last executing test programs:

3.161009141s ago: executing program 1 (id=486):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r1, &(0x7f0000000740)=@pppol2tpv3={0x18, 0x1, {0x3, r2, {0x2, 0x4e23, @broadcast}, 0x2, 0x0, 0x4}}, 0x2e)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2008042, &(0x7f00000000c0), 0x2, 0x571, &(0x7f0000000780)="$eJzs3c+PG1cdAPDvzP5yk7SbQA9QAQlQCCiKnXXaqOql5QJCVSVExQFxSJddZ7XEjkPsLd0lUrd/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACJUgcBs3Yu+ts7MSNvXaz/nykybyZN+Pve/bOvOdnxy+AmXUuInYjYjEi3oyI5e7+pLvEq50lP+7undtr9+7cXksiy974Z1Lk5/ui55zcye5jliLim1+L+G7yYNzW9s711Xq9dqu7XWk3blZa2zsXNxurG7WN2o1q9crKlUsvXX6xOra6nm388oOvbr72rd/8+tPv/373yz/Mi3Wqm9dbj3HqVH1hP05uPiJeO4pgUzDXXS9OuRw8njQiPhYRnyuu/+WYK/46AYDjLMuWI1vu3QYAjru0GANL0nJEpGm3E1DujOE9GyfSerPVvnCtuXVjvTNWdjoW0mub9dqlM0t//H5x8EKSb68UeUV+sV09tH05Is5ExI+Xniq2y2vN+vp0ujwAMPNO9rb/EfGfpTQtl4c6tc+negDAE6M07QIAABOn/QeA2aP9B4DZM0T73/2wf/fIywIATIb3/wAwe7T/ADB7tP8AMFO+8frr+ZLd6/7+9fpb21vXm29dXK+1rpcbW2vlteatm+WNZnOj+M2exqMer95s3lx5IbberrRrrXaltb1ztdHcutG+Wvyu99XawkRqBQA8zJmz7/0hiYjdl58qluiZy0FbDcdbOsajgCfL3Cgn6yDAE81sXzC7hmrCi07C7468LMB09P0x71Lf5P1++iGC+J4RfKSc/+Tw4//meIbjxcg+zK7HG/9/ZezlACbvscf//zzecgCTl2XJ4Tn/F/ezAIBjaYSv8GXvjKsTAkzVoybzHsvn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDMnIqI70WSlou5wNP837Rcjng6Ik7HQnJts167FBHPxNmIWFjKt1emXWgAYETp35Pu/F/nl58/dTh3MfnvUrGOiB/87I2fvL3abt9ayff/a3//0t70YdWD80aYVxAAGN5fhzmoaL+r3XXPG/m7d26v7S1HWMYHfPCV/clH1+7duV0snZz5yLIsiygVfYkT/05ivntOKSKei4i5McTffTciPtGv/kkxNnK6O/Npb/zoxn56ovHT++KnRV5nnT99Hx9DWWDWvJfff149fP3NFVfWueKI/td/qbhDja64/5Ui9u59B/e/veu9VJTmcPz8mj83bIwXfvv1B3Zmy528dyOem+8XP9mPnwyI//yQ8f/0qc/86JUBednPI85H//i9sSrtxs1Ka3vn4mZjdaO2UbtRrV5ZuXLppcsvVivFGHVlb6T6Qf94+cIzg8qW1//EgPidV/7kofov7p/7hSHr/4v/vfmdzx5sLh2O/6XP93/9ny3W/Z//vE384pDxV0/8auD03Xn89QH1f9Trf2HI+O//bWd9yEMBgAlobe9cX63Xa7dGSuTvQj/8WVmWvZOX4SHH5NnDPeBed3G06vwlisTB05JEEqM/P/cn8s7YMAcvjFyd+xJ7wyXjrk6fxPx+X3G8j/zth/+1DEosjhI0HXstHicRp7uJu5MKOpXbETBBBxf9tEsCAAAAAAAAAAAAAAAMMon/wzTtOgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB8/T8AAP//Z1e+LQ==")
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000300)=ANY=[@ANYBLOB="02000000010004000000000004000500a9930000100000000000000020"], 0x24, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
close_range(r2, r0, 0x2)
dup3(r0, r1, 0x80000)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0x50, &(0x7f0000000600)={@link_local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2a}, @val={@void}, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x16, 0x11, 0xff, @remote, @local, {[], {0x0, 0xe22, 0x16, 0x0, @gue={{0x2, 0x0, 0x0, 0x3}, "30b00afe4e79"}}}}}}}, 0x0)

2.242338785s ago: executing program 1 (id=492):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
bind$can_j1939(r1, &(0x7f0000000080)={0x1d, 0x0, 0x0, {0x0, 0x0, 0x4}}, 0x18)
sendmsg$can_j1939(r1, &(0x7f00000001c0)={&(0x7f0000000040), 0x18, &(0x7f0000000180)={&(0x7f00000000c0)="92", 0x1a000}}, 0xee)
setsockopt$SO_J1939_FILTER(r1, 0x6b, 0x1, &(0x7f0000000280)=[{0x2, 0x2, {0x2, 0x0, 0x2}, {0x1, 0xff, 0x1}, 0x0, 0x101}, {0x0, 0x6, {0x0, 0xf0}, {0x0, 0x1, 0x2}, 0x0, 0x2}], 0x40)
close(r1)
sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000007c0)=@newtfilter={0x24, 0x11, 0x101, 0x70bd25, 0x100000, {0x0, 0x0, 0x74, 0x0, {0xa, 0x8}, {0x5, 0xfff3}, {0xfff1, 0xffe0}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4010}, 0xc4)

2.127763497s ago: executing program 1 (id=496):
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
futex(&(0x7f000000cffc)=0x1, 0xd, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x6, 0x0, &(0x7f0000000000)={0x77359400}, 0x0, 0x3)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)

1.833007592s ago: executing program 3 (id=500):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYRES32=r0, @ANYBLOB], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="020000000400"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
r2 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x6)
symlinkat(&(0x7f0000000400)='./file0/../file0\x00', r3, &(0x7f0000000540)='./file0\x00')
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000021c0), 0x181000)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r4, 0xc0a85320, &(0x7f0000000c40)={{0x80, 0x40}, 'port0\x00', 0x0, 0x100c40, 0x7, 0x6, 0x2, 0x40, 0x3, 0x0, 0x1, 0x5})
ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r4, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port1\x00', 0x60, 0x1b1878, 0x4, 0x2, 0x3e4, 0x0, 0x4, 0x0, 0x4, 0x3})
close(r4)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')

1.795840192s ago: executing program 3 (id=502):
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
futex(0x0, 0x3, 0x0, &(0x7f0000fd7ff0), &(0x7f0000048000), 0x0)
getsockopt$ARPT_SO_GET_ENTRIES(r0, 0x0, 0x61, 0x0, &(0x7f0000000bc0)=0x2c)
socket$inet_udp(0x2, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000003c0)=0xfffffffffffffff7)
r1 = getpid()
sched_setscheduler(r1, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x20000000000001a6, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
clock_adjtime(0x0, &(0x7f00000001c0)={0xffff, 0x0, 0x81, 0x0, 0x49, 0x0, 0x1000000, 0x1, 0x80000000, 0x0, 0x3b9ac9ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfef, 0x0, 0x0, 0x100000000, 0x0, 0x2}) (fail_nth: 5)

1.31432841s ago: executing program 2 (id=505):
openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = getpid()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00'}, 0x10)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
unshare(0x2040400)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000100)=@generic={0x0, r1}, 0x18)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYRES8=r1, @ANYRESHEX=r1], &(0x7f0000000180)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4, 0x0, 0x10000}, 0x18)
r5 = socket$inet6(0xa, 0x2, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
getpriority(0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x20, &(0x7f0000000280)={@mcast2, 0x800, 0x0, 0x103, 0x1}, 0x20)
setsockopt$inet6_int(r5, 0x29, 0x1000000000021, &(0x7f0000000040)=0x5, 0x4)
sendmsg$inet6(r5, &(0x7f0000000140)={&(0x7f00000000c0)={0xa, 0x4e26, 0x80000, @mcast2, 0xfffffffe}, 0x1c, 0x0, 0x0, &(0x7f0000000180)=[@rthdr={{0x18, 0x29, 0x39, {0x32, 0x0, 0x1, 0x4}}}], 0x18}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000340)={0x5, &(0x7f0000000300)=[{0x9, 0x4, 0x5, 0x1}, {0x9, 0x6, 0x2, 0x10001}, {0x0, 0x3, 0xc0, 0x6}, {0x8, 0x5, 0x6, 0x10001}, {0xfff8, 0x9, 0x8, 0x180}]})
r6 = socket(0x10, 0x80003, 0x0)
write(r6, &(0x7f0000000000)="240000001a005f0214f9f407000904000a000000fe0000000000000008000f00fd000000", 0x85)
close_range(r6, 0xffffffffffffffff, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_WIPHY(r7, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x18a0000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x28, 0x0, 0x400, 0x70bd28, 0x25dfdbfb, {}, [@NL80211_ATTR_WIPHY_ANTENNA_TX={0x8, 0x69, 0x71b0f253}, @NL80211_ATTR_WIPHY_DYN_ACK={0x4}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x143c}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0xc081)
r8 = syz_pidfd_open(r0, 0x0)
r9 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000004c0), 0x48100)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r9, 0xc08c5332, &(0x7f0000000040)={0x0, 0x4, 0x0, 'queue1\x00', 0xfffffffe})
openat2(r1, &(0x7f0000000240)='./file0\x00', &(0x7f00000003c0)={0x244000, 0x2, 0x29}, 0x18)
close_range(r8, 0xffffffffffffffff, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

1.029287774s ago: executing program 2 (id=506):
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'vcan0\x00', <r0=>0x0})
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
bind$can_j1939(r1, &(0x7f0000000080)={0x1d, r0, 0x0, {0x0, 0x0, 0x4}}, 0x18)
sendmsg$can_j1939(r1, &(0x7f00000001c0)={&(0x7f0000000040), 0x18, &(0x7f0000000180)={&(0x7f00000000c0)="92", 0x1a000}}, 0xee)
setsockopt$SO_J1939_FILTER(r1, 0x6b, 0x1, &(0x7f0000000280)=[{0x2, 0x2, {0x2, 0x0, 0x2}, {0x1, 0xff, 0x1}, 0x0, 0x101}, {0x0, 0x6, {0x0, 0xf0}, {0x0, 0x1, 0x2}, 0x0, 0x2}], 0x40)
close(r1)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000007c0)=@newtfilter={0x24, 0x11, 0x101, 0x70bd25, 0x100000, {0x0, 0x0, 0x74, r0, {0xa, 0x8}, {0x5, 0xfff3}, {0xfff1, 0xffe0}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4010}, 0xc4)

982.478355ms ago: executing program 2 (id=507):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000003c0)=0x11)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
r3 = socket(0x10, 0x3, 0x6)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000040))
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x2})
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f0000000080)=0x5)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x301, 0x0)

928.751496ms ago: executing program 4 (id=508):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x5, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x238, 0x0, 0x0, 0x40f00, 0x18, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x203}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071000000850000000800000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000600)=@raw={'raw\x00', 0x8, 0x3, 0x3c8, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x3f0, 0xffffffff, 0xffffffff, 0x3f0, 0xffffffff, 0xb, 0x0, {[{{@ipv6={@dev={0xfe, 0x80, '\x00', 0x1a}, @dev={0xfe, 0x80, '\x00', 0x28}, [0xffffff00, 0xffffff00, 0x0, 0xff000000], [0xff, 0x0, 0x9f19fd7a5e924fa7, 0xff], 'macvtap0\x00', 'bridge0\x00', {0xff}, {0xff}, 0x2b, 0x7, 0x5, 0x10}, 0x0, 0x1a0, 0x1c0, 0x60030000, {0x0, 0xff000000}, [@common=@inet=@recent0={{0xf8}, {0x81, 0x0, 0x24, 0x0, 'syz1\x00'}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0xd0, 0x138, 0x0, {}, [@common=@inet=@tcpmss={{0x28}, {0x39d3, 0x9, 0x1}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x428)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r2, 0x0, 0x80000}, 0x18)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDGKBTYPE(r3, 0x4b48, &(0x7f0000000040))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x8, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, 0x0, &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[], 0x48)
r8 = socket$l2tp(0x2, 0x2, 0x73)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000480)={'bridge_slave_0\x00', <r10=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000f00)=@newtfilter={0x498, 0x2c, 0x200, 0x70bd25, 0x25dfdbff, {0x0, 0x0, 0x0, r10, {0x8, 0xfff3}, {0xe, 0x2}, {0xffe0}}, [@filter_kind_options=@f_matchall={{0xd}, {0x464, 0x2, [@TCA_MATCHALL_FLAGS={0x8, 0x3, 0x7}, @TCA_MATCHALL_ACT={0x4}, @TCA_MATCHALL_ACT={0x44c, 0x2, [@m_sample={0x58, 0x1c, 0x0, 0x0, {{0xb}, {0x1c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0x4}, @TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0x8}, @TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0x6}]}, {0x12, 0x6, "9622dc861bb845ac2bf494538b61"}, {0xc, 0x7, {0x1}}, {0xc}}}, @m_skbedit={0x110, 0xb, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18, 0x2, {0x1a71, 0x3, 0x8, 0x1}}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0x9}]}, {0xc3, 0x6, "7f62511ed9a3ede5008d995cb955b7f2187e5c74f1ed04427710d12d6021acf74699573a45e853a003fe7c9003419747e41915b891b17d4b56473ea03c32a16d35b7eba561aa25644db721206f0d36e26040f01b267f4d747f91e8ba1fb378d3508547cf5d63051edfcb1b6f965c40a2a1c02c6cadeb5077dee48d2192089a99402fa7f7e4ac8a3884d17af5af0ac7d22116f5ccb18a36d4e699156abd3fecb5fe9b9db1c2f065056b64c54041569364b2647e5a20d1867f94752d3de4ea7b"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x2}}}}, @m_bpf={0x14c, 0xe, 0x0, 0x0, {{0x8}, {0x84, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS={0xc, 0x4, [{0x5, 0x1c, 0xff, 0x1}]}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0xffffa07c, 0x100, 0x5, 0x1, 0xfffffff7}}, @TCA_ACT_BPF_FD={0x8, 0x5, r9}, @TCA_ACT_BPF_OPS={0x34, 0x4, [{0x8, 0x9, 0x4, 0x3}, {0x9320, 0x89, 0xf9}, {0x9, 0xff, 0x7f, 0xe9cd}, {0x8, 0x8, 0x3b, 0x6}, {0x8001, 0x3, 0x1, 0xc}, {0x6, 0x0, 0xa, 0x74}]}, @TCA_ACT_BPF_FD={0x8, 0x5, r9}, @TCA_ACT_BPF_OPS={0xc, 0x4, [{0x1, 0x1, 0x1, 0xcb}]}, @TCA_ACT_BPF_NAME={0xc, 0x6, './file0\x00'}]}, {0xa2, 0x6, "3a82917675eb89076364474ba4fd7b08bcfc20c9a45bf5f7efd9d9e1aeef9839bfa9df130633f8e2338a480a2b316939156ace60502b02134bd9ad08ffde002dd1be6c375d7f5b58df2ddc33e3de4e0c67ad0175de125ce72c34483c5f4e2a9828c7b4939826c23fae1c2f4a0e1923e29a05cdc7243ab650523cb8a6084e163ba4c451e4b14fd9409790cd5cc536dc5d4549a26b4e90ac3a73a7cf257349"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_nat={0x194, 0x1e, 0x0, 0x0, {{0x8}, {0xa4, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x81, 0x7, 0x2, 0x9f7, 0x3}, @rand_addr=0x64010102, @initdev={0xac, 0x1e, 0x0, 0x0}, 0xffffffff, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x3fc, 0x5, 0x10000000, 0x8ff3, 0x401}, @loopback, @multicast1, 0xff000000, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x4, 0x8, 0x10000000, 0x1000, 0x2}, @private=0xa010102, @private=0xa010101}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x0, 0x1, 0x0, 0x5, 0x9}, @rand_addr=0x64010102, @initdev={0xac, 0x1e, 0x1, 0x0}, 0xffffffff}}]}, {0xc9, 0x6, "bcb5beec9ae5b0763be18110e76dba07a6f334aba4086fd8c165917144a5341ed42852972602558f89eca5710179605daec38648da867cfe4be2b042a439fe4184f6913c355312a25cd7676bada20fd3df3678c21630d7a0bd85350c296cc4177dc9f4e5d3d7a8f07621cc9fe6435c9b8353a3d74e8e6510560fa74aea9d4167790c368c6be69985d801beb5787afc429dff756eb0b79dc485c8751b74abab3fb5db3d17df128d6635a1a3976415e252708bab5b36ba1d18913cb3000d150084eefe484921"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x3}}}}]}, @TCA_MATCHALL_FLAGS={0x8}]}}]}, 0x498}}, 0x0)
setsockopt$inet_IP_XFRM_POLICY(r8, 0x0, 0x11, &(0x7f00000006c0)={{{@in=@multicast1, @in=@private=0xa010102, 0x4e20, 0x80, 0x4e21, 0x400, 0xa, 0x80, 0x20, 0xc, r10}, {0x80000000000000, 0x9, 0xe, 0x0, 0x1ff, 0x0, 0x3, 0x2000000000000007}, {0x30, 0x7, 0x10001, 0x1c56}, 0x5, 0x6e6bb8, 0x1, 0x0, 0x2, 0x1}, {{@in=@multicast1, 0x4d4, 0x2b}, 0xa, @in6=@ipv4={'\x00', '\xff\xff', @empty}, 0x3502, 0x3, 0x1da8a437a382b, 0x7, 0x3, 0xffffffff, 0x1}}, 0xe8)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000100)=ANY=[@ANYRES32=r7, @ANYRES32=<r11=>r6, @ANYBLOB='&'], 0x10)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r12}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYRES16=r11, @ANYRESHEX=r4, @ANYRES32, @ANYRES64, @ANYRES32=0x0], 0x48)
r13 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r13, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008108090f9becdb4cb92e264831371900000069bd6efb2502eaf60d002700020400bf050005001201", 0x2e}], 0x1}, 0x8800)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ec0)={&(0x7f0000000bc0)='kfree\x00', r5, 0x0, 0xfffffffffffffff4}, 0x18)

870.956837ms ago: executing program 2 (id=509):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000016000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={0x0, r1, 0x0, 0x80000000}, 0x18)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f00000004c0), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x28011, r2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

840.037127ms ago: executing program 4 (id=510):
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'wg0\x00'})
r0 = gettid()
rt_sigtimedwait(&(0x7f0000000080)={[0x3ff]}, 0x0, 0x0, 0x8)
tkill(r0, 0x7)

717.461749ms ago: executing program 4 (id=511):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0xca02})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000410"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x18)
capset(&(0x7f0000000380)={0x20080522}, &(0x7f0000000200)={0x7, 0x40200007, 0x0, 0x6, 0x7, 0x40})
setrlimit(0x40000000000008, &(0x7f0000000080)={0x0, 0x6})
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001600)={0x0, 0x0, &(0x7f0000000880)}, 0x4048841)
recvmsg(0xffffffffffffffff, &(0x7f0000000840)={0x0, 0x0, 0x0}, 0x10001)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000001c0)="04", 0x1}], 0x1}, 0x1)
recvmsg(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x32050)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
preadv(r0, &(0x7f0000000300)=[{&(0x7f0000000140)=""/4, 0x68}], 0x1, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})

716.130159ms ago: executing program 2 (id=512):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYRES32=r0, @ANYBLOB], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="020000000400"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = fsopen(0x0, 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x6)
symlinkat(&(0x7f0000000400)='./file0/../file0\x00', r3, &(0x7f0000000540)='./file0\x00')
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000021c0), 0x181000)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r4, 0xc0a85320, &(0x7f0000000c40)={{0x80, 0x40}, 'port0\x00', 0x0, 0x100c40, 0x7, 0x6, 0x2, 0x40, 0x3, 0x0, 0x1, 0x5})
ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r4, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port1\x00', 0x60, 0x1b1878, 0x4, 0x2, 0x3e4, 0x0, 0x4, 0x0, 0x4, 0x3})
close(r4)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')

683.3947ms ago: executing program 0 (id=513):
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x2c, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r2}, 0x18)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000020000000000000000085000000ae00000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x41, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000300)='kfree\x00', r3, 0x0, 0x9}, 0x18)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r4, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
rename(&(0x7f0000000000)='./file1\x00', &(0x7f0000000080)='./file2\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)

657.93669ms ago: executing program 2 (id=514):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000080)="1400000052004f030e789e7ee2ce2fa4ff612d27", 0x14)
recvmmsg(r0, &(0x7f0000005c80)=[{{0x0, 0x0, 0x0}}], 0x344, 0x10122, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
write$sndseq(r1, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick=0x1f4, {}, {}, @raw32={[0x2600]}}], 0xffc8)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000040000000000000000000018110000", @ANYRES32, @ANYBLOB="0080000000000000b70800007e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000030040009500000000000000"], 0x0, 0x2bf, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
socket$inet6(0xa, 0x1, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000020000000900010073797a30000000002c000000030a01010000000000000000020000000900010073797a30000000000900030073797a32000000003a000000030a03000000000000000000020000000900010073797a30000000000900030073797a32"], 0xa0}}, 0x8040)

524.833452ms ago: executing program 4 (id=515):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000080)={0x2, 0x3, 0x0, 0x3, 0x8, 0x0, 0x700, 0x0, [@sadb_key={0x1, 0x9}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0xfe, 0xd}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1a}}}]}, 0x40}, 0x1, 0x7}, 0x0)
r1 = open(&(0x7f00000003c0)='.\x00', 0x100, 0x97)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), r2)
sendmsg$NL80211_CMD_SET_COALESCE(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000500)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000020200000008000300", @ANYRES32=r1], 0x28}}, 0x0)
r4 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r4, 0x11b, 0x3, &(0x7f00000001c0)=0x800, 0x4)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'dummy0\x00', <r5=>0x0})
bind$xdp(r4, &(0x7f0000000100)={0x2c, 0x9, r5, 0x40}, 0x10)
ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8916, &(0x7f00000000c0)={@private2={0xfc, 0x2, '\x00', 0x1}, 0x57, r5})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x80)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x1adc51, 0x0)
mount$tmpfs(0x0, &(0x7f0000000400)='./file0/../file0\x00', &(0x7f00000001c0), 0x0, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)

405.472814ms ago: executing program 0 (id=516):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000080)="1400000052004f030e789e7ee2ce2fa4ff612d27", 0x14)
recvmmsg(r0, &(0x7f0000005c80)=[{{0x0, 0x0, 0x0}}], 0x344, 0x10122, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000040000000000000000000018110000", @ANYRES32, @ANYBLOB="0080000000000000b70800007e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000030040009500000000000000"], 0x0, 0x2bf, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
socket$inet6(0xa, 0x1, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000020000000900010073797a30000000002c000000030a01010000000000000000020000000900010073797a30000000000900030073797a32000000003a000000030a03000000000000000000020000000900010073797a30000000000900030073797a32"], 0xa0}}, 0x8040)

384.912224ms ago: executing program 4 (id=517):
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'vcan0\x00', <r0=>0x0})
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
bind$can_j1939(r1, &(0x7f0000000080)={0x1d, r0, 0x0, {0x0, 0x0, 0x4}}, 0x18)
sendmsg$can_j1939(r1, &(0x7f00000001c0)={&(0x7f0000000040), 0x18, &(0x7f0000000180)={&(0x7f00000000c0)="92", 0x1a000}}, 0xee)
setsockopt$SO_J1939_FILTER(r1, 0x6b, 0x1, &(0x7f0000000280)=[{0x2, 0x2, {0x2, 0x0, 0x2}, {0x1, 0xff, 0x1}, 0x0, 0x101}, {0x0, 0x6, {0x0, 0xf0}, {0x0, 0x1, 0x2}, 0x0, 0x2}], 0x40)
close(r1)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000007c0)=@newtfilter={0x24, 0x11, 0x101, 0x70bd25, 0x100000, {0x0, 0x0, 0x74, r0, {0xa, 0x8}, {0x5, 0xfff3}, {0xfff1, 0xffe0}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4010}, 0xc4)

327.141645ms ago: executing program 4 (id=518):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000ff01000000000000002000007b1af8ff00000000bf"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(0xffffffffffffffff, &(0x7f00000002c0)='@', 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback, 0x3}, 0x1c)
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000380)='d', 0x1}], 0x1}, 0x2000c041)
writev(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000240)=',', 0x34000}], 0x1)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}]}, &(0x7f00000002c0)=0x10)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r2, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f00000010c0)=0x8)
setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000040)={r3, 0x6}, 0x8)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000280)=@sack_info={r3, 0xfffffffc, 0xfff}, 0xc)
r4 = socket(0x2a, 0x2, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f0000000080)={'batadv0\x00', <r6=>0x0})
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x10)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, 0x0)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000540)={{r7}, &(0x7f0000000200), &(0x7f0000000500)=r8}, 0x20)
r9 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="020a000207000000000000000000000005001a"], 0x38}}, 0x40000)
sendto$packet(r5, &(0x7f0000000240)="f2435f0100088000000000850800", 0xe, 0x0, &(0x7f0000000200)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @link_local}, 0x14)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[@ANYBLOB="3c00000013000100000000000000000000000002", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=r6, @ANYBLOB="1400350064756d6d7930"], 0x3c}}, 0x0)
ioctl$SIOCSIFMTU(r4, 0x8922, &(0x7f0000000080)={'dummy0\x00'})

273.803816ms ago: executing program 0 (id=519):
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6088}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x44}, 0x1, 0x2000000000000000}, 0x0)
r2 = dup2(r0, r0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=ANY=[], 0x94}}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
socket$packet(0x11, 0x2, 0x300)
socket$kcm(0x10, 0x2, 0x4)
write$tun(r2, 0x0, 0x46)

230.313537ms ago: executing program 3 (id=520):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000080)="1400000052004f030e789e7ee2ce2fa4ff612d27", 0x14)
recvmmsg(r0, &(0x7f0000005c80)=[{{0x0, 0x0, 0x0}}], 0x344, 0x10122, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x62181)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000040000000000000000000018110000", @ANYRES32, @ANYBLOB="0080000000000000b70800007e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000030040009500000000000000"], 0x0, 0x2bf, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
socket$inet6(0xa, 0x1, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000020000000900010073797a30000000002c000000030a01010000000000000000020000000900010073797a30000000000900030073797a32000000003a000000030a03000000000000000000020000000900010073797a30000000000900030073797a32"], 0xa0}}, 0x8040)

229.736487ms ago: executing program 0 (id=521):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f0000000100)={0x10000, 0x40, 0x7, 0x0, 0xd, "359ba13d31063cf9edcd757b73a5fd6f39ae17"})
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00"/13], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
mount$9p_fd(0x0, &(0x7f0000003040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x0, 0x280440, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000800)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000b40)=@filter={'filter\x00', 0x4, 0x4, 0x4b8, 0xffffffff, 0x0, 0xe8, 0x260, 0xfeffffff, 0xffffffff, 0x3e8, 0x3e8, 0x3e8, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@dev={0xfe, 0x80, '\x00', 0x29}, @private2, [0xffffffff, 0xff000000, 0xff, 0xffffff00], [0xffffff00, 0xffffffff, 0xffffffff, 0xffffffff], 'hsr0\x00', 'sit0\x00', {}, {}, 0x87, 0x3, 0x4, 0x5}, 0x2f2, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x5, {0x7}}}}, {{@ipv6={@private2, @empty, [], [0x0, 0x0, 0xff000000], 'sit0\x00', 'batadv_slave_1\x00'}, 0x0, 0x138, 0x178, 0x0, {}, [@common=@srh1={{0x90}, {0x21, 0x12, 0xbe, 0x7, 0x5aa9, @ipv4={'\x00', '\xff\xff', @empty}, @private1, @local, [0xff000000, 0xff000000, 0x0, 0xff], [0xffffff00, 0xff000000, 0xff], [0x0, 0xff000000, 0xffffff00, 0x7fffff7f], 0x3c80}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x5, {0x2000010}}}}, {{@uncond, 0x0, 0x160, 0x188, 0x0, {}, [@common=@unspec=@addrtype1={{0x28}, {0x21, 0x180, 0x5}}, @common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x3, 0x7, @private1={0xfc, 0x1, '\x00', 0x1}, @mcast1, @private1, [0x0, 0x0, 0xff, 0xff], [0x0, 0xffffff00], [0x0, 0xff000000], 0x843, 0x1400}}]}, @REJECT={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x518)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000006c0)='kmem_cache_free\x00'}, 0x10)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20004048, &(0x7f00000001c0)={0xa, 0x4e20, 0x0, @empty, 0x4}, 0x1c)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x7}, 0x8164, 0x10000, 0x2, 0x1, 0x8, 0x200, 0x4b, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$UHID_CREATE2(r4, 0x0, 0x8)

176.754078ms ago: executing program 3 (id=522):
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$cgroup_devices(r1, &(0x7f0000000080)=ANY=[@ANYBLOB='b'], 0x8)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
bind$bt_l2cap(r2, &(0x7f0000000040)={0x1f, 0x0, @any, 0xd1}, 0xe)
getsockopt$bt_BT_FLUSHABLE(r2, 0x112, 0x4, 0x0, &(0x7f0000000000))
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x7ff}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000780)=ANY=[@ANYBLOB="02030003220000002cbd7000fcdbdf2502000900080000000a0000000000000005000600000000000a0000000000000000000000000000000000000000000001020000000000000002000100000000000400070c0000000005000500000000000a00"/117], 0x110}, 0x1, 0x7}, 0x0)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r5 = openat$cgroup_devices(r4, &(0x7f00000001c0)='devices.deny\x00', 0x2, 0x0)
splice(r0, 0x0, r5, 0x0, 0x8, 0x0)

171.465128ms ago: executing program 0 (id=523):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x2})
close(r2)
dup(0xffffffffffffffff)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
ptrace$getregs(0xc, r3, 0xffffffffffffdcaf, &(0x7f0000000040)=""/45)

121.669839ms ago: executing program 3 (id=524):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYRES32=r0, @ANYBLOB], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="020000000400"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = fsopen(0x0, 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x6)
symlinkat(&(0x7f0000000400)='./file0/../file0\x00', r3, &(0x7f0000000540)='./file0\x00')
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000021c0), 0x181000)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r4, 0xc0a85320, &(0x7f0000000c40)={{0x80, 0x40}, 'port0\x00', 0x0, 0x100c40, 0x7, 0x6, 0x2, 0x40, 0x3, 0x0, 0x1, 0x5})
ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r4, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port1\x00', 0x60, 0x1b1878, 0x4, 0x2, 0x3e4, 0x0, 0x4, 0x0, 0x4, 0x3})
close(r4)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')

107.745239ms ago: executing program 0 (id=525):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0xca02})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000410"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x18)
capset(&(0x7f0000000380)={0x20080522}, &(0x7f0000000200)={0x7, 0x40200007, 0x0, 0x6, 0x7, 0x40})
setrlimit(0x40000000000008, &(0x7f0000000080)={0x0, 0x6})
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001600)={0x0, 0x0, &(0x7f0000000880)}, 0x4048841)
recvmsg(0xffffffffffffffff, &(0x7f0000000840)={0x0, 0x0, 0x0}, 0x10001)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000001c0)="04", 0x1}], 0x1}, 0x1)
recvmsg(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x32050)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
preadv(r0, &(0x7f0000000300)=[{&(0x7f0000000140)=""/4, 0x68}], 0x1, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})

47.899019ms ago: executing program 1 (id=526):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000080)={0x2, 0x3, 0x0, 0x3, 0xb, 0x0, 0x700, 0x0, [@sadb_key={0x1, 0x9}, @sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @private}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0xfe, 0xd}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1a}}}]}, 0x58}, 0x1, 0x7}, 0x0)
r1 = open(&(0x7f00000003c0)='.\x00', 0x100, 0x97)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), r2)
sendmsg$NL80211_CMD_SET_COALESCE(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000500)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000020200000008000300", @ANYRES32=r1], 0x28}}, 0x0)
r4 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r4, 0x11b, 0x3, &(0x7f00000001c0)=0x800, 0x4)
socket$tipc(0x1e, 0x2, 0x0)
bind$xdp(r4, &(0x7f0000000100)={0x2c, 0x9, 0x0, 0x40}, 0x10)
ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8916, &(0x7f00000000c0)={@private2={0xfc, 0x2, '\x00', 0x1}, 0x57})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x80)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
mount$bind(0x0, 0x0, 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000140)='./file0\x00', &(0x7f0000000080)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
mount$tmpfs(0x0, &(0x7f0000000400)='./file0/../file0\x00', &(0x7f00000001c0), 0x0, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)

46.778289ms ago: executing program 3 (id=527):
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
futex(&(0x7f000000cffc)=0x1, 0xd, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x6, 0x0, &(0x7f0000000000)={0x77359400}, 0x0, 0x3)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)

348.25µs ago: executing program 1 (id=528):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000080)={0x2, 0x3, 0x0, 0x3, 0x8, 0x0, 0x700, 0x0, [@sadb_key={0x1, 0x9}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0xfe, 0xd}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1a}}}]}, 0x40}, 0x1, 0x7}, 0x0)
r1 = open(&(0x7f00000003c0)='.\x00', 0x100, 0x97)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), r2)
sendmsg$NL80211_CMD_SET_COALESCE(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000500)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000020200000008000300", @ANYRES32=r1], 0x28}}, 0x0)
r4 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r4, 0x11b, 0x3, &(0x7f00000001c0)=0x800, 0x4)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'dummy0\x00', <r5=>0x0})
bind$xdp(r4, &(0x7f0000000100)={0x2c, 0x9, r5, 0x40}, 0x10)
ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8916, &(0x7f00000000c0)={@private2={0xfc, 0x2, '\x00', 0x1}, 0x57, r5})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x80)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x1adc51, 0x0)
mount$tmpfs(0x0, 0x0, &(0x7f00000001c0), 0x0, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)

0s ago: executing program 1 (id=529):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100003020702500000000002020207b1af8ff00000000bfa1000000000000070100003affffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000400)='kfree\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'team0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="4400000010000104000002000000000000000000", @ANYRES32=0x0, @ANYBLOB="0380000000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r2, @ANYBLOB="d35b747a08000a00", @ANYRES32=r2, @ANYBLOB], 0x44}, 0x1, 0x0, 0x0, 0x20004885}, 0x4054)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)=<r4=>0x0)
timer_settime(r4, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r5, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.81' (ED25519) to the list of known hosts.
[   27.172457][   T29] audit: type=1400 audit(1753272387.828:62): avc:  denied  { mounton } for  pid=3293 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   27.173608][ T3293] cgroup: Unknown subsys name 'net'
[   27.195222][   T29] audit: type=1400 audit(1753272387.828:63): avc:  denied  { mount } for  pid=3293 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   27.222647][   T29] audit: type=1400 audit(1753272387.858:64): avc:  denied  { unmount } for  pid=3293 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   27.400750][ T3293] cgroup: Unknown subsys name 'cpuset'
[   27.407074][ T3293] cgroup: Unknown subsys name 'rlimit'
[   27.559253][   T29] audit: type=1400 audit(1753272388.208:65): avc:  denied  { setattr } for  pid=3293 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   27.586676][   T29] audit: type=1400 audit(1753272388.208:66): avc:  denied  { create } for  pid=3293 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   27.607265][   T29] audit: type=1400 audit(1753272388.208:67): avc:  denied  { write } for  pid=3293 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   27.627705][   T29] audit: type=1400 audit(1753272388.208:68): avc:  denied  { read } for  pid=3293 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   27.648129][   T29] audit: type=1400 audit(1753272388.208:69): avc:  denied  { mounton } for  pid=3293 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   27.657419][ T3298] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[   27.673120][   T29] audit: type=1400 audit(1753272388.208:70): avc:  denied  { mount } for  pid=3293 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
Setting up swapspace version 1, size = 127995904 bytes
[   27.705628][   T29] audit: type=1400 audit(1753272388.338:71): avc:  denied  { relabelto } for  pid=3298 comm="mkswap" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   27.733636][ T3293] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   28.914958][ T3306] chnl_net:caif_netlink_parms(): no params data found
[   29.014314][ T3305] chnl_net:caif_netlink_parms(): no params data found
[   29.033651][ T3306] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.040841][ T3306] bridge0: port 1(bridge_slave_0) entered disabled state
[   29.048060][ T3306] bridge_slave_0: entered allmulticast mode
[   29.054758][ T3306] bridge_slave_0: entered promiscuous mode
[   29.065671][ T3314] chnl_net:caif_netlink_parms(): no params data found
[   29.078733][ T3306] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.086017][ T3306] bridge0: port 2(bridge_slave_1) entered disabled state
[   29.093209][ T3306] bridge_slave_1: entered allmulticast mode
[   29.099669][ T3306] bridge_slave_1: entered promiscuous mode
[   29.158784][ T3306] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   29.185550][ T3305] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.192936][ T3305] bridge0: port 1(bridge_slave_0) entered disabled state
[   29.200436][ T3305] bridge_slave_0: entered allmulticast mode
[   29.206800][ T3305] bridge_slave_0: entered promiscuous mode
[   29.214405][ T3306] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   29.230719][ T3311] chnl_net:caif_netlink_parms(): no params data found
[   29.244003][ T3305] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.251208][ T3305] bridge0: port 2(bridge_slave_1) entered disabled state
[   29.258320][ T3305] bridge_slave_1: entered allmulticast mode
[   29.265109][ T3305] bridge_slave_1: entered promiscuous mode
[   29.293212][ T3314] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.300387][ T3314] bridge0: port 1(bridge_slave_0) entered disabled state
[   29.307680][ T3314] bridge_slave_0: entered allmulticast mode
[   29.314176][ T3314] bridge_slave_0: entered promiscuous mode
[   29.330738][ T3306] team0: Port device team_slave_0 added
[   29.344106][ T3314] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.351247][ T3314] bridge0: port 2(bridge_slave_1) entered disabled state
[   29.358479][ T3314] bridge_slave_1: entered allmulticast mode
[   29.365180][ T3314] bridge_slave_1: entered promiscuous mode
[   29.376494][ T3306] team0: Port device team_slave_1 added
[   29.384254][ T3316] chnl_net:caif_netlink_parms(): no params data found
[   29.403484][ T3305] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   29.436923][ T3305] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   29.452185][ T3314] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   29.461608][ T3306] batman_adv: batadv0: Adding interface: batadv_slave_0
[   29.468586][ T3306] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   29.494585][ T3306] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   29.508283][ T3306] batman_adv: batadv0: Adding interface: batadv_slave_1
[   29.515320][ T3306] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   29.541346][ T3306] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   29.562753][ T3314] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   29.580253][ T3311] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.587354][ T3311] bridge0: port 1(bridge_slave_0) entered disabled state
[   29.594658][ T3311] bridge_slave_0: entered allmulticast mode
[   29.601036][ T3311] bridge_slave_0: entered promiscuous mode
[   29.608364][ T3305] team0: Port device team_slave_0 added
[   29.615049][ T3305] team0: Port device team_slave_1 added
[   29.633906][ T3311] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.641034][ T3311] bridge0: port 2(bridge_slave_1) entered disabled state
[   29.648192][ T3311] bridge_slave_1: entered allmulticast mode
[   29.654863][ T3311] bridge_slave_1: entered promiscuous mode
[   29.690110][ T3311] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   29.704383][ T3305] batman_adv: batadv0: Adding interface: batadv_slave_0
[   29.711396][ T3305] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   29.737415][ T3305] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   29.750301][ T3314] team0: Port device team_slave_0 added
[   29.760484][ T3306] hsr_slave_0: entered promiscuous mode
[   29.766487][ T3306] hsr_slave_1: entered promiscuous mode
[   29.773617][ T3311] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   29.788494][ T3305] batman_adv: batadv0: Adding interface: batadv_slave_1
[   29.795574][ T3305] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   29.821676][ T3305] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   29.833313][ T3314] team0: Port device team_slave_1 added
[   29.856448][ T3311] team0: Port device team_slave_0 added
[   29.885610][ T3311] team0: Port device team_slave_1 added
[   29.901540][ T3316] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.908783][ T3316] bridge0: port 1(bridge_slave_0) entered disabled state
[   29.916107][ T3316] bridge_slave_0: entered allmulticast mode
[   29.922557][ T3316] bridge_slave_0: entered promiscuous mode
[   29.952700][ T3314] batman_adv: batadv0: Adding interface: batadv_slave_0
[   29.959686][ T3314] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   29.985788][ T3314] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   29.996686][ T3316] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.003808][ T3316] bridge0: port 2(bridge_slave_1) entered disabled state
[   30.011051][ T3316] bridge_slave_1: entered allmulticast mode
[   30.017546][ T3316] bridge_slave_1: entered promiscuous mode
[   30.033565][ T3305] hsr_slave_0: entered promiscuous mode
[   30.039499][ T3305] hsr_slave_1: entered promiscuous mode
[   30.045338][ T3305] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   30.053005][ T3305] Cannot create hsr debugfs directory
[   30.058823][ T3311] batman_adv: batadv0: Adding interface: batadv_slave_0
[   30.065819][ T3311] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   30.091789][ T3311] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   30.102828][ T3314] batman_adv: batadv0: Adding interface: batadv_slave_1
[   30.109803][ T3314] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   30.135906][ T3314] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   30.154962][ T3316] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   30.164421][ T3311] batman_adv: batadv0: Adding interface: batadv_slave_1
[   30.171434][ T3311] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   30.197360][ T3311] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   30.224895][ T3316] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   30.244963][ T3316] team0: Port device team_slave_0 added
[   30.265257][ T3316] team0: Port device team_slave_1 added
[   30.298265][ T3316] batman_adv: batadv0: Adding interface: batadv_slave_0
[   30.305297][ T3316] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   30.331589][ T3316] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   30.349126][ T3311] hsr_slave_0: entered promiscuous mode
[   30.355380][ T3311] hsr_slave_1: entered promiscuous mode
[   30.361234][ T3311] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   30.368801][ T3311] Cannot create hsr debugfs directory
[   30.381004][ T3316] batman_adv: batadv0: Adding interface: batadv_slave_1
[   30.387978][ T3316] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   30.413969][ T3316] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   30.426729][ T3314] hsr_slave_0: entered promiscuous mode
[   30.433304][ T3314] hsr_slave_1: entered promiscuous mode
[   30.439380][ T3314] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   30.446985][ T3314] Cannot create hsr debugfs directory
[   30.528538][ T3316] hsr_slave_0: entered promiscuous mode
[   30.534808][ T3316] hsr_slave_1: entered promiscuous mode
[   30.540663][ T3316] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   30.548297][ T3316] Cannot create hsr debugfs directory
[   30.585589][ T3306] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   30.596136][ T3306] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   30.609238][ T3306] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   30.639464][ T3306] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   30.696293][ T3305] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   30.705178][ T3305] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   30.721419][ T3305] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   30.730285][ T3305] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   30.755651][ T3311] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   30.765693][ T3311] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   30.774522][ T3311] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   30.785901][ T3311] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   30.825984][ T3314] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   30.835680][ T3314] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   30.844493][ T3314] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   30.864221][ T3314] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   30.888699][ T3306] 8021q: adding VLAN 0 to HW filter on device bond0
[   30.911327][ T3305] 8021q: adding VLAN 0 to HW filter on device bond0
[   30.919075][ T3316] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   30.928200][ T3316] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   30.937029][ T3316] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   30.950353][ T3316] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   30.968978][ T3306] 8021q: adding VLAN 0 to HW filter on device team0
[   30.987353][ T3305] 8021q: adding VLAN 0 to HW filter on device team0
[   31.001635][ T3311] 8021q: adding VLAN 0 to HW filter on device bond0
[   31.015359][   T31] bridge0: port 1(bridge_slave_0) entered blocking state
[   31.022457][   T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[   31.031761][   T31] bridge0: port 2(bridge_slave_1) entered blocking state
[   31.038900][   T31] bridge0: port 2(bridge_slave_1) entered forwarding state
[   31.054878][ T1764] bridge0: port 1(bridge_slave_0) entered blocking state
[   31.061981][ T1764] bridge0: port 1(bridge_slave_0) entered forwarding state
[   31.078121][ T1764] bridge0: port 2(bridge_slave_1) entered blocking state
[   31.085240][ T1764] bridge0: port 2(bridge_slave_1) entered forwarding state
[   31.108553][ T3311] 8021q: adding VLAN 0 to HW filter on device team0
[   31.134611][ T1764] bridge0: port 1(bridge_slave_0) entered blocking state
[   31.141737][ T1764] bridge0: port 1(bridge_slave_0) entered forwarding state
[   31.163647][ T1764] bridge0: port 2(bridge_slave_1) entered blocking state
[   31.170742][ T1764] bridge0: port 2(bridge_slave_1) entered forwarding state
[   31.196018][ T3314] 8021q: adding VLAN 0 to HW filter on device bond0
[   31.216253][ T3316] 8021q: adding VLAN 0 to HW filter on device bond0
[   31.235732][ T3314] 8021q: adding VLAN 0 to HW filter on device team0
[   31.246534][ T3311] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   31.266465][ T3316] 8021q: adding VLAN 0 to HW filter on device team0
[   31.292989][  T405] bridge0: port 1(bridge_slave_0) entered blocking state
[   31.300119][  T405] bridge0: port 1(bridge_slave_0) entered forwarding state
[   31.309567][  T405] bridge0: port 1(bridge_slave_0) entered blocking state
[   31.316707][  T405] bridge0: port 1(bridge_slave_0) entered forwarding state
[   31.327418][   T51] bridge0: port 2(bridge_slave_1) entered blocking state
[   31.334539][   T51] bridge0: port 2(bridge_slave_1) entered forwarding state
[   31.359559][ T3314] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   31.370058][ T3314] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   31.388856][   T51] bridge0: port 2(bridge_slave_1) entered blocking state
[   31.395950][   T51] bridge0: port 2(bridge_slave_1) entered forwarding state
[   31.406897][ T3305] 8021q: adding VLAN 0 to HW filter on device batadv0
[   31.423021][ T3306] 8021q: adding VLAN 0 to HW filter on device batadv0
[   31.501743][ T3311] 8021q: adding VLAN 0 to HW filter on device batadv0
[   31.536457][ T3314] 8021q: adding VLAN 0 to HW filter on device batadv0
[   31.570448][ T3316] 8021q: adding VLAN 0 to HW filter on device batadv0
[   31.641966][ T3306] veth0_vlan: entered promiscuous mode
[   31.654678][ T3306] veth1_vlan: entered promiscuous mode
[   31.701215][ T3306] veth0_macvtap: entered promiscuous mode
[   31.719810][ T3311] veth0_vlan: entered promiscuous mode
[   31.729200][ T3306] veth1_macvtap: entered promiscuous mode
[   31.743414][ T3305] veth0_vlan: entered promiscuous mode
[   31.751732][ T3311] veth1_vlan: entered promiscuous mode
[   31.771258][ T3314] veth0_vlan: entered promiscuous mode
[   31.778959][ T3306] batman_adv: batadv0: Interface activated: batadv_slave_0
[   31.788908][ T3305] veth1_vlan: entered promiscuous mode
[   31.801912][ T3306] batman_adv: batadv0: Interface activated: batadv_slave_1
[   31.810307][ T3316] veth0_vlan: entered promiscuous mode
[   31.821912][ T3306] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   31.830820][ T3306] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   31.840056][ T3306] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   31.848811][ T3306] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   31.867309][ T3314] veth1_vlan: entered promiscuous mode
[   31.876014][ T3311] veth0_macvtap: entered promiscuous mode
[   31.888906][ T3316] veth1_vlan: entered promiscuous mode
[   31.905708][ T3311] veth1_macvtap: entered promiscuous mode
[   31.922384][ T3314] veth0_macvtap: entered promiscuous mode
[   31.922924][ T3306] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   31.930387][ T3314] veth1_macvtap: entered promiscuous mode
[   31.957532][ T3305] veth0_macvtap: entered promiscuous mode
[   31.965640][ T3305] veth1_macvtap: entered promiscuous mode
[   31.986587][ T3314] batman_adv: batadv0: Interface activated: batadv_slave_0
[   31.995243][ T3311] batman_adv: batadv0: Interface activated: batadv_slave_0
[   32.008266][ T3305] batman_adv: batadv0: Interface activated: batadv_slave_0
[   32.025838][ T3314] batman_adv: batadv0: Interface activated: batadv_slave_1
[   32.036329][ T3311] batman_adv: batadv0: Interface activated: batadv_slave_1
[   32.045416][ T3305] batman_adv: batadv0: Interface activated: batadv_slave_1
[   32.053929][ T3311] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   32.062734][ T3311] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   32.071572][ T3311] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   32.080428][ T3311] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   32.102070][ T3305] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   32.110885][ T3305] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   32.119644][ T3305] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   32.128408][ T3305] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   32.142244][ T3314] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   32.151104][ T3314] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   32.160089][ T3314] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   32.168879][ T3314] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   32.180442][ T3316] veth0_macvtap: entered promiscuous mode
[   32.210661][ T3316] veth1_macvtap: entered promiscuous mode
[   32.222298][ T3316] batman_adv: batadv0: Interface activated: batadv_slave_0
[   32.241383][ T3316] batman_adv: batadv0: Interface activated: batadv_slave_1
[   32.260177][   T29] kauditd_printk_skb: 27 callbacks suppressed
[   32.260193][   T29] audit: type=1400 audit(1753272392.918:99): avc:  denied  { write } for  pid=3480 comm="syz.2.3" name="pfkey" dev="proc" ino=4026532992 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[   32.295899][ T3316] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   32.304844][ T3316] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   32.309571][   T29] audit: type=1326 audit(1753272392.958:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3482 comm="syz.0.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa81e5e9a9 code=0x7ffc0000
[   32.313679][ T3316] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   32.336680][   T29] audit: type=1326 audit(1753272392.958:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3482 comm="syz.0.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7faa81e5e9a9 code=0x7ffc0000
[   32.345520][ T3316] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   32.368477][   T29] audit: type=1326 audit(1753272392.958:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3482 comm="syz.0.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa81e5e9a9 code=0x7ffc0000
[   32.368510][   T29] audit: type=1326 audit(1753272392.958:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3482 comm="syz.0.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa81e5e9a9 code=0x7ffc0000
[   32.407727][ T3484] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[   32.428853][   T29] audit: type=1326 audit(1753272393.038:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3482 comm="syz.0.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7faa81e5e9a9 code=0x7ffc0000
[   32.454785][   T29] audit: type=1400 audit(1753272393.038:105): avc:  denied  { mount } for  pid=3482 comm="syz.0.7" name="/" dev="ramfs" ino=3687 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[   32.476638][   T29] audit: type=1326 audit(1753272393.038:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3482 comm="syz.0.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa81e5e9a9 code=0x7ffc0000
[   32.499750][   T29] audit: type=1326 audit(1753272393.038:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3482 comm="syz.0.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7faa81e5e9a9 code=0x7ffc0000
[   32.522886][   T29] audit: type=1326 audit(1753272393.038:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3482 comm="syz.0.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa81e5e9a9 code=0x7ffc0000
[   32.645595][ T3495] netlink: 'syz.1.2': attribute type 30 has an invalid length.
[   32.654063][ T3492] netlink: 'syz.0.8': attribute type 10 has an invalid length.
[   32.664903][ T3491] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   32.677945][ T3495] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0)
[   32.687143][ T3495] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255
[   32.715300][ T3492] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   32.762160][ T3497] can0: slcan on ptm0.
[   32.831833][ T3492] syz.0.8 (3492) used greatest stack depth: 10880 bytes left
[   32.961938][ T3506] can1: slcan on ttyS3.
[   33.051763][ T3509] loop3: detected capacity change from 0 to 512
[   33.067374][ T3509] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   33.137973][ T3509] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   33.146272][ T3509] EXT4-fs (loop3): orphan cleanup on readonly fs
[   33.162143][ T3509] EXT4-fs (loop3): 1 orphan inode deleted
[   33.217310][ T3510] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9'.
[   33.348346][  T405] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:4: Failed to release dquot type 1
[   33.358321][ T3510] netlink: 12 bytes leftover after parsing attributes in process `syz.2.9'.
[   33.375609][ T3518] capability: warning: `syz.0.11' uses 32-bit capabilities (legacy support in use)
[   33.397102][ T3509] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   33.430138][ T3506] can1 (unregistered): slcan off ttyS3.
[   33.463217][ T3506] can1: slcan on ttyS3.
[   33.543134][ T3516] infiniband syz!: set active
[   33.547967][ T3516] infiniband syz!: added team_slave_0
[   33.560017][ T3505] can1 (unregistered): slcan off ttyS3.
[   33.600129][ T3516] RDS/IB: syz!: added
[   33.604227][ T3516] smc: adding ib device syz! with port count 1
[   33.610491][ T3516] smc:    ib device syz! port 1 has pnetid 
[   33.620877][ T3534] netlink: 'syz.1.12': attribute type 3 has an invalid length.
[   33.629273][ T3509] syz.3.4 (3509) used greatest stack depth: 10192 bytes left
[   33.650994][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   33.670490][ T3490] can0 (unregistered): slcan off ptm0.
[   33.757279][ T3491] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   33.865896][ T3542] netlink: 14 bytes leftover after parsing attributes in process `syz.0.13'.
[   33.899093][ T3542] netlink: 44 bytes leftover after parsing attributes in process `syz.0.13'.
[   33.914556][ T3550] batman_adv: batadv0: Adding interface: dummy0
[   33.921059][ T3550] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   33.953090][ T3542] netlink: 20 bytes leftover after parsing attributes in process `syz.0.13'.
[   33.964410][ T3550] batman_adv: batadv0: Interface activated: dummy0
[   34.327192][ T3563] x_tables: ip6_tables: tcpmss match: only valid for protocol 6
[   34.342317][ T3563] netlink: 'syz.1.15': attribute type 39 has an invalid length.
[   34.436009][ T3568] netlink: 12 bytes leftover after parsing attributes in process `syz.2.17'.
[   34.445602][ T3568] smc: net device bond0 applied user defined pnetid SYZ
[   34.453250][ T3568] smc: net device bond0 erased user defined pnetid SYZ
[   34.511256][ T3572] loop2: detected capacity change from 0 to 1024
[   34.518510][ T3572] =======================================================
[   34.518510][ T3572] WARNING: The mand mount option has been deprecated and
[   34.518510][ T3572]          and is ignored by this kernel. Remove the mand
[   34.518510][ T3572]          option from the mount to silence this warning.
[   34.518510][ T3572] =======================================================
[   34.570140][ T3572] EXT4-fs: Ignoring removed nobh option
[   34.576149][ T3572] EXT4-fs: Ignoring removed bh option
[   34.595950][ T3574] can0: slcan on ttyS3.
[   34.599177][ T3572] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   34.640119][ T3574] can0 (unregistered): slcan off ttyS3.
[   34.701185][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.718539][ T3591] loop3: detected capacity change from 0 to 512
[   34.763483][ T3591] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[   34.772871][ T3591] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[   34.786602][ T3591] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended
[   34.797713][ T3591] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[   34.809461][ T3591] System zones: 0-2, 18-18, 34-35
[   34.818528][ T3591] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   34.900935][ T3614] can0: slcan on ttyS3.
[   34.914212][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.941192][ T3614] can0 (unregistered): slcan off ttyS3.
[   34.992383][ T3619] can0: slcan on ttyS3.
[   35.040984][ T3619] can0 (unregistered): slcan off ttyS3.
[   35.047856][ T3491] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   35.354028][ T3491] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   35.625021][ T3635] loop1: detected capacity change from 0 to 128
[   36.010814][ T3642] can0: slcan on ttyS3.
[   36.102112][ T3642] can0 (unregistered): slcan off ttyS3.
[   36.182978][ T3654] loop4: detected capacity change from 0 to 512
[   36.238339][ T3654] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.34: bg 0: block 131: padding at end of block bitmap is not set
[   36.263654][ T3654] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[   36.298409][ T2997] udevd[2997]: worker [3517] terminated by signal 33 (Unknown signal 33)
[   36.318489][ T3654] EXT4-fs (loop4): 1 truncate cleaned up
[   36.334173][ T2997] udevd[2997]: worker [3517] failed while handling '/devices/virtual/block/loop4'
[   36.345465][ T3654] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   36.402144][ T3659] tmpfs: Bad value for 'mpol'
[   36.408682][ T2997] udevd[2997]: worker [3519] terminated by signal 33 (Unknown signal 33)
[   36.417903][ T2997] udevd[2997]: worker [3519] failed while handling '/devices/virtual/block/loop4'
[   36.517027][ T3663] batman_adv: batadv0: Adding interface: dummy0
[   36.523484][ T3663] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   36.560299][ T3665] loop1: detected capacity change from 0 to 8192
[   36.567548][ T3663] batman_adv: batadv0: Interface activated: dummy0
[   36.611889][ T3299]  loop1: p1 p2 p4
[   36.615896][ T3299] loop1: p1 size 65536 extends beyond EOD, truncated
[   36.631366][ T3299] loop1: p2 start 861536256 is beyond EOD, truncated
[   36.638146][ T3299] loop1: p4 size 65536 extends beyond EOD, truncated
[   36.652182][ T3665]  loop1: p1 p2 p4
[   36.656073][ T3665] loop1: p1 size 65536 extends beyond EOD, truncated
[   36.666500][ T3665] loop1: p2 start 861536256 is beyond EOD, truncated
[   36.673421][ T3665] loop1: p4 size 65536 extends beyond EOD, truncated
[   36.732246][ T3299] udevd[3299]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[   36.743756][ T3539] udevd[3539]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[   36.764693][ T3539] udevd[3539]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[   36.777596][ T3299] udevd[3299]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[   36.800996][ T3539] udevd[3539]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[   36.813874][ T3299] udevd[3299]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[   37.005442][ T3671] netlink: 12 bytes leftover after parsing attributes in process `syz.1.38'.
[   37.046817][ T3671] loop1: detected capacity change from 0 to 512
[   37.055855][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.071548][ T3671] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   37.092262][ T3671] EXT4-fs (loop1): orphan cleanup on readonly fs
[   37.102403][ T3671] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.38: Failed to acquire dquot type 1
[   37.114993][ T3671] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.38: bg 0: block 40: padding at end of block bitmap is not set
[   37.129781][ T3671] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6548: Corrupt filesystem
[   37.141183][ T3671] EXT4-fs (loop1): 1 truncate cleaned up
[   37.148166][ T3671] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   37.183534][ T3678] can0: slcan on ttyS3.
[   37.198836][ T3671] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #16: comm syz.1.38: corrupted xattr block 31: invalid header
[   37.213741][ T3671] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=16
[   37.223050][ T3671] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #16: comm syz.1.38: corrupted xattr block 31: invalid header
[   37.237813][ T3671] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=16
[   37.247225][ T3671] EXT4-fs error (device loop1): ext4_get_link:106: inode #16: comm syz.1.38: bad symlink.
[   37.257238][ T3678] can0 (unregistered): slcan off ttyS3.
[   37.263955][ T3680] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #16: comm syz.1.38: corrupted xattr block 31: invalid header
[   37.277006][   T29] kauditd_printk_skb: 525 callbacks suppressed
[   37.277018][   T29] audit: type=1400 audit(1753272397.918:631): avc:  denied  { create } for  pid=3676 comm="syz.4.40" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   37.303383][   T29] audit: type=1400 audit(1753272397.918:632): avc:  denied  { ioctl } for  pid=3676 comm="syz.4.40" path="socket:[4861]" dev="sockfs" ino=4861 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   37.331723][ T3680] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=16
[   37.340931][ T3680] EXT4-fs error (device loop1): ext4_get_link:106: inode #16: comm syz.1.38: bad symlink.
[   37.401455][   T29] audit: type=1326 audit(1753272398.038:633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3683 comm="syz.2.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a3745e9a9 code=0x7ffc0000
[   37.425721][   T29] audit: type=1326 audit(1753272398.038:634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3683 comm="syz.2.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f2a3745e9a9 code=0x7ffc0000
[   37.449485][   T29] audit: type=1326 audit(1753272398.038:635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3683 comm="syz.2.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a3745e9a9 code=0x7ffc0000
[   37.472744][   T29] audit: type=1326 audit(1753272398.038:636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3683 comm="syz.2.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f2a3745e9a9 code=0x7ffc0000
[   37.496083][   T29] audit: type=1326 audit(1753272398.038:637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3683 comm="syz.2.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a3745e9a9 code=0x7ffc0000
[   37.519525][   T29] audit: type=1326 audit(1753272398.038:638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3683 comm="syz.2.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f2a3745e9a9 code=0x7ffc0000
[   37.542712][   T29] audit: type=1326 audit(1753272398.038:639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3683 comm="syz.2.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a3745e9a9 code=0x7ffc0000
[   37.565888][   T29] audit: type=1326 audit(1753272398.038:640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3683 comm="syz.2.42" exe="/root/syz-executor" sig=0 arch=c000003e syscall=266 compat=0 ip=0x7f2a3745e9a9 code=0x7ffc0000
[   37.592591][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.653887][ T3691] netlink: 4 bytes leftover after parsing attributes in process `syz.0.44'.
[   37.708759][ T3686] netlink: 44 bytes leftover after parsing attributes in process `syz.0.44'.
[   37.841884][ T3714] netlink: 4 bytes leftover after parsing attributes in process `syz.1.49'.
[   37.882323][ T3716] team_slave_0: entered promiscuous mode
[   37.888114][ T3716] team_slave_1: entered promiscuous mode
[   37.920895][ T3716] 8021q: adding VLAN 0 to HW filter on device macvtap1
[   37.929609][ T3718] loop3: detected capacity change from 0 to 256
[   37.950535][ T3718] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   37.985424][ T3718] kernel profiling enabled (shift: 6)
[   38.025908][ T3726] batman_adv: batadv0: Adding interface: dummy0
[   38.032341][ T3726] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   38.061573][ T3726] batman_adv: batadv0: Interface activated: dummy0
[   38.107334][ T3727] Unknown options in mask 5
[   38.318933][ T3737] FAULT_INJECTION: forcing a failure.
[   38.318933][ T3737] name failslab, interval 1, probability 0, space 0, times 1
[   38.331688][ T3737] CPU: 1 UID: 0 PID: 3737 Comm: syz.3.60 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[   38.331721][ T3737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   38.331741][ T3737] Call Trace:
[   38.331757][ T3737]  <TASK>
[   38.331767][ T3737]  __dump_stack+0x1d/0x30
[   38.331793][ T3737]  dump_stack_lvl+0xe8/0x140
[   38.331818][ T3737]  dump_stack+0x15/0x1b
[   38.331835][ T3737]  should_fail_ex+0x265/0x280
[   38.331872][ T3737]  should_failslab+0x8c/0xb0
[   38.331900][ T3737]  kmem_cache_alloc_noprof+0x50/0x310
[   38.331932][ T3737]  ? mas_alloc_nodes+0x265/0x520
[   38.331960][ T3737]  mas_alloc_nodes+0x265/0x520
[   38.331987][ T3737]  mas_preallocate+0x33e/0x520
[   38.332034][ T3737]  mmap_region+0xb7e/0x1580
[   38.332092][ T3737]  do_mmap+0x9b3/0xbe0
[   38.332136][ T3737]  vm_mmap_pgoff+0x17a/0x2e0
[   38.332174][ T3737]  ksys_mmap_pgoff+0xc2/0x310
[   38.332209][ T3737]  ? __x64_sys_mmap+0x49/0x70
[   38.332236][ T3737]  x64_sys_call+0x1602/0x2fb0
[   38.332260][ T3737]  do_syscall_64+0xd2/0x200
[   38.332276][ T3737]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   38.332302][ T3737]  ? clear_bhb_loop+0x40/0x90
[   38.332327][ T3737]  ? clear_bhb_loop+0x40/0x90
[   38.332354][ T3737]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   38.332380][ T3737] RIP: 0033:0x7f522788e9e3
[   38.332403][ T3737] Code: f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 89 ca 41 f7 c1 ff 0f 00 00 75 14 b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 25 c3 0f 1f 40 00 48 c7 c0 a8 ff ff ff 64 c7
[   38.332424][ T3737] RSP: 002b:00007f5225ef6e18 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[   38.332443][ T3737] RAX: ffffffffffffffda RBX: 0000000000000505 RCX: 00007f522788e9e3
[   38.332459][ T3737] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000
[   38.332473][ T3737] RBP: 0000200000001802 R08: 00000000ffffffff R09: 0000000000000000
[   38.332488][ T3737] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000004
[   38.332503][ T3737] R13: 00007f5225ef6ef0 R14: 00007f5225ef6eb0 R15: 0000200000001780
[   38.332527][ T3737]  </TASK>
[   39.569346][ T3780] __nla_validate_parse: 2 callbacks suppressed
[   39.569365][ T3780] netlink: 8 bytes leftover after parsing attributes in process `syz.4.73'.
[   39.575910][ T3781] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3781 comm=syz.1.72
[   39.593004][ T3780] team_slave_0: entered promiscuous mode
[   39.602378][ T3780] team_slave_1: entered promiscuous mode
[   39.609754][ T3780] 8021q: adding VLAN 0 to HW filter on device macvtap1
[   39.742029][ T3790] Unknown options in mask 5
[   39.851199][ T3789] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[   40.387918][ T3807] netlink: 4 bytes leftover after parsing attributes in process `syz.3.83'.
[   40.397202][ T3807] netlink: 12 bytes leftover after parsing attributes in process `syz.3.83'.
[   40.505631][ T3809] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3809 comm=syz.4.84
[   40.648683][ T3815] loop4: detected capacity change from 0 to 8192
[   40.735489][ T3822] can0: slcan on ttyS3.
[   40.741990][ T3299]  loop4: p1 p2 p4
[   40.746838][ T3299] loop4: p1 size 65536 extends beyond EOD, truncated
[   40.779905][ T3299] loop4: p2 start 861536256 is beyond EOD, truncated
[   40.786669][ T3299] loop4: p4 size 65536 extends beyond EOD, truncated
[   40.809965][ T3822] can0 (unregistered): slcan off ttyS3.
[   40.825126][ T3815]  loop4: p1 p2 p4
[   40.829096][ T3815] loop4: p1 size 65536 extends beyond EOD, truncated
[   40.842331][ T3815] loop4: p2 start 861536256 is beyond EOD, truncated
[   40.849080][ T3815] loop4: p4 size 65536 extends beyond EOD, truncated
[   41.081679][ T3841] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3841 comm=syz.0.98
[   41.175758][ T3837] netlink: 'syz.4.96': attribute type 21 has an invalid length.
[   41.185030][ T3837] netlink: 'syz.4.96': attribute type 1 has an invalid length.
[   41.192687][ T3837] netlink: 144 bytes leftover after parsing attributes in process `syz.4.96'.
[   41.277782][ T3847] loop0: detected capacity change from 0 to 8192
[   41.320214][ T3299]  loop0: p1 p2 p4
[   41.324094][ T3299] loop0: p1 size 65536 extends beyond EOD, truncated
[   41.332587][ T3299] loop0: p2 start 861536256 is beyond EOD, truncated
[   41.339524][ T3299] loop0: p4 size 65536 extends beyond EOD, truncated
[   41.349054][ T3847]  loop0: p1 p2 p4
[   41.353985][ T3847] loop0: p1 size 65536 extends beyond EOD, truncated
[   41.361668][ T3847] loop0: p2 start 861536256 is beyond EOD, truncated
[   41.368748][ T3847] loop0: p4 size 65536 extends beyond EOD, truncated
[   41.402180][ T3853] can0: slcan on ttyS3.
[   41.427350][ T3849] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[   41.457243][ T3539] udevd[3539]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[   41.467521][ T3853] can0 (unregistered): slcan off ttyS3.
[   41.474833][ T3299] udevd[3299]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[   41.498185][ T3539] udevd[3539]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[   41.510985][ T3299] udevd[3299]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[   41.538155][ T3857] loop0: detected capacity change from 0 to 8192
[   41.551247][ T3861] netlink: 14 bytes leftover after parsing attributes in process `syz.1.105'.
[   41.591014][ T3857]  loop0: p1 p2 p4
[   41.598631][ T3857] loop0: p1 size 65536 extends beyond EOD, truncated
[   41.613228][ T3857] loop0: p2 start 861536256 is beyond EOD, truncated
[   41.620094][ T3857] loop0: p4 size 65536 extends beyond EOD, truncated
[   41.747916][ T3870] netlink: 8 bytes leftover after parsing attributes in process `syz.0.109'.
[   42.053538][ T3881] netlink: 'syz.4.113': attribute type 13 has an invalid length.
[   42.064219][ T3881] gretap0: refused to change device tx_queue_len
[   42.071322][ T3881] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   42.071627][ T3879] netlink: 'syz.2.112': attribute type 21 has an invalid length.
[   42.096156][ T3879] netlink: 'syz.2.112': attribute type 1 has an invalid length.
[   42.103949][ T3879] netlink: 144 bytes leftover after parsing attributes in process `syz.2.112'.
[   42.104207][ T3881] loop4: detected capacity change from 0 to 128
[   42.236415][ T3896] syz.4.113: attempt to access beyond end of device
[   42.236415][ T3896] loop4: rw=2049, sector=145, nr_sectors = 16 limit=128
[   42.286316][ T3896] syz.4.113: attempt to access beyond end of device
[   42.286316][ T3896] loop4: rw=2049, sector=169, nr_sectors = 8 limit=128
[   42.300288][   T29] kauditd_printk_skb: 129 callbacks suppressed
[   42.300303][   T29] audit: type=1326 audit(42.266:770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3880 comm="syz.4.113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa90f0de9a9 code=0x7ffc0000
[   42.329269][   T29] audit: type=1326 audit(42.266:771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3880 comm="syz.4.113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa90f0de9a9 code=0x7ffc0000
[   42.370909][ T3896] syz.4.113: attempt to access beyond end of device
[   42.370909][ T3896] loop4: rw=2049, sector=185, nr_sectors = 8 limit=128
[   42.420258][ T3896] syz.4.113: attempt to access beyond end of device
[   42.420258][ T3896] loop4: rw=2049, sector=201, nr_sectors = 8 limit=128
[   42.435903][ T3896] syz.4.113: attempt to access beyond end of device
[   42.435903][ T3896] loop4: rw=2049, sector=217, nr_sectors = 8 limit=128
[   42.466095][ T3896] syz.4.113: attempt to access beyond end of device
[   42.466095][ T3896] loop4: rw=2049, sector=233, nr_sectors = 8 limit=128
[   42.490619][ T3914] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[   42.507875][ T3896] syz.4.113: attempt to access beyond end of device
[   42.507875][ T3896] loop4: rw=2049, sector=249, nr_sectors = 8 limit=128
[   42.522828][ T3896] syz.4.113: attempt to access beyond end of device
[   42.522828][ T3896] loop4: rw=2049, sector=265, nr_sectors = 8 limit=128
[   42.536998][ T3896] syz.4.113: attempt to access beyond end of device
[   42.536998][ T3896] loop4: rw=2049, sector=281, nr_sectors = 8 limit=128
[   42.552243][ T3896] syz.4.113: attempt to access beyond end of device
[   42.552243][ T3896] loop4: rw=2049, sector=297, nr_sectors = 8 limit=128
[   42.630350][   T29] audit: type=1400 audit(42.606:772): avc:  granted  { setsecparam } for  pid=3907 comm="syz.1.116" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[   42.651232][ T3921] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   42.654919][   T29] audit: type=1400 audit(42.636:773): avc:  denied  { unmount } for  pid=3305 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   42.681125][   T29] audit: type=1400 audit(42.646:774): avc:  denied  { create } for  pid=3919 comm="syz.2.118" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   42.729495][   T29] audit: type=1400 audit(42.706:775): avc:  denied  { write } for  pid=3919 comm="syz.2.118" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[   42.753319][ T3921] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   42.807827][ T3932] can0: slcan on ttyS3.
[   42.820090][ T3921] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   42.914160][ T3932] can0 (unregistered): slcan off ttyS3.
[   42.921990][ T3921] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   43.006472][ T3935] netlink: 'syz.0.123': attribute type 21 has an invalid length.
[   43.007731][ T3921] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   43.024995][ T3935] netlink: 'syz.0.123': attribute type 1 has an invalid length.
[   43.032694][ T3935] netlink: 144 bytes leftover after parsing attributes in process `syz.0.123'.
[   43.044072][ T3921] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   43.055588][ T3942] program syz.1.125 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   43.055799][ T3921] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   43.076388][ T3921] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   43.135051][ T3948] netlink: 'syz.2.127': attribute type 3 has an invalid length.
[   43.142924][ T3948] netlink: 'syz.2.127': attribute type 8 has an invalid length.
[   43.150648][ T3948] netlink: 197324 bytes leftover after parsing attributes in process `syz.2.127'.
[   43.162133][ T3945] cgroup: noprefix used incorrectly
[   43.170981][ T3945] loop1: detected capacity change from 0 to 128
[   43.189959][ T3945] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   43.195465][ T3952] can0: slcan on ttyS3.
[   43.212047][   T29] audit: type=1400 audit(43.196:776): avc:  denied  { setopt } for  pid=3946 comm="syz.2.127" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   43.244707][ T3945] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   43.256843][   T29] audit: type=1326 audit(43.236:777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3953 comm="syz.0.129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa81e5e9a9 code=0x7ffc0000
[   43.279597][   T29] audit: type=1326 audit(43.236:778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3953 comm="syz.0.129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa81e5e9a9 code=0x7ffc0000
[   43.302568][ T3952] can0 (unregistered): slcan off ttyS3.
[   43.303581][   T29] audit: type=1326 audit(43.266:779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3953 comm="syz.0.129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=172 compat=0 ip=0x7faa81e5e9a9 code=0x7ffc0000
[   43.433758][ T3964] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[   43.643469][ T3982] netlink: 'syz.2.140': attribute type 1 has an invalid length.
[   43.695411][ T3985] loop3: detected capacity change from 0 to 8192
[   43.740685][ T3985]  loop3: p1 p2 p4
[   43.750013][ T3985] loop3: p1 size 65536 extends beyond EOD, truncated
[   43.760301][ T3985] loop3: p2 start 861536256 is beyond EOD, truncated
[   43.767065][ T3985] loop3: p4 size 65536 extends beyond EOD, truncated
[   43.833642][ T3993] can0: slcan on ttyS3.
[   43.870222][ T3993] can0 (unregistered): slcan off ttyS3.
[   43.898299][ T3998] syzkaller1: entered promiscuous mode
[   43.904021][ T3998] syzkaller1: entered allmulticast mode
[   44.030377][ T4005] netlink: 4 bytes leftover after parsing attributes in process `syz.2.148'.
[   44.041957][    C1] vcan0: j1939_xtp_rx_dat: no tx connection found
[   44.048425][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   44.056282][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   44.064229][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   44.234257][ T4009] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4009 comm=syz.3.149
[   44.286884][ T4012] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[   44.396449][ T4014] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   44.753776][ T4029] can0: slcan on ttyS3.
[   44.810448][ T4029] can0 (unregistered): slcan off ttyS3.
[   44.850105][ T4039] syzkaller1: entered promiscuous mode
[   44.855644][ T4039] syzkaller1: entered allmulticast mode
[   44.861493][ T4040] loop1: detected capacity change from 0 to 1024
[   44.882861][ T4040] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e040e01c, mo2=0002]
[   44.910229][ T4040] System zones: 0-1, 3-36
[   44.920544][ T4040] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.966375][ T4040] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[   45.043129][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.092105][ T4050] loop1: detected capacity change from 0 to 512
[   45.108656][ T4050] ext4: Unknown parameter 'smackfsdef'
[   45.283149][ T4073] loop3: detected capacity change from 0 to 128
[   45.290396][ T4073] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   45.322351][ T4073] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   45.380052][ T4078] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[   45.392883][ T4079] __nla_validate_parse: 1 callbacks suppressed
[   45.392898][ T4079] netlink: 4 bytes leftover after parsing attributes in process `syz.3.173'.
[   45.428949][ T4081] x_tables: ip6_tables: tcpmss match: only valid for protocol 6
[   45.536238][ T4086] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4086 comm=syz.4.176
[   45.579208][ T4091] FAULT_INJECTION: forcing a failure.
[   45.579208][ T4091] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   45.592571][ T4091] CPU: 1 UID: 0 PID: 4091 Comm: syz.3.178 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[   45.592600][ T4091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   45.592611][ T4091] Call Trace:
[   45.592650][ T4091]  <TASK>
[   45.592659][ T4091]  __dump_stack+0x1d/0x30
[   45.592680][ T4091]  dump_stack_lvl+0xe8/0x140
[   45.592704][ T4091]  dump_stack+0x15/0x1b
[   45.592723][ T4091]  should_fail_ex+0x265/0x280
[   45.592805][ T4091]  should_fail+0xb/0x20
[   45.592853][ T4091]  should_fail_usercopy+0x1a/0x20
[   45.592892][ T4091]  strncpy_from_user+0x25/0x230
[   45.592914][ T4091]  ? kmem_cache_alloc_noprof+0x186/0x310
[   45.592943][ T4091]  ? getname_flags+0x80/0x3b0
[   45.593027][ T4091]  getname_flags+0xae/0x3b0
[   45.593052][ T4091]  user_path_at+0x28/0x130
[   45.593090][ T4091]  __se_sys_mount+0x25b/0x2e0
[   45.593121][ T4091]  ? fput+0x8f/0xc0
[   45.593156][ T4091]  __x64_sys_mount+0x67/0x80
[   45.593215][ T4091]  x64_sys_call+0xd36/0x2fb0
[   45.593261][ T4091]  do_syscall_64+0xd2/0x200
[   45.593279][ T4091]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   45.593324][ T4091]  ? clear_bhb_loop+0x40/0x90
[   45.593419][ T4091]  ? clear_bhb_loop+0x40/0x90
[   45.593492][ T4091]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   45.593512][ T4091] RIP: 0033:0x7f522788e9a9
[   45.593562][ T4091] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   45.593583][ T4091] RSP: 002b:00007f5225ef7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   45.593607][ T4091] RAX: ffffffffffffffda RBX: 00007f5227ab5fa0 RCX: 00007f522788e9a9
[   45.593622][ T4091] RDX: 00002000000002c0 RSI: 0000200000000080 RDI: 0000000000000000
[   45.593727][ T4091] RBP: 00007f5225ef7090 R08: 0000200000000240 R09: 0000000000000000
[   45.593741][ T4091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   45.593756][ T4091] R13: 0000000000000000 R14: 00007f5227ab5fa0 R15: 00007fff391d2f58
[   45.593781][ T4091]  </TASK>
[   46.082335][ T4102] netlink: 8 bytes leftover after parsing attributes in process `syz.1.183'.
[   46.094261][ T4102] team_slave_0: entered promiscuous mode
[   46.100026][ T4102] team_slave_1: entered promiscuous mode
[   46.106804][ T4102] 8021q: adding VLAN 0 to HW filter on device macvtap1
[   46.492082][ T4113] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   46.519349][ T4115] netlink: 12 bytes leftover after parsing attributes in process `syz.4.187'.
[   46.548508][ T4117] netlink: 87 bytes leftover after parsing attributes in process `syz.4.188'.
[   46.634656][ T4120] netlink: 14 bytes leftover after parsing attributes in process `syz.4.189'.
[   46.737449][ T3414] IPVS: starting estimator thread 0...
[   46.830029][ T4124] IPVS: using max 2304 ests per chain, 115200 per kthread
[   46.962514][ T4142] netlink: 12 bytes leftover after parsing attributes in process `syz.1.198'.
[   47.011195][ T4147] can0: slcan on ttyS3.
[   47.040115][ T4147] can0 (unregistered): slcan off ttyS3.
[   47.088099][ T4154] loop1: detected capacity change from 0 to 1024
[   47.096695][ T4154] EXT4-fs: Ignoring removed orlov option
[   47.102981][ T4154] EXT4-fs (loop1): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   47.132062][ T4154] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   47.155384][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.487918][   T29] kauditd_printk_skb: 148 callbacks suppressed
[   47.487934][   T29] audit: type=1326 audit(47.466:928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4164 comm="syz.4.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa90f0de9a9 code=0x7ffc0000
[   47.517740][   T29] audit: type=1326 audit(47.466:929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4164 comm="syz.4.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7fa90f0de9a9 code=0x7ffc0000
[   47.540465][   T29] audit: type=1326 audit(47.466:930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4164 comm="syz.4.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa90f0de9a9 code=0x7ffc0000
[   47.563030][   T29] audit: type=1326 audit(47.466:931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4164 comm="syz.4.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa90f0de9a9 code=0x7ffc0000
[   47.570559][ T4167] netlink: 8 bytes leftover after parsing attributes in process `syz.4.207'.
[   47.585624][   T29] audit: type=1326 audit(47.466:932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4164 comm="syz.4.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7fa90f0de9a9 code=0x7ffc0000
[   47.601391][ T4167] 8021q: adding VLAN 0 to HW filter on device macvtap2
[   47.616918][   T29] audit: type=1326 audit(47.466:933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4164 comm="syz.4.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa90f0de9a9 code=0x7ffc0000
[   47.646502][   T29] audit: type=1326 audit(47.466:934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4164 comm="syz.4.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7fa90f0de9a9 code=0x7ffc0000
[   47.669172][   T29] audit: type=1326 audit(47.466:935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4164 comm="syz.4.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa90f0de9a9 code=0x7ffc0000
[   47.691751][   T29] audit: type=1326 audit(47.466:936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4164 comm="syz.4.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=266 compat=0 ip=0x7fa90f0de9a9 code=0x7ffc0000
[   47.714377][   T29] audit: type=1326 audit(47.466:937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4164 comm="syz.4.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa90f0de9a9 code=0x7ffc0000
[   47.809208][ T4176] can0: slcan on ttyS3.
[   47.860040][ T4176] can0 (unregistered): slcan off ttyS3.
[   47.936769][ T4184] loop0: detected capacity change from 0 to 8192
[   47.992009][ T4184]  loop0: p1 p2 p4
[   47.996587][ T4184] loop0: p1 size 65536 extends beyond EOD, truncated
[   48.011642][ T4184] loop0: p2 start 861536256 is beyond EOD, truncated
[   48.018409][ T4184] loop0: p4 size 65536 extends beyond EOD, truncated
[   48.046841][ T4189] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[   48.099768][ T3299] udevd[3299]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[   48.111473][ T3963] udevd[3963]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[   48.127566][ T4196] validate_nla: 2 callbacks suppressed
[   48.127585][ T4196] netlink: 'syz.0.218': attribute type 1 has an invalid length.
[   48.919173][ T4216] loop0: detected capacity change from 0 to 128
[   49.187002][ T4218] Zero length message leads to an empty skb
[   49.262373][ T4227] loop1: detected capacity change from 0 to 8192
[   49.372860][ T4227]  loop1: p1 p2 p4
[   49.382250][ T4227] loop1: p1 size 65536 extends beyond EOD, truncated
[   49.401798][ T4227] loop1: p2 start 861536256 is beyond EOD, truncated
[   49.408569][ T4227] loop1: p4 size 65536 extends beyond EOD, truncated
[   49.469744][ T4235] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[   49.509618][ T4237] process 'syz.3.233' launched './file0' with NULL argv: empty string added
[   49.520011][ T4237] xt_TPROXY: Can be used only with -p tcp or -p udp
[   49.562443][ T3299] udevd[3299]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[   49.567384][ T3963] udevd[3963]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[   49.582315][ T4237] loop3: detected capacity change from 0 to 128
[   49.621647][ T4237] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   49.657449][    C0] vcan0: j1939_tp_rxtimer: 0xffff88811fc8b600: rx timeout, send abort
[   49.684384][ T4245] syzkaller1: entered promiscuous mode
[   49.690044][ T4245] syzkaller1: entered allmulticast mode
[   49.771730][ T3316] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   49.773320][ T3299] udevd[3299]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[   49.800912][ T3963] udevd[3963]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[   49.860916][ T4251] syz!: rxe_newlink: already configured on team_slave_0
[   49.949692][ T4255] can0: slcan on ttyS3.
[   50.001821][ T4255] can0 (unregistered): slcan off ttyS3.
[   50.026190][ T4263] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[   50.055092][ T4258] ALSA: seq fatal error: cannot create timer (-19)
[   50.165763][    C0] vcan0: j1939_tp_rxtimer: 0xffff88811fc8b600: abort rx timeout. Force session deactivation
[   50.181560][ T4279] netlink: 4 bytes leftover after parsing attributes in process `syz.2.246'.
[   50.201682][ T4282] netlink: 4 bytes leftover after parsing attributes in process `syz.4.243'.
[   50.229819][ T4282] netlink: 12 bytes leftover after parsing attributes in process `syz.4.243'.
[   50.305041][ T4285] netlink: 'syz.0.248': attribute type 1 has an invalid length.
[   50.432674][ T4299] can0: slcan on ttyS3.
[   50.451363][ T4301] syz!: rxe_newlink: already configured on team_slave_0
[   50.480073][ T4299] can0 (unregistered): slcan off ttyS3.
[   50.533704][ T4303] syzkaller1: entered promiscuous mode
[   50.539274][ T4303] syzkaller1: entered allmulticast mode
[   50.645394][ T4310] xt_TPROXY: Can be used only with -p tcp or -p udp
[   50.780383][ T4321] loop0: detected capacity change from 0 to 1024
[   50.796127][ T4321] ext4: Unknown parameter 'smackfsdef'
[   50.803060][ T4323] __nla_validate_parse: 2 callbacks suppressed
[   50.803130][ T4323] netlink: 10 bytes leftover after parsing attributes in process `syz.3.262'.
[   50.999629][ T4333] can0: slcan on ttyS3.
[   51.100108][ T4333] can0 (unregistered): slcan off ttyS3.
[   51.558915][ T4344] netlink: 4 bytes leftover after parsing attributes in process `syz.1.269'.
[   51.619672][ T4348] netlink: 4 bytes leftover after parsing attributes in process `syz.3.270'.
[   51.687723][ T4348] netlink: 12 bytes leftover after parsing attributes in process `syz.3.270'.
[   51.716736][ T4355] netlink: 12 bytes leftover after parsing attributes in process `syz.1.274'.
[   51.746853][ T4355] smc: net device bond0 applied user defined pnetid SYZ
[   51.770696][ T4355] smc: net device bond0 erased user defined pnetid SYZ
[   51.781775][ T4357] syzkaller1: entered promiscuous mode
[   51.787299][ T4357] syzkaller1: entered allmulticast mode
[   51.931006][ T4370] netlink: 4 bytes leftover after parsing attributes in process `syz.0.276'.
[   51.950816][ T4370] netlink: 12 bytes leftover after parsing attributes in process `syz.0.276'.
[   52.032864][ T4375] loop1: detected capacity change from 0 to 512
[   52.053373][ T4375] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   52.082527][ T4378] loop2: detected capacity change from 0 to 512
[   52.089657][ T4375] EXT4-fs (loop1): orphan cleanup on readonly fs
[   52.123516][ T4375] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.280: Failed to acquire dquot type 1
[   52.141511][ T4378] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[   52.150649][ T4378] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[   52.184703][ T4375] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.280: bg 0: block 40: padding at end of block bitmap is not set
[   52.218077][ T4378] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended
[   52.218408][ T4383] xt_TPROXY: Can be used only with -p tcp or -p udp
[   52.234473][ T4375] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6548: Corrupt filesystem
[   52.251181][ T4378] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[   52.259774][ T4375] EXT4-fs (loop1): 1 truncate cleaned up
[   52.269597][ T4378] System zones: 0-2, 18-18, 34-35
[   52.276872][ T4375] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   52.305288][ T4385] batadv0: mtu less than device minimum
[   52.307403][ T4378] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   52.311412][ T4385] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   52.334059][ T4385] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   52.344836][ T4385] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   52.355692][ T4385] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   52.366586][ T4385] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   52.377342][ T4385] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   52.388249][ T4385] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   52.399006][ T4385] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   52.409728][ T4385] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   52.413472][ T4375] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #16: comm syz.1.280: corrupted xattr block 31: invalid header
[   52.434394][ T4375] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=16
[   52.444772][ T4375] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #16: comm syz.1.280: corrupted xattr block 31: invalid header
[   52.458564][ T4375] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=16
[   52.487491][ T4375] EXT4-fs error (device loop1): ext4_get_link:106: inode #16: comm syz.1.280: bad symlink.
[   52.492672][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.536290][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.617259][ T4397] x_tables: ip6_tables: tcpmss match: only valid for protocol 6
[   52.645806][ T4397] netlink: 'syz.4.288': attribute type 39 has an invalid length.
[   52.668928][ T4402] netlink: 12 bytes leftover after parsing attributes in process `syz.0.290'.
[   52.682686][ T4402] smc: net device bond0 applied user defined pnetid SYZ
[   52.692143][ T4402] smc: net device bond0 erased user defined pnetid SYZ
[   52.742349][   T29] kauditd_printk_skb: 131 callbacks suppressed
[   52.742363][   T29] audit: type=1400 audit(52.726:1067): avc:  denied  { wake_alarm } for  pid=4406 comm=77DEA305FF07 capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   52.794130][   T29] audit: type=1400 audit(52.776:1068): avc:  denied  { read } for  pid=4406 comm="syz.0.292" name="qrtr-tun" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   52.833902][   T29] audit: type=1400 audit(52.776:1069): avc:  denied  { open } for  pid=4406 comm="syz.0.292" path="/dev/qrtr-tun" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   52.834378][ T4411] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   52.856552][   T29] audit: type=1400 audit(52.776:1070): avc:  denied  { connect } for  pid=4406 comm="syz.0.292" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   52.885777][   T29] audit: type=1400 audit(52.776:1071): avc:  denied  { write } for  pid=4406 comm="syz.0.292" path="socket:[7265]" dev="sockfs" ino=7265 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   52.921234][ T4414] can0: slcan on ptm0.
[   53.015899][ T4411] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   53.028466][ T4422] netlink: 14 bytes leftover after parsing attributes in process `syz.4.294'.
[   53.121349][ T4411] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   53.145785][ T4424] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   53.155030][ T4426] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   53.221022][ T4411] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   53.309212][ T4411] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   53.423677][ T4411] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   53.457212][ T4411] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   53.473614][ T4411] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   53.620253][ T4410] can0 (unregistered): slcan off ptm0.
[   53.703259][ T4434] syzkaller1: entered promiscuous mode
[   53.708803][ T4434] syzkaller1: entered allmulticast mode
[   53.821118][ T4441] netlink: 12 bytes leftover after parsing attributes in process `syz.4.302'.
[   53.860088][ T4441] smc: net device bond0 applied user defined pnetid SYZ
[   53.948036][ T4451] loop0: detected capacity change from 0 to 512
[   53.958465][   T29] audit: type=1326 audit(53.936:1072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4446 comm="syz.2.304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a3745e9a9 code=0x7ffc0000
[   53.983122][ T4451] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[   53.992251][ T4451] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[   54.025960][   T29] audit: type=1326 audit(53.936:1073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4446 comm="syz.2.304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a3745e9a9 code=0x7ffc0000
[   54.048742][   T29] audit: type=1326 audit(53.966:1074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4446 comm="syz.2.304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f2a3745e9a9 code=0x7ffc0000
[   54.071780][   T29] audit: type=1326 audit(53.966:1075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4446 comm="syz.2.304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a3745e9a9 code=0x7ffc0000
[   54.094576][   T29] audit: type=1326 audit(53.966:1076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4446 comm="syz.2.304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a3745e9a9 code=0x7ffc0000
[   54.127698][ T4451] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended
[   54.164599][ T4451] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[   54.190420][ T4458] loop2: detected capacity change from 0 to 512
[   54.202991][ T4451] System zones: 0-2, 18-18, 34-35
[   54.222962][ T4451] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   54.247840][ T3306] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.262106][ T4458] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.308: bg 0: block 131: padding at end of block bitmap is not set
[   54.283630][ T4458] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6548: Corrupt filesystem
[   54.293009][ T4458] EXT4-fs (loop2): 1 truncate cleaned up
[   54.299241][ T4458] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   54.306295][ T4462] tmpfs: Bad value for 'mpol'
[   54.329815][ T4464] smc: net device bond0 erased user defined pnetid SYZ
[   54.838048][ T4490] x_tables: ip6_tables: tcpmss match: only valid for protocol 6
[   54.852001][ T4490] netlink: 'syz.3.320': attribute type 39 has an invalid length.
[   55.025903][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.113453][ T4503] batman_adv: batadv0: Interface deactivated: dummy0
[   55.120497][ T4503] batman_adv: batadv0: Removing interface: dummy0
[   55.129380][ T4503] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   55.136945][ T4503] batman_adv: batadv0: Removing interface: batadv_slave_0
[   55.145250][ T4503] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   55.152807][ T4503] batman_adv: batadv0: Removing interface: batadv_slave_1
[   55.333982][ T4516] bond0: (slave dummy0): Releasing backup interface
[   55.348342][ T4516] batman_adv: batadv0: Adding interface: dummy0
[   55.354852][ T4516] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   55.380244][ T4516] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active
[   55.498817][ T4535] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[   55.663538][ T4547] x_tables: ip6_tables: tcpmss match: only valid for protocol 6
[   55.675600][ T4547] netlink: 'syz.2.342': attribute type 39 has an invalid length.
[   55.684498][    C0] vcan0: j1939_session_tx_dat: 0xffff888119168a00: queue data error: -100
[   55.693110][    C0] vcan0 (unregistering): j1939_xtp_rx_dpo: no connection found
[   55.700686][    C0] vcan0 (unregistering): j1939_xtp_rx_dpo: no connection found
[   55.708276][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   55.716117][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   55.723966][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   55.731804][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   55.739630][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   55.747490][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   55.755332][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   55.763177][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   55.771027][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   55.778853][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   55.786909][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   55.794749][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   55.802623][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   55.810475][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   55.818329][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   55.826174][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   55.834058][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   55.841900][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   55.849728][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   55.857576][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   55.865454][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   55.873320][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   55.881218][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   55.889153][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   55.897031][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   55.904868][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   55.912756][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   55.920618][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   55.928443][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   55.936306][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   55.944169][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   55.952047][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   55.959927][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   55.967734][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   55.975588][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   55.983450][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   55.991344][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   55.999223][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   56.007124][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   56.015157][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   56.023038][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   56.030883][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   56.038725][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   56.046591][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   56.054460][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   56.062331][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   56.070217][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   56.078030][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   56.085977][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   56.093831][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   56.101773][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   56.109604][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   56.117481][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   56.125356][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   56.133238][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   56.141110][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   56.148979][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   56.156846][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   56.164744][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   56.172606][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   56.180483][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   56.188308][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   56.196204][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   56.204059][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   56.211970][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   56.219945][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   56.227808][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   56.235653][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   56.243511][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   56.251366][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   56.259210][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   56.267072][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   56.274973][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   56.282827][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   56.290722][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   56.298564][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   56.306473][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   56.314306][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   56.322198][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   56.330052][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   56.337880][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   56.345932][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   56.353818][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   56.361686][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   56.369583][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   56.377441][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   56.385327][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   56.393184][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   56.401035][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   56.408853][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   56.416716][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   56.424556][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   56.432432][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   56.440271][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   56.448105][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   56.455976][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   56.564153][ T4563] can0: slcan on ttyS3.
[   56.583181][ T4564] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   56.595441][ T4566] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   56.630887][ T4563] can0 (unregistered): slcan off ttyS3.
[   56.666574][ T4570] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[   56.693903][ T4564] SELinux:  Context system_u:object_r:pam_exec_t:s0 is not valid (left unmapped).
[   57.170479][ T4588] tmpfs: Bad value for 'mpol'
[   57.518919][ T4602] __nla_validate_parse: 3 callbacks suppressed
[   57.518937][ T4602] netlink: 12 bytes leftover after parsing attributes in process `syz.1.362'.
[   57.658206][ T4609] x_tables: ip6_tables: tcpmss match: only valid for protocol 6
[   57.704915][ T4612] netlink: 4 bytes leftover after parsing attributes in process `syz.2.367'.
[   57.758054][ T4616] netlink: 4 bytes leftover after parsing attributes in process `syz.2.368'.
[   57.785574][   T29] kauditd_printk_skb: 249 callbacks suppressed
[   57.785659][   T29] audit: type=1400 audit(57.766:1326): avc:  denied  { watch watch_reads } for  pid=4619 comm="syz.0.369" path="/74" dev="tmpfs" ino=416 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   57.853473][ T4628] SELinux:  Context Ü is not valid (left unmapped).
[   57.889608][ T4631] syzkaller1: entered promiscuous mode
[   57.895287][ T4631] syzkaller1: entered allmulticast mode
[   57.946135][ T4635] FAULT_INJECTION: forcing a failure.
[   57.946135][ T4635] name failslab, interval 1, probability 0, space 0, times 0
[   57.958994][ T4635] CPU: 0 UID: 0 PID: 4635 Comm: syz.2.375 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[   57.959046][ T4635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   57.959061][ T4635] Call Trace:
[   57.959069][ T4635]  <TASK>
[   57.959078][ T4635]  __dump_stack+0x1d/0x30
[   57.959104][ T4635]  dump_stack_lvl+0xe8/0x140
[   57.959129][ T4635]  dump_stack+0x15/0x1b
[   57.959182][ T4635]  should_fail_ex+0x265/0x280
[   57.959219][ T4635]  should_failslab+0x8c/0xb0
[   57.959257][ T4635]  __kvmalloc_node_noprof+0x123/0x4e0
[   57.959284][ T4635]  ? alloc_netdev_mqs+0x5ac/0xab0
[   57.959324][ T4635]  alloc_netdev_mqs+0x5ac/0xab0
[   57.959428][ T4635]  rtnl_create_link+0x239/0x710
[   57.959465][ T4635]  rtnl_newlink_create+0x14c/0x620
[   57.959572][ T4635]  ? security_capable+0x83/0x90
[   57.959687][ T4635]  ? netlink_ns_capable+0x86/0xa0
[   57.959719][ T4635]  rtnl_newlink+0xf29/0x12d0
[   57.959755][ T4635]  ? xas_load+0x413/0x430
[   57.959789][ T4635]  ? __rcu_read_unlock+0x4f/0x70
[   57.959858][ T4635]  ? xa_load+0xb1/0xe0
[   57.959881][ T4635]  ? __kfree_skb+0x109/0x150
[   57.960027][ T4635]  ? __rcu_read_unlock+0x4f/0x70
[   57.960053][ T4635]  ? avc_has_perm_noaudit+0x1b1/0x200
[   57.960086][ T4635]  ? selinux_capable+0x1f9/0x270
[   57.960160][ T4635]  ? security_capable+0x83/0x90
[   57.960203][ T4635]  ? ns_capable+0x7d/0xb0
[   57.960220][ T4635]  ? __pfx_rtnl_newlink+0x10/0x10
[   57.960242][ T4635]  rtnetlink_rcv_msg+0x5fe/0x6d0
[   57.960374][ T4635]  netlink_rcv_skb+0x120/0x220
[   57.960411][ T4635]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   57.960447][ T4635]  rtnetlink_rcv+0x1c/0x30
[   57.960496][ T4635]  netlink_unicast+0x5a8/0x680
[   57.960527][ T4635]  netlink_sendmsg+0x58b/0x6b0
[   57.960593][ T4635]  ? __pfx_netlink_sendmsg+0x10/0x10
[   57.960617][ T4635]  __sock_sendmsg+0x145/0x180
[   57.960647][ T4635]  ____sys_sendmsg+0x31e/0x4e0
[   57.960690][ T4635]  ___sys_sendmsg+0x17b/0x1d0
[   57.960803][ T4635]  __x64_sys_sendmsg+0xd4/0x160
[   57.960845][ T4635]  x64_sys_call+0x2999/0x2fb0
[   57.960870][ T4635]  do_syscall_64+0xd2/0x200
[   57.960892][ T4635]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   57.960934][ T4635]  ? clear_bhb_loop+0x40/0x90
[   57.960958][ T4635]  ? clear_bhb_loop+0x40/0x90
[   57.961001][ T4635]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   57.961025][ T4635] RIP: 0033:0x7f2a3745e9a9
[   57.961038][ T4635] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   57.961053][ T4635] RSP: 002b:00007f2a35ac7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   57.961071][ T4635] RAX: ffffffffffffffda RBX: 00007f2a37685fa0 RCX: 00007f2a3745e9a9
[   57.961084][ T4635] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000005
[   57.961097][ T4635] RBP: 00007f2a35ac7090 R08: 0000000000000000 R09: 0000000000000000
[   57.961158][ T4635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   57.961171][ T4635] R13: 0000000000000000 R14: 00007f2a37685fa0 R15: 00007ffedeb2aaf8
[   57.961194][ T4635]  </TASK>
[   58.102518][ T4641] netlink: 4 bytes leftover after parsing attributes in process `syz.0.376'.
[   58.400361][ T4650] netlink: 4 bytes leftover after parsing attributes in process `syz.4.379'.
[   58.464980][   T29] audit: type=1400 audit(58.446:1327): avc:  denied  { write } for  pid=4655 comm="syz.4.381" name="qrtr-tun" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   58.592842][ T4664] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[   58.607712][   T29] audit: type=1400 audit(58.586:1328): avc:  granted  { setsecparam } for  pid=4663 comm="syz.1.385" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[   58.738565][   T29] audit: type=1326 audit(58.716:1329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4665 comm="syz.3.382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f522788e9a9 code=0x7ffc0000
[   58.763643][ T4666] x_tables: ip6_tables: tcpmss match: only valid for protocol 6
[   58.793464][ T4666] loop3: detected capacity change from 0 to 1024
[   58.809908][   T29] audit: type=1326 audit(58.746:1330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4665 comm="syz.3.382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7f522788e9a9 code=0x7ffc0000
[   58.832620][   T29] audit: type=1326 audit(58.746:1331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4665 comm="syz.3.382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f522788e9a9 code=0x7ffc0000
[   58.855488][   T29] audit: type=1326 audit(58.746:1332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4665 comm="syz.3.382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=442 compat=0 ip=0x7f522788e9a9 code=0x7ffc0000
[   58.878186][   T29] audit: type=1326 audit(58.746:1333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4665 comm="syz.3.382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f522788e9a9 code=0x7ffc0000
[   58.900861][   T29] audit: type=1326 audit(58.746:1334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4665 comm="syz.3.382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f522788e9a9 code=0x7ffc0000
[   58.923658][   T29] audit: type=1326 audit(58.766:1335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4665 comm="syz.3.382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f522788e9a9 code=0x7ffc0000
[   58.950371][ T4666] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   58.964456][ T4672] loop1: detected capacity change from 0 to 512
[   58.968186][ T4666] pim6reg: entered allmulticast mode
[   58.997206][ T4666] pim6reg: left allmulticast mode
[   59.024941][ T4672] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.387: bg 0: block 131: padding at end of block bitmap is not set
[   59.057756][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   59.068608][ T4672] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6548: Corrupt filesystem
[   59.099365][ T4672] EXT4-fs (loop1): 1 truncate cleaned up
[   59.113584][ T4672] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   59.175869][ T4684] netlink: 12 bytes leftover after parsing attributes in process `syz.3.392'.
[   59.219052][ T4688] syzkaller1: entered promiscuous mode
[   59.224745][ T4688] syzkaller1: entered allmulticast mode
[   59.235599][ T4690] netlink: 8 bytes leftover after parsing attributes in process `syz.3.394'.
[   59.249612][ T4690] team_slave_0: entered promiscuous mode
[   59.255363][ T4690] team_slave_1: entered promiscuous mode
[   59.263820][ T4690] 8021q: adding VLAN 0 to HW filter on device macvtap1
[   59.477057][ T4702] can0: slcan on ttyS3.
[   59.520088][ T4702] can0 (unregistered): slcan off ttyS3.
[   59.591340][ T4707] loop4: detected capacity change from 0 to 8192
[   59.640705][ T4707]  loop4: p1 p2 p4
[   59.644557][ T4707] loop4: p1 size 65536 extends beyond EOD, truncated
[   59.653261][ T4707] loop4: p2 start 861536256 is beyond EOD, truncated
[   59.660006][ T4707] loop4: p4 size 65536 extends beyond EOD, truncated
[   59.699587][ T4710] x_tables: ip6_tables: tcpmss match: only valid for protocol 6
[   59.725914][ T4710] netlink: 'syz.4.400': attribute type 39 has an invalid length.
[   59.744261][ T3963] udevd[3963]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[   59.744453][ T3299] udevd[3299]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   59.793264][ T4712] netlink: 12 bytes leftover after parsing attributes in process `syz.4.402'.
[   59.817283][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   59.913114][ T4724] netlink: 'syz.4.407': attribute type 1 has an invalid length.
[   59.985895][ T4722] loop1: detected capacity change from 0 to 8192
[   60.100198][ T4733] can0: slcan on ttyS3.
[   60.150298][ T4733] can0 (unregistered): slcan off ttyS3.
[   60.445344][ T4753] netlink: 12 bytes leftover after parsing attributes in process `syz.3.414'.
[   60.706022][ T4767] x_tables: ip6_tables: tcpmss match: only valid for protocol 6
[   60.720028][ T4767] netlink: 'syz.1.420': attribute type 39 has an invalid length.
[   60.811985][ T4774] netlink: 14 bytes leftover after parsing attributes in process `syz.0.421'.
[   60.855561][ T4776] can0: slcan on ttyS3.
[   60.901363][ T4776] can0 (unregistered): slcan off ttyS3.
[   61.130663][ T4789] syzkaller1: entered promiscuous mode
[   61.130686][ T4789] syzkaller1: entered allmulticast mode
[   61.426795][ T4798] can0: slcan on ttyS3.
[   61.460222][ T4798] can0 (unregistered): slcan off ttyS3.
[   61.508335][ T4806] FAULT_INJECTION: forcing a failure.
[   61.508335][ T4806] name failslab, interval 1, probability 0, space 0, times 0
[   61.521140][ T4806] CPU: 1 UID: 0 PID: 4806 Comm: syz.3.436 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[   61.521198][ T4806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   61.521281][ T4806] Call Trace:
[   61.521289][ T4806]  <TASK>
[   61.521365][ T4806]  __dump_stack+0x1d/0x30
[   61.521403][ T4806]  dump_stack_lvl+0xe8/0x140
[   61.521436][ T4806]  dump_stack+0x15/0x1b
[   61.521458][ T4806]  should_fail_ex+0x265/0x280
[   61.521593][ T4806]  should_failslab+0x8c/0xb0
[   61.521623][ T4806]  kmem_cache_alloc_noprof+0x50/0x310
[   61.521655][ T4806]  ? skb_clone+0x151/0x1f0
[   61.521680][ T4806]  skb_clone+0x151/0x1f0
[   61.521731][ T4806]  __netlink_deliver_tap+0x2c9/0x500
[   61.521780][ T4806]  netlink_unicast+0x653/0x680
[   61.521844][ T4806]  netlink_sendmsg+0x58b/0x6b0
[   61.521866][ T4806]  ? __pfx_netlink_sendmsg+0x10/0x10
[   61.521909][ T4806]  __sock_sendmsg+0x145/0x180
[   61.522038][ T4806]  ____sys_sendmsg+0x31e/0x4e0
[   61.522135][ T4806]  ___sys_sendmsg+0x17b/0x1d0
[   61.522209][ T4806]  __x64_sys_sendmsg+0xd4/0x160
[   61.522277][ T4806]  x64_sys_call+0x2999/0x2fb0
[   61.522305][ T4806]  do_syscall_64+0xd2/0x200
[   61.522329][ T4806]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   61.522443][ T4806]  ? clear_bhb_loop+0x40/0x90
[   61.522471][ T4806]  ? clear_bhb_loop+0x40/0x90
[   61.522494][ T4806]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.522533][ T4806] RIP: 0033:0x7f522788e9a9
[   61.522559][ T4806] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   61.522582][ T4806] RSP: 002b:00007f5225ef7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   61.522611][ T4806] RAX: ffffffffffffffda RBX: 00007f5227ab5fa0 RCX: 00007f522788e9a9
[   61.522627][ T4806] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003
[   61.522643][ T4806] RBP: 00007f5225ef7090 R08: 0000000000000000 R09: 0000000000000000
[   61.522658][ T4806] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   61.522669][ T4806] R13: 0000000000000000 R14: 00007f5227ab5fa0 R15: 00007fff391d2f58
[   61.522704][ T4806]  </TASK>
[   61.783235][ T4813] tmpfs: Bad value for 'mpol'
[   61.814010][ T4816] netlink: 'syz.2.440': attribute type 39 has an invalid length.
[   61.925961][ T4814] loop0: detected capacity change from 0 to 8192
[   61.971798][ T4814] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   62.015085][ T4814] FAULT_INJECTION: forcing a failure.
[   62.015085][ T4814] name failslab, interval 1, probability 0, space 0, times 0
[   62.027801][ T4814] CPU: 0 UID: 0 PID: 4814 Comm: syz.0.438 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[   62.027903][ T4814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   62.027919][ T4814] Call Trace:
[   62.027927][ T4814]  <TASK>
[   62.027936][ T4814]  __dump_stack+0x1d/0x30
[   62.027962][ T4814]  dump_stack_lvl+0xe8/0x140
[   62.027987][ T4814]  dump_stack+0x15/0x1b
[   62.028087][ T4814]  should_fail_ex+0x265/0x280
[   62.028118][ T4814]  should_failslab+0x8c/0xb0
[   62.028144][ T4814]  kmem_cache_alloc_noprof+0x50/0x310
[   62.028177][ T4814]  ? fat_cache_add+0x1ef/0x4a0
[   62.028283][ T4814]  fat_cache_add+0x1ef/0x4a0
[   62.028395][ T4814]  fat_get_cluster+0x5de/0x7b0
[   62.028430][ T4814]  fat_truncate_blocks+0x27d/0x550
[   62.028470][ T4814]  fat_write_end+0xba/0x160
[   62.028553][ T4814]  ? __pfx_fat_write_end+0x10/0x10
[   62.028586][ T4814]  generic_perform_write+0x30f/0x490
[   62.028620][ T4814]  __generic_file_write_iter+0x9e/0x120
[   62.028716][ T4814]  ? __pfx_generic_file_write_iter+0x10/0x10
[   62.028735][ T4814]  generic_file_write_iter+0x8d/0x2f0
[   62.028772][ T4814]  ? _parse_integer_limit+0x170/0x190
[   62.028803][ T4814]  ? _parse_integer+0x27/0x40
[   62.028834][ T4814]  ? kstrtoull+0x111/0x140
[   62.028868][ T4814]  ? kstrtouint+0x76/0xc0
[   62.028908][ T4814]  ? kstrtouint_from_user+0x9f/0xf0
[   62.028939][ T4814]  ? avc_policy_seqno+0x15/0x30
[   62.029027][ T4814]  ? selinux_file_permission+0x1e4/0x320
[   62.029062][ T4814]  ? __pfx_generic_file_write_iter+0x10/0x10
[   62.029087][ T4814]  vfs_write+0x49d/0x8e0
[   62.029133][ T4814]  ksys_write+0xda/0x1a0
[   62.029215][ T4814]  __x64_sys_write+0x40/0x50
[   62.029245][ T4814]  x64_sys_call+0x2cdd/0x2fb0
[   62.029291][ T4814]  do_syscall_64+0xd2/0x200
[   62.029340][ T4814]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   62.029373][ T4814]  ? clear_bhb_loop+0x40/0x90
[   62.029407][ T4814]  ? clear_bhb_loop+0x40/0x90
[   62.029447][ T4814]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   62.029488][ T4814] RIP: 0033:0x7faa81e5e9a9
[   62.029503][ T4814] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   62.029519][ T4814] RSP: 002b:00007faa804bf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   62.029540][ T4814] RAX: ffffffffffffffda RBX: 00007faa82085fa0 RCX: 00007faa81e5e9a9
[   62.029555][ T4814] RDX: 000000000208e24b RSI: 0000200000001400 RDI: 0000000000000004
[   62.029570][ T4814] RBP: 00007faa804bf090 R08: 0000000000000000 R09: 0000000000000000
[   62.029584][ T4814] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   62.029654][ T4814] R13: 0000000000000000 R14: 00007faa82085fa0 R15: 00007fff7ca661c8
[   62.029687][ T4814]  </TASK>
[   62.321528][ T4830] can0: slcan on ttyS3.
[   62.419911][ T4830] can0 (unregistered): slcan off ttyS3.
[   62.428693][ T4835] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[   62.476684][ T4837] netlink: 'syz.3.448': attribute type 1 has an invalid length.
[   62.636892][ T4844] netlink: 'syz.2.451': attribute type 39 has an invalid length.
[   62.649677][ T4846] FAULT_INJECTION: forcing a failure.
[   62.649677][ T4846] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   62.663027][ T4846] CPU: 1 UID: 0 PID: 4846 Comm: syz.0.452 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[   62.663061][ T4846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   62.663074][ T4846] Call Trace:
[   62.663081][ T4846]  <TASK>
[   62.663088][ T4846]  __dump_stack+0x1d/0x30
[   62.663109][ T4846]  dump_stack_lvl+0xe8/0x140
[   62.663128][ T4846]  dump_stack+0x15/0x1b
[   62.663222][ T4846]  should_fail_ex+0x265/0x280
[   62.663314][ T4846]  should_fail_alloc_page+0xf2/0x100
[   62.663343][ T4846]  __alloc_frozen_pages_noprof+0xff/0x360
[   62.663388][ T4846]  alloc_pages_mpol+0xb3/0x250
[   62.663489][ T4846]  alloc_pages_noprof+0x90/0x130
[   62.663573][ T4846]  get_zeroed_page_noprof+0x1a/0x40
[   62.663613][ T4846]  rds_cong_from_addr+0x97/0x2c0
[   62.663724][ T4846]  rds_cong_get_maps+0x1a/0x70
[   62.663783][ T4846]  __rds_conn_create+0x536/0x1040
[   62.663835][ T4846]  rds_conn_create_outgoing+0x43/0x60
[   62.663882][ T4846]  rds_sendmsg+0xbd2/0x14a0
[   62.664000][ T4846]  ? __pfx_rds_sendmsg+0x10/0x10
[   62.664032][ T4846]  __sock_sendmsg+0x145/0x180
[   62.664107][ T4846]  ____sys_sendmsg+0x31e/0x4e0
[   62.664144][ T4846]  ___sys_sendmsg+0x17b/0x1d0
[   62.664236][ T4846]  __x64_sys_sendmsg+0xd4/0x160
[   62.664286][ T4846]  x64_sys_call+0x2999/0x2fb0
[   62.664314][ T4846]  do_syscall_64+0xd2/0x200
[   62.664342][ T4846]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   62.664427][ T4846]  ? clear_bhb_loop+0x40/0x90
[   62.664449][ T4846]  ? clear_bhb_loop+0x40/0x90
[   62.664554][ T4846]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   62.664648][ T4846] RIP: 0033:0x7faa81e5e9a9
[   62.664713][ T4846] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   62.664736][ T4846] RSP: 002b:00007faa804bf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   62.664819][ T4846] RAX: ffffffffffffffda RBX: 00007faa82085fa0 RCX: 00007faa81e5e9a9
[   62.664893][ T4846] RDX: 0000000000000000 RSI: 0000200000001600 RDI: 0000000000000003
[   62.664908][ T4846] RBP: 00007faa804bf090 R08: 0000000000000000 R09: 0000000000000000
[   62.664924][ T4846] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   62.664937][ T4846] R13: 0000000000000000 R14: 00007faa82085fa0 R15: 00007fff7ca661c8
[   62.664961][ T4846]  </TASK>
[   63.057177][ T4857] __nla_validate_parse: 6 callbacks suppressed
[   63.057196][ T4857] netlink: 14 bytes leftover after parsing attributes in process `syz.3.455'.
[   63.136968][ T4861] netlink: 12 bytes leftover after parsing attributes in process `syz.0.457'.
[   63.217647][ T4866] can0: slcan on ttyS3.
[   63.280020][ T4866] can0 (unregistered): slcan off ttyS3.
[   63.566180][ T4879] netlink: 8 bytes leftover after parsing attributes in process `syz.4.464'.
[   63.578808][ T4879] 8021q: adding VLAN 0 to HW filter on device macvtap3
[   63.805997][ T4889] syzkaller1: entered promiscuous mode
[   63.811598][ T4889] syzkaller1: entered allmulticast mode
[   63.842981][ T4891] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[   63.855025][   T29] kauditd_printk_skb: 292 callbacks suppressed
[   63.855038][   T29] audit: type=1400 audit(63.836:1628): avc:  granted  { setsecparam } for  pid=4890 comm="syz.3.469" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[   63.937202][ T4895] can0: slcan on ttyS3.
[   64.006674][ T4900] netlink: 12 bytes leftover after parsing attributes in process `syz.4.472'.
[   64.013196][ T4901] netlink: 14 bytes leftover after parsing attributes in process `syz.2.471'.
[   64.030597][ T4895] can0 (unregistered): slcan off ttyS3.
[   64.076050][ T4905] loop3: detected capacity change from 0 to 1024
[   64.093050][ T4905] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   64.116455][ T4905] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.474: bg 0: block 393: padding at end of block bitmap is not set
[   64.120011][   T29] audit: type=1400 audit(64.096:1629): avc:  denied  { rename } for  pid=4904 comm="syz.3.474" name="file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   64.133195][ T4905] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[   64.177031][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   64.226160][ T4914] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[   64.230519][ T4912] netlink: 'syz.1.476': attribute type 1 has an invalid length.
[   64.247620][   T29] audit: type=1400 audit(64.226:1630): avc:  granted  { setsecparam } for  pid=4913 comm="syz.3.475" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[   64.440962][ T4925] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[   64.453144][   T29] audit: type=1400 audit(64.436:1631): avc:  granted  { setsecparam } for  pid=4924 comm="syz.3.481" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[   64.506961][ T4929] syzkaller1: entered promiscuous mode
[   64.512573][ T4929] syzkaller1: entered allmulticast mode
[   64.683834][ T4935] loop4: detected capacity change from 0 to 1024
[   64.701791][ T4935] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[   64.733106][ T4935] EXT4-fs error (device loop4): ext4_map_blocks:816: inode #15: block 3: comm : lblock 3 mapped to illegal pblock 3 (length 3)
[   64.763449][ T4935] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[   64.776316][ T4935] EXT4-fs (loop4): This should not happen!! Data will be lost
[   64.776316][ T4935] 
[   64.825845][ T4943] loop1: detected capacity change from 0 to 512
[   64.832706][   T29] audit: type=1400 audit(64.806:1632): avc:  denied  { connect } for  pid=4942 comm="syz.1.486" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   64.868340][ T4936] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[   64.883621][ T4943] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   64.894448][ T4936] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 20 with max blocks 4 with error 28
[   64.899496][ T4943] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.486: corrupted inode contents
[   64.908354][ T4936] EXT4-fs (loop4): This should not happen!! Data will be lost
[   64.908354][ T4936] 
[   64.921469][ T4943] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #2: comm syz.1.486: mark_inode_dirty error
[   64.929678][ T4936] EXT4-fs (loop4): Total free blocks count 0
[   64.947097][ T4936] EXT4-fs (loop4): Free/Dirty block details
[   64.951072][ T4943] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.486: corrupted inode contents
[   64.953022][ T4936] EXT4-fs (loop4): free_blocks=4293918720
[   64.970534][ T4936] EXT4-fs (loop4): dirty_blocks=64
[   64.975719][ T4936] EXT4-fs (loop4): Block reservation details
[   64.982494][   T29] audit: type=1400 audit(64.966:1633): avc:  denied  { create } for  pid=4942 comm="syz.1.486" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   64.990588][ T4951] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.486: corrupted inode contents
[   65.027286][ T4936]  (4936) used greatest stack depth: 9640 bytes left
[   65.035818][ T4193] EXT4-fs error (device loop4): ext4_map_blocks:816: inode #15: block 8: comm kworker/u8:9: lblock 8 mapped to illegal pblock 8 (length 8)
[   65.051970][ T4951] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #2: comm syz.1.486: mark_inode_dirty error
[   65.086593][ T4951] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.486: corrupted inode contents
[   65.101022][ T4957] syz.4.488 uses obsolete (PF_INET,SOCK_PACKET)
[   65.276825][ T4951] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #2: comm syz.1.486: mark_inode_dirty error
[   65.525365][ T4951] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.486: corrupted inode contents
[   65.613108][ T4951] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #2: comm syz.1.486: mark_inode_dirty error
[   65.631268][ T4943] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.486: corrupted inode contents
[   65.692074][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   65.760456][ T4972] netlink: 8 bytes leftover after parsing attributes in process `syz.0.493'.
[   65.779105][ T4972] team_slave_0: entered promiscuous mode
[   65.785003][ T4972] team_slave_1: entered promiscuous mode
[   65.802191][ T4972] 8021q: adding VLAN 0 to HW filter on device macvtap1
[   65.810992][ T4974] netlink: 4 bytes leftover after parsing attributes in process `syz.1.492'.
[   66.230658][ T5001] mmap: syz.0.503 (5001) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   66.230970][   T29] audit: type=1326 audit(66.216:1634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5000 comm="syz.0.503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa81e5e9a9 code=0x7ffc0000
[   66.265252][   T29] audit: type=1326 audit(66.216:1635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5000 comm="syz.0.503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa81e5e9a9 code=0x7ffc0000
[   66.288143][   T29] audit: type=1326 audit(66.216:1636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5000 comm="syz.0.503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7faa81e5e9a9 code=0x7ffc0000
[   66.310843][   T29] audit: type=1326 audit(66.216:1637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5000 comm="syz.0.503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa81e5e9a9 code=0x7ffc0000
[   66.373117][ T5003] FAULT_INJECTION: forcing a failure.
[   66.373117][ T5003] name failslab, interval 1, probability 0, space 0, times 0
[   66.385823][ T5003] CPU: 1 UID: 0 PID: 5003 Comm: syz.3.502 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[   66.385854][ T5003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   66.385868][ T5003] Call Trace:
[   66.385874][ T5003]  <TASK>
[   66.385881][ T5003]  __dump_stack+0x1d/0x30
[   66.385901][ T5003]  dump_stack_lvl+0xe8/0x140
[   66.385983][ T5003]  dump_stack+0x15/0x1b
[   66.386000][ T5003]  should_fail_ex+0x265/0x280
[   66.386038][ T5003]  ? audit_log_d_path+0x8d/0x150
[   66.386105][ T5003]  should_failslab+0x8c/0xb0
[   66.386127][ T5003]  __kmalloc_cache_noprof+0x4c/0x320
[   66.386158][ T5003]  audit_log_d_path+0x8d/0x150
[   66.386190][ T5003]  audit_log_d_path_exe+0x42/0x70
[   66.386248][ T5003]  audit_log_task+0x1e9/0x250
[   66.386280][ T5003]  audit_seccomp+0x61/0x100
[   66.386306][ T5003]  ? __seccomp_filter+0x68c/0x10d0
[   66.386329][ T5003]  __seccomp_filter+0x69d/0x10d0
[   66.386400][ T5003]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   66.386435][ T5003]  ? vfs_write+0x75e/0x8e0
[   66.386466][ T5003]  ? __rcu_read_unlock+0x4f/0x70
[   66.386488][ T5003]  ? __fget_files+0x184/0x1c0
[   66.386536][ T5003]  __secure_computing+0x82/0x150
[   66.386559][ T5003]  syscall_trace_enter+0xcf/0x1e0
[   66.386584][ T5003]  do_syscall_64+0xac/0x200
[   66.386603][ T5003]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   66.386646][ T5003]  ? clear_bhb_loop+0x40/0x90
[   66.386667][ T5003]  ? clear_bhb_loop+0x40/0x90
[   66.386690][ T5003]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.386760][ T5003] RIP: 0033:0x7f522788e9a9
[   66.386775][ T5003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   66.386793][ T5003] RSP: 002b:00007f5225eb5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000131
[   66.386812][ T5003] RAX: ffffffffffffffda RBX: 00007f5227ab6160 RCX: 00007f522788e9a9
[   66.386824][ T5003] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000000
[   66.386876][ T5003] RBP: 00007f5225eb5090 R08: 0000000000000000 R09: 0000000000000000
[   66.386949][ T5003] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   66.386961][ T5003] R13: 0000000000000000 R14: 00007f5227ab6160 R15: 00007fff391d2f58
[   66.386982][ T5003]  </TASK>
[   66.389752][ T5004] net_ratelimit: 10 callbacks suppressed
[   66.389769][ T5004] batman_adv: batadv0: Local translation table size (108) exceeds maximum packet size (-320); Ignoring new local tt entry: 80:00:00:00:00:85
[   67.007646][ T5015] can0: slcan on ttyS3.
[   67.058428][ T5017] netlink: 'syz.4.508': attribute type 39 has an invalid length.
[   67.070052][ T5015] can0 (unregistered): slcan off ttyS3.
[   67.420678][ T5035] netlink: 14 bytes leftover after parsing attributes in process `syz.2.514'.
[   67.465830][ T5037] netlink: 12 bytes leftover after parsing attributes in process `syz.4.515'.
[   67.671836][ T5041] netlink: 14 bytes leftover after parsing attributes in process `syz.0.516'.
[   67.718477][ T5046] batman_adv: batadv0: Local translation table size (108) exceeds maximum packet size (-320); Ignoring new local tt entry: 80:00:00:00:00:85
[   67.748347][ T5050] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[   67.981727][ T4193] ==================================================================
[   67.982695][ T5068] 8021q: adding VLAN 0 to HW filter on device macvtap2
[   67.989872][ T4193] BUG: KCSAN: data-race in __dev_change_flags / is_eth_port_of_netdev_filter
[   68.005559][ T4193] 
[   68.007945][ T4193] read-write to 0xffff8881198840b0 of 4 bytes by task 5068 on cpu 1:
[   68.016041][ T4193]  __dev_change_flags+0x9a/0x400
[   68.021020][ T4193]  rtnl_newlink_create+0x36b/0x620
[   68.026199][ T4193]  rtnl_newlink+0xf29/0x12d0
[   68.030825][ T4193]  rtnetlink_rcv_msg+0x5fe/0x6d0
[   68.035789][ T4193]  netlink_rcv_skb+0x120/0x220
[   68.040597][ T4193]  rtnetlink_rcv+0x1c/0x30
[   68.045027][ T4193]  netlink_unicast+0x5a8/0x680
[   68.049817][ T4193]  netlink_sendmsg+0x58b/0x6b0
[   68.054604][ T4193]  __sock_sendmsg+0x145/0x180
[   68.059322][ T4193]  ____sys_sendmsg+0x31e/0x4e0
[   68.064116][ T4193]  ___sys_sendmsg+0x17b/0x1d0
[   68.068816][ T4193]  __x64_sys_sendmsg+0xd4/0x160
[   68.073695][ T4193]  x64_sys_call+0x2999/0x2fb0
[   68.078390][ T4193]  do_syscall_64+0xd2/0x200
[   68.082903][ T4193]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.088809][ T4193] 
[   68.091158][ T4193] read to 0xffff8881198840b0 of 4 bytes by task 4193 on cpu 0:
[   68.098707][ T4193]  is_eth_port_of_netdev_filter+0x8c/0x1b0
[   68.104542][ T4193]  ib_enum_roce_netdev+0x122/0x1d0
[   68.109683][ T4193]  ib_enum_all_roce_netdevs+0x89/0x100
[   68.115156][ T4193]  netdevice_event_work_handler+0x253/0x3d0
[   68.121077][ T4193]  process_scheduled_works+0x4cb/0x9d0
[   68.126574][ T4193]  worker_thread+0x582/0x770
[   68.131187][ T4193]  kthread+0x489/0x510
[   68.135365][ T4193]  ret_from_fork+0xda/0x150
[   68.139884][ T4193]  ret_from_fork_asm+0x1a/0x30
[   68.144664][ T4193] 
[   68.147078][ T4193] value changed: 0x00001002 -> 0x00008002
[   68.152807][ T4193] 
[   68.155134][ T4193] Reported by Kernel Concurrency Sanitizer on:
[   68.161292][ T4193] CPU: 0 UID: 0 PID: 4193 Comm: kworker/u8:9 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[   68.172178][ T4193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   68.182333][ T4193] Workqueue: gid-cache-wq netdevice_event_work_handler
[   68.189216][ T4193] ==================================================================
[   68.204327][ T5071] __nla_validate_parse: 4 callbacks suppressed
[   68.204380][ T5071] netlink: 4 bytes leftover after parsing attributes in process `syz.3.527'.
[   68.232514][ T5073] netlink: 14 bytes leftover after parsing attributes in process `syz.0.530'.