ff7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  148.464499][ T9301] RAX: ffffffffffffffda RBX: 00007fa557bb5fa0 RCX: 00007fa55798e929
[  148.464540][ T9301] RDX: 0000000000048002 RSI: 0000200000000080 RDI: 0000000000000003
[  148.464552][ T9301] RBP: 00007fa555ff7090 R08: 0000000000000000 R09: 0000000000000000
[  148.464563][ T9301] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  148.464574][ T9301] R13: 0000000000000000 R14: 00007fa557bb5fa0 R15: 00007fff939a60b8
[  148.464592][ T9301]  </TASK>
[  148.858238][ T9329] FAULT_INJECTION: forcing a failure.
[  148.858238][ T9329] name failslab, interval 1, probability 0, space 0, times 0
[  148.870981][ T9329] CPU: 0 UID: 0 PID: 9329 Comm: syz.0.1895 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(voluntary) 
[  148.871016][ T9329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  148.871031][ T9329] Call Trace:
[  148.871039][ T9329]  <TASK>
[  148.871048][ T9329]  __dump_stack+0x1d/0x30
[  148.871111][ T9329]  dump_stack_lvl+0xe8/0x140
[  148.871135][ T9329]  dump_stack+0x15/0x1b
[  148.871156][ T9329]  should_fail_ex+0x265/0x280
[  148.871195][ T9329]  should_failslab+0x8c/0xb0
[  148.871223][ T9329]  kmem_cache_alloc_noprof+0x50/0x310
[  148.871290][ T9329]  ? __anon_vma_prepare+0xcd/0x2f0
[  148.871383][ T9329]  __anon_vma_prepare+0xcd/0x2f0
[  148.871424][ T9329]  handle_mm_fault+0x1d19/0x2be0
[  148.871453][ T9329]  ? mas_walk+0xf2/0x120
[  148.871525][ T9329]  do_user_addr_fault+0x636/0x1090
[  148.871580][ T9329]  ? fpregs_assert_state_consistent+0xb4/0xe0
[  148.871619][ T9329]  exc_page_fault+0x62/0xa0
[  148.871666][ T9329]  asm_exc_page_fault+0x26/0x30
[  148.871690][ T9329] RIP: 0033:0x7f5bab6a0ca3
[  148.871708][ T9329] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
[  148.871808][ T9329] RSP: 002b:00007f5ba9e464a0 EFLAGS: 00010202
[  148.871902][ T9329] RAX: 0000000000008000 RBX: 00007f5ba9e46540 RCX: 00007f5ba1a27000
[  148.871919][ T9329] RDX: 00007f5ba9e466e0 RSI: 0000000000000016 RDI: 00007f5ba9e465e0
[  148.871934][ T9329] RBP: 0000000000000102 R08: 0000000000000005 R09: 0000000000000004
[  148.872005][ T9329] R10: 0000000000000008 R11: 00007f5ba9e46540 R12: 0000000000000001
[  148.872021][ T9329] R13: 00007f5bab87c120 R14: 0000000000000001 R15: 00007f5ba9e465e0
[  148.872043][ T9329]  </TASK>
[  149.044608][ T9329] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  149.236060][   T29] kauditd_printk_skb: 1155 callbacks suppressed
[  149.236079][   T29] audit: type=1400 audit(1750461684.344:6081): avc:  denied  { map_create } for  pid=9357 comm="syz.0.1907" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  149.261867][   T29] audit: type=1400 audit(1750461684.344:6082): avc:  denied  { prog_load } for  pid=9357 comm="syz.0.1907" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  149.281074][   T29] audit: type=1400 audit(1750461684.344:6083): avc:  denied  { prog_load } for  pid=9357 comm="syz.0.1907" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  149.300398][   T29] audit: type=1400 audit(1750461684.354:6084): avc:  denied  { open } for  pid=9357 comm="syz.0.1907" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=0
[  149.320066][   T29] audit: type=1400 audit(1750461684.364:6085): avc:  denied  { read write } for  pid=3304 comm="syz-executor" name="loop0" dev="devtmpfs" ino=836 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  149.363079][   T29] audit: type=1400 audit(1750461684.364:6086): avc:  denied  { map_create } for  pid=9359 comm="syz.0.1908" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  149.382447][   T29] audit: type=1400 audit(1750461684.364:6087): avc:  denied  { prog_load } for  pid=9359 comm="syz.0.1908" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  149.401736][   T29] audit: type=1400 audit(1750461684.364:6088): avc:  denied  { prog_load } for  pid=9359 comm="syz.0.1908" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  149.420853][   T29] audit: type=1400 audit(1750461684.364:6089): avc:  denied  { prog_load } for  pid=9359 comm="syz.0.1908" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  149.441138][   T29] audit: type=1400 audit(1750461684.364:6090): avc:  denied  { prog_load } for  pid=9359 comm="syz.0.1908" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  149.552652][ T9398] FAULT_INJECTION: forcing a failure.
[  149.552652][ T9398] name failslab, interval 1, probability 0, space 0, times 0
[  149.565526][ T9398] CPU: 0 UID: 0 PID: 9398 Comm: syz.1.1924 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(voluntary) 
[  149.565648][ T9398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  149.565663][ T9398] Call Trace:
[  149.565670][ T9398]  <TASK>
[  149.565677][ T9398]  __dump_stack+0x1d/0x30
[  149.565698][ T9398]  dump_stack_lvl+0xe8/0x140
[  149.565784][ T9398]  dump_stack+0x15/0x1b
[  149.565803][ T9398]  should_fail_ex+0x265/0x280
[  149.565858][ T9398]  should_failslab+0x8c/0xb0
[  149.565950][ T9398]  kmem_cache_alloc_node_noprof+0x57/0x320
[  149.565986][ T9398]  ? __alloc_skb+0x101/0x320
[  149.566028][ T9398]  __alloc_skb+0x101/0x320
[  149.566062][ T9398]  ? audit_log_start+0x365/0x6c0
[  149.566144][ T9398]  audit_log_start+0x380/0x6c0
[  149.566229][ T9398]  audit_seccomp+0x48/0x100
[  149.566264][ T9398]  ? __seccomp_filter+0x68c/0x10d0
[  149.566332][ T9398]  __seccomp_filter+0x69d/0x10d0
[  149.566362][ T9398]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  149.566458][ T9398]  ? vfs_write+0x75e/0x8e0
[  149.566497][ T9398]  ? __rcu_read_unlock+0x4f/0x70
[  149.566565][ T9398]  ? __fget_files+0x184/0x1c0
[  149.566595][ T9398]  __secure_computing+0x82/0x150
[  149.566696][ T9398]  syscall_trace_enter+0xcf/0x1e0
[  149.566720][ T9398]  do_syscall_64+0xac/0x200
[  149.566737][ T9398]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  149.566761][ T9398]  ? clear_bhb_loop+0x40/0x90
[  149.566784][ T9398]  ? clear_bhb_loop+0x40/0x90
[  149.566926][ T9398]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.566953][ T9398] RIP: 0033:0x7f45363ce929
[  149.566973][ T9398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  149.566998][ T9398] RSP: 002b:00007f4534a37038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  149.567021][ T9398] RAX: ffffffffffffffda RBX: 00007f45365f5fa0 RCX: 00007f45363ce929
[  149.567037][ T9398] RDX: 0000000000000000 RSI: 0000200000001600 RDI: ffffffffffffffff
[  149.567111][ T9398] RBP: 00007f4534a37090 R08: 0000000000000000 R09: 0000000000000000
[  149.567126][ T9398] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  149.567141][ T9398] R13: 0000000000000000 R14: 00007f45365f5fa0 R15: 00007ffed3e61f88
[  149.567164][ T9398]  </TASK>
[  149.880068][ T9416] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  150.093847][ T9451] netlink: 176 bytes leftover after parsing attributes in process `syz.0.1944'.
[  150.292708][ T9472] lo speed is unknown, defaulting to 1000
[  150.307335][ T9475] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1956'.
[  150.392310][ T9485] netlink: 176 bytes leftover after parsing attributes in process `syz.2.1960'.
[  150.590883][ T9520] netlink: 176 bytes leftover after parsing attributes in process `syz.2.1974'.
[  150.641882][ T9524] netlink: 'syz.0.1976': attribute type 4 has an invalid length.
[  150.660128][ T9526] lo speed is unknown, defaulting to 1000
[  150.689963][ T9525] lo speed is unknown, defaulting to 1000
[  150.896835][ T9544] lo speed is unknown, defaulting to 1000
[  151.183583][ T9555] netlink: 176 bytes leftover after parsing attributes in process `syz.2.1985'.
[  151.244722][ T9557] lo speed is unknown, defaulting to 1000
[  151.453155][ T9580] netlink: 176 bytes leftover after parsing attributes in process `syz.1.1996'.
[  151.700127][ T9610] netlink: 176 bytes leftover after parsing attributes in process `syz.1.2010'.
[  151.812246][ T9588] FAULT_INJECTION: forcing a failure.
[  151.812246][ T9588] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  151.825788][ T9588] CPU: 1 UID: 0 PID: 9588 Comm: syz.4.1992 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(voluntary) 
[  151.825829][ T9588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  151.825844][ T9588] Call Trace:
[  151.825853][ T9588]  <TASK>
[  151.825863][ T9588]  __dump_stack+0x1d/0x30
[  151.825887][ T9588]  dump_stack_lvl+0xe8/0x140
[  151.825922][ T9588]  dump_stack+0x15/0x1b
[  151.825944][ T9588]  should_fail_ex+0x265/0x280
[  151.826046][ T9588]  should_fail+0xb/0x20
[  151.826136][ T9588]  should_fail_usercopy+0x1a/0x20
[  151.826238][ T9588]  _copy_to_user+0x20/0xa0
[  151.826264][ T9588]  simple_read_from_buffer+0xb5/0x130
[  151.826314][ T9588]  proc_fail_nth_read+0x100/0x140
[  151.826337][ T9588]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  151.826425][ T9588]  vfs_read+0x1a0/0x6f0
[  151.826464][ T9588]  ? __rcu_read_unlock+0x4f/0x70
[  151.826547][ T9588]  ? __fget_files+0x184/0x1c0
[  151.826590][ T9588]  ksys_read+0xda/0x1a0
[  151.826658][ T9588]  __x64_sys_read+0x40/0x50
[  151.826689][ T9588]  x64_sys_call+0x2d77/0x2fb0
[  151.826710][ T9588]  do_syscall_64+0xd2/0x200
[  151.826732][ T9588]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  151.826782][ T9588]  ? clear_bhb_loop+0x40/0x90
[  151.826810][ T9588]  ? clear_bhb_loop+0x40/0x90
[  151.826838][ T9588]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.826862][ T9588] RIP: 0033:0x7f470527d33c
[  151.826877][ T9588] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  151.826955][ T9588] RSP: 002b:00007f47038a5030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  151.826977][ T9588] RAX: ffffffffffffffda RBX: 00007f47054a6160 RCX: 00007f470527d33c
[  151.826992][ T9588] RDX: 000000000000000f RSI: 00007f47038a50a0 RDI: 0000000000000006
[  151.827007][ T9588] RBP: 00007f47038a5090 R08: 0000000000000000 R09: 0000000000000000
[  151.827021][ T9588] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  151.827034][ T9588] R13: 0000000000000000 R14: 00007f47054a6160 R15: 00007ffd15847c58
[  151.827052][ T9588]  </TASK>
[  152.146198][ T9630] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=9630 comm=syz.2.2018
[  152.162171][ T9630] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pid=9630 comm=syz.2.2018
[  152.209310][ T9636] netlink: 176 bytes leftover after parsing attributes in process `syz.1.2021'.
[  152.388661][ T9670] FAULT_INJECTION: forcing a failure.
[  152.388661][ T9670] name failslab, interval 1, probability 0, space 0, times 0
[  152.401428][ T9670] CPU: 0 UID: 0 PID: 9670 Comm: syz.3.2036 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(voluntary) 
[  152.401547][ T9670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  152.401563][ T9670] Call Trace:
[  152.401572][ T9670]  <TASK>
[  152.401580][ T9670]  __dump_stack+0x1d/0x30
[  152.401613][ T9670]  dump_stack_lvl+0xe8/0x140
[  152.401638][ T9670]  dump_stack+0x15/0x1b
[  152.401716][ T9670]  should_fail_ex+0x265/0x280
[  152.401778][ T9670]  should_failslab+0x8c/0xb0
[  152.401812][ T9670]  kmem_cache_alloc_node_noprof+0x57/0x320
[  152.401847][ T9670]  ? __alloc_skb+0x101/0x320
[  152.401922][ T9670]  __alloc_skb+0x101/0x320
[  152.401953][ T9670]  ? audit_log_start+0x365/0x6c0
[  152.401985][ T9670]  audit_log_start+0x380/0x6c0
[  152.402020][ T9670]  audit_seccomp+0x48/0x100
[  152.402106][ T9670]  ? __seccomp_filter+0x68c/0x10d0
[  152.402195][ T9670]  __seccomp_filter+0x69d/0x10d0
[  152.402222][ T9670]  ? update_load_avg+0x1da/0x820
[  152.402249][ T9670]  ? __list_add_valid_or_report+0x38/0xe0
[  152.402339][ T9670]  ? _raw_spin_unlock+0x26/0x50
[  152.402374][ T9670]  __secure_computing+0x82/0x150
[  152.402404][ T9670]  syscall_trace_enter+0xcf/0x1e0
[  152.402435][ T9670]  do_syscall_64+0xac/0x200
[  152.402457][ T9670]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  152.402512][ T9670]  ? clear_bhb_loop+0x40/0x90
[  152.402546][ T9670]  ? clear_bhb_loop+0x40/0x90
[  152.402572][ T9670]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.402650][ T9670] RIP: 0033:0x7fa55798d33c
[  152.402669][ T9670] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  152.402750][ T9670] RSP: 002b:00007fa555ff7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  152.402776][ T9670] RAX: ffffffffffffffda RBX: 00007fa557bb5fa0 RCX: 00007fa55798d33c
[  152.402791][ T9670] RDX: 000000000000000f RSI: 00007fa555ff70a0 RDI: 0000000000000003
[  152.402804][ T9670] RBP: 00007fa555ff7090 R08: 0000000000000000 R09: 0000000000000000
[  152.402817][ T9670] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  152.402887][ T9670] R13: 0000000000000000 R14: 00007fa557bb5fa0 R15: 00007fff939a60b8
[  152.402909][ T9670]  </TASK>
[  217.270610][   T29] kauditd_printk_skb: 1413 callbacks suppressed
[  217.270642][   T29] audit: type=1400 audit(1750461752.394:7500): avc:  denied  { open } for  pid=9694 comm="syz.3.2046" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=0
[  217.332140][   T29] audit: type=1400 audit(1750461752.404:7501): avc:  denied  { prog_load } for  pid=9693 comm="syz.1.2044" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  217.351346][   T29] audit: type=1400 audit(1750461752.404:7502): avc:  denied  { prog_load } for  pid=9693 comm="syz.1.2044" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  217.370471][   T29] audit: type=1400 audit(1750461752.424:7503): avc:  denied  { map_create } for  pid=9694 comm="syz.3.2046" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  217.389761][   T29] audit: type=1400 audit(1750461752.424:7504): avc:  denied  { prog_load } for  pid=9694 comm="syz.3.2046" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  217.408945][   T29] audit: type=1400 audit(1750461752.424:7505): avc:  denied  { prog_load } for  pid=9701 comm="syz.1.2048" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  217.428220][   T29] audit: type=1400 audit(1750461752.424:7506): avc:  denied  { map_create } for  pid=9694 comm="syz.3.2046" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  217.447412][   T29] audit: type=1400 audit(1750461752.424:7507): avc:  denied  { prog_load } for  pid=9694 comm="syz.3.2046" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  217.466570][   T29] audit: type=1400 audit(1750461752.424:7508): avc:  denied  { map_create } for  pid=9694 comm="syz.3.2046" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  217.485803][   T29] audit: type=1400 audit(1750461752.424:7509): avc:  denied  { prog_load } for  pid=9694 comm="syz.3.2046" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  217.795763][ T9745] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[  217.802349][ T9745] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  217.809948][ T9745] vhci_hcd vhci_hcd.0: Device attached
[  217.816915][ T9746] vhci_hcd: connection closed
[  217.818499][ T3860] vhci_hcd: stop threads
[  217.827896][ T3860] vhci_hcd: release socket
[  217.832531][ T3860] vhci_hcd: disconnect device
[  217.840147][ T9750] netlink: 'syz.3.2066': attribute type 27 has an invalid length.
[  218.211729][ T9799] __nla_validate_parse: 1 callbacks suppressed
[  218.211746][ T9799] netlink: 176 bytes leftover after parsing attributes in process `syz.0.2087'.
[  218.231861][ T9797] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2086'.
[  218.243852][ T9801] netlink: 'syz.3.2088': attribute type 27 has an invalid length.
[  218.271387][ T9805] netlink: 'syz.3.2090': attribute type 27 has an invalid length.
[  218.527882][ T9846] wireguard0: entered promiscuous mode
[  218.533502][ T9846] wireguard0: entered allmulticast mode
[  218.997128][ T9883] netlink: 176 bytes leftover after parsing attributes in process `syz.4.2119'.
[  219.029787][ T9888] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2122'.
[  219.185274][ T9904] FAULT_INJECTION: forcing a failure.
[  219.185274][ T9904] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  219.198443][ T9904] CPU: 0 UID: 0 PID: 9904 Comm: +}[@ Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(voluntary) 
[  219.198533][ T9904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  219.198545][ T9904] Call Trace:
[  219.198551][ T9904]  <TASK>
[  219.198559][ T9904]  __dump_stack+0x1d/0x30
[  219.198585][ T9904]  dump_stack_lvl+0xe8/0x140
[  219.198601][ T9904]  dump_stack+0x15/0x1b
[  219.198615][ T9904]  should_fail_ex+0x265/0x280
[  219.198662][ T9904]  should_fail+0xb/0x20
[  219.198697][ T9904]  should_fail_usercopy+0x1a/0x20
[  219.198854][ T9904]  _copy_to_user+0x20/0xa0
[  219.198873][ T9904]  simple_read_from_buffer+0xb5/0x130
[  219.198906][ T9904]  proc_fail_nth_read+0x100/0x140
[  219.198923][ T9904]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  219.199051][ T9904]  vfs_read+0x1a0/0x6f0
[  219.199078][ T9904]  ? __rcu_read_unlock+0x4f/0x70
[  219.199096][ T9904]  ? __fget_files+0x184/0x1c0
[  219.199177][ T9904]  ksys_read+0xda/0x1a0
[  219.199206][ T9904]  __x64_sys_read+0x40/0x50
[  219.199294][ T9904]  x64_sys_call+0x2d77/0x2fb0
[  219.199313][ T9904]  do_syscall_64+0xd2/0x200
[  219.199329][ T9904]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  219.199351][ T9904]  ? clear_bhb_loop+0x40/0x90
[  219.199445][ T9904]  ? clear_bhb_loop+0x40/0x90
[  219.199466][ T9904]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  219.199493][ T9904] RIP: 0033:0x7f470527d33c
[  219.199510][ T9904] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  219.199526][ T9904] RSP: 002b:00007f47038e7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  219.199551][ T9904] RAX: ffffffffffffffda RBX: 00007f47054a5fa0 RCX: 00007f470527d33c
[  219.199614][ T9904] RDX: 000000000000000f RSI: 00007f47038e70a0 RDI: 0000000000000003
[  219.199625][ T9904] RBP: 00007f47038e7090 R08: 0000000000000000 R09: 0000000000000000
[  219.199635][ T9904] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  219.199646][ T9904] R13: 0000000000000000 R14: 00007f47054a5fa0 R15: 00007ffd15847c58
[  219.199663][ T9904]  </TASK>
[  219.592569][ T9932] FAULT_INJECTION: forcing a failure.
[  219.592569][ T9932] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  219.605817][ T9932] CPU: 0 UID: 0 PID: 9932 Comm: syz.0.2143 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(voluntary) 
[  219.605841][ T9932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  219.605853][ T9932] Call Trace:
[  219.605903][ T9932]  <TASK>
[  219.605909][ T9932]  __dump_stack+0x1d/0x30
[  219.605958][ T9932]  dump_stack_lvl+0xe8/0x140
[  219.605975][ T9932]  dump_stack+0x15/0x1b
[  219.605989][ T9932]  should_fail_ex+0x265/0x280
[  219.606053][ T9932]  should_fail+0xb/0x20
[  219.606104][ T9932]  should_fail_usercopy+0x1a/0x20
[  219.606132][ T9932]  _copy_to_user+0x20/0xa0
[  219.606220][ T9932]  simple_read_from_buffer+0xb5/0x130
[  219.606249][ T9932]  proc_fail_nth_read+0x100/0x140
[  219.606267][ T9932]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  219.606297][ T9932]  vfs_read+0x1a0/0x6f0
[  219.606398][ T9932]  ? __rcu_read_unlock+0x4f/0x70
[  219.606423][ T9932]  ? __fget_files+0x184/0x1c0
[  219.606452][ T9932]  ksys_read+0xda/0x1a0
[  219.606573][ T9932]  __x64_sys_read+0x40/0x50
[  219.606600][ T9932]  x64_sys_call+0x2d77/0x2fb0
[  219.606621][ T9932]  do_syscall_64+0xd2/0x200
[  219.606637][ T9932]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  219.606728][ T9932]  ? clear_bhb_loop+0x40/0x90
[  219.606746][ T9932]  ? clear_bhb_loop+0x40/0x90
[  219.606766][ T9932]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  219.606908][ T9932] RIP: 0033:0x7f5bab7dd33c
[  219.606921][ T9932] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  219.606937][ T9932] RSP: 002b:00007f5ba9e47030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  219.606954][ T9932] RAX: ffffffffffffffda RBX: 00007f5baba05fa0 RCX: 00007f5bab7dd33c
[  219.606965][ T9932] RDX: 000000000000000f RSI: 00007f5ba9e470a0 RDI: 0000000000000004
[  219.606976][ T9932] RBP: 00007f5ba9e47090 R08: 0000000000000000 R09: 0000000000000000
[  219.607009][ T9932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  219.607020][ T9932] R13: 0000000000000000 R14: 00007f5baba05fa0 R15: 00007ffe90d55508
[  219.607036][ T9932]  </TASK>
[  220.179867][ T9977] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2164'.
[  220.246138][ T9993] netlink: 68 bytes leftover after parsing attributes in process `syz.3.2172'.
[  220.281373][ T9997] FAULT_INJECTION: forcing a failure.
[  220.281373][ T9997] name failslab, interval 1, probability 0, space 0, times 0
[  220.294109][ T9997] CPU: 1 UID: 0 PID: 9997 Comm: syz.0.2174 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(voluntary) 
[  220.294150][ T9997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  220.294166][ T9997] Call Trace:
[  220.294173][ T9997]  <TASK>
[  220.294182][ T9997]  __dump_stack+0x1d/0x30
[  220.294206][ T9997]  dump_stack_lvl+0xe8/0x140
[  220.294231][ T9997]  dump_stack+0x15/0x1b
[  220.294306][ T9997]  should_fail_ex+0x265/0x280
[  220.294336][ T9997]  should_failslab+0x8c/0xb0
[  220.294442][ T9997]  kmem_cache_alloc_node_noprof+0x57/0x320
[  220.294467][ T9997]  ? __alloc_skb+0x101/0x320
[  220.294590][ T9997]  __alloc_skb+0x101/0x320
[  220.294617][ T9997]  netlink_alloc_large_skb+0xba/0xf0
[  220.294708][ T9997]  netlink_sendmsg+0x3cf/0x6b0
[  220.294727][ T9997]  ? __pfx_netlink_sendmsg+0x10/0x10
[  220.294744][ T9997]  __sock_sendmsg+0x145/0x180
[  220.294771][ T9997]  ____sys_sendmsg+0x31e/0x4e0
[  220.294804][ T9997]  ___sys_sendmsg+0x17b/0x1d0
[  220.294888][ T9997]  __x64_sys_sendmsg+0xd4/0x160
[  220.294940][ T9997]  x64_sys_call+0x2999/0x2fb0
[  220.294958][ T9997]  do_syscall_64+0xd2/0x200
[  220.294974][ T9997]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  220.295069][ T9997]  ? clear_bhb_loop+0x40/0x90
[  220.295123][ T9997]  ? clear_bhb_loop+0x40/0x90
[  220.295149][ T9997]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.295176][ T9997] RIP: 0033:0x7f5bab7de929
[  220.295189][ T9997] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  220.295205][ T9997] RSP: 002b:00007f5ba9e47038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  220.295256][ T9997] RAX: ffffffffffffffda RBX: 00007f5baba05fa0 RCX: 00007f5bab7de929
[  220.295267][ T9997] RDX: 0000000000004800 RSI: 0000200000006040 RDI: 0000000000000004
[  220.295278][ T9997] RBP: 00007f5ba9e47090 R08: 0000000000000000 R09: 0000000000000000
[  220.295289][ T9997] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  220.295299][ T9997] R13: 0000000000000000 R14: 00007f5baba05fa0 R15: 00007ffe90d55508
[  220.295373][ T9997]  </TASK>
[  220.605787][T10012] lo speed is unknown, defaulting to 1000
[  220.755950][T10044] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2195'.
[  220.803719][T10055] FAULT_INJECTION: forcing a failure.
[  220.803719][T10055] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  220.810565][T10043] cgroup: fork rejected by pids controller in 
[  220.816869][T10055] CPU: 0 UID: 0 PID: 10055 Comm: syz.4.2200 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(voluntary) 
[  220.816912][T10055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  220.816961][T10055] Call Trace:
[  220.816970][T10055]  <TASK>
[  220.816979][T10055]  __dump_stack+0x1d/0x30
[  220.817029][T10055]  dump_stack_lvl+0xe8/0x140
[  220.817055][T10055]  dump_stack+0x15/0x1b
[  220.817152][T10055]  should_fail_ex+0x265/0x280
[  220.817276][T10055]  should_fail+0xb/0x20
[  220.817337][T10055]  should_fail_usercopy+0x1a/0x20
[  220.817391][T10055]  _copy_to_user+0x20/0xa0
[  220.817420][T10055]  simple_read_from_buffer+0xb5/0x130
[  220.817463][T10055]  proc_fail_nth_read+0x100/0x140
[  220.817536][T10055]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  220.817581][T10055]  vfs_read+0x1a0/0x6f0
[  220.817720][T10055]  ? __rcu_read_unlock+0x4f/0x70
[  220.817792][T10055]  ? __fget_files+0x184/0x1c0
[  220.817820][T10055]  ksys_read+0xda/0x1a0
[  220.817860][T10055]  __x64_sys_read+0x40/0x50
[  220.817971][T10055]  x64_sys_call+0x2d77/0x2fb0
[  220.817999][T10055]  do_syscall_64+0xd2/0x200
[  220.818024][T10055]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  220.818057][T10055]  ? clear_bhb_loop+0x40/0x90
[  220.818084][T10055]  ? clear_bhb_loop+0x40/0x90
[  220.818123][T10055]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.818150][T10055] RIP: 0033:0x7f470527d33c
[  220.818169][T10055] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  220.818259][T10055] RSP: 002b:00007f47038e7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  220.818285][T10055] RAX: ffffffffffffffda RBX: 00007f47054a5fa0 RCX: 00007f470527d33c
[  220.818301][T10055] RDX: 000000000000000f RSI: 00007f47038e70a0 RDI: 0000000000000003
[  220.818318][T10055] RBP: 00007f47038e7090 R08: 0000000000000000 R09: 0000000000000000
[  220.818336][T10055] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  220.818351][T10055] R13: 0000000000000000 R14: 00007f47054a5fa0 R15: 00007ffd15847c58
[  220.818414][T10055]  </TASK>
[  220.858467][T10060] netlink: 176 bytes leftover after parsing attributes in process `syz.4.2201'.
[  220.861302][T10043] /syz0
[  221.075885][T10277] FAULT_INJECTION: forcing a failure.
[  221.075885][T10277] name failslab, interval 1, probability 0, space 0, times 0
[  221.088599][T10277] CPU: 0 UID: 0 PID: 10277 Comm: syz.2.2206 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(voluntary) 
[  221.088674][T10277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  221.088689][T10277] Call Trace:
[  221.088696][T10277]  <TASK>
[  221.088704][T10277]  __dump_stack+0x1d/0x30
[  221.088753][T10277]  dump_stack_lvl+0xe8/0x140
[  221.088777][T10277]  dump_stack+0x15/0x1b
[  221.088796][T10277]  should_fail_ex+0x265/0x280
[  221.088834][T10277]  should_failslab+0x8c/0xb0
[  221.088947][T10277]  kmem_cache_alloc_noprof+0x50/0x310
[  221.088974][T10277]  ? __anon_vma_prepare+0xcd/0x2f0
[  221.089009][T10277]  __anon_vma_prepare+0xcd/0x2f0
[  221.089097][T10277]  handle_mm_fault+0x1d19/0x2be0
[  221.089137][T10277]  ? __rcu_read_unlock+0x4f/0x70
[  221.089166][T10277]  do_user_addr_fault+0x3fe/0x1090
[  221.089252][T10277]  exc_page_fault+0x62/0xa0
[  221.089287][T10277]  asm_exc_page_fault+0x26/0x30
[  221.089313][T10277] RIP: 0010:rep_movs_alternative+0x33/0x90
[  221.089423][T10277] Code: 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb
[  221.089453][T10277] RSP: 0018:ffffc9000fa7fe80 EFLAGS: 00050212
[  221.089468][T10277] RAX: 00000000000c8000 RBX: 0000000000000010 RCX: 0000000000000010
[  221.089483][T10277] RDX: 0000000000000000 RSI: ffffc9000fa7feb8 RDI: 0000200000000040
[  221.089499][T10277] RBP: ffff88811952b0c0 R08: 0000000000000a13 R09: 0000000000000000
[  221.089515][T10277] R10: 0001c9000fa7feb8 R11: 0001c9000fa7fec7 R12: 0000200000000050
[  221.089607][T10277] R13: 00007ffffffff000 R14: 0000200000000040 R15: ffffc9000fa7feb8
[  221.089625][T10277]  _copy_to_user+0x7c/0xa0
[  221.089646][T10277]  __x64_sys_getrlimit+0x104/0x150
[  221.089751][T10277]  x64_sys_call+0x1657/0x2fb0
[  221.089776][T10277]  do_syscall_64+0xd2/0x200
[  221.089798][T10277]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  221.089831][T10277]  ? clear_bhb_loop+0x40/0x90
[  221.089913][T10277]  ? clear_bhb_loop+0x40/0x90
[  221.089988][T10277]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  221.090008][T10277] RIP: 0033:0x7f926f3ae929
[  221.090021][T10277] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  221.090039][T10277] RSP: 002b:00007f926da17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000061
[  221.090062][T10277] RAX: ffffffffffffffda RBX: 00007f926f5d5fa0 RCX: 00007f926f3ae929
[  221.090077][T10277] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 000000000000000c
[  221.090160][T10277] RBP: 00007f926da17090 R08: 0000000000000000 R09: 0000000000000000
[  221.090175][T10277] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  221.090189][T10277] R13: 0000000000000001 R14: 00007f926f5d5fa0 R15: 00007fff4d825208
[  221.090273][T10277]  </TASK>
[  221.430463][T10299] netlink: 176 bytes leftover after parsing attributes in process `syz.1.2215'.
[  221.480780][T10308] netlink: 'syz.3.2219': attribute type 27 has an invalid length.
[  221.493779][T10310] netlink: 'syz.1.2220': attribute type 3 has an invalid length.
[  221.507493][T10310] netlink: 'syz.1.2220': attribute type 21 has an invalid length.
[  221.510900][T10312] FAULT_INJECTION: forcing a failure.
[  221.510900][T10312] name failslab, interval 1, probability 0, space 0, times 0
[  221.528083][T10312] CPU: 0 UID: 0 PID: 10312 Comm: syz.3.2221 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(voluntary) 
[  221.528112][T10312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  221.528124][T10312] Call Trace:
[  221.528130][T10312]  <TASK>
[  221.528137][T10312]  __dump_stack+0x1d/0x30
[  221.528192][T10312]  dump_stack_lvl+0xe8/0x140
[  221.528216][T10312]  dump_stack+0x15/0x1b
[  221.528303][T10312]  should_fail_ex+0x265/0x280
[  221.528336][T10312]  ? tcf_block_get_ext+0x19e/0xb30
[  221.528364][T10312]  should_failslab+0x8c/0xb0
[  221.528456][T10312]  __kmalloc_cache_noprof+0x4c/0x320
[  221.528493][T10312]  tcf_block_get_ext+0x19e/0xb30
[  221.528530][T10312]  ? __pfx_hfsc_init_qdisc+0x10/0x10
[  221.528625][T10312]  tcf_block_get+0x67/0xa0
[  221.528660][T10312]  ? __pfx_tcf_chain_head_change_dflt+0x10/0x10
[  221.528700][T10312]  hfsc_init_qdisc+0xe0/0x230
[  221.528731][T10312]  ? __pfx_hfsc_init_qdisc+0x10/0x10
[  221.528764][T10312]  qdisc_create+0x591/0x9e0
[  221.528790][T10312]  tc_modify_qdisc+0xe2c/0x1380
[  221.528827][T10312]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  221.528915][T10312]  rtnetlink_rcv_msg+0x657/0x6d0
[  221.528944][T10312]  ? avc_has_perm_noaudit+0x1b1/0x200
[  221.528974][T10312]  netlink_rcv_skb+0x123/0x220
[  221.529167][T10312]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  221.529207][T10312]  rtnetlink_rcv+0x1c/0x30
[  221.529276][T10312]  netlink_unicast+0x59e/0x670
[  221.529313][T10312]  netlink_sendmsg+0x58b/0x6b0
[  221.529338][T10312]  ? __pfx_netlink_sendmsg+0x10/0x10
[  221.529435][T10312]  __sock_sendmsg+0x145/0x180
[  221.529466][T10312]  ____sys_sendmsg+0x31e/0x4e0
[  221.529502][T10312]  ___sys_sendmsg+0x17b/0x1d0
[  221.529664][T10312]  __x64_sys_sendmsg+0xd4/0x160
[  221.529707][T10312]  x64_sys_call+0x2999/0x2fb0
[  221.529735][T10312]  do_syscall_64+0xd2/0x200
[  221.529779][T10312]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  221.529804][T10312]  ? clear_bhb_loop+0x40/0x90
[  221.529824][T10312]  ? clear_bhb_loop+0x40/0x90
[  221.529883][T10312]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  221.529963][T10312] RIP: 0033:0x7fa55798e929
[  221.529982][T10312] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  221.530005][T10312] RSP: 002b:00007fa555ff7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  221.530029][T10312] RAX: ffffffffffffffda RBX: 00007fa557bb5fa0 RCX: 00007fa55798e929
[  221.530070][T10312] RDX: 0000000000000000 RSI: 00002000000012c0 RDI: 0000000000000004
[  221.530085][T10312] RBP: 00007fa555ff7090 R08: 0000000000000000 R09: 0000000000000000
[  221.530101][T10312] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  221.530114][T10312] R13: 0000000000000000 R14: 00007fa557bb5fa0 R15: 00007fff939a60b8
[  221.530131][T10312]  </TASK>
[  221.852378][T10324] sch_tbf: burst 3936 is lower than device lo mtu (65550) !
[  222.271815][   T29] kauditd_printk_skb: 4337 callbacks suppressed
[  222.271831][   T29] audit: type=1400 audit(1750461757.394:11847): avc:  denied  { read } for  pid=3034 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[  222.280590][ T3034] audit: audit_backlog=65 > audit_backlog_limit=64
[  222.299570][   T29] audit: type=1400 audit(1750461757.404:11848): avc:  denied  { read } for  pid=3034 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[  222.306302][ T3034] audit: audit_lost=7 audit_rate_limit=0 audit_backlog_limit=64
[  222.327427][   T29] audit: type=1400 audit(1750461757.404:11849): avc:  denied  { read } for  pid=3034 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[  222.327454][   T29] audit: type=1400 audit(1750461757.404:11850): avc:  denied  { read } for  pid=3034 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[  222.335129][ T3034] audit: backlog limit exceeded
[  222.338573][ T3034] audit: audit_backlog=65 > audit_backlog_limit=64
[  222.356282][   T29] audit: type=1400 audit(1750461757.404:11851): avc:  denied  { read } for  pid=3034 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[  222.377384][ T3034] audit: audit_lost=8 audit_rate_limit=0 audit_backlog_limit=64
[  222.902932][T10402] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2257'.
[  223.304707][T10432] netem: change failed
[  223.328527][T10434] netlink: 'syz.4.2270': attribute type 21 has an invalid length.
[  223.336791][T10434] netlink: 'syz.4.2270': attribute type 1 has an invalid length.
[  223.344650][T10434] netlink: 144 bytes leftover after parsing attributes in process `syz.4.2270'.
[  223.370788][T10434] lo speed is unknown, defaulting to 1000
[  223.402636][T10434] netlink: 'syz.4.2270': attribute type 21 has an invalid length.
[  223.412064][T10434] netlink: 'syz.4.2270': attribute type 1 has an invalid length.
[  223.419837][T10434] netlink: 144 bytes leftover after parsing attributes in process `syz.4.2270'.
[  223.640204][T10458] netlink: 'syz.4.2280': attribute type 27 has an invalid length.
[  224.023485][T10581] FAULT_INJECTION: forcing a failure.
[  224.023485][T10581] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  224.036647][T10581] CPU: 1 UID: 0 PID: 10581 Comm: syz.0.2290 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(voluntary) 
[  224.036681][T10581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  224.036697][T10581] Call Trace:
[  224.036705][T10581]  <TASK>
[  224.036714][T10581]  __dump_stack+0x1d/0x30
[  224.036741][T10581]  dump_stack_lvl+0xe8/0x140
[  224.036774][T10581]  dump_stack+0x15/0x1b
[  224.036849][T10581]  should_fail_ex+0x265/0x280
[  224.036910][T10581]  should_fail+0xb/0x20
[  224.036944][T10581]  should_fail_usercopy+0x1a/0x20
[  224.036990][T10581]  _copy_from_user+0x1c/0xb0
[  224.037016][T10581]  kstrtouint_from_user+0x69/0xf0
[  224.037119][T10581]  ? __sctp_setsockopt_delayed_ack+0x140/0x420
[  224.037150][T10581]  proc_fail_nth_write+0x50/0x160
[  224.037170][T10581]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  224.037240][T10581]  vfs_write+0x269/0x8e0
[  224.037337][T10581]  ? vfs_read+0x47f/0x6f0
[  224.037365][T10581]  ? __rcu_read_unlock+0x4f/0x70
[  224.037447][T10581]  ? __fget_files+0x184/0x1c0
[  224.037527][T10581]  ksys_write+0xda/0x1a0
[  224.037549][T10581]  __x64_sys_write+0x40/0x50
[  224.037567][T10581]  x64_sys_call+0x2cdd/0x2fb0
[  224.037587][T10581]  do_syscall_64+0xd2/0x200
[  224.037609][T10581]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  224.037677][T10581]  ? clear_bhb_loop+0x40/0x90
[  224.037701][T10581]  ? clear_bhb_loop+0x40/0x90
[  224.037748][T10581]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.037777][T10581] RIP: 0033:0x7f5bab7dd3df
[  224.037795][T10581] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  224.037818][T10581] RSP: 002b:00007f5ba9e47030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  224.037919][T10581] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f5bab7dd3df
[  224.037991][T10581] RDX: 0000000000000001 RSI: 00007f5ba9e470a0 RDI: 0000000000000006
[  224.038002][T10581] RBP: 00007f5ba9e47090 R08: 0000000000000000 R09: 0000000000000000
[  224.038013][T10581] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  224.038028][T10581] R13: 0000000000000000 R14: 00007f5baba05fa0 R15: 00007ffe90d55508
[  224.038051][T10581]  </TASK>
[  224.301918][T10589] wireguard0: entered promiscuous mode
[  224.307443][T10589] wireguard0: entered allmulticast mode
[  224.323699][T10590] xt_policy: too many policy elements
[  224.428978][T10600] netlink: 'syz.1.2293': attribute type 4 has an invalid length.
[  224.451236][   T10] lo speed is unknown, defaulting to 1000
[  224.457101][   T10] syz0: Port: 1 Link DOWN
[  224.463636][T10600] netlink: 'syz.1.2293': attribute type 4 has an invalid length.
[  224.482369][   T10] lo speed is unknown, defaulting to 1000
[  224.488216][   T10] syz0: Port: 1 Link ACTIVE
[  224.598049][T10625] FAULT_INJECTION: forcing a failure.
[  224.598049][T10625] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  224.611519][T10625] CPU: 1 UID: 0 PID: 10625 Comm: syz.2.2310 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(voluntary) 
[  224.611547][T10625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  224.611559][T10625] Call Trace:
[  224.611564][T10625]  <TASK>
[  224.611593][T10625]  __dump_stack+0x1d/0x30
[  224.611620][T10625]  dump_stack_lvl+0xe8/0x140
[  224.611639][T10625]  dump_stack+0x15/0x1b
[  224.611655][T10625]  should_fail_ex+0x265/0x280
[  224.611770][T10625]  should_fail_alloc_page+0xf2/0x100
[  224.611801][T10625]  __alloc_frozen_pages_noprof+0xff/0x360
[  224.611860][T10625]  alloc_pages_mpol+0xb3/0x250
[  224.611894][T10625]  vma_alloc_folio_noprof+0x1aa/0x300
[  224.611943][T10625]  handle_mm_fault+0xec2/0x2be0
[  224.611967][T10625]  ? __rcu_read_unlock+0x4f/0x70
[  224.612025][T10625]  do_user_addr_fault+0x3fe/0x1090
[  224.612066][T10625]  ? path_openat+0x1bf8/0x2170
[  224.612099][T10625]  exc_page_fault+0x62/0xa0
[  224.612127][T10625]  asm_exc_page_fault+0x26/0x30
[  224.612164][T10625] RIP: 0010:rep_movs_alternative+0x33/0x90
[  224.612198][T10625] Code: 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb
[  224.612234][T10625] RSP: 0018:ffffc9001313fd28 EFLAGS: 00050216
[  224.612253][T10625] RAX: 0000000000000000 RBX: 0000000000000020 RCX: 0000000000000020
[  224.612269][T10625] RDX: 0000000000000000 RSI: ffff888130087020 RDI: 0000200000001340
[  224.612359][T10625] RBP: ffff888130087020 R08: 0000000000000088 R09: 0000000000000000
[  224.612375][T10625] R10: 0001888130087020 R11: 000188813008703f R12: 0000200000001360
[  224.612392][T10625] R13: 00007ffffffff000 R14: 0000200000001340 R15: ffff888130087020
[  224.612484][T10625]  _copy_to_user+0x7c/0xa0
[  224.612511][T10625]  aio_read_events+0x213/0x400
[  224.612545][T10625]  do_io_getevents+0x11b/0x400
[  224.612580][T10625]  ? __fget_files+0x184/0x1c0
[  224.612610][T10625]  __x64_sys_io_getevents+0xca/0x190
[  224.612730][T10625]  x64_sys_call+0x29fc/0x2fb0
[  224.612819][T10625]  do_syscall_64+0xd2/0x200
[  224.612836][T10625]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  224.612861][T10625]  ? clear_bhb_loop+0x40/0x90
[  224.612886][T10625]  ? clear_bhb_loop+0x40/0x90
[  224.612922][T10625]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.612946][T10625] RIP: 0033:0x7f926f3ae929
[  224.612960][T10625] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  224.613059][T10625] RSP: 002b:00007f926da17038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d0
[  224.613081][T10625] RAX: ffffffffffffffda RBX: 00007f926f5d5fa0 RCX: 00007f926f3ae929
[  224.613158][T10625] RDX: 0000000000000002 RSI: 0000000000000002 RDI: 00007f9270110000
[  224.613174][T10625] RBP: 00007f926da17090 R08: 0000000000000000 R09: 0000000000000000
[  224.613189][T10625] R10: 0000200000001340 R11: 0000000000000246 R12: 0000000000000001
[  224.613283][T10625] R13: 0000000000000000 R14: 00007f926f5d5fa0 R15: 00007fff4d825208
[  224.613300][T10625]  </TASK>
[  225.122988][T10630] cgroup: fork rejected by pids controller in /syz2
[  225.265829][T10749] netlink: 176 bytes leftover after parsing attributes in process `syz.1.2319'.
[  225.353443][T10757] netlink: 'syz.4.2323': attribute type 27 has an invalid length.
[  225.363771][T10760] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=10760 comm=syz.2.2322
[  225.437520][T10764] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  225.706752][T10799] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2343'.
[  225.727787][T10799] FAULT_INJECTION: forcing a failure.
[  225.727787][T10799] name failslab, interval 1, probability 0, space 0, times 0
[  225.740679][T10799] CPU: 1 UID: 0 PID: 10799 Comm: syz.4.2343 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(voluntary) 
[  225.740706][T10799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  225.740718][T10799] Call Trace:
[  225.740723][T10799]  <TASK>
[  225.740730][T10799]  __dump_stack+0x1d/0x30
[  225.740754][T10799]  dump_stack_lvl+0xe8/0x140
[  225.740846][T10799]  dump_stack+0x15/0x1b
[  225.740867][T10799]  should_fail_ex+0x265/0x280
[  225.740908][T10799]  should_failslab+0x8c/0xb0
[  225.741031][T10799]  __kvmalloc_node_noprof+0x123/0x4e0
[  225.741067][T10799]  ? alloc_netdev_mqs+0x5ac/0xab0
[  225.741109][T10799]  ? netif_set_tso_max_size+0xc5/0xe0
[  225.741189][T10799]  alloc_netdev_mqs+0x5ac/0xab0
[  225.741235][T10799]  rtnl_create_link+0x239/0x710
[  225.741279][T10799]  veth_newlink+0x1f2/0x770
[  225.741388][T10799]  ? __pfx_veth_newlink+0x10/0x10
[  225.741415][T10799]  rtnl_newlink_create+0x1b9/0x620
[  225.741450][T10799]  ? __schedule+0x6a8/0xb30
[  225.741491][T10799]  rtnl_newlink+0xf29/0x12d0
[  225.741548][T10799]  ? __pfx_rtnl_newlink+0x10/0x10
[  225.741574][T10799]  rtnetlink_rcv_msg+0x5fe/0x6d0
[  225.741598][T10799]  ? avc_has_perm_noaudit+0x1b1/0x200
[  225.741637][T10799]  netlink_rcv_skb+0x123/0x220
[  225.741782][T10799]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  225.741887][T10799]  rtnetlink_rcv+0x1c/0x30
[  225.741907][T10799]  netlink_unicast+0x59e/0x670
[  225.741980][T10799]  netlink_sendmsg+0x58b/0x6b0
[  225.742008][T10799]  ? __pfx_netlink_sendmsg+0x10/0x10
[  225.742034][T10799]  __sock_sendmsg+0x145/0x180
[  225.742063][T10799]  ____sys_sendmsg+0x31e/0x4e0
[  225.742170][T10799]  ___sys_sendmsg+0x17b/0x1d0
[  225.742227][T10799]  __x64_sys_sendmsg+0xd4/0x160
[  225.742267][T10799]  x64_sys_call+0x2999/0x2fb0
[  225.742340][T10799]  do_syscall_64+0xd2/0x200
[  225.742361][T10799]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  225.742386][T10799]  ? clear_bhb_loop+0x40/0x90
[  225.742452][T10799]  ? clear_bhb_loop+0x40/0x90
[  225.742481][T10799]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.742565][T10799] RIP: 0033:0x7f470527e929
[  225.742585][T10799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  225.742605][T10799] RSP: 002b:00007f47038e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  225.742624][T10799] RAX: ffffffffffffffda RBX: 00007f47054a5fa0 RCX: 00007f470527e929
[  225.742668][T10799] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  225.742739][T10799] RBP: 00007f47038e7090 R08: 0000000000000000 R09: 0000000000000000
[  225.742756][T10799] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  225.742770][T10799] R13: 0000000000000000 R14: 00007f47054a5fa0 R15: 00007ffd15847c58
[  225.742798][T10799]  </TASK>
[  226.014022][T10797] netlink: 830 bytes leftover after parsing attributes in process `syz.1.2342'.
[  226.055981][T10907] FAULT_INJECTION: forcing a failure.
[  226.055981][T10907] name failslab, interval 1, probability 0, space 0, times 0
[  226.068703][T10907] CPU: 1 UID: 0 PID: 10907 Comm: syz.1.2346 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(voluntary) 
[  226.068740][T10907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  226.068764][T10907] Call Trace:
[  226.068772][T10907]  <TASK>
[  226.068779][T10907]  __dump_stack+0x1d/0x30
[  226.068826][T10907]  dump_stack_lvl+0xe8/0x140
[  226.068851][T10907]  dump_stack+0x15/0x1b
[  226.068871][T10907]  should_fail_ex+0x265/0x280
[  226.068937][T10907]  should_failslab+0x8c/0xb0
[  226.069046][T10907]  kmem_cache_alloc_node_noprof+0x57/0x320
[  226.069080][T10907]  ? __alloc_skb+0x101/0x320
[  226.069120][T10907]  __alloc_skb+0x101/0x320
[  226.069158][T10907]  netlink_alloc_large_skb+0xba/0xf0
[  226.069222][T10907]  netlink_sendmsg+0x3cf/0x6b0
[  226.069247][T10907]  ? __pfx_netlink_sendmsg+0x10/0x10
[  226.069272][T10907]  __sock_sendmsg+0x145/0x180
[  226.069304][T10907]  ____sys_sendmsg+0x31e/0x4e0
[  226.069486][T10907]  ___sys_sendmsg+0x17b/0x1d0
[  226.069529][T10907]  __x64_sys_sendmsg+0xd4/0x160
[  226.069570][T10907]  x64_sys_call+0x2999/0x2fb0
[  226.069641][T10907]  do_syscall_64+0xd2/0x200
[  226.069663][T10907]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  226.069716][T10907]  ? clear_bhb_loop+0x40/0x90
[  226.069739][T10907]  ? clear_bhb_loop+0x40/0x90
[  226.069799][T10907]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.069874][T10907] RIP: 0033:0x7f45363ce929
[  226.069893][T10907] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  226.069954][T10907] RSP: 002b:00007f4534a37038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  226.069978][T10907] RAX: ffffffffffffffda RBX: 00007f45365f5fa0 RCX: 00007f45363ce929
[  226.069994][T10907] RDX: 0000000000004800 RSI: 0000200000006040 RDI: 0000000000000004
[  226.070009][T10907] RBP: 00007f4534a37090 R08: 0000000000000000 R09: 0000000000000000
[  226.070024][T10907] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  226.070065][T10907] R13: 0000000000000000 R14: 00007f45365f5fa0 R15: 00007ffed3e61f88
[  226.070088][T10907]  </TASK>
[  226.411315][T11027] netlink: 'syz.2.2354': attribute type 27 has an invalid length.
[  226.494154][T11036] FAULT_INJECTION: forcing a failure.
[  226.494154][T11036] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  226.507624][T11036] CPU: 1 UID: 0 PID: 11036 Comm: syz.2.2358 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(voluntary) 
[  226.507652][T11036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  226.507664][T11036] Call Trace:
[  226.507669][T11036]  <TASK>
[  226.507676][T11036]  __dump_stack+0x1d/0x30
[  226.507761][T11036]  dump_stack_lvl+0xe8/0x140
[  226.507779][T11036]  dump_stack+0x15/0x1b
[  226.507795][T11036]  should_fail_ex+0x265/0x280
[  226.507831][T11036]  should_fail+0xb/0x20
[  226.507885][T11036]  should_fail_usercopy+0x1a/0x20
[  226.507922][T11036]  _copy_to_user+0x20/0xa0
[  226.507948][T11036]  simple_read_from_buffer+0xb5/0x130
[  226.508030][T11036]  proc_fail_nth_read+0x100/0x140
[  226.508054][T11036]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  226.508094][T11036]  vfs_read+0x1a0/0x6f0
[  226.508165][T11036]  ? __rcu_read_unlock+0x4f/0x70
[  226.508261][T11036]  ? __fget_files+0x184/0x1c0
[  226.508281][T11036]  ksys_read+0xda/0x1a0
[  226.508310][T11036]  __x64_sys_read+0x40/0x50
[  226.508397][T11036]  x64_sys_call+0x2d77/0x2fb0
[  226.508474][T11036]  do_syscall_64+0xd2/0x200
[  226.508496][T11036]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  226.508524][T11036]  ? clear_bhb_loop+0x40/0x90
[  226.508544][T11036]  ? clear_bhb_loop+0x40/0x90
[  226.508642][T11036]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.508668][T11036] RIP: 0033:0x7f926f3ad33c
[  226.508686][T11036] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  226.508709][T11036] RSP: 002b:00007f926da17030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  226.508729][T11036] RAX: ffffffffffffffda RBX: 00007f926f5d5fa0 RCX: 00007f926f3ad33c
[  226.508741][T11036] RDX: 000000000000000f RSI: 00007f926da170a0 RDI: 0000000000000003
[  226.508825][T11036] RBP: 00007f926da17090 R08: 0000000000000000 R09: 0000000000000000
[  226.508839][T11036] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  226.508853][T11036] R13: 0000000000000000 R14: 00007f926f5d5fa0 R15: 00007fff4d825208
[  226.508928][T11036]  </TASK>
[  226.753872][T11042] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  226.762537][T11042] team0: Device macvtap1 is already an upper device of the team interface
[  226.779795][T11041] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  226.807114][T11041] team0: Device macvtap1 is already an upper device of the team interface
[  227.187109][T11282] FAULT_INJECTION: forcing a failure.
[  227.187109][T11282] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  227.200413][T11282] CPU: 0 UID: 0 PID: 11282 Comm: syz.2.2378 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(voluntary) 
[  227.200454][T11282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  227.200469][T11282] Call Trace:
[  227.200476][T11282]  <TASK>
[  227.200485][T11282]  __dump_stack+0x1d/0x30
[  227.200513][T11282]  dump_stack_lvl+0xe8/0x140
[  227.200537][T11282]  dump_stack+0x15/0x1b
[  227.200617][T11282]  should_fail_ex+0x265/0x280
[  227.200670][T11282]  should_fail_alloc_page+0xf2/0x100
[  227.200705][T11282]  __alloc_frozen_pages_noprof+0xff/0x360
[  227.200770][T11282]  alloc_pages_mpol+0xb3/0x250
[  227.200808][T11282]  vma_alloc_folio_noprof+0x1aa/0x300
[  227.200840][T11282]  do_wp_page+0x673/0x2400
[  227.200865][T11282]  ? __rcu_read_lock+0x37/0x50
[  227.200974][T11282]  handle_mm_fault+0x77d/0x2be0
[  227.201005][T11282]  ? mas_walk+0xf2/0x120
[  227.201100][T11282]  do_user_addr_fault+0x636/0x1090
[  227.201144][T11282]  ? fpregs_assert_state_consistent+0xb4/0xe0
[  227.201221][T11282]  exc_page_fault+0x62/0xa0
[  227.201320][T11282]  asm_exc_page_fault+0x26/0x30
[  227.201345][T11282] RIP: 0033:0x7f926f270ca3
[  227.201365][T11282] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
[  227.201388][T11282] RSP: 002b:00007f926da164a0 EFLAGS: 00010202
[  227.201462][T11282] RAX: 0000000000000400 RBX: 00007f926da16540 RCX: 00007f92655f7000
[  227.201479][T11282] RDX: 00007f926da166e0 RSI: 0000000000000001 RDI: 00007f926da165e0
[  227.201495][T11282] RBP: 00000000000000f9 R08: 0000000000000009 R09: 000000000000019b
[  227.201509][T11282] R10: 00000000000001bc R11: 00007f926da16540 R12: 0000000000000001
[  227.201521][T11282] R13: 00007f926f44c120 R14: 0000000000000020 R15: 00007f926da165e0
[  227.201538][T11282]  </TASK>
[  227.201579][T11282] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  227.281902][   T29] kauditd_printk_skb: 37831 callbacks suppressed
[  227.281921][   T29] audit: type=1400 audit(1750461762.414:35744): avc:  denied  { read } for  pid=3034 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[  227.390979][T11293] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1296 sclass=netlink_route_socket pid=11293 comm=syz.2.2383
[  227.403635][ T3034] audit: audit_backlog=65 > audit_backlog_limit=64
[  227.419087][T11294] audit: audit_backlog=65 > audit_backlog_limit=64
[  227.431726][ T3034] audit: audit_lost=4655 audit_rate_limit=0 audit_backlog_limit=64
[  227.438270][T11294] audit: audit_lost=4656 audit_rate_limit=0 audit_backlog_limit=64
[  227.444784][ T3034] audit: backlog limit exceeded
[  227.445185][   T29] audit: type=1400 audit(1750461762.424:35745): avc:  denied  { map_create } for  pid=11284 comm="syz.0.2381" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  227.452734][T11294] audit: backlog limit exceeded
[  227.464028][T11296] audit: audit_backlog=65 > audit_backlog_limit=64
[  227.465630][   T29] audit: type=1400 audit(1750461762.444:35746): avc:  denied  { prog_load } for  pid=11284 comm="syz.0.2381" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  227.547697][T11299] netlink: 176 bytes leftover after parsing attributes in process `syz.3.2386'.
[  227.570036][T11305] FAULT_INJECTION: forcing a failure.
[  227.570036][T11305] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  227.583353][T11305] CPU: 0 UID: 0 PID: 11305 Comm: syz.1.2388 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(voluntary) 
[  227.583395][T11305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  227.583485][T11305] Call Trace:
[  227.583493][T11305]  <TASK>
[  227.583502][T11305]  __dump_stack+0x1d/0x30
[  227.583529][T11305]  dump_stack_lvl+0xe8/0x140
[  227.583548][T11305]  dump_stack+0x15/0x1b
[  227.583564][T11305]  should_fail_ex+0x265/0x280
[  227.583675][T11305]  should_fail_alloc_page+0xf2/0x100
[  227.583708][T11305]  __alloc_frozen_pages_noprof+0xff/0x360
[  227.583766][T11305]  alloc_pages_mpol+0xb3/0x250
[  227.583842][T11305]  alloc_migration_target_by_mpol+0x11b/0x280
[  227.583871][T11305]  migrate_pages_batch+0x2e4/0x17d0
[  227.583905][T11305]  ? __pfx_alloc_migration_target_by_mpol+0x10/0x10
[  227.583927][T11305]  ? mas_ascend+0x1e9/0x560
[  227.583945][T11305]  ? sysvec_apic_timer_interrupt+0x44/0x80
[  227.584206][T11305]  migrate_pages+0xf5f/0x1770
[  227.584240][T11305]  ? __pfx_alloc_migration_target_by_mpol+0x10/0x10
[  227.584318][T11305]  __se_sys_mbind+0x975/0xac0
[  227.584370][T11305]  __x64_sys_mbind+0x78/0x90
[  227.584403][T11305]  x64_sys_call+0x14af/0x2fb0
[  227.584430][T11305]  do_syscall_64+0xd2/0x200
[  227.584474][T11305]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  227.584502][T11305]  ? clear_bhb_loop+0x40/0x90
[  227.584521][T11305]  ? clear_bhb_loop+0x40/0x90
[  227.584545][T11305]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  227.584564][T11305] RIP: 0033:0x7f45363ce929
[  227.584581][T11305] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  227.584610][T11305] RSP: 002b:00007f4534a37038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[  227.584685][T11305] RAX: ffffffffffffffda RBX: 00007f45365f5fa0 RCX: 00007f45363ce929
[  227.584701][T11305] RDX: 0000000000000000 RSI: 0100000000004000 RDI: 00002000005b4000
[  227.584807][T11305] RBP: 00007f4534a37090 R08: 0000000000000000 R09: 0000000000000002
[  227.584823][T11305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  227.584839][T11305] R13: 0000000000000000 R14: 00007f45365f5fa0 R15: 00007ffed3e61f88
[  227.584861][T11305]  </TASK>
[  227.866915][T11315] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  227.884746][T11315] netlink: 'syz.2.2394': attribute type 21 has an invalid length.
[  227.892671][T11315] IPv6: NLM_F_CREATE should be specified when creating new route
[  228.076143][T11438] netlink: 176 bytes leftover after parsing attributes in process `syz.0.2403'.
[  228.228354][T11456] Cannot find add_set index 3 as target
[  228.356946][T11471] netlink: 176 bytes leftover after parsing attributes in process `syz.3.2417'.
[  228.622121][T11497] netlink: 176 bytes leftover after parsing attributes in process `syz.2.2429'.
[  228.715187][T11506] FAULT_INJECTION: forcing a failure.
[  228.715187][T11506] name failslab, interval 1, probability 0, space 0, times 0
[  228.728019][T11506] CPU: 0 UID: 0 PID: 11506 Comm: syz.2.2432 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(voluntary) 
[  228.728052][T11506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  228.728069][T11506] Call Trace:
[  228.728078][T11506]  <TASK>
[  228.728088][T11506]  __dump_stack+0x1d/0x30
[  228.728153][T11506]  dump_stack_lvl+0xe8/0x140
[  228.728218][T11506]  dump_stack+0x15/0x1b
[  228.728239][T11506]  should_fail_ex+0x265/0x280
[  228.728277][T11506]  should_failslab+0x8c/0xb0
[  228.728322][T11506]  kmem_cache_alloc_node_noprof+0x57/0x320
[  228.728360][T11506]  ? __alloc_skb+0x101/0x320
[  228.728397][T11506]  __alloc_skb+0x101/0x320
[  228.728438][T11506]  ? audit_log_start+0x365/0x6c0
[  228.728476][T11506]  audit_log_start+0x380/0x6c0
[  228.728509][T11506]  audit_seccomp+0x48/0x100
[  228.728544][T11506]  ? __seccomp_filter+0x68c/0x10d0
[  228.728625][T11506]  __seccomp_filter+0x69d/0x10d0
[  228.728648][T11506]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  228.728667][T11506]  ? vfs_write+0x75e/0x8e0
[  228.728705][T11506]  ? __rcu_read_unlock+0x4f/0x70
[  228.728796][T11506]  ? __fget_files+0x184/0x1c0
[  228.728824][T11506]  __secure_computing+0x82/0x150
[  228.728887][T11506]  syscall_trace_enter+0xcf/0x1e0
[  228.728913][T11506]  do_syscall_64+0xac/0x200
[  228.728937][T11506]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  228.728963][T11506]  ? clear_bhb_loop+0x40/0x90
[  228.728983][T11506]  ? clear_bhb_loop+0x40/0x90
[  228.729083][T11506]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.729110][T11506] RIP: 0033:0x7f926f3ae929
[  228.729129][T11506] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  228.729152][T11506] RSP: 002b:00007f926da17038 EFLAGS: 00000246 ORIG_RAX: 000000000000008f
[  228.729215][T11506] RAX: ffffffffffffffda RBX: 00007f926f5d5fa0 RCX: 00007f926f3ae929
[  228.729230][T11506] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 00000000000005ea
[  228.729242][T11506] RBP: 00007f926da17090 R08: 0000000000000000 R09: 0000000000000000
[  228.729254][T11506] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  228.729318][T11506] R13: 0000000000000000 R14: 00007f926f5d5fa0 R15: 00007fff4d825208
[  228.729346][T11506]  </TASK>
[  229.201107][T11534] IPv6: Can't replace route, no match found
[  229.259042][T11538] FAULT_INJECTION: forcing a failure.
[  229.259042][T11538] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  229.272400][T11538] CPU: 1 UID: 0 PID: 11538 Comm: syz.1.2448 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(voluntary) 
[  229.272463][T11540] FAULT_INJECTION: forcing a failure.
[  229.272463][T11540] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  229.272555][T11538] ==================================================================
[  229.272590][T11538] BUG: KCSAN: data-race in data_alloc / data_push_tail
[  229.272636][T11538] 
[  229.272641][T11538] write to 0xffffffff88e5e5f8 of 8 bytes by task 11540 on cpu 0:
[  229.272655][T11538]  data_alloc+0x203/0x2b0
[  229.272683][T11538]  prb_reserve+0x808/0xaf0
[  229.272712][T11538]  vprintk_store+0x56d/0x860
[  229.272727][T11538]  vprintk_emit+0x178/0x650
[  229.272743][T11538]  vprintk_default+0x26/0x30
[  229.272777][T11538]  vprintk+0x1d/0x30
[  229.272800][T11538]  _printk+0x79/0xa0
[  229.272826][T11538]  should_fail_ex+0x24d/0x280
[  229.272855][T11538]  should_fail+0xb/0x20
[  229.272882][T11538]  should_fail_usercopy+0x1a/0x20
[  229.272913][T11538]  _copy_from_user+0x1c/0xb0
[  229.272932][T11538]  restore_altstack+0x4b/0x2d0
[  229.272955][T11538]  __ia32_sys_rt_sigreturn+0xdc/0x350
[  229.272973][T11538]  x64_sys_call+0x2e8a/0x2fb0
[  229.272994][T11538]  do_syscall_64+0xd2/0x200
[  229.273010][T11538]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.273030][T11538] 
[  229.273034][T11538] read to 0xffffffff88e5e5f8 of 8 bytes by task 11538 on cpu 1:
[  229.273048][T11538]  data_push_tail+0xfd/0x420
[  229.273079][T11538]  data_alloc+0xbf/0x2b0
[  229.273106][T11538]  prb_reserve+0x808/0xaf0
[  229.273134][T11538]  vprintk_store+0x56d/0x860
[  229.273150][T11538]  vprintk_emit+0x178/0x650
[  229.273166][T11538]  vprintk_default+0x26/0x30
[  229.273183][T11538]  vprintk+0x1d/0x30
[  229.273205][T11538]  _printk+0x79/0xa0
[  229.273231][T11538]  dump_stack_print_info+0xee/0x1b0
[  229.273248][T11538]  __dump_stack+0x11/0x30
[  229.273262][T11538]  dump_stack_lvl+0xe8/0x140
[  229.273278][T11538]  dump_stack+0x15/0x1b
[  229.273292][T11538]  should_fail_ex+0x265/0x280
[  229.273320][T11538]  should_fail+0xb/0x20
[  229.273346][T11538]  should_fail_usercopy+0x1a/0x20
[  229.273377][T11538]  strncpy_from_user+0x25/0x230
[  229.273400][T11538]  getname_flags+0xae/0x3b0
[  229.273420][T11538]  do_sys_openat2+0x60/0x110
[  229.273445][T11538]  __x64_sys_openat+0xf2/0x120
[  229.273469][T11538]  x64_sys_call+0x1af/0x2fb0
[  229.273488][T11538]  do_syscall_64+0xd2/0x200
[  229.273504][T11538]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.273524][T11538] 
[  229.273527][T11538] value changed: 0x00000000ffffeafc -> 0x00000000fffff82c
[  229.273537][T11538] 
[  229.273540][T11538] Reported by Kernel Concurrency Sanitizer on:
[  229.273551][T11538] CPU: 1 UID: 0 PID: 11538 Comm: syz.1.2448 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(voluntary) 
[  229.273578][T11538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  229.273592][T11538] ==================================================================
[  229.273699][T11538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  229.273711][T11538] Call Trace:
[  229.273717][T11538]  <TASK>
[  229.273731][T11538]  __dump_stack+0x1d/0x30
[  229.273749][T11538]  dump_stack_lvl+0xe8/0x140
[  229.273774][T11538]  dump_stack+0x15/0x1b
[  229.273790][T11538]  should_fail_ex+0x265/0x280
[  229.273821][T11538]  should_fail+0xb/0x20
[  229.273919][T11538]  should_fail_usercopy+0x1a/0x20
[  229.273951][T11538]  strncpy_from_user+0x25/0x230
[  229.273976][T11538]  ? kmem_cache_alloc_noprof+0x186/0x310
[  229.274002][T11538]  ? getname_flags+0x80/0x3b0
[  229.274094][T11538]  getname_flags+0xae/0x3b0
[  229.274150][T11538]  do_sys_openat2+0x60/0x110
[  229.274242][T11538]  __x64_sys_openat+0xf2/0x120
[  229.274271][T11538]  x64_sys_call+0x1af/0x2fb0
[  229.274291][T11538]  do_syscall_64+0xd2/0x200
[  229.274308][T11538]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  229.274388][T11538]  ? clear_bhb_loop+0x40/0x90
[  229.274409][T11538]  ? clear_bhb_loop+0x40/0x90
[  229.274431][T11538]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.274451][T11538] RIP: 0033:0x7f45363ce929
[  229.274527][T11538] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  229.274555][T11538] RSP: 002b:00007f4534a37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  229.274645][T11538] RAX: ffffffffffffffda RBX: 00007f45365f5fa0 RCX: 00007f45363ce929
[  229.274658][T11538] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  229.274670][T11538] RBP: 00007f4534a37090 R08: 0000000000000000 R09: 0000000000000000
[  229.274682][T11538] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  229.274693][T11538] R13: 0000000000000000 R14: 00007f45365f5fa0 R15: 00007ffed3e61f88
[  229.274772][T11538]  </TASK>
[  229.274783][T11540] CPU: 0 UID: 0 PID: 11540 Comm: syz.0.2447 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(voluntary) 
[  229.274811][T11540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  229.274822][T11540] Call Trace:
[  229.274827][T11540]  <TASK>
[  229.274832][T11540]  __dump_stack+0x1d/0x30
[  229.274919][T11540]  dump_stack_lvl+0xe8/0x140
[  229.274943][T11540]  dump_stack+0x15/0x1b
[  229.275003][T11540]  should_fail_ex+0x265/0x280
[  229.275042][T11540]  should_fail+0xb/0x20
[  229.275095][T11540]  should_fail_usercopy+0x1a/0x20
[  229.275172][T11540]  _copy_from_user+0x1c/0xb0
[  229.275197][T11540]  restore_altstack+0x4b/0x2d0
[  229.275228][T11540]  ? __set_task_blocked+0x23a/0x2a0
[  229.275264][T11540]  __ia32_sys_rt_sigreturn+0xdc/0x350
[  229.275286][T11540]  ? _raw_spin_unlock_irq+0x26/0x50
[  229.275313][T11540]  ? signal_setup_done+0x266/0x290
[  229.275431][T11540]  ? xfd_validate_state+0x45/0xf0
[  229.275464][T11540]  ? fpu__clear_user_states+0x63/0x1e0
[  229.275490][T11540]  ? fpregs_mark_activate+0x66/0x140
[  229.275573][T11540]  ? fpu__clear_user_states+0x63/0x1e0
[  229.275683][T11540]  ? arch_do_signal_or_restart+0x2f3/0x480
[  229.275711][T11540]  ? __rcu_read_unlock+0x4f/0x70
[  229.275736][T11540]  x64_sys_call+0x2e8a/0x2fb0
[  229.275763][T11540]  do_syscall_64+0xd2/0x200
[  229.275787][T11540]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  229.275827][T11540]  ? clear_bhb_loop+0x40/0x90
[  229.275852][T11540]  ? clear_bhb_loop+0x40/0x90
[  229.275880][T11540]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.275905][T11540] RIP: 0033:0x7f5bab77ab19
[  229.275921][T11540] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[  229.275955][T11540] RSP: 002b:00007f5ba9e46a80 EFLAGS: 00000202 ORIG_RAX: 000000000000000f
[  229.275972][T11540] RAX: ffffffffffffffda RBX: 00007f5baba05fa0 RCX: 00007f5bab77ab19
[  229.275984][T11540] RDX: 00007f5ba9e46a80 RSI: 00007f5ba9e46bb0 RDI: 0000000000000021
[  229.275999][T11540] RBP: 00007f5ba9e47090 R08: 0000000000000000 R09: 0000000000000000
[  229.276010][T11540] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[  229.276024][T11540] R13: 0000000000000000 R14: 00007f5baba05fa0 R15: 00007ffe90d55508
[  229.276046][T11540]  </TASK>
[  232.291861][   T29] kauditd_printk_skb: 33677 callbacks suppressed
[  232.291881][   T29] audit: type=1400 audit(1750461767.414:66933): avc:  denied  { read } for  pid=3034 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[  232.299712][ T3034] audit: audit_backlog=65 > audit_backlog_limit=64
[  232.319875][   T29] audit: type=1400 audit(1750461767.424:66934): avc:  denied  { read } for  pid=3034 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[  232.326151][ T3034] audit: audit_lost=5488 audit_rate_limit=0 audit_backlog_limit=64
[  232.347274][   T29] audit: type=1400 audit(1750461767.424:66935): avc:  denied  { read } for  pid=3034 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[  232.355189][ T3034] audit: backlog limit exceeded
[  232.355795][ T3034] audit: audit_backlog=65 > audit_backlog_limit=64
[  232.376312][   T29] audit: type=1400 audit(1750461767.424:66936): avc:  denied  { read } for  pid=3034 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[  232.381161][ T3034] audit: audit_lost=5489 audit_rate_limit=0 audit_backlog_limit=64
[  232.387740][   T29] audit: type=1400 audit(1750461767.424:66937): avc:  denied  { read } for  pid=3034 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[  237.302032][   T29] kauditd_printk_skb: 49536 callbacks suppressed
[  237.302049][   T29] audit: type=1400 audit(1750461772.424:115339): avc:  denied  { read } for  pid=3034 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[  237.310038][ T3034] audit: audit_backlog=65 > audit_backlog_limit=64
[  237.330018][   T29] audit: type=1400 audit(1750461772.434:115340): avc:  denied  { read } for  pid=3034 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[  237.336575][ T3034] audit: audit_lost=5868 audit_rate_limit=0 audit_backlog_limit=64
[  237.358428][   T29] audit: type=1400 audit(1750461772.434:115341): avc:  denied  { read } for  pid=3034 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[  237.366434][ T3034] audit: backlog limit exceeded
[  237.367223][ T3034] audit: audit_backlog=65 > audit_backlog_limit=64
[  237.387696][   T29] audit: type=1400 audit(1750461772.434:115342): avc:  denied  { read } for  pid=3034 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[  237.392643][ T3034] audit: audit_lost=5869 audit_rate_limit=0 audit_backlog_limit=64
[  237.399196][   T29] audit: type=1400 audit(1750461772.434:115343): avc:  denied  { read } for  pid=3034 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0