last executing test programs:

2.584293208s ago: executing program 3 (id=7479):
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @local, 'geneve0\x00'}}, 0x1e)
connect$pppoe(r0, &(0x7f0000000140)={0x18, 0x0, {0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, 'veth0_to_batadv\x00'}}, 0x1e)

2.584033628s ago: executing program 3 (id=7480):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f00000001c0)=ANY=[@ANYBLOB="0c02025d0000"], 0x18)

2.573273278s ago: executing program 3 (id=7481):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000300)=@newqdisc={0x45c, 0x24, 0xd0f, 0x70bd2d, 0xfffffffd, {0x60, 0x0, 0x0, r1, {0x0, 0x2}, {0xffff, 0xffff}, {0xfff3, 0xc}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_RTAB={0x404, 0x2, [0x9, 0x45, 0x3ff, 0x10000, 0x3, 0x8, 0x4, 0xa0002, 0x5, 0x36, 0x59bc9fd6, 0x2, 0x2, 0x8000, 0x8, 0x4, 0x8, 0x2, 0x114b6000, 0xfffffffb, 0x2a70, 0xffff73d0, 0x81, 0x5, 0x0, 0xa, 0x45, 0x0, 0x8, 0x5, 0xba44, 0x3, 0x60b, 0x80000000, 0x7, 0x4, 0x5, 0x3, 0xffff, 0x3, 0xfffffff8, 0x5, 0x6, 0x1a0055ee, 0x1, 0x1, 0xffff4226, 0x6, 0x0, 0x5, 0x101, 0x4, 0x1, 0x2, 0x800, 0xf9, 0x400, 0x9, 0x2, 0x8, 0x2f, 0xfffffff8, 0x0, 0x101, 0x9, 0x7, 0x0, 0x5, 0x5, 0x0, 0x6, 0x10000, 0x5, 0x8, 0x2, 0x9b58, 0x5, 0xb, 0x4be, 0xe, 0xef, 0xa, 0xcaa, 0x9fa7, 0xfffeffff, 0x38, 0x400004, 0x0, 0x9, 0x44d, 0x6, 0x200, 0x8, 0xfffffff5, 0x7, 0x45, 0x3, 0x9, 0x0, 0x7, 0x6, 0x9, 0x3, 0x7, 0x4, 0x6, 0x7, 0x8002, 0x7, 0x7, 0x7, 0xc3c, 0x3, 0x28000000, 0x8, 0x30c7, 0xfad, 0x7, 0x8, 0x0, 0x5, 0x10, 0x401, 0xa97, 0x4, 0x422dd3f4, 0x4, 0x8, 0x2, 0x8, 0x10000, 0x8c1, 0x0, 0x45ba, 0x9, 0x864b, 0x0, 0x7, 0x9, 0x1, 0x0, 0x81, 0x3, 0x800, 0x6, 0xffffff80, 0x41, 0xc22, 0x1, 0x6, 0x9, 0x9, 0x7fffffff, 0x2, 0xfff, 0x6, 0xfffffffd, 0x7c1, 0x136, 0x6, 0x5, 0x5, 0x3ff, 0x4, 0xb, 0xfffffffe, 0x10001, 0x0, 0x5, 0x3, 0x404, 0x101, 0xffffffff, 0x1b, 0xd589, 0xffffff81, 0xffff0001, 0x4, 0x0, 0x300, 0x8, 0x60000000, 0xd39, 0x0, 0xfffffffe, 0x0, 0x4, 0x2, 0x55, 0x4000004, 0xbc6, 0x2, 0x8, 0x28a6a52, 0x1ff, 0xb, 0x7fff, 0x9, 0x2e4c20b9, 0xb, 0x4, 0x9, 0x7, 0x4, 0x8, 0x3, 0x2, 0x180000, 0x3, 0x7, 0x4, 0x9, 0x8, 0xfffffffa, 0x76e8e800, 0x800, 0x400, 0x6, 0x0, 0xcc6, 0xfffffffb, 0x8000, 0xffffff00, 0x894, 0x7, 0xe, 0x6, 0x6, 0x2, 0x6, 0x10001, 0x9, 0x4, 0x8, 0x5c, 0x1000000, 0x7, 0x1, 0x8, 0x7ffffffd, 0x384, 0x9, 0x58a, 0x80000000, 0xe08, 0x0, 0x1, 0x2c821159, 0x0, 0x9, 0x7, 0x0, 0x6, 0x0, 0x7f]}, @TCA_TBF_PARMS={0x28, 0x1, {{0x6, 0x0, 0x2, 0x8, 0x0, 0xc}, {0xfe, 0x1, 0x6, 0x5, 0x5e1d, 0x8}, 0x3ff, 0xa0, 0x99}}]}}]}, 0x45c}, 0x1, 0x0, 0x0, 0x4000050}, 0x20008840)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000500)='9p_client_req\x00'}, 0x10)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r4}, 0x18)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/diskstats\x00', 0x0, 0x0)
preadv2(r5, &(0x7f00000004c0)=[{&(0x7f00000000c0)=""/139, 0xffffff3d}], 0x37, 0x867, 0x0, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x19, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
close_range(r6, r3, 0x2)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$L2TP_CMD_SESSION_GET(r7, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)={0x1c, r8, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x4000)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, 0x0, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={r9, 0xe0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)

2.536612038s ago: executing program 3 (id=7482):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x800000}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x40000000, 0x0, 0x0, 0x41100, 0x30, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$kcm(0x2, 0x200000000000001, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffbf, @void, @value}, 0x94)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r3, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000200)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
timer_create(0xb, 0x0, &(0x7f0000001000)=<r5=>0x0)
timer_gettime(r5, &(0x7f00000000c0))
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
pipe2$9p(&(0x7f0000001900)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
r8 = dup(r7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000002240)='9p_client_req\x00'}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r8}, 0x2c, {[], [], 0x6b}})

2.476389608s ago: executing program 3 (id=7484):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r2, &(0x7f00000001c0)=ANY=[@ANYBLOB='.'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r2, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000640)='pagemap\x00')

2.473976307s ago: executing program 3 (id=7485):
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xc97c, 0x0, @perf_bp={0x0, 0x764922f6ef795283}, 0x8, 0x0, 0x409, 0x4, 0x0, 0x40, 0xfffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000440)={0xffffffffffffffff}, 0x4)

1.928665706s ago: executing program 4 (id=7492):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
set_mempolicy(0x3, &(0x7f0000000040), 0x6)
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000080)={0x18, 0x0, {0xc, @local, 'bridge_slave_1\x00'}}, 0x1e)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8481f0000005e140604000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
syz_mount_image$iso9660(&(0x7f0000000dc0), &(0x7f0000002380)='./file1\x00', 0x380cc52, &(0x7f0000002000)={[{@hide}, {@session={'session', 0x3d, 0x13}}, {@nocompress}, {@sbsector={'sbsector', 0x3d, 0x2}}, {@check_strict}, {@iocharset={'iocharset', 0x3d, 'cp437'}}, {@cruft}, {@unhide}, {@nocompress}, {@sbsector={'sbsector', 0x3d, 0x1}}, {@map_off}, {@map_normal}], [{@uid_eq}], 0x2c}, 0x3, 0x9bf, &(0x7f0000001640)="$eJzs3c9vHOX9B/D3+EdiDAoB8uWbIiCb0ICB1LGdEhpxaWKvk6X+UdmORFRVhJKkimKVCloJUKWmUtVTUXuoeqA3jj0hcYFLlVv7F/RQqeJfQD1FPXSrmV3HNvZ67dSxTXi9rPXOj888z+fZmZ1HHu/OE77Kms1m9bjL+Yt/3slk2XvOTXz+0ccflI9f3cy+9OaX+TQZSFJL+pIcTvrHJ+Zmp7sUdCO5nORWUiTZn9bzplxO8bs8tDx/K8WfynorF++yYWxKk6+13T7+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgLyrGJ0ZGRotMNWYuvlbrrBoCvNPKnuXyPqtG/S4+61pvUpSPDAwsDfV9+NDy6sfLX8fyZGvuyWpA8gzk/QcfP/jKY309S9tvkPBW/Kc9GPKWN3znvfdvvLG4ePXtbUrkq+Z8faYxP9uYPnu+XmvMz9bOnD49cvLC5HxtsjFVn780v1Cfro3P1c8uzM7Vhsafr42eOXOqVh++NHtx5vzE8FR9aeHL3xobGTlde3X4+/Wzc/OzMydfHZ4fv9CYmmrMnK9iytVlzMvlgfi9xkJtoX52ula7dn3x6qlVGa1zSJRBo91aUgaNdYnJ2MjY2Ojo2Njo6ZfOvPTyyEjf8oLeVAtGvmTtJncO2vKI3tKLzV72Yc9mI7f3BA7/g552/5+pNDKTi3kttXV/xjORucxmusP6tqX+//jJ+ob1ruz/l3r5w8urn0jV/z/dmnu6U//fIZed+3kn7+X93MgbWcxirubtVWv330WJzebut2rzP+dTz0wamc9sGpnO2WpJrb2kljM5ndMZyeu5kMnMp5bJNDKVeuZzKfNZSL06osYzl3rOZqGv3NG1DGU8z6eW0ZzJmZxKLfUM51JmczEzOZ+JnK1KuZbr1et+aoMc7wSNbiZobIOgDfr/9oIt9P98Td2DszjcnWa7/9/XPXRofCcSAgAAALbdN/6WA4ce/es/k/48VV1jBwAAAO431cf1niyf+supp1JMNqbqI7udFgAAALCNiuo7dkWSwRxpTS19E8pFAAAAALhPVP//f7p8GiynjqTw9z8AAADcb7rfY79rRHEitdwsV9WutCKvtCPa9/kdnGxM1YfHZ6deGc2z1V0Gqm8arCmtNweT6usHL+RoK+roYOt5cHWJA2XU6PAroxnIsXZDhp4pn54ZWidyrIx8Ic+1Ip9bihzImshTZSQA3O+ObdAfb7b/fyEnWhEnnqhu3973xDp98IieFQD2iu5j7HSNKL69NPxPh7//H821I62PFAznzbyVxVzJierbBtUnDtql5laR5VIHV3wM4USXqwGDK0Z4ObF0PeDIQ+teDxhcMdDLiTVXBDrFntqBPQEAO+fYmn54g/6/2WxNrbn+v/Hf/4M+UggAe8qdEezv4cRutxEAWO2ueunee5gQAAAAAAAAAAAAAAAAAAAAAAAAAAAA3Ad24v7/e3LiZpI9kIaJezsxsDNH+A/3JXulyds0sdtnJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHZCkfSut7wn2Z/0jSQ5ufNZ3Ts3dzuBXVbczu28mwO7nQcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP2mff//nrSeH2wtSl9PcjzJ5SQ/2O0ct9Pt3U5gl624/3+5z9Ms0tfa7Sn6xyfmZqfL3Z/95frPP/r4g/JxN/WUBZQ1rBpcol1D560eqbYanLj6zo2fvfXT2sS5KslzC5NTE9Pn5767HPh48UlSS+uxZCnfXxTto3h1yz8pW7q5eiereifW1vv/6219p97jf/l957YtW07j+uLVsbKmhfprCz//yfV3VwQ9mqPJM0PJ0Oqaflw+OtR0NP0b1Vt8UfymOJA/5nK1/8s0imZR7qKHq/Y/cO364tXhN99avNIhp4M5kuRKMrD5nI6s3RNLqqOup7+sdaQKKn8d6lLehh7sPdBstkocXb8NDzxSHTKDW2pDrXMbKl1e93YbT3V4VR/Ls1ve0892qbHt382W1lzxRfGP4kL+nl+vGP+jp9z/x7OZd2cZU0WuOFI6t/n4csvHVq54/cuRHd+V3AO/zY/ynTv7v2fF+b+9r3bmfLSixnv2vihavVBbNX3oSz1S++zTKct2nodaUR3y/L+8uHa7Lnm+2OWMsk3v/9WKL4oPi6H8KzeN/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOx9RdK73vKe5HiSg0keLudrSXM76usZLLajmE3at2bJzR2sfe/ouTNV3M7tvJsDu5oOAAAAAAAAANvm3MTnH338Qfmo/h/fm28WnyYDrf/09yU5WPyhf3xibna6S0H9yeUkt8rpga3lUG6Xh5bnb5Vzh7feFgBgc/4bAAD//7Y4dyw=")
unshare(0x28020480)
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000180)={r2, 0x0, 0x0, 0x4}, 0x20)
r3 = fsopen(0x0, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
symlinkat(&(0x7f0000000000)='.\x00', 0xffffffffffffffff, &(0x7f0000000140)='./file0\x00')
openat(0xffffffffffffffff, 0x0, 0x515a02, 0x52abe154ad664f64)
io_uring_setup(0x4ff9, &(0x7f00000000c0)={0x0, 0xfffffffe, 0x1, 0x2, 0x16d})
pause()
r6 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_MSFILTER(r6, 0x29, 0x30, 0x0, 0x310)

1.669436395s ago: executing program 1 (id=7498):
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000054850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000000c0)={&(0x7f0000000140)="0a81ab61ef68985b498c5f7d929dd0d94a38b2f3a8def5c8ca240f6ddccbcef5630d17ce4a45d1f53d9d9a998fbe0c8d6acb4c032889be73f20b2b76f1fb2263005227e0e767745d83734fc441c9f96ed2e6bb5e519033f24dc8c321b5e3114f2cb6c033", &(0x7f00000002c0)=""/233, &(0x7f00000001c0)="d31806cc99e975fa977666cbf6f6c844bf10e506f1fccadd03c922af0230304b7fb0b18dbc58ad0d739f30a553dc4a77cee3a741a62d97f9f6d744b1193865d04a3a668553934258217ad88f4620eeeac686086d940aec83689f49cbfa5b30ca17241564d528808ef17f060af1a05bae8c14e8554426867e504f517fa8fd99153770324a727ab47edc6e6fc4fdfbbc73bf400eeb5536526fa93d5bc97574895095c44ed50d5260eb9d532c37331fd8eef889ac05741d02327f", &(0x7f00000005c0)="fba09a14f6574157b4022ab90740bc69a60a6fd37df57a7306e458f08550366608c3e9229449bdb879352af968f4751d496fb476e6bfd07a243aaea0cb357bcca8e663f681b874075840d896a71ec1dff44a2b315d0b7712b59b26403d64b60f06f0fc867cf12635ec01375f47a38817afe2b2bf3852d488d1f492b2bc0c88edc0b3d5d7587f4105a5a9de90bda7c8595096a0759c3146814693382b774f891aeb0b58922c366e8a4901068702b343c7e2617f2e5cf96229561c6193f7fa5bfc96cf8849bfece8c24891a6038abca38893f84dacb929a34d75c401ca1484058f32282fbc5da49d6a532c21d316e931c49a06f5ea", 0x5000, r0}, 0x38)

1.614319095s ago: executing program 1 (id=7499):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000240), 0x25, 0x4b6, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvvW1pKYUWJfFHVBBRNISZdoCGsMKNxhASI3HlAmo7NE1nOk1nirSyKP+DiSSu9E9wYeLChJV7d7pzgwsTVOILfclbzMudmZZSOm3fo8x96Xw+ycm9555hvt/D9J4zPW3nBNC3LkTERkSciIgHETHeuZ50Stxul+xxr189md189WQ2iWbz3n+TVnt2LXb8m8ypznOORMTPfhzxy+TduPW19cWZSqW80qkXG9XlYn1t/epCdWa+PF9eKpWmp6Ynb167UTqyvp6v/vHljxbu/Pwvf/7mi79t/ODXWVpjnbad/ThK7a4PbcfJDEbEnQ8RLAcDnf6cyDsRPpc0Ir4UERez+7+ZdzYAQC80m+PRHN9ZBwCOu7S1Bpakhc5awFikaaHQXsM7F6NppVZvXHlYW12aa6+VTcRQ+nChUp7srBVOxFCS1ada52/qpV31axFxNiJ+M3yyVS/M1ipzeb7xAYA+dmrX/P/RcHv+BwCOuZG8EwAAes78DwD9x/wPAP3H/A8A/cf8DwD9x/wPAP3H/A8AfeWnd+9mpbnZ+fzruUdrq4u1R1fnyvXFQnV1tjBbW1kuzNdq863P7Kke9HyVWm156nqsPi42yvVGsb62fr9aW11q3G99rvf98lBPegUA7Ofs+ef/SCJi49bJVokdezmYq+F4S/NOAMjNQN4JALkZzDsBIDe+xwf22KL3LV1/RejZ0ecC9Mblr1n/h35l/R/6l/V/6F/W/6F/NZuJPf8BoM9Y4wf8/B8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+u7FWSdJCZy/wsUjTQiHidERMxFDycKFSnoyIMxHx9+Gh4aw+lXfSAMB7Sv+ddPb/ujx+aWx364nk4+HWMSJ+9bt7v30802isTGXX/7d9vfGsc72UR/4AwEG25umteXzL61dPZrdKL/N5+cP25qJZ3M1OabcMxmDrOBJDETH6/6RTb8verwwcQfyNpxHx1b36n7TWRiY6O5/ujp/FPt3T+Olb8dNWW/uY/V98+QhygX7zPBt/bu91/6VxoXXc+/4faY1Q729r/Nt8Z/xLt8e/gS7j34XDxrj+1590bXsa8fXBveIn2/GTLvEvHTL+P7/xrYvd2pq/j7gce8ffGavYqC4X62vrVxeqM/Pl+fJSqTQ9NT1589qNUrG1Rl3cWql+139uXTmzX/9Hu8QfOaD/3z1k///wyYNffHuf+N//zt6v/7l94mdz4vcOGX9m9E9dt+/O4s916f9Br/+VQ8Z/8a/1uUM+FADogfra+uJMpVJecdKzk+y92xcgDSe5nWRfAUfxPF/5gKnmPTIBH9qbmz7vTAAAAAAAAAAAAAAAgG568QdPefcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA4+vTAAAA//+0tdao") (async)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000002c0)=0x14)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x3ff, 0x0, 0x0, 0x0, 0x0, '\x00', r1, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r2}, 0x10) (async)
pipe2$9p(&(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
r5 = dup(r4)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r5]) (async)
r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r6) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6}]})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ptrace(0x10, r6)
tgkill(r6, r6, 0x12) (async)
r7 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000340)={'veth0_to_bond\x00', <r8=>0x0})
r9 = socket$nl_route(0x10, 0x3, 0x0) (async)
setsockopt$packet_add_memb(r7, 0x107, 0x1, &(0x7f0000000000)={r8, 0x1, 0x6}, 0x10)
setsockopt$packet_add_memb(r7, 0x107, 0x1, &(0x7f0000000040)={r8, 0x1, 0x6, @local}, 0x10) (async, rerun: 64)
sendmsg$nl_route_sched(r9, &(0x7f00000003c0)={0x0, 0xfffffe03, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x70bd2d, 0x25dfdc03, {0x0, 0x0, 0x0, r8, {0xc}, {0xfff3}}}, 0x24}}, 0x20040000) (rerun: 64)
getsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000001780)={@mcast2}, &(0x7f00000017c0)=0x14)
getsockname$packet(r5, &(0x7f0000001800)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000001840)=0x14) (async)
r10 = socket$nl_route(0x10, 0x3, 0x0)
r11 = socket$inet6_udp(0xa, 0x2, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, @perf_config_ext={0x800000000000, 0x800800000003}, 0x1100, 0x5dd8, 0x1, 0x5, 0x0, 0x7, 0xff7b, 0x0, 0x0, 0x0, 0x80000000000005}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) (async, rerun: 64)
r12 = socket$nl_netfilter(0x10, 0x3, 0xc) (rerun: 64)
sendmsg$NFT_BATCH(r12, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000800000000000070000000900010073797a30000000007c000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d38001280140001800c000100636f756e7465720004000280200001800e000100636f6e6e6c696d69740000000c00028008000140000000080800034000000110"], 0xc4}}, 0x20050800) (async)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000040)={'lo\x00', <r13=>0x0})
sendmsg$nl_route_sched(r10, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000046c0)=@newqdisc={0x45c, 0x24, 0x4ee4e6a52ff56541, 0x8000000, 0x0, {0x0, 0x0, 0x0, r13, {0x0, 0xfff7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x2, 0x0, 0x0, 0x0, 0x10000000, 0x4, 0x40000000, 0x1000, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7e150a0b, 0x0, 0x5, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x10200, 0x5d2, 0x4, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x1007, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0xcad, 0x0, 0x0, 0xfffffffd, 0x0, 0x8, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4fe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x7e98263b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd2d1, 0x0, 0x0, 0xb2e, 0x9, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x7, 0xc3f3, 0x1, 0x0, 0x800, 0x9, 0x800, 0x0, 0x3, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0xfffffffe, 0xa42, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x8000, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x6, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0xffffffff, 0x10, 0x0, 0x0, 0xb2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x1000, 0x100, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x800, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20]}, @TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x3, 0x0, 0x0, 0x0, 0xc0000000}, {0x3, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x6, 0x30, 0x2000000}}]}}]}, 0x45c}}, 0x0)

1.523342194s ago: executing program 1 (id=7500):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYRES8=0x0], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = socket(0x10, 0x2, 0x0)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000100)='syz_tun\x00', 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x4e20, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}]}, &(0x7f0000000180)=0x10)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000000)={0x9}, 0x3c33)
getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0xd, &(0x7f0000000380)=@assoc_value={<r5=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x85, &(0x7f0000000000)={r5, @in6={{0xa, 0x4e20, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}, 0x0, 0xfffc}, 0x90)
connect$inet6(r2, &(0x7f0000000300)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f0000000340)=@gcm_128={{0x303}, "0400", "0d00e8ffff1a8600", "00000600", "8657e22727751fe4"}, 0x28)
write$binfmt_script(r2, &(0x7f0000000780)={'#! ', './file0'}, 0xb)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r2, 0x6, 0x23, &(0x7f0000000280)={&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0}, &(0x7f0000000240)=0x40)
close_range(r1, r2, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r6, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x55)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r7, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r7, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}}, 0x1c)
syz_open_procfs$pagemap(0x0, &(0x7f0000001080))
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r8}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
syz_mount_image$ext4(&(0x7f0000000300)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2000002, &(0x7f0000000280)={[{@bsdgroups}, {@nombcache}, {@debug}], [{@uid_eq}, {@defcontext={'defcontext', 0x3d, 'system_u'}}]}, 0x0, 0x548, &(0x7f0000000cc0)="$eJzs3c9vI1cdAPDvTH42TZst9AAVsAsUFrRae+Nto6qXdi8gVFVCVBwQh21IvFGIHYfYKU2IRPo3gAQSJ/gTOCBxQOqJAzeO3BBSOSAtEIE2SFQYeTxJ3azdeDeODfHnI83Oj5e873v2zrznN/G8AMbWtYg4iIjpiHgzIhby40m+xKvtpfVzDw73V44O91fiP83mG39LsvTWseO8mvn6yTzP2Yj4xlcjvpM8HLe+u7exXKmUt/P9YqO6Vazv7t1cry6vldfKm6XS0uLSrZduv1gaWF2vVn95/yvrr33zN7/+9Hu/P/jyD1rFms/TOusxSO2qT53EaZmMiNcuItgITOTr6RGXg8eTRsTHIuJz2fm/EBPZ/04A4DJrNheiudC5DwBcdmk2BpakhXwsYD7StFBoj+E9G3NppVZv3LhX29lcbY+VXYmpdCbvK3wv+3cqubdeKS9maVl6tl86tX87Ip6JiB/PPJHtF1ZqldXRdHkAYOw9ear9/+dMu/3vQ5e7egDA/43ZURcAABg67T8AjB/tPwCMnz7a//xm/8GFlwUAGA6f/wFg/Gj/AWD8aP8BYKx8/fXXW0vzKH/+9epbuzsbtbdurpbrG4Xqzkphpba9VVir1dayZ/ZUz8qvUqttLb4QO28XG+V6o1jf3btbre1sNu5mz/W+W54aSq0AgI/yzNV3/5BExMHLT2RLmMsBxkY66gIAIzMx6gIAI2O2Lxhf/Y/H/+5CywGMTteHec923fzwoMFPHyGIvzOC/ynXP9l7/P9038B9AbhcjP/D+Hq88f9XBl4OYPi6jf/r58N4aDaT4zn/p/Pp/6dPkgCAS+kc38dr/nBQnRBgpM6azLvnrftHuf8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAl8x8RHw3krSQzwU+H2laKEQ8FRFXYiq5t14p34qIp+NqREzNtPYXR11oAOCc0r8k+fxf1xeenz+dOp38aybyOcG//7M3fvL2cqOxvdg6/veT4zPH04eVPvi9c8wrCAAMWNZ+l/J1xwf5B4f7K8fLMMtz/068n09FvHJ0uJ8t7ZTJmMzWs1lfYu4fSb7fnov0uYiYGED8g3ci4hMn9U/ebzbz+Ek2NnIln/m0M37ksZ8afPyO1/90/PRD8dMsrb1udb4+firfdABlg8vu3TsR8Wq38y+Na9m6+/k/m12hzu/+nXZmx9e+o474x9e/iS7xW+f8tX5jvPDbrz10sLnQTnsn4rnJbvGTk/hJj/jP9xn/j5/6zI9e6ZHW/HnE9egevzNWsVHdKtZ3926uV5fXymvlzVJpaXHp1ku3XywVszHq4vFI9cP++vKNp3uVrVX/uR7xZ7vWf/rkd7/QZ/1/8e83v/3Zj4j/pc93f/+f7Rq/rdUmfrHP+Mtzv+o5fXcr/mqP+p/1/t/oM/57f95b7fNHAYAhqO/ubSxXKuXtc220Pm0OIp9sY7rjSKuIAylhnxt/iuHFOnNjapCv6lA3Jk/6ioPN+VutHIdcnXTgtTjXxoNhxRrtdQm4eB+c9KMuCQAAAAAAAAAAAAAA0Mswvro06joCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwef03AAD//yLnx6o=")

1.021911293s ago: executing program 4 (id=7509):
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000054850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000000c0)={&(0x7f0000000140)="0a81ab61ef68985b498c5f7d929dd0d94a38b2f3a8def5c8ca240f6ddccbcef5630d17ce4a45d1f53d9d9a998fbe0c8d6acb4c032889be73f20b2b76f1fb2263005227e0e767745d83734fc441c9f96ed2e6bb5e519033f24dc8c321b5e3114f2cb6c033", &(0x7f00000002c0)=""/233, &(0x7f00000001c0)="d31806cc99e975fa977666cbf6f6c844bf10e506f1fccadd03c922af0230304b7fb0b18dbc58ad0d739f30a553dc4a77cee3a741a62d97f9f6d744b1193865d04a3a668553934258217ad88f4620eeeac686086d940aec83689f49cbfa5b30ca17241564d528808ef17f060af1a05bae8c14e8554426867e504f517fa8fd99153770324a727ab47edc6e6fc4fdfbbc73bf400eeb5536526fa93d5bc97574895095c44ed50d5260eb9d532c37331fd8eef889ac05741d02327f", &(0x7f00000005c0)="fba09a14f6574157b4022ab90740bc69a60a6fd37df57a7306e458f08550366608c3e9229449bdb879352af968f4751d496fb476e6bfd07a243aaea0cb357bcca8e663f681b874075840d896a71ec1dff44a2b315d0b7712b59b26403d64b60f06f0fc867cf12635ec01375f47a38817afe2b2bf3852d488d1f492b2bc0c88edc0b3d5d7587f4105a5a9de90bda7c8595096a0759c3146814693382b774f891aeb0b58922c366e8a4901068702b343c7e2617f2e5cf96229561c6193f7fa5bfc96cf8849bfece8c24891a6038abca38893f84dacb929a34d75c401ca1484058f32282fbc5da49d6a532c21d316e931c49a06f5ea", 0x5000, r0}, 0x38)

949.922873ms ago: executing program 4 (id=7511):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x2, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d00000018110000", @ANYRES32=r0, @ANYBLOB], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, 0x0, 0x1)

722.733592ms ago: executing program 0 (id=7516):
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000005c0)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
fcntl$lock(r1, 0x25, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x80000000})
setregid(0xffffffffffffffff, 0x0)
setgroups(0x1, &(0x7f00000000c0)=[0x0])
socket(0x10, 0x3, 0x0)
setregid(0xffffffffffffffff, 0x0)
getresuid(&(0x7f0000000140), &(0x7f0000000280), &(0x7f00000002c0))

709.985782ms ago: executing program 0 (id=7517):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='kfree\x00'}, 0x18)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SCAN(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="0107000000000000000020000000040003"], 0x1c}, 0x1, 0x0, 0x0, 0x8041}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000480)={&(0x7f0000000300)=ANY=[@ANYBLOB="9feb010018000000000000004c0000001c00000008000000050000000000000c01000000000000045f615f00"], 0x0, 0x2c, 0x0, 0x1, 0x1000000, 0x0, @void, @value}, 0x28)
r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000440)={0xffffffffffffffff}, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x54, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
r5 = socket$key(0xf, 0x3, 0x2)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xad, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="02030609100000000000004c9e0000000200130002eb0e00000000000000000105000600200000000a00000040010000000500e50000070000001f00001a000000030000a95a6e870200010000e9ff070040000200000000050005000000cc580a"], 0x80}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x10}}, 0x0)
sendmmsg(r6, &(0x7f0000000180), 0x400008a, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r7}, 0x10)
r8 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000280)={0x4000, 0x1}, 0x10)
sendmsg$nl_generic(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000160001de7efde4be701161000a000000040000800400", @ANYRES32=r8], 0x1c}}, 0x0)
sendmsg$key(r5, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000700)={0x2, 0x3, 0x0, 0x3, 0x10, 0x0, 0x0, 0x0, [@sadb_key={0x2, 0x9, 0x8, 0x0, '\n'}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @loopback}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x6, 0xc}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @loopback}}]}, 0x80}, 0x1, 0x7}, 0x0)
r9 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$bt_BT_RCVMTU(r9, 0x112, 0xd, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000140)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000002d0301000000000095000000000000006926000000000000bf67000000000000150600000fff070067060000200000006a0200000ee60000bf050000000000004e350000000000006507000002000000070700004a0000000f75000000000000bf54000000000000070400000400f9ff3d53010000000000840400000000000073720000000000009500000000000000db13d5d8b741f2cdaabc8383caf56b8c2b84a8d09535a157f9005bd38addaa65b925f1ffed25b8b9e2a095d2c51ef45c5588ec78c7f32946b17cecfe54c53ab530c58b67851b7e0e82452a083b98a6aa766401047d150203b0417edef332233b081df18961d6822d133bf72a4de1c2ea17f04537fc211576846ac629d1d93265ba4580047a9dc88de358ce795731891a2031de4e09740c64e5506f991ed4785a9773a433e0db9c1a7d4ab9d658ce9cfdb4db3bed62bcb2bc91ddcdfadfe6d4421c49fb6641cbf56914e76702f673b586c767562a90a3967093b000e3806f825f1d0da2a304e06543b56d35235d78b7a7fe912971aab876022e96f5143b6234f5a6b701690b07fb664a44e22b72e843e7cf55f394cf75d1cd3ee79a25fb98cc45b3fde43e42e150d4a2fddd9a97677400ef0bd697d135324ce480c2960344de346bd511dea4ff7a07400b2d12dd1a8c4c300aee5f948777085ca142b79dfc3aca5fadaa0532ab0572169f68584ff2ee063bc7e75ecd5cc8973464629ba236e3ff97f6033d0800000000000000cef54a60aff12590a50ef147e3e640193d00263003a4ef412420a070dd0327e47c8c7abb77b4b53874788d7e2e5d554de4713db957afb56d4673f1b904c5a317d367000300000018"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000800000000000070000000900010073797a30000000007c000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d38001280140001800c000100636f756e7465720004000280200001800e000100636f6e6e6c696d69740000000c000280080001400000000808000340000001"], 0xc4}}, 0x20050800)
socket$nl_generic(0x10, 0x3, 0x10)

635.348612ms ago: executing program 0 (id=7518):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000800000000000000000001811", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
getpid()
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x65, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000040000000000000000000100000a20000000000a05000000000000000000070000010900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021800000000c0a01030000000000000000070000080900020073797a31000000000900010073797a30000000005400038050000080080003400000000244000b802c0001800a0001006c696d69740000001c0002800c00"], 0x104}}, 0x40000)

617.159612ms ago: executing program 1 (id=7519):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
ioprio_set$pid(0x1, 0x0, 0x0)

610.666512ms ago: executing program 0 (id=7520):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r2}, 0x18)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x65, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000040000000000000000000100000a20000000000a05000000000000000000070000010900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021800000000c0a01030000000000000000070000080900020073797a31000000000900010073797a30000000005400038050000080080003400000000244000b802c0001800a0001006c"], 0x104}}, 0x40000)

602.108622ms ago: executing program 1 (id=7521):
r0 = socket$xdp(0x2c, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x10)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000380)=@o_path={&(0x7f0000000340)='./file0\x00', 0x0, 0x4000}, 0x18)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000000040)=0x1000000, 0x4)
writev(r5, &(0x7f0000000300)=[{&(0x7f00000005c0)="480000001400190d7ebdeb75fd0d9c562cfe8dc033aae461ebe430a26d7a80ffe0090f000000000000a2bc5603ca00000f7f89000000200000004a07000000000000004b4ec651dc31f4d4f75bf81e9bf1da8d3c389f3b10dc427beb0f66fc339c2748015d23a5557386d1dd710d1fd33a82cbe840f277387db838951a6045702d2dde3b1d670c4b95f84bb688c57c0e1eb407b1512f478f4d819f6699c667e2ae58b0eac3ac55322b2372f11b01217200"/194, 0xc2}], 0x1)
semtimedop(0x0, &(0x7f00000003c0)=[{0x0, 0x3371}], 0x1, 0x0)
semop(0x0, &(0x7f00000000c0)=[{}, {}], 0x2)
semctl$IPC_RMID(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000040)={0xffffffffffffffff, 0x20, &(0x7f00000002c0)={&(0x7f0000000400)=""/100, 0x64, 0x0, &(0x7f0000000080)=""/90, 0x5a}}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)

494.972581ms ago: executing program 0 (id=7522):
pipe2(&(0x7f0000000040), 0x800)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
r2 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r2, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @local, 'geneve0\x00'}}, 0x1e)
r3 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r3, &(0x7f00000003c0)={0x18, 0x0, {0x1, @broadcast, 'veth0_to_bridge\x00'}}, 0x1e)
connect$pppoe(r2, &(0x7f0000000140)={0x18, 0x0, {0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, 'veth0_to_batadv\x00'}}, 0x1e)

434.510891ms ago: executing program 0 (id=7523):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x10)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r2, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
r4 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000240)={'team0\x00', <r5=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000840)={0x58, r4, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [{{0x8, 0x1, r5}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xfffffff9}}}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x24004000}, 0x24040840)

167.586201ms ago: executing program 1 (id=7524):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSET(r1, 0x0, 0x0)
r2 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, 0x0)
bind$can_j1939(0xffffffffffffffff, 0x0, 0x0)
connect$can_j1939(0xffffffffffffffff, 0x0, 0x0)
connect$can_j1939(r2, 0x0, 0x0)
sendmmsg$inet(r2, &(0x7f0000004980)=[{{0x0, 0x0, &(0x7f0000002940)=[{&(0x7f0000002640)="ef0ba6e0d60508", 0x7}], 0x1}}], 0x1, 0x20000010)
recvmmsg(r2, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = msgget$private(0x0, 0x82)
msgctl$MSG_STAT_ANY(r3, 0xd, &(0x7f0000001040)=""/49)
r4 = openat$vcsu(0xffffffffffffff9c, &(0x7f00000003c0), 0x212102, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x13, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020642500000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x18)
r6 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$tipc(&(0x7f0000000400), r6)
getsockname$packet(r6, &(0x7f0000000600)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="480000001000030500"/20, @ANYRES32=r7, @ANYBLOB="0000000040000200280012800a000100767863616e0000001800028014000100000000", @ANYRES32=r7], 0x48}, 0x1, 0x0, 0x0, 0x40}, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000840)={0x80, <r8=>0x0}, 0x8)
openat$vcsu(0xffffffffffffff9c, &(0x7f0000000880), 0x0, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xf, &(0x7f0000000340)=ANY=[], &(0x7f0000000440)='syzkaller\x00', 0x200, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r9}, 0x10)
syz_open_dev$sg(0x0, 0x0, 0x0)
r10 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000000)={'bridge0\x00'})
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f00000000c0)={'team0\x00', <r11=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=@deltclass={0x64, 0x29, 0x300, 0x70bd25, 0x25dfdbfc, {0x0, 0x0, 0x0, r11, {0xffff, 0xe}, {0xfff2, 0x10}, {0x9, 0x10}}, [@TCA_RATE={0x6, 0x5, {0x3}}, @TCA_RATE={0x6, 0x5, {0x9, 0x66}}, @tclass_kind_options=@c_skbprio={0xc}, @tclass_kind_options=@c_ingress={0xc}, @TCA_RATE={0x6, 0x5, {0x81}}, @tclass_kind_options=@c_cbs={0x8}, @tclass_kind_options=@c_sfb={0x8}]}, 0x64}}, 0x0)

95.69611ms ago: executing program 2 (id=7525):
prctl$PR_SET_SECUREBITS(0x1c, 0x2c)
setuid(0xee00)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0xb, 0x7, 0xc9e3, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}, @call={0x85, 0x0, 0x0, 0x50}]}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x78, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = socket$inet6(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r1}, 0x10)
sendto$inet6(r0, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)

80.78013ms ago: executing program 4 (id=7526):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xc, 0x3, &(0x7f0000000040)=@framed={{0x15, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x4b}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

73.81919ms ago: executing program 2 (id=7527):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, 0x0, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0x3ae, &(0x7f0000000c00)={@multicast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1d}, @val={@void}, {@ipv6={0x86dd, @icmpv6={0x5, 0x6, "4f6f14", 0x374, 0x3a, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}, @loopback, {[@srh={0x89, 0xa, 0x4, 0x5, 0x2, 0x10, 0x803, [@loopback, @empty, @loopback, @dev={0xfe, 0x80, '\x00', 0x34}, @mcast1]}, @routing={0x2b, 0xe, 0x2, 0xcc, 0x0, [@dev={0xfe, 0x80, '\x00', 0x16}, @ipv4={'\x00', '\xff\xff', @broadcast}, @private0={0xfc, 0x0, '\x00', 0x1}, @loopback, @private0={0xfc, 0x0, '\x00', 0x1}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private0]}, @hopopts={0x3c}, @hopopts={0xe3, 0x0, '\x00', [@enc_lim, @pad1]}], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @dev={0xfe, 0x80, '\x00', 0xe}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, [{0x1, 0x19, "16f4adedc0fd20356740242cff0b297f3e1da0808454ce8a12c91380125af88d5d4c96e2c3084a3b83e0169be8db5b0eee73ffbbf5b925d13fb1f2009a75420118024ae4ee99bce59c055911b76d4a79e6ddfd69b99282fe9c518805f0a573d7542418dea4193528b291e4281b7a0784d1d786908eec2a5517f0c9c8c402471893497b23dfe7a9d7d47d8cc38a09931ab1bad0f6624165cc5e9afb3ca1020bc2965c6faa0dfac7c41876dbd9015d474dd4370c6d52dea5c67efce8e484b529ccc9ed7207e6be67b039fbdceddb"}, {0x18, 0x15, "a35b75d128049ce1289a84d36b4d2e0afa48f14e1c8a177d18f014f08279155f59a1986597adad7270404ae9a41e2b2bd3d3a79b657bbc917b35d800ec1a661796f86be2f0601fdac6d45aa31a0bef2eac82899afc212273ccda76bc82d0c9c3cdc39af4eec7a34c55daa6d2a60203fd5b92695ba0cc89c4b7e0300d419b2c42aaa2aee4c31f3df0d3e9c81fe918ca0eff6546c569617da4fe5cc02d0b8eddf0634f1838398c4bb5aa7ed7"}, {0xe, 0x9, "c812af2360e31375a97ddbeb01c324199bfdd41a2a21423a820c51bef44684388e20a88156d4924aacb51f7fd716ecef5fc999536e76a35a56232efb607977454301c0d41eb4"}, {0x1f, 0x14, "a83d1ced848d4a67d1b86cebb955b95766f1149cc9078fc7a2d4c58deeba0430a8a0486208a8bc7e6946c6036e91df3cc52e7f65ac2a24b17e4f7c694ddde01739a6a6e9386d264774c10f21f1460a8ca6f0cc3f9e8c28018d6b6a6577223f271de9371e5c27a8746553427c587a7d7d0117c34032af88f3c41528a58fa49a6380407762c578c0f206ec8e474afd2435481903a7c3e44b044469f0df1347"}]}}}}}}, 0x0)

59.93379ms ago: executing program 4 (id=7528):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000010000008500000086000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000640)='pagemap\x00')

59.31808ms ago: executing program 2 (id=7529):
r0 = add_key$fscrypt_v1(&(0x7f0000000440), &(0x7f0000000040)={'fscrypt:', @desc2}, &(0x7f0000000080)={0x0, "69dcaf20127e9a854528f45826cb35be51ca73845d177dd8dba7221daeccfda56b75cfe286fdd14cb5b11b1cab614fec2236da7d88ea0f0700", 0x8}, 0x48, 0xfffffffffffffffe)
keyctl$search(0xa, r0, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000100)={'syz', 0x0}, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x1, @ANYBLOB="0300000000000000000000000000000000000000c323b7563545450c2b02b56ae84159ebbf", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000400"/28], 0x50)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'nicvf0\x00', <r2=>0x0})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000020000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x10)
r5 = openat$binfmt_register(0xffffff9c, &(0x7f0000001240), 0x1, 0x0)
write$binfmt_register(r5, &(0x7f0000001280)={0x3a, 'syz1', 0x3a, 'E', 0x3a, 0xf0, 0x3a, 'datacow', 0x3a, '\\-%#!\\\\\'', 0x3a, './file0', 0x3a, [0x46]}, 0x37)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1e000000ffff00007a7b8e71ff00000000000000", @ANYRES32=r1, @ANYBLOB="0600005e226b2cf9a00c30000000000000000000", @ANYRES32=r2, @ANYRES32, @ANYBLOB="01000000010000000200"/28], 0x50)
add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
add_key$keyring(&(0x7f0000000280), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
readahead(0xffffffffffffffff, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0xc7e, &(0x7f0000006680))
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0x6, 0x0, 0x0, 0x0, 0x0, 0x69, 0x11, 0x7b}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x18}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00')
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f00000000c0)=@nbd={'/dev/nbd', 0x0}, 0x0, &(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00')
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', 0xffffffffffffffff, 0x0, 0x178}, 0x18)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)

49.38216ms ago: executing program 4 (id=7530):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYRES8=0x0], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = socket(0x10, 0x2, 0x0)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000100)='syz_tun\x00', 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x4e20, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}]}, &(0x7f0000000180)=0x10)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000000)={0x9}, 0x3c33)
getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0xd, &(0x7f0000000380)=@assoc_value={<r5=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x85, &(0x7f0000000000)={r5, @in6={{0xa, 0x4e20, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}, 0x0, 0xfffc}, 0x90)
connect$inet6(r2, &(0x7f0000000300)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f0000000340)=@gcm_128={{0x303}, "0400", "0d00e8ffff1a8600", "00000600", "8657e22727751fe4"}, 0x28)
write$binfmt_script(r2, &(0x7f0000000780)={'#! ', './file0'}, 0xb)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r2, 0x6, 0x23, &(0x7f0000000280)={&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0}, &(0x7f0000000240)=0x40)
close_range(r1, r2, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r6, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x55)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r7, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r7, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}}, 0x1c)
syz_open_procfs$pagemap(0x0, &(0x7f0000001080))
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r8}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
syz_mount_image$ext4(&(0x7f0000000300)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2000002, &(0x7f0000000280)={[{@bsdgroups}, {@nombcache}, {@debug}], [{@uid_eq}, {@defcontext={'defcontext', 0x3d, 'system_u'}}]}, 0x0, 0x548, &(0x7f0000000cc0)="$eJzs3c9vI1cdAPDvTH42TZst9AAVsAsUFrRae+Nto6qXdi8gVFVCVBwQh21IvFGIHYfYKU2IRPo3gAQSJ/gTOCBxQOqJAzeO3BBSOSAtEIE2SFQYeTxJ3azdeDeODfHnI83Oj5e873v2zrznN/G8AMbWtYg4iIjpiHgzIhby40m+xKvtpfVzDw73V44O91fiP83mG39LsvTWseO8mvn6yTzP2Yj4xlcjvpM8HLe+u7exXKmUt/P9YqO6Vazv7t1cry6vldfKm6XS0uLSrZduv1gaWF2vVn95/yvrr33zN7/+9Hu/P/jyD1rFms/TOusxSO2qT53EaZmMiNcuItgITOTr6RGXg8eTRsTHIuJz2fm/EBPZ/04A4DJrNheiudC5DwBcdmk2BpakhXwsYD7StFBoj+E9G3NppVZv3LhX29lcbY+VXYmpdCbvK3wv+3cqubdeKS9maVl6tl86tX87Ip6JiB/PPJHtF1ZqldXRdHkAYOw9ear9/+dMu/3vQ5e7egDA/43ZURcAABg67T8AjB/tPwCMnz7a//xm/8GFlwUAGA6f/wFg/Gj/AWD8aP8BYKx8/fXXW0vzKH/+9epbuzsbtbdurpbrG4Xqzkphpba9VVir1dayZ/ZUz8qvUqttLb4QO28XG+V6o1jf3btbre1sNu5mz/W+W54aSq0AgI/yzNV3/5BExMHLT2RLmMsBxkY66gIAIzMx6gIAI2O2Lxhf/Y/H/+5CywGMTteHec923fzwoMFPHyGIvzOC/ynXP9l7/P9038B9AbhcjP/D+Hq88f9XBl4OYPi6jf/r58N4aDaT4zn/p/Pp/6dPkgCAS+kc38dr/nBQnRBgpM6azLvnrftHuf8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAl8x8RHw3krSQzwU+H2laKEQ8FRFXYiq5t14p34qIp+NqREzNtPYXR11oAOCc0r8k+fxf1xeenz+dOp38aybyOcG//7M3fvL2cqOxvdg6/veT4zPH04eVPvi9c8wrCAAMWNZ+l/J1xwf5B4f7K8fLMMtz/068n09FvHJ0uJ8t7ZTJmMzWs1lfYu4fSb7fnov0uYiYGED8g3ci4hMn9U/ebzbz+Ek2NnIln/m0M37ksZ8afPyO1/90/PRD8dMsrb1udb4+firfdABlg8vu3TsR8Wq38y+Na9m6+/k/m12hzu/+nXZmx9e+o474x9e/iS7xW+f8tX5jvPDbrz10sLnQTnsn4rnJbvGTk/hJj/jP9xn/j5/6zI9e6ZHW/HnE9egevzNWsVHdKtZ3926uV5fXymvlzVJpaXHp1ku3XywVszHq4vFI9cP++vKNp3uVrVX/uR7xZ7vWf/rkd7/QZ/1/8e83v/3Zj4j/pc93f/+f7Rq/rdUmfrHP+Mtzv+o5fXcr/mqP+p/1/t/oM/57f95b7fNHAYAhqO/ubSxXKuXtc220Pm0OIp9sY7rjSKuIAylhnxt/iuHFOnNjapCv6lA3Jk/6ioPN+VutHIdcnXTgtTjXxoNhxRrtdQm4eB+c9KMuCQAAAAAAAAAAAAAA0Mswvro06joCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwef03AAD//yLnx6o=")

35.34633ms ago: executing program 2 (id=7531):
pipe2(&(0x7f0000000040)={<r0=>0xffffffffffffffff}, 0x800)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000000c0)=ANY=[@ANYBLOB="1c00000000b08c0908006d6c452fc37c540000000000000000000000180100000100000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000ddc6245a3a08b4c248769ae55aa872"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
r2 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r2, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @local, 'geneve0\x00'}}, 0x1e)
r3 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r3, &(0x7f00000003c0)={0x18, 0x0, {0x1, @broadcast, 'veth0_to_bridge\x00'}}, 0x1e)
connect$pppoe(r2, &(0x7f0000000140)={0x18, 0x0, {0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, 'veth0_to_batadv\x00'}}, 0x1e)

22.10046ms ago: executing program 2 (id=7532):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44000000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x10000, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x17, 0x0, 0x0, 0x10, 0x7fffffff, @void, @value}, 0x5c)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r3)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB='ya\x00\x00\x00\x00\x00\x00\x00\x00~'], 0x1c}}, 0x4000054)

0s ago: executing program 2 (id=7533):
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x7, 0xe2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100020, 0x0, 0x0, 0x6, 0x3, 0x0, 0xa}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_io_uring_setup(0x83f, &(0x7f00000000c0)={0x0, 0x11e, 0x400, 0x3, 0x8002ae}, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0) (async)
r3 = socket(0x1d, 0x2, 0x6)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) (async, rerun: 64)
syz_io_uring_submit(r1, r2, &(0x7f0000000340)=@IORING_OP_ACCEPT={0xd, 0x40, 0x4, r3, 0x0, 0x0, 0x0, 0x80800}) (async, rerun: 64)
io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf) (async)
r4 = socket(0x10, 0x3, 0x0)
sendto$inet6(r4, &(0x7f0000000240)="7800000018001f07b9409b0dffff000d0216be0402030605060140034300080012000000fac8388827a685a168d0bf46d323456511000000caaf6c26c274214549935ade4a460c89b6ec0cff3959547f509058ba86c902000000004a32000400160000000000403622a590ef62f6b0f8eca0faed00000000", 0x78, 0x4000000, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000780)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x7}]}, &(0x7f0000000540)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10) (async)
r6 = syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x400, &(0x7f0000000000)={[{@grpjquota}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x1, 0x4a6, &(0x7f0000000a40)="$eJzs3c9rXNUeAPDvzDRpkua9/niPR9sHr4U+6HtKM/mBNFEXulIXBbHgRqHGZBprJpmQmdQmdJHqrgsXoiiIC/f+BW7syiKIa92LC6lojaCCMHLvzKT5NXXQNAO5nw/czrn33M73nAzfw51z750bQGadTv7JRQxGxBcRcbixunmH042XtbvXp5IlF/X6xe9z6X7JemvX1v87FBGrEdEXEc89FfFybnvc6vLK7GS5XFpsrhdrcwvF6vLKuStzkzOlmdL8yPj5iYnx4bHRiV3r6803X7154eNnej/6+Y07t9/69JOkWYPNuo392E2NrvfE0Q3bDkTE4w8iWBcUmv3p73ZD+FOSz+8fEXEmzf/DUUg/TSAL6vV6/bf6wXbVq3Vg38qnx8C5/FBENMr5/NBQ4xj+nzGQL1eqtYcvV5bmpxvHykeiJ3/5Srk03PyucCR6csn6SFq+tz66ZX0sIj0GfrvQn64PTVXK03s71AFbHNqS/z8VGvkPZISv/JBd8h+yS/5Ddsl/yC75D9kl/yG75D9kl/yH7JL/kF3yH7JL/kMmPXvhQrLUW/e/T19dXpqtXD03XarODs0tTQ1NVRYXhmYqlZn0np25P3q/cqWyMPJILF0r1krVWrG6vHJprrI0X7uU3td/qdSzJ70COnH01K2vchGx+mh/uiR6m3VyFfa3ej0X3b4HGeiOQrcHIKBrTP1BdvmOD+zwE72b9LWrWNj9tgB7I9/tBgBdc/aE83+QVeb/IbvM/0N2OcYHzP9D9pj/h+wabPP8r79teHbXcET8PSK+LPQcbD3rC9gP8t/mmsf/Zw//d3BrbW/ul/QUQW9EvPb+xXevTdZqiyPJ9h/Wt9fea24f7Ub7gU618rSVxwBAdq3dvT7VWvYy7ndPNi5C2B7/QHNusi89Rzmwltt0rUJul65dWL0REcd3ip9rPu+8ceZjYK2wLf6x5muu8RZpew+kz03fm/gnNsT/z4b4J//yXwWy4VYy/gzvlH/5NKdjPf82jz+Du3TtRPvxL78+/hXajH+nOozxygevf9M2/o2IkzvGb8XrS2NtjZ+07WyH8e+8+Py/2tXVP2y8z07xW5JSsTa3UKwur5xLf0dupjQ/Mn5+YmJ8eGx0opjOURdbM9XbPXb889v36/9Am/jt+v9Es03/77D/v/77sxdO3yf+/87s/PkfaxM/0R8RD3UY/8fRr19qV5fEn27T//x94ifbxjqMX33n6YMd7goA7IHq8srsZLlcWlRQUFBYL3R7ZAIetHtJ3+2WAAAAAAAAAAAAAJ3ai8uJu91HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID94PcAAAD//5j81ps=") (async, rerun: 32)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x107042, 0x0) (rerun: 32)
cachestat(r7, &(0x7f0000000180)={0x5, 0x5}, &(0x7f0000000200), 0x0) (async)
r8 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x187842, 0x147)
sendfile(r6, r8, &(0x7f0000000400)=0x5, 0x0)
r9 = open(&(0x7f0000000080)='./file1\x00', 0x10b942, 0x0)
sendfile(r9, r8, 0x0, 0x80000000) (async, rerun: 32)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000340)={@ifindex=<r10=>0x0, 0x7, 0x0, 0xd87, &(0x7f0000000240)=[0x0, 0x0, 0x0], 0x3, 0x0, &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000002c0)=[0x0, 0x0], &(0x7f0000000300)=[0x0], <r11=>0x0}, 0x40) (async, rerun: 32)
bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f00000003c0)=0xffffffffffffffff, 0x4)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000180)={0x0, <r12=>0x0}, 0x0)
r13 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000000)=r12, 0x4) (async, rerun: 64)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000480)={0x0, r8, 0x0, 0x5, &(0x7f0000000380)='ext4\x00'}, 0x30) (rerun: 64)
r14 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x2, &(0x7f0000000580)=@raw=[@generic={0xa9, 0x0, 0x3, 0x6, 0xaa6}, @ldst={0x3, 0x3, 0x2, 0xb, 0x3, 0x0, 0x8}], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x1000, &(0x7f0000000f00)=""/4096, 0x41000, 0x8, '\x00', r10, @fallback=0x2d, r9, 0x8, &(0x7f0000000600)={0x3, 0x3}, 0x8, 0x10, &(0x7f0000000640)={0x4, 0x4, 0x7, 0x7}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, &(0x7f0000000680)=[r7, r9, r9, r8], 0x0, 0x10, 0x5, @void, @value}, 0x94)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000440)={@cgroup=r9, r14, 0x1c, 0x2014, 0x0, @value=r13, @void, @void, @void, r11}, 0x20) (async, rerun: 32)
ioctl$EXT4_IOC_MOVE_EXT(r8, 0xc028660f, &(0x7f0000000040)={0x3920e, r7, 0x5, 0x1, 0x9000000, 0x6}) (rerun: 32)

kernel console output (not intermixed with test programs):

967295 subj=root:sysadm_r:sysadm_t pid=22640 comm="syz.4.6726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=460 compat=0 ip=0x7f682784d169 code=0x7ffc0000
[  304.329410][   T29] audit: type=1326 audit(2000000230.155:13266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22640 comm="syz.4.6726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f682784d169 code=0x7ffc0000
[  304.353032][   T29] audit: type=1326 audit(2000000230.155:13267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22640 comm="syz.4.6726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f682784d169 code=0x7ffc0000
[  304.377493][T22625] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  304.435694][T22655] vlan2: entered promiscuous mode
[  304.440845][T22655] vlan2: entered allmulticast mode
[  304.501339][T22625] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  304.545687][T22661] delete_channel: no stack
[  304.555407][T22661] delete_channel: no stack
[  304.564310][T22625] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  304.629236][T22666] sch_tbf: peakrate 8 is lower than or equals to rate 12 !
[  304.642684][T22625] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  304.654209][T22625] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  304.665842][T22625] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  304.735687][T22625] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  304.927978][T22676] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  304.985343][T22680] netlink: 'syz.0.6738': attribute type 3 has an invalid length.
[  305.084912][   T29] audit: type=1326 audit(2000000231.119:13268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22683 comm="syz.3.6740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e41ddd169 code=0x7ffc0000
[  305.108675][   T29] audit: type=1326 audit(2000000231.119:13269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22683 comm="syz.3.6740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e41ddd169 code=0x7ffc0000
[  305.223526][   T29] audit: type=1326 audit(2000000231.175:13270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22683 comm="syz.3.6740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9e41ddd169 code=0x7ffc0000
[  305.247442][   T29] audit: type=1326 audit(2000000231.175:13271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22683 comm="syz.3.6740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e41ddd169 code=0x7ffc0000
[  305.270999][   T29] audit: type=1326 audit(2000000231.175:13272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22683 comm="syz.3.6740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9e41ddd169 code=0x7ffc0000
[  305.326800][T22694] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  305.386494][T22694] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  305.419516][T22696] lo speed is unknown, defaulting to 1000
[  305.439989][T22694] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  305.493258][T22694] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  305.537423][T22700] rdma_rxe: rxe_newlink: failed to add lo
[  305.601399][T22708] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  305.601472][T22707] IPVS: stopping master sync thread 22708 ...
[  305.670829][T22711] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  305.722460][T22718] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  305.989841][T22724] lo speed is unknown, defaulting to 1000
[  306.016729][T22740] bond1: entered promiscuous mode
[  306.021826][T22740] bond1: entered allmulticast mode
[  306.039373][T22740] 8021q: adding VLAN 0 to HW filter on device bond1
[  306.072694][T22740] bond1 (unregistering): Released all slaves
[  306.123337][T22747] rdma_rxe: rxe_newlink: failed to add lo
[  306.170873][T22752] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  306.190126][T22724] chnl_net:caif_netlink_parms(): no params data found
[  306.231989][T22764] netlink: 'syz.2.6760': attribute type 3 has an invalid length.
[  306.245397][T22724] bridge0: port 1(bridge_slave_0) entered blocking state
[  306.252532][T22724] bridge0: port 1(bridge_slave_0) entered disabled state
[  306.259650][T22724] bridge_slave_0: entered allmulticast mode
[  306.259995][ T6057] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  306.266429][T22724] bridge_slave_0: entered promiscuous mode
[  306.283137][T22724] bridge0: port 2(bridge_slave_1) entered blocking state
[  306.290180][T22724] bridge0: port 2(bridge_slave_1) entered disabled state
[  306.297612][T22724] bridge_slave_1: entered allmulticast mode
[  306.304076][T22724] bridge_slave_1: entered promiscuous mode
[  306.319085][T22724] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  306.329548][T22724] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  306.349973][T22724] team0: Port device team_slave_0 added
[  306.356981][T22724] team0: Port device team_slave_1 added
[  306.374028][T22724] batman_adv: batadv0: Adding interface: batadv_slave_0
[  306.381111][T22724] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  306.407052][T22724] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  306.418192][T22724] batman_adv: batadv0: Adding interface: batadv_slave_1
[  306.425177][T22724] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  306.451144][T22724] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  306.479431][T22773] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  306.492683][T22724] hsr_slave_0: entered promiscuous mode
[  306.502383][T22724] hsr_slave_1: entered promiscuous mode
[  306.509292][T22724] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  306.516971][T22724] Cannot create hsr debugfs directory
[  306.564458][T22724] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  306.615750][T22724] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  306.632062][T22787] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  306.680226][T22724] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  306.692200][T22787] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  306.733536][T22724] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  306.787010][T22787] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  306.862688][T22787] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  307.021223][T22793] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  307.072905][T22800] bridge0: entered promiscuous mode
[  307.080473][T22799] bridge0: left promiscuous mode
[  307.091784][T22800] Process accounting resumed
[  307.697973][T22724] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  307.706749][T22724] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  307.715756][T22724] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  307.724553][T22724] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  307.762420][T22724] 8021q: adding VLAN 0 to HW filter on device bond0
[  307.774016][T22724] 8021q: adding VLAN 0 to HW filter on device team0
[  307.782975][ T6067] bridge0: port 1(bridge_slave_0) entered blocking state
[  307.790032][ T6067] bridge0: port 1(bridge_slave_0) entered forwarding state
[  307.801051][ T6067] bridge0: port 2(bridge_slave_1) entered blocking state
[  307.808106][ T6067] bridge0: port 2(bridge_slave_1) entered forwarding state
[  307.858291][T22724] 8021q: adding VLAN 0 to HW filter on device batadv0
[  307.904038][T22694] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  307.915519][T22694] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  307.927193][T22694] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  307.938502][T22694] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  307.955932][T22724] veth0_vlan: entered promiscuous mode
[  307.964023][T22724] veth1_vlan: entered promiscuous mode
[  307.978946][T22724] veth0_macvtap: entered promiscuous mode
[  307.987959][T22724] veth1_macvtap: entered promiscuous mode
[  307.999038][T22834] rdma_rxe: rxe_newlink: failed to add lo
[  307.999391][T22724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  308.015305][T22724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  308.025229][T22724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  308.035754][T22724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  308.045606][T22724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  308.056178][T22724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  308.066173][T22724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  308.076686][T22724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  308.086549][T22724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  308.096975][T22724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  308.108096][T22724] batman_adv: batadv0: Interface activated: batadv_slave_0
[  308.118228][T22724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  308.128809][T22724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  308.138689][T22724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  308.149169][T22724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  308.159050][T22724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  308.169479][T22724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  308.179328][T22724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  308.189755][T22724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  308.199585][T22724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  308.210268][T22724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  308.221690][T22724] batman_adv: batadv0: Interface activated: batadv_slave_1
[  308.230670][T22839] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.245063][T22724] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  308.253839][T22724] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  308.262647][T22724] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  308.271366][T22724] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  308.285088][T22846] lo speed is unknown, defaulting to 1000
[  308.314888][T22839] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.348807][T22850] __nla_validate_parse: 72 callbacks suppressed
[  308.348821][T22850] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6782'.
[  308.366423][T22839] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.384813][T22850] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  308.412755][T22857] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6784'.
[  308.421857][T22857] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6784'.
[  308.430832][T22857] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6784'.
[  308.443185][T22839] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.461792][T22857] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6784'.
[  308.471033][T22857] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6784'.
[  308.480067][T22857] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6784'.
[  308.503526][T22857] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6784'.
[  308.512624][T22857] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6784'.
[  308.521725][T22857] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6784'.
[  308.608238][T22872] FAULT_INJECTION: forcing a failure.
[  308.608238][T22872] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  308.621315][T22872] CPU: 0 UID: 0 PID: 22872 Comm: syz.3.6790 Tainted: G        W          6.14.0-rc5-syzkaller #0
[  308.621331][T22872] Tainted: [W]=WARN
[  308.621358][T22872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  308.621364][T22872] Call Trace:
[  308.621436][T22872]  <TASK>
[  308.621442][T22872]  dump_stack_lvl+0xf2/0x150
[  308.621457][T22872]  dump_stack+0x15/0x1a
[  308.621468][T22872]  should_fail_ex+0x24a/0x260
[  308.621564][T22872]  should_fail+0xb/0x10
[  308.621578][T22872]  should_fail_usercopy+0x1a/0x20
[  308.621594][T22872]  strncpy_from_user+0x25/0x210
[  308.621612][T22872]  ? kstrtouint_from_user+0xb0/0xe0
[  308.621713][T22872]  path_setxattrat+0xed/0x310
[  308.621740][T22872]  __x64_sys_fsetxattr+0x6d/0x80
[  308.621781][T22872]  x64_sys_call+0x29d2/0x2dc0
[  308.621806][T22872]  do_syscall_64+0xc9/0x1c0
[  308.621876][T22872]  ? clear_bhb_loop+0x55/0xb0
[  308.621890][T22872]  ? clear_bhb_loop+0x55/0xb0
[  308.621903][T22872]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  308.621924][T22872] RIP: 0033:0x7f9e41ddd169
[  308.621932][T22872] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  308.621962][T22872] RSP: 002b:00007f9e40441038 EFLAGS: 00000246 ORIG_RAX: 00000000000000be
[  308.621973][T22872] RAX: ffffffffffffffda RBX: 00007f9e41ff5fa0 RCX: 00007f9e41ddd169
[  308.621979][T22872] RDX: 0000400000000440 RSI: 0000400000000400 RDI: 0000000000000006
[  308.621986][T22872] RBP: 00007f9e40441090 R08: 0000000000000003 R09: 0000000000000000
[  308.621992][T22872] R10: 0000000000000025 R11: 0000000000000246 R12: 0000000000000001
[  308.622049][T22872] R13: 0000000000000000 R14: 00007f9e41ff5fa0 R15: 00007fff41ec3a18
[  308.622058][T22872]  </TASK>
[  308.970815][T22787] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  308.981375][T22787] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  308.991013][ T6057] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  308.993999][T22787] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  309.012451][T22787] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  309.481717][   T29] kauditd_printk_skb: 65 callbacks suppressed
[  309.481732][   T29] audit: type=1400 audit(2000000235.244:13338): avc:  denied  { unmount } for  pid=22724 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  309.625223][   T29] audit: type=1326 audit(2000000235.375:13339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22912 comm="syz.1.6806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b53b1d169 code=0x7ffc0000
[  309.648902][   T29] audit: type=1326 audit(2000000235.375:13340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22912 comm="syz.1.6806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b53b1d169 code=0x7ffc0000
[  309.683850][   T29] audit: type=1326 audit(2000000235.422:13341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22912 comm="syz.1.6806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0b53b1d169 code=0x7ffc0000
[  309.707553][   T29] audit: type=1326 audit(2000000235.422:13342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22912 comm="syz.1.6806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b53b1d169 code=0x7ffc0000
[  309.731275][   T29] audit: type=1326 audit(2000000235.422:13343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22912 comm="syz.1.6806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b53b1d169 code=0x7ffc0000
[  309.754859][   T29] audit: type=1326 audit(2000000235.422:13344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22912 comm="syz.1.6806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0b53b1d169 code=0x7ffc0000
[  309.778447][   T29] audit: type=1326 audit(2000000235.422:13345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22912 comm="syz.1.6806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b53b1d169 code=0x7ffc0000
[  309.863997][T22931] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  309.872534][T22931] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  309.882122][T22931] xt_hashlimit: max too large, truncated to 1048576
[  309.898543][T22935] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  309.909133][ T6059] syzkaller0: tun_net_xmit 76
[  309.913849][ T6059] syzkaller0: tun_net_xmit 48
[  309.940012][T22935] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  309.983020][T22935] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  310.047044][T22935] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  310.091125][T22940] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  310.107069][T22935] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  310.117192][T22935] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  310.128009][T22935] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  310.138787][T22935] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  310.154102][T22940] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  310.217974][T22940] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  310.261225][T22940] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  310.562433][T22943] rdma_rxe: rxe_newlink: failed to add lo
[  310.779630][   T29] audit: type=1326 audit(2000000236.451:13346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22952 comm="syz.3.6819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e41ddd169 code=0x7ffc0000
[  310.813594][   T29] audit: type=1326 audit(2000000236.451:13347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22952 comm="syz.3.6819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e41ddd169 code=0x7ffc0000
[  310.950200][T22974] s
z1: rxe_newlink: already configured on lo
[  311.160502][T22986] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  311.201551][T22986] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  311.255614][T22986] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  311.308819][T22986] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  311.377092][T22986] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  311.387885][T22986] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  311.398568][T22986] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  311.409116][T22986] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  311.986085][T23003] FAULT_INJECTION: forcing a failure.
[  311.986085][T23003] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  311.999241][T23003] CPU: 0 UID: 0 PID: 23003 Comm: syz.1.6838 Tainted: G        W          6.14.0-rc5-syzkaller #0
[  311.999314][T23003] Tainted: [W]=WARN
[  311.999322][T23003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  311.999333][T23003] Call Trace:
[  311.999340][T23003]  <TASK>
[  311.999347][T23003]  dump_stack_lvl+0xf2/0x150
[  311.999379][T23003]  dump_stack+0x15/0x1a
[  311.999400][T23003]  should_fail_ex+0x24a/0x260
[  311.999432][T23003]  should_fail+0xb/0x10
[  311.999453][T23003]  should_fail_usercopy+0x1a/0x20
[  311.999477][T23003]  _copy_from_user+0x1c/0xa0
[  311.999494][T23003]  do_ip6t_set_ctl+0x42c/0x8c0
[  311.999572][T23003]  ? kstrtouint+0x77/0xc0
[  311.999653][T23003]  nf_setsockopt+0x195/0x1b0
[  311.999682][T23003]  ipv6_setsockopt+0x10f/0x130
[  311.999708][T23003]  tcp_setsockopt+0x93/0xb0
[  311.999732][T23003]  sock_common_setsockopt+0x64/0x80
[  311.999825][T23003]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  311.999857][T23003]  __sys_setsockopt+0x187/0x200
[  311.999880][T23003]  __x64_sys_setsockopt+0x66/0x80
[  311.999902][T23003]  x64_sys_call+0x282e/0x2dc0
[  311.999922][T23003]  do_syscall_64+0xc9/0x1c0
[  311.999951][T23003]  ? clear_bhb_loop+0x55/0xb0
[  311.999978][T23003]  ? clear_bhb_loop+0x55/0xb0
[  312.000089][T23003]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  312.000160][T23003] RIP: 0033:0x7f0b53b1d169
[  312.000173][T23003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  312.000253][T23003] RSP: 002b:00007f0b52187038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  312.000309][T23003] RAX: ffffffffffffffda RBX: 00007f0b53d35fa0 RCX: 00007f0b53b1d169
[  312.000320][T23003] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000006
[  312.000336][T23003] RBP: 00007f0b52187090 R08: 0000000000000440 R09: 0000000000000000
[  312.000347][T23003] R10: 0000400000001240 R11: 0000000000000246 R12: 0000000000000001
[  312.000364][T23003] R13: 0000000000000000 R14: 00007f0b53d35fa0 R15: 00007ffed9561168
[  312.000386][T23003]  </TASK>
[  312.256093][T23008] s
z1: rxe_newlink: already configured on lo
[  312.268057][T23014] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  312.371572][T23024] program syz.3.6844 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  312.409960][ T6025] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  312.438735][T23026] lo speed is unknown, defaulting to 1000
[  312.533788][T23034] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  312.551161][T23036] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  312.580466][T23040] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  312.644589][T23046] binfmt_misc: register: failed to install interpreter file ./file0
[  312.714414][T23049] 9pnet_fd: Insufficient options for proto=fd
[  313.248319][T23065] netlink: 'syz.1.6862': attribute type 3 has an invalid length.
[  313.341992][T23076] lo speed is unknown, defaulting to 1000
[  313.430808][T23080] pim6reg1: entered promiscuous mode
[  313.436298][T23080] pim6reg1: entered allmulticast mode
[  313.513072][T23084] binfmt_misc: register: failed to install interpreter file ./file0
[  313.516592][T22940] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  313.534420][T22940] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  313.546703][T22940] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  313.559270][T22940] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  313.635811][T23094] netlink: 'syz.0.6875': attribute type 3 has an invalid length.
[  313.773130][T23119] futex_wake_op: syz.1.6887 tries to shift op by -1; fix this program
[  313.966133][T23126] lo speed is unknown, defaulting to 1000
[  314.112214][T23131] __nla_validate_parse: 50 callbacks suppressed
[  314.112298][T23131] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6891'.
[  314.127559][T23131] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6891'.
[  314.139603][T23131] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6891'.
[  314.370432][T23139] netlink: 'syz.3.6893': attribute type 27 has an invalid length.
[  314.378377][T23139] netlink: 'syz.3.6893': attribute type 3 has an invalid length.
[  314.386099][T23139] netlink: 132 bytes leftover after parsing attributes in process `syz.3.6893'.
[  314.463417][ T3375] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  314.495905][T23139] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6893'.
[  314.544730][T23143] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6894'.
[  314.581330][T23145] syzkaller0: entered promiscuous mode
[  314.651457][T23152] FAULT_INJECTION: forcing a failure.
[  314.651457][T23152] name failslab, interval 1, probability 0, space 0, times 0
[  314.664185][T23152] CPU: 0 UID: 0 PID: 23152 Comm: syz.2.6898 Tainted: G        W          6.14.0-rc5-syzkaller #0
[  314.664256][T23152] Tainted: [W]=WARN
[  314.664263][T23152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  314.664275][T23152] Call Trace:
[  314.664281][T23152]  <TASK>
[  314.664288][T23152]  dump_stack_lvl+0xf2/0x150
[  314.664313][T23152]  dump_stack+0x15/0x1a
[  314.664330][T23152]  should_fail_ex+0x24a/0x260
[  314.664407][T23152]  should_failslab+0x8f/0xb0
[  314.664435][T23152]  kmem_cache_alloc_node_noprof+0x59/0x320
[  314.664457][T23152]  ? __alloc_skb+0x10b/0x310
[  314.664474][T23152]  __alloc_skb+0x10b/0x310
[  314.664550][T23152]  netlink_alloc_large_skb+0xad/0xe0
[  314.664578][T23152]  netlink_sendmsg+0x3b4/0x6e0
[  314.664622][T23152]  ? __pfx_netlink_sendmsg+0x10/0x10
[  314.664647][T23152]  __sock_sendmsg+0x140/0x180
[  314.664677][T23152]  ____sys_sendmsg+0x326/0x4b0
[  314.664774][T23152]  __sys_sendmsg+0x19d/0x230
[  314.664808][T23152]  __x64_sys_sendmsg+0x46/0x50
[  314.664828][T23152]  x64_sys_call+0x2734/0x2dc0
[  314.664850][T23152]  do_syscall_64+0xc9/0x1c0
[  314.664956][T23152]  ? clear_bhb_loop+0x55/0xb0
[  314.664983][T23152]  ? clear_bhb_loop+0x55/0xb0
[  314.665006][T23152]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  314.665082][T23152] RIP: 0033:0x7fd60cbfd169
[  314.665095][T23152] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  314.665110][T23152] RSP: 002b:00007fd60b267038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  314.665174][T23152] RAX: ffffffffffffffda RBX: 00007fd60ce15fa0 RCX: 00007fd60cbfd169
[  314.665187][T23152] RDX: 0000000000000000 RSI: 0000400000000040 RDI: 0000000000000003
[  314.665199][T23152] RBP: 00007fd60b267090 R08: 0000000000000000 R09: 0000000000000000
[  314.665212][T23152] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  314.665224][T23152] R13: 0000000000000000 R14: 00007fd60ce15fa0 R15: 00007ffd1c625438
[  314.665242][T23152]  </TASK>
[  314.912376][T23156] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6899'.
[  314.921476][T23156] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6899'.
[  314.931852][T23156] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6899'.
[  314.938764][T23158] lo speed is unknown, defaulting to 1000
[  314.989698][T23162] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  315.066213][T23170] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  315.077863][T23170] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  315.088950][T23170] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  315.100117][T23170] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  315.146325][ T6057] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  315.175045][T23176] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6906'.
[  315.272971][   T29] kauditd_printk_skb: 55 callbacks suppressed
[  315.272984][   T29] audit: type=1326 audit(2000000240.651:13403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23181 comm="syz.2.6909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd60cbfd169 code=0x7ffc0000
[  315.302843][   T29] audit: type=1326 audit(2000000240.651:13404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23181 comm="syz.2.6909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd60cbfd169 code=0x7ffc0000
[  315.327224][   T29] audit: type=1326 audit(2000000240.651:13405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23181 comm="syz.2.6909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd60cbfd169 code=0x7ffc0000
[  315.344053][T23187] SELinux: syz.2.6909 (23187) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  315.350969][   T29] audit: type=1326 audit(2000000240.651:13406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23181 comm="syz.2.6909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd60cbfd169 code=0x7ffc0000
[  315.388192][   T29] audit: type=1326 audit(2000000240.651:13407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23181 comm="syz.2.6909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd60cbfd169 code=0x7ffc0000
[  315.412545][T23189] FAULT_INJECTION: forcing a failure.
[  315.412545][T23189] name failslab, interval 1, probability 0, space 0, times 0
[  315.412571][T23189] CPU: 1 UID: 0 PID: 23189 Comm: syz.4.6910 Tainted: G        W          6.14.0-rc5-syzkaller #0
[  315.412599][T23189] Tainted: [W]=WARN
[  315.412605][T23189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  315.412647][T23189] Call Trace:
[  315.412653][T23189]  <TASK>
[  315.412660][T23189]  dump_stack_lvl+0xf2/0x150
[  315.412685][T23189]  dump_stack+0x15/0x1a
[  315.412741][T23189]  should_fail_ex+0x24a/0x260
[  315.412768][T23189]  should_failslab+0x8f/0xb0
[  315.412796][T23189]  __kmalloc_node_noprof+0xad/0x410
[  315.412816][T23189]  ? __kvmalloc_node_noprof+0x72/0x170
[  315.412869][T23189]  __kvmalloc_node_noprof+0x72/0x170
[  315.412910][T23189]  xt_alloc_table_info+0x3d/0x80
[  315.412939][T23189]  do_ip6t_set_ctl+0x678/0x8c0
[  315.412958][T23189]  ? kstrtouint+0x77/0xc0
[  315.412985][T23189]  nf_setsockopt+0x195/0x1b0
[  315.413019][T23189]  ipv6_setsockopt+0x10f/0x130
[  315.413097][T23189]  tcp_setsockopt+0x93/0xb0
[  315.413126][T23189]  sock_common_setsockopt+0x64/0x80
[  315.413211][T23189]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  315.413243][T23189]  __sys_setsockopt+0x187/0x200
[  315.413264][T23189]  __x64_sys_setsockopt+0x66/0x80
[  315.413324][T23189]  x64_sys_call+0x282e/0x2dc0
[  315.413349][T23189]  do_syscall_64+0xc9/0x1c0
[  315.413376][T23189]  ? clear_bhb_loop+0x55/0xb0
[  315.413401][T23189]  ? clear_bhb_loop+0x55/0xb0
[  315.413424][T23189]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  315.413475][T23189] RIP: 0033:0x7fc593eed169
[  315.413488][T23189] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  315.413504][T23189] RSP: 002b:00007fc592536038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  315.413601][T23189] RAX: ffffffffffffffda RBX: 00007fc594106080 RCX: 00007fc593eed169
[  315.413614][T23189] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[  315.413624][T23189] RBP: 00007fc592536090 R08: 0000000000000368 R09: 0000000000000000
[  315.413634][T23189] R10: 00004000000003c0 R11: 0000000000000246 R12: 0000000000000001
[  315.413647][T23189] R13: 0000000000000000 R14: 00007fc594106080 R15: 00007ffc40d14ee8
[  315.413665][T23189]  </TASK>
[  315.643788][   T29] audit: type=1326 audit(2000000240.651:13408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23181 comm="syz.2.6909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd60cbfd169 code=0x7ffc0000
[  315.667381][   T29] audit: type=1326 audit(2000000240.651:13409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23181 comm="syz.2.6909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd60cbfd169 code=0x7ffc0000
[  315.690933][   T29] audit: type=1326 audit(2000000240.651:13410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23181 comm="syz.2.6909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd60cbfd169 code=0x7ffc0000
[  315.714519][   T29] audit: type=1326 audit(2000000240.651:13411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23181 comm="syz.2.6909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7fd60cbfd169 code=0x7ffc0000
[  315.738072][   T29] audit: type=1326 audit(2000000240.651:13412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23181 comm="syz.2.6909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd60cbfd169 code=0x7ffc0000
[  315.844557][T23201] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  316.296033][T23212] sch_tbf: peakrate 8 is lower than or equals to rate 12 !
[  316.320275][T23214] binfmt_misc: register: failed to install interpreter file ./file0
[  316.383005][ T1071] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  316.391283][ T1071] hid-generic 0000:0000:0000.0048: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  316.464246][T23229] FAULT_INJECTION: forcing a failure.
[  316.464246][T23229] name failslab, interval 1, probability 0, space 0, times 0
[  316.469293][T23230] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  316.477065][T23229] CPU: 1 UID: 0 PID: 23229 Comm: syz.0.6925 Tainted: G        W          6.14.0-rc5-syzkaller #0
[  316.477093][T23229] Tainted: [W]=WARN
[  316.477100][T23229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  316.477159][T23229] Call Trace:
[  316.477165][T23229]  <TASK>
[  316.477172][T23229]  dump_stack_lvl+0xf2/0x150
[  316.477199][T23229]  dump_stack+0x15/0x1a
[  316.477219][T23229]  should_fail_ex+0x24a/0x260
[  316.477247][T23229]  should_failslab+0x8f/0xb0
[  316.477303][T23229]  kmem_cache_alloc_noprof+0x52/0x320
[  316.477323][T23229]  ? dst_alloc+0xc0/0x100
[  316.477342][T23229]  dst_alloc+0xc0/0x100
[  316.477358][T23229]  ? ip_vs_mh_schedule+0x6a2/0x6f0
[  316.477455][T23229]  ip_route_output_key_hash_rcu+0xb90/0x12e0
[  316.477481][T23229]  ip_route_output_key_hash+0x7b/0xb0
[  316.477505][T23229]  dccp_v4_connect+0x409/0x810
[  316.477533][T23229]  __inet_stream_connect+0x162/0x790
[  316.477570][T23229]  ? _raw_spin_unlock_bh+0x36/0x40
[  316.477589][T23229]  ? release_sock+0x117/0x150
[  316.477618][T23229]  ? _raw_spin_unlock_bh+0x36/0x40
[  316.477636][T23229]  ? lock_sock_nested+0x10f/0x140
[  316.477663][T23229]  ? selinux_netlbl_socket_connect+0x113/0x130
[  316.477754][T23229]  inet_stream_connect+0x48/0x70
[  316.477801][T23229]  ? __pfx_inet_stream_connect+0x10/0x10
[  316.477826][T23229]  __sys_connect+0x18f/0x1b0
[  316.477850][T23229]  __x64_sys_connect+0x41/0x50
[  316.477896][T23229]  x64_sys_call+0x22a7/0x2dc0
[  316.477920][T23229]  do_syscall_64+0xc9/0x1c0
[  316.477946][T23229]  ? clear_bhb_loop+0x55/0xb0
[  316.478058][T23229]  ? clear_bhb_loop+0x55/0xb0
[  316.478083][T23229]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  316.478107][T23229] RIP: 0033:0x7fa2b066d169
[  316.478145][T23229] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  316.478207][T23229] RSP: 002b:00007fa2aecd7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  316.478225][T23229] RAX: ffffffffffffffda RBX: 00007fa2b0885fa0 RCX: 00007fa2b066d169
[  316.478237][T23229] RDX: 0000000000000010 RSI: 0000400000000080 RDI: 0000000000000007
[  316.478248][T23229] RBP: 00007fa2aecd7090 R08: 0000000000000000 R09: 0000000000000000
[  316.478279][T23229] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  316.478290][T23229] R13: 0000000000000000 R14: 00007fa2b0885fa0 R15: 00007ffd352ea148
[  316.478308][T23229]  </TASK>
[  316.503266][T23222] IPVS: stopping master sync thread 23230 ...
[  316.732158][T23236] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  316.781725][T23241] sch_tbf: peakrate 8 is lower than or equals to rate 12 !
[  316.816228][T23236] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  316.868005][T23236] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  316.886726][T23252] netlink: 'syz.1.6934': attribute type 3 has an invalid length.
[  316.943087][T23236] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  317.450820][T23264] pimreg: entered allmulticast mode
[  317.457224][T23264] pimreg: left allmulticast mode
[  317.495420][T23269] FAULT_INJECTION: forcing a failure.
[  317.495420][T23269] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  317.508550][T23269] CPU: 1 UID: 0 PID: 23269 Comm: syz.3.6940 Tainted: G        W          6.14.0-rc5-syzkaller #0
[  317.508568][T23269] Tainted: [W]=WARN
[  317.508572][T23269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  317.508634][T23269] Call Trace:
[  317.508638][T23269]  <TASK>
[  317.508642][T23269]  dump_stack_lvl+0xf2/0x150
[  317.508722][T23269]  dump_stack+0x15/0x1a
[  317.508734][T23269]  should_fail_ex+0x24a/0x260
[  317.508786][T23269]  should_fail+0xb/0x10
[  317.508799][T23269]  should_fail_usercopy+0x1a/0x20
[  317.508815][T23269]  _copy_from_user+0x1c/0xa0
[  317.508826][T23269]  __sys_bpf+0x14e/0x7a0
[  317.508844][T23269]  __x64_sys_bpf+0x43/0x50
[  317.508859][T23269]  x64_sys_call+0x2914/0x2dc0
[  317.508889][T23269]  do_syscall_64+0xc9/0x1c0
[  317.508904][T23269]  ? clear_bhb_loop+0x55/0xb0
[  317.508921][T23269]  ? clear_bhb_loop+0x55/0xb0
[  317.508996][T23269]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.509011][T23269] RIP: 0033:0x7f9e41ddd169
[  317.509020][T23269] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  317.509029][T23269] RSP: 002b:00007f9e40441038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  317.509052][T23269] RAX: ffffffffffffffda RBX: 00007f9e41ff5fa0 RCX: 00007f9e41ddd169
[  317.509059][T23269] RDX: 0000000000000048 RSI: 0000400000000600 RDI: 000000000000000a
[  317.509065][T23269] RBP: 00007f9e40441090 R08: 0000000000000000 R09: 0000000000000000
[  317.509147][T23269] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  317.509159][T23269] R13: 0000000000000000 R14: 00007f9e41ff5fa0 R15: 00007fff41ec3a18
[  317.509178][T23269]  </TASK>
[  317.514912][T23269] xt_CT: No such helper "pptp"
[  317.576999][T23274] sch_tbf: peakrate 8 is lower than or equals to rate 12 !
[  317.635702][T23277] netlink: 'syz.3.6943': attribute type 30 has an invalid length.
[  317.734536][T23285] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  317.815074][T23291] binfmt_misc: register: failed to install interpreter file ./file0
[  317.835226][T23285] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  317.924636][T23285] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  317.982088][T23285] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  318.051110][T23285] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  318.061957][T23285] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  318.073071][T23285] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  318.084060][T23285] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  318.134718][T23301] FAULT_INJECTION: forcing a failure.
[  318.134718][T23301] name failslab, interval 1, probability 0, space 0, times 0
[  318.147445][T23301] CPU: 1 UID: 0 PID: 23301 Comm: syz.4.6952 Tainted: G        W          6.14.0-rc5-syzkaller #0
[  318.147511][T23301] Tainted: [W]=WARN
[  318.147518][T23301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  318.147530][T23301] Call Trace:
[  318.147536][T23301]  <TASK>
[  318.147546][T23301]  dump_stack_lvl+0xf2/0x150
[  318.147569][T23301]  dump_stack+0x15/0x1a
[  318.147604][T23301]  should_fail_ex+0x24a/0x260
[  318.147627][T23301]  ? audit_log_d_path+0x8e/0x150
[  318.147734][T23301]  should_failslab+0x8f/0xb0
[  318.147762][T23301]  __kmalloc_cache_noprof+0x4e/0x320
[  318.147814][T23301]  audit_log_d_path+0x8e/0x150
[  318.147841][T23301]  audit_log_d_path_exe+0x42/0x70
[  318.147857][T23301]  audit_log_task+0x1ec/0x250
[  318.147950][T23301]  audit_seccomp+0x68/0x130
[  318.147965][T23301]  __seccomp_filter+0x6fa/0x1180
[  318.147978][T23301]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  318.147994][T23301]  ? vfs_write+0x644/0x920
[  318.148036][T23301]  __secure_computing+0x9f/0x1c0
[  318.148048][T23301]  syscall_trace_enter+0xd1/0x1f0
[  318.148069][T23301]  ? fpregs_assert_state_consistent+0x83/0xa0
[  318.148112][T23301]  do_syscall_64+0xaa/0x1c0
[  318.148128][T23301]  ? clear_bhb_loop+0x55/0xb0
[  318.148142][T23301]  ? clear_bhb_loop+0x55/0xb0
[  318.148178][T23301]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  318.148192][T23301] RIP: 0033:0x7fc593eed169
[  318.148201][T23301] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  318.148211][T23301] RSP: 002b:00007fc592557038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  318.148222][T23301] RAX: ffffffffffffffda RBX: 00007fc594105fa0 RCX: 00007fc593eed169
[  318.148281][T23301] RDX: 0000000000000120 RSI: 0000400000002a00 RDI: 0000000000000003
[  318.148321][T23301] RBP: 00007fc592557090 R08: 0000000000000000 R09: 0000000000000000
[  318.148328][T23301] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  318.148334][T23301] R13: 0000000000000000 R14: 00007fc594105fa0 R15: 00007ffc40d14ee8
[  318.148343][T23301]  </TASK>
[  318.149887][ T1071] hid-generic 0000:0000:0000.0049: unknown main item tag 0x0
[  318.361130][ T1071] hid-generic 0000:0000:0000.0049: item fetching failed at offset 4/43
[  318.369647][ T1071] hid-generic 0000:0000:0000.0049: probe with driver hid-generic failed with error -22
[  318.513577][T23305] netlink: 'syz.3.6954': attribute type 3 has an invalid length.
[  318.567043][ T6059] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  318.821877][T23329] lo speed is unknown, defaulting to 1000
[  318.880392][T23333] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  318.932826][T23333] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.028106][T23333] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.066011][T23338] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.155756][T23333] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.188118][T23338] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.235130][T23333] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  319.246067][T23333] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  319.256771][T23333] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  319.267460][T23333] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  319.277487][T23338] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.327131][T23338] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.353503][T23345] rdma_rxe: rxe_newlink: failed to add lo
[  319.387054][T23338] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  319.398386][T23338] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  319.409587][T23338] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  319.420561][T23338] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  319.443322][T23357] SELinux: syz.4.6973 (23357) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  319.473731][T23361] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.551993][T23361] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.665574][T23361] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.701848][T23361] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.845691][T23376] rdma_rxe: rxe_newlink: failed to add lo
[  319.962635][T23388] IPVS: Error connecting to the multicast addr
[  319.969099][T23393] __nla_validate_parse: 17 callbacks suppressed
[  319.969112][T23393] netlink: 96 bytes leftover after parsing attributes in process `syz.3.6986'.
[  320.063879][T23400] Falling back ldisc for ttyS3.
[  320.104530][T23406] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6991'.
[  320.113709][T23406] FAULT_INJECTION: forcing a failure.
[  320.113709][T23406] name failslab, interval 1, probability 0, space 0, times 0
[  320.126489][T23406] CPU: 0 UID: 0 PID: 23406 Comm: syz.3.6991 Tainted: G        W          6.14.0-rc5-syzkaller #0
[  320.126506][T23406] Tainted: [W]=WARN
[  320.126510][T23406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  320.126516][T23406] Call Trace:
[  320.126520][T23406]  <TASK>
[  320.126524][T23406]  dump_stack_lvl+0xf2/0x150
[  320.126581][T23406]  dump_stack+0x15/0x1a
[  320.126601][T23406]  should_fail_ex+0x24a/0x260
[  320.126705][T23406]  should_failslab+0x8f/0xb0
[  320.126722][T23406]  kmem_cache_alloc_node_noprof+0x59/0x320
[  320.126743][T23406]  ? __alloc_skb+0x10b/0x310
[  320.126754][T23406]  ? security_capable+0x81/0x90
[  320.126793][T23406]  __alloc_skb+0x10b/0x310
[  320.126810][T23406]  netlink_ack+0xef/0x4f0
[  320.126826][T23406]  ? ref_tracker_free+0x3a5/0x410
[  320.126913][T23406]  netlink_rcv_skb+0x19c/0x230
[  320.126928][T23406]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  320.126945][T23406]  rtnetlink_rcv+0x1c/0x30
[  320.126957][T23406]  netlink_unicast+0x599/0x670
[  320.127043][T23406]  netlink_sendmsg+0x5cc/0x6e0
[  320.127061][T23406]  ? __pfx_netlink_sendmsg+0x10/0x10
[  320.127078][T23406]  __sock_sendmsg+0x140/0x180
[  320.127153][T23406]  ____sys_sendmsg+0x326/0x4b0
[  320.127179][T23406]  __sys_sendmsg+0x19d/0x230
[  320.127228][T23406]  __x64_sys_sendmsg+0x46/0x50
[  320.127251][T23406]  x64_sys_call+0x2734/0x2dc0
[  320.127275][T23406]  do_syscall_64+0xc9/0x1c0
[  320.127303][T23406]  ? clear_bhb_loop+0x55/0xb0
[  320.127344][T23406]  ? clear_bhb_loop+0x55/0xb0
[  320.127393][T23406]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  320.127418][T23406] RIP: 0033:0x7f9e41ddd169
[  320.127484][T23406] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  320.127523][T23406] RSP: 002b:00007f9e40441038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  320.127543][T23406] RAX: ffffffffffffffda RBX: 00007f9e41ff5fa0 RCX: 00007f9e41ddd169
[  320.127555][T23406] RDX: 0000000000000000 RSI: 0000400000000180 RDI: 0000000000000006
[  320.127568][T23406] RBP: 00007f9e40441090 R08: 0000000000000000 R09: 0000000000000000
[  320.127579][T23406] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  320.127596][T23406] R13: 0000000000000000 R14: 00007f9e41ff5fa0 R15: 00007fff41ec3a18
[  320.127613][T23406]  </TASK>
[  320.371772][ T6059] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  320.372433][T23408] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  320.391851][T23408] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1017 sclass=netlink_route_socket pid=23408 comm=syz.2.6992
[  320.412488][T23236] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  320.429886][T23236] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  320.442141][T23414] ALSA: seq fatal error: cannot create timer (-22)
[  320.442922][T23236] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  320.461484][T23236] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  320.462384][T23414] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6995'.
[  320.603552][T23430] FAULT_INJECTION: forcing a failure.
[  320.603552][T23430] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  320.603580][T23430] CPU: 1 UID: 0 PID: 23430 Comm: syz.3.7000 Tainted: G        W          6.14.0-rc5-syzkaller #0
[  320.603685][T23430] Tainted: [W]=WARN
[  320.603691][T23430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  320.603701][T23430] Call Trace:
[  320.603708][T23430]  <TASK>
[  320.603715][T23430]  dump_stack_lvl+0xf2/0x150
[  320.603741][T23430]  dump_stack+0x15/0x1a
[  320.603759][T23430]  should_fail_ex+0x24a/0x260
[  320.603816][T23430]  should_fail+0xb/0x10
[  320.603841][T23430]  should_fail_usercopy+0x1a/0x20
[  320.603866][T23430]  _copy_from_user+0x1c/0xa0
[  320.603885][T23430]  __se_sys_io_uring_setup+0xf3/0x1e0
[  320.604063][T23430]  __x64_sys_io_uring_setup+0x31/0x40
[  320.604083][T23430]  x64_sys_call+0x270c/0x2dc0
[  320.604106][T23430]  do_syscall_64+0xc9/0x1c0
[  320.604135][T23430]  ? clear_bhb_loop+0x55/0xb0
[  320.604159][T23430]  ? clear_bhb_loop+0x55/0xb0
[  320.604255][T23430]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  320.604278][T23430] RIP: 0033:0x7f9e41ddd169
[  320.604292][T23430] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  320.604330][T23430] RSP: 002b:00007f9e4041ffc8 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[  320.604349][T23430] RAX: ffffffffffffffda RBX: 00007f9e41ff6080 RCX: 00007f9e41ddd169
[  320.604360][T23430] RDX: 0000000000000000 RSI: 0000400000000340 RDI: 0000000000000111
[  320.604372][T23430] RBP: 0000400000000340 R08: 0000000000000000 R09: 0000000000000000
[  320.604382][T23430] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[  320.604391][T23430] R13: 0000000000000000 R14: 0000000000000111 R15: 0000000000000000
[  320.604409][T23430]  </TASK>
[  320.683149][   T29] kauditd_printk_skb: 509 callbacks suppressed
[  320.683165][   T29] audit: type=1326 audit(2000000245.711:13922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23435 comm="syz.2.7005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd60cbf4127 code=0x7ffc0000
[  320.683192][   T29] audit: type=1326 audit(2000000245.711:13923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23435 comm="syz.2.7005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd60cb99359 code=0x7ffc0000
[  320.683229][   T29] audit: type=1326 audit(2000000245.711:13924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23435 comm="syz.2.7005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd60cbf4127 code=0x7ffc0000
[  320.683249][   T29] audit: type=1326 audit(2000000245.711:13925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23435 comm="syz.2.7005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd60cb99359 code=0x7ffc0000
[  320.683270][   T29] audit: type=1326 audit(2000000245.711:13926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23435 comm="syz.2.7005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd60cbfd169 code=0x7ffc0000
[  320.683299][   T29] audit: type=1326 audit(2000000245.711:13927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23435 comm="syz.2.7005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fd60cbfd169 code=0x7ffc0000
[  320.683331][   T29] audit: type=1326 audit(2000000245.711:13928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23435 comm="syz.2.7005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd60cbfd169 code=0x7ffc0000
[  320.683422][   T29] audit: type=1326 audit(2000000245.711:13929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23435 comm="syz.2.7005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd60cbfd169 code=0x7ffc0000
[  320.683441][   T29] audit: type=1326 audit(2000000245.711:13930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23435 comm="syz.2.7005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd60cbf4127 code=0x7ffc0000
[  320.683504][   T29] audit: type=1326 audit(2000000245.711:13931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23435 comm="syz.2.7005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd60cb99359 code=0x7ffc0000
[  321.141319][T23442] FAULT_INJECTION: forcing a failure.
[  321.141319][T23442] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  321.141343][T23442] CPU: 1 UID: 0 PID: 23442 Comm: syz.1.7006 Tainted: G        W          6.14.0-rc5-syzkaller #0
[  321.141368][T23442] Tainted: [W]=WARN
[  321.141374][T23442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  321.141403][T23442] Call Trace:
[  321.141408][T23442]  <TASK>
[  321.141415][T23442]  dump_stack_lvl+0xf2/0x150
[  321.141441][T23442]  dump_stack+0x15/0x1a
[  321.141485][T23442]  should_fail_ex+0x24a/0x260
[  321.141510][T23442]  should_fail+0xb/0x10
[  321.141651][T23442]  should_fail_usercopy+0x1a/0x20
[  321.141681][T23442]  _copy_to_user+0x20/0xa0
[  321.141699][T23442]  simple_read_from_buffer+0xa0/0x110
[  321.141723][T23442]  proc_fail_nth_read+0xf9/0x140
[  321.141751][T23442]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  321.141850][T23442]  vfs_read+0x19b/0x6f0
[  321.141881][T23442]  ? __rcu_read_unlock+0x4e/0x70
[  321.141899][T23442]  ? __fget_files+0x17c/0x1c0
[  321.141946][T23442]  ksys_read+0xe8/0x1b0
[  321.141968][T23442]  __x64_sys_read+0x42/0x50
[  321.142030][T23442]  x64_sys_call+0x2874/0x2dc0
[  321.142116][T23442]  do_syscall_64+0xc9/0x1c0
[  321.142202][T23442]  ? clear_bhb_loop+0x55/0xb0
[  321.142228][T23442]  ? clear_bhb_loop+0x55/0xb0
[  321.142330][T23442]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  321.142355][T23442] RIP: 0033:0x7f0b53b1bb7c
[  321.142369][T23442] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  321.142384][T23442] RSP: 002b:00007f0b52166030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  321.142437][T23442] RAX: ffffffffffffffda RBX: 00007f0b53d36080 RCX: 00007f0b53b1bb7c
[  321.142447][T23442] RDX: 000000000000000f RSI: 00007f0b521660a0 RDI: 0000000000000004
[  321.142458][T23442] RBP: 00007f0b52166090 R08: 0000000000000000 R09: 0000000000000000
[  321.142469][T23442] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  321.142509][T23442] R13: 0000000000000000 R14: 00007f0b53d36080 R15: 00007ffed9561168
[  321.142526][T23442]  </TASK>
[  321.306766][   T11] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  321.430077][T23444] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7007'.
[  321.505676][T23456] FAULT_INJECTION: forcing a failure.
[  321.505676][T23456] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  321.519130][T23456] CPU: 0 UID: 0 PID: 23456 Comm: syz.3.7013 Tainted: G        W          6.14.0-rc5-syzkaller #0
[  321.519173][T23456] Tainted: [W]=WARN
[  321.519181][T23456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  321.519193][T23456] Call Trace:
[  321.519200][T23456]  <TASK>
[  321.519207][T23456]  dump_stack_lvl+0xf2/0x150
[  321.519234][T23456]  dump_stack+0x15/0x1a
[  321.519255][T23456]  should_fail_ex+0x24a/0x260
[  321.519343][T23456]  should_fail_alloc_page+0xfd/0x110
[  321.519433][T23456]  __alloc_frozen_pages_noprof+0x109/0x340
[  321.519466][T23456]  alloc_pages_mpol+0xb4/0x260
[  321.519489][T23456]  alloc_pages_noprof+0xe8/0x130
[  321.519511][T23456]  pte_alloc_one+0x31/0x110
[  321.519532][T23456]  __pte_alloc+0x33/0x2a0
[  321.519584][T23456]  handle_mm_fault+0x1b4a/0x2ac0
[  321.519617][T23456]  exc_page_fault+0x296/0x650
[  321.519682][T23456]  asm_exc_page_fault+0x26/0x30
[  321.519704][T23456] RIP: 0010:rep_movs_alternative+0x4a/0x70
[  321.519726][T23456] Code: 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 <f3> a4 c3 cc cc cc cc 48 89 c8 48 c1 e9 03 83 e0 07 f3 48 a5 89 c1
[  321.519813][T23456] RSP: 0018:ffffc90002b0be08 EFLAGS: 00050206
[  321.519846][T23456] RAX: ffff88810aa4ab88 RBX: 0000400000000200 RCX: 0000000000000200
[  321.519859][T23456] RDX: 0000000000000000 RSI: ffff888104d50200 RDI: 0000400000000000
[  321.519870][T23456] RBP: 0000000000000000 R08: 0000000080000000 R09: 0000000000000000
[  321.519963][T23456] R10: 0001888104d50200 R11: 0001888104d503ff R12: 0000000000000200
[  321.519976][T23456] R13: 00007ffffffff000 R14: 0000400000000000 R15: ffff888104d50200
[  321.519994][T23456]  _copy_to_user+0x7c/0xa0
[  321.520012][T23456]  copy_regset_to_user+0xf6/0x170
[  321.520068][T23456]  arch_ptrace+0x2b4/0x400
[  321.520148][T23456]  __se_sys_ptrace+0xf4/0x2b0
[  321.520171][T23456]  __x64_sys_ptrace+0x55/0x70
[  321.520195][T23456]  x64_sys_call+0x2225/0x2dc0
[  321.520288][T23456]  do_syscall_64+0xc9/0x1c0
[  321.520317][T23456]  ? clear_bhb_loop+0x55/0xb0
[  321.520340][T23456]  ? clear_bhb_loop+0x55/0xb0
[  321.520365][T23456]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  321.520428][T23456] RIP: 0033:0x7f9e41ddd169
[  321.520511][T23456] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  321.520528][T23456] RSP: 002b:00007f9e40441038 EFLAGS: 00000246 ORIG_RAX: 0000000000000065
[  321.520545][T23456] RAX: ffffffffffffffda RBX: 00007f9e41ff5fa0 RCX: 00007f9e41ddd169
[  321.520575][T23456] RDX: 0000000000010000 RSI: 00000000000001a8 RDI: 000000000000000e
[  321.520587][T23456] RBP: 00007f9e40441090 R08: 0000000000000000 R09: 0000000000000000
[  321.520606][T23456] R10: 0000400000000000 R11: 0000000000000246 R12: 0000000000000001
[  321.520617][T23456] R13: 0000000000000000 R14: 00007f9e41ff5fa0 R15: 00007fff41ec3a18
[  321.520634][T23456]  </TASK>
[  321.820939][T23462] netlink: 36 bytes leftover after parsing attributes in process `syz.0.7014'.
[  321.830043][T23462] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7014'.
[  321.839311][T23462] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7014'.
[  321.867663][T23470] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  321.879852][T23473] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7020'.
[  321.899069][T23474] lo speed is unknown, defaulting to 1000
[  321.925415][T23470] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  321.970417][T23476] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7021'.
[  321.980094][T23476] IPVS: Error joining to the multicast group
[  321.990056][T23470] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  322.007979][T23481] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7022'.
[  322.017189][T23481] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  322.031483][T23470] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  322.079086][T23487] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=23487 comm=syz.0.7025
[  322.384274][T23504] 9pnet_fd: Insufficient options for proto=fd
[  322.930578][T23506] netlink: 'syz.3.7032': attribute type 3 has an invalid length.
[  322.994646][T23510] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  323.023048][T23512] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  323.035600][T23514] binfmt_misc: register: failed to install interpreter file ./file0
[  323.229994][T23533] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  323.271791][T23361] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  323.283627][T23361] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  323.295075][T23361] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  323.306167][T23361] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  323.321807][T23543] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  323.410937][T23560] FAULT_INJECTION: forcing a failure.
[  323.410937][T23560] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  323.424232][T23560] CPU: 0 UID: 0 PID: 23560 Comm: syz.0.7056 Tainted: G        W          6.14.0-rc5-syzkaller #0
[  323.424250][T23560] Tainted: [W]=WARN
[  323.424254][T23560] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  323.424305][T23560] Call Trace:
[  323.424309][T23560]  <TASK>
[  323.424313][T23560]  dump_stack_lvl+0xf2/0x150
[  323.424330][T23560]  dump_stack+0x15/0x1a
[  323.424341][T23560]  should_fail_ex+0x24a/0x260
[  323.424418][T23560]  should_fail+0xb/0x10
[  323.424432][T23560]  should_fail_usercopy+0x1a/0x20
[  323.424448][T23560]  _copy_to_user+0x20/0xa0
[  323.424460][T23560]  simple_read_from_buffer+0xa0/0x110
[  323.424486][T23560]  proc_fail_nth_read+0xf9/0x140
[  323.424552][T23560]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  323.424636][T23560]  vfs_read+0x19b/0x6f0
[  323.424649][T23560]  ? __rcu_read_unlock+0x4e/0x70
[  323.424729][T23560]  ? __fget_files+0x17c/0x1c0
[  323.424747][T23560]  ksys_read+0xe8/0x1b0
[  323.424761][T23560]  __x64_sys_read+0x42/0x50
[  323.424774][T23560]  x64_sys_call+0x2874/0x2dc0
[  323.424790][T23560]  do_syscall_64+0xc9/0x1c0
[  323.424808][T23560]  ? clear_bhb_loop+0x55/0xb0
[  323.424822][T23560]  ? clear_bhb_loop+0x55/0xb0
[  323.424884][T23560]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  323.424912][T23560] RIP: 0033:0x7fa2b066bb7c
[  323.424922][T23560] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  323.424932][T23560] RSP: 002b:00007fa2aecd7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  323.424943][T23560] RAX: ffffffffffffffda RBX: 00007fa2b0885fa0 RCX: 00007fa2b066bb7c
[  323.424949][T23560] RDX: 000000000000000f RSI: 00007fa2aecd70a0 RDI: 0000000000000008
[  323.424956][T23560] RBP: 00007fa2aecd7090 R08: 0000000000000000 R09: 0000000000000000
[  323.425039][T23560] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  323.425045][T23560] R13: 0000000000000000 R14: 00007fa2b0885fa0 R15: 00007ffd352ea148
[  323.425065][T23560]  </TASK>
[  323.707510][T23569] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  323.727641][T23571] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  323.785496][T23569] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  323.838770][T23569] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  323.945597][T23569] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  323.965977][T23599] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  324.172989][T23614] FAULT_INJECTION: forcing a failure.
[  324.172989][T23614] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  324.186190][T23614] CPU: 0 UID: 0 PID: 23614 Comm: syz.1.7079 Tainted: G        W          6.14.0-rc5-syzkaller #0
[  324.186215][T23614] Tainted: [W]=WARN
[  324.186220][T23614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  324.186283][T23614] Call Trace:
[  324.186289][T23614]  <TASK>
[  324.186347][T23614]  dump_stack_lvl+0xf2/0x150
[  324.186374][T23614]  dump_stack+0x15/0x1a
[  324.186393][T23614]  should_fail_ex+0x24a/0x260
[  324.186418][T23614]  should_fail+0xb/0x10
[  324.186490][T23614]  should_fail_usercopy+0x1a/0x20
[  324.186550][T23614]  _copy_to_user+0x20/0xa0
[  324.186570][T23614]  simple_read_from_buffer+0xa0/0x110
[  324.186597][T23614]  proc_fail_nth_read+0xf9/0x140
[  324.186639][T23614]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  324.186666][T23614]  vfs_read+0x19b/0x6f0
[  324.186689][T23614]  ? __rcu_read_unlock+0x4e/0x70
[  324.186815][T23614]  ? __fget_files+0x17c/0x1c0
[  324.186884][T23614]  ksys_read+0xe8/0x1b0
[  324.186906][T23614]  __x64_sys_read+0x42/0x50
[  324.186926][T23614]  x64_sys_call+0x2874/0x2dc0
[  324.186987][T23614]  do_syscall_64+0xc9/0x1c0
[  324.187015][T23614]  ? clear_bhb_loop+0x55/0xb0
[  324.187057][T23614]  ? clear_bhb_loop+0x55/0xb0
[  324.187079][T23614]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  324.187102][T23614] RIP: 0033:0x7f0b53b1bb7c
[  324.187114][T23614] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  324.187129][T23614] RSP: 002b:00007f0b52187030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  324.187161][T23614] RAX: ffffffffffffffda RBX: 00007f0b53d35fa0 RCX: 00007f0b53b1bb7c
[  324.187172][T23614] RDX: 000000000000000f RSI: 00007f0b521870a0 RDI: 0000000000000003
[  324.187182][T23614] RBP: 00007f0b52187090 R08: 0000000000000000 R09: 0000000000000000
[  324.187191][T23614] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  324.187201][T23614] R13: 0000000000000000 R14: 00007f0b53d35fa0 R15: 00007ffed9561168
[  324.187216][T23614]  </TASK>
[  324.384872][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  324.515682][T23625] tipc: Started in network mode
[  324.520580][T23625] tipc: Node identity ac14140f, cluster identity 4711
[  324.529881][T23625] tipc: New replicast peer: 255.255.255.39
[  324.535930][T23625] tipc: Enabled bearer <udp:s>, priority 10
[  324.546504][T23470] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  324.560521][T23470] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  324.571911][T23470] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  324.584335][T23470] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  324.636245][T23629] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  324.646674][T23631] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  324.727402][ T6097] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  325.199983][T23661] FAULT_INJECTION: forcing a failure.
[  325.199983][T23661] name failslab, interval 1, probability 0, space 0, times 0
[  325.213392][T23661] CPU: 0 UID: 0 PID: 23661 Comm: syz.0.7096 Tainted: G        W          6.14.0-rc5-syzkaller #0
[  325.213482][T23661] Tainted: [W]=WARN
[  325.213489][T23661] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  325.213500][T23661] Call Trace:
[  325.213506][T23661]  <TASK>
[  325.213512][T23661]  dump_stack_lvl+0xf2/0x150
[  325.213536][T23661]  dump_stack+0x15/0x1a
[  325.213556][T23661]  should_fail_ex+0x24a/0x260
[  325.213644][T23661]  should_failslab+0x8f/0xb0
[  325.213675][T23661]  kmem_cache_alloc_node_noprof+0x59/0x320
[  325.213771][T23661]  ? __alloc_skb+0x10b/0x310
[  325.213792][T23661]  __alloc_skb+0x10b/0x310
[  325.213853][T23661]  tcp_stream_alloc_skb+0x2f/0x1e0
[  325.213901][T23661]  tcp_sendmsg_locked+0x96d/0x26a0
[  325.213933][T23661]  ? __pfx_tcp_sendmsg+0x10/0x10
[  325.213952][T23661]  tcp_sendmsg+0x30/0x50
[  325.213973][T23661]  inet_sendmsg+0x77/0xd0
[  325.214000][T23661]  __sock_sendmsg+0x102/0x180
[  325.214096][T23661]  __sys_sendto+0x1a8/0x230
[  325.214126][T23661]  __x64_sys_sendto+0x78/0x90
[  325.214148][T23661]  x64_sys_call+0x29fa/0x2dc0
[  325.214170][T23661]  do_syscall_64+0xc9/0x1c0
[  325.214262][T23661]  ? clear_bhb_loop+0x55/0xb0
[  325.214288][T23661]  ? clear_bhb_loop+0x55/0xb0
[  325.214314][T23661]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  325.214340][T23661] RIP: 0033:0x7fa2b066d169
[  325.214354][T23661] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  325.214375][T23661] RSP: 002b:00007fa2aecd7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  325.214469][T23661] RAX: ffffffffffffffda RBX: 00007fa2b0885fa0 RCX: 00007fa2b066d169
[  325.214525][T23661] RDX: ffffffffffffff94 RSI: 0000400000000000 RDI: 0000000000000003
[  325.214538][T23661] RBP: 00007fa2aecd7090 R08: 0000000000000000 R09: 0000000000000000
[  325.214551][T23661] R10: 000000000000000b R11: 0000000000000246 R12: 0000000000000001
[  325.214563][T23661] R13: 0000000000000000 R14: 00007fa2b0885fa0 R15: 00007ffd352ea148
[  325.214580][T23661]  </TASK>
[  325.281518][T23662] $Hÿ: renamed from bond0
[  325.284227][T23662] $Hÿ: entered promiscuous mode
[  325.284242][T23662] bond_slave_0: entered promiscuous mode
[  325.284313][T23662] bond_slave_1: entered promiscuous mode
[  325.602572][T15894] tipc: Node number set to 2886997007
[  325.772745][T23676] rdma_rxe: rxe_newlink: failed to add lo
[  326.157701][T23702] __nla_validate_parse: 8 callbacks suppressed
[  326.157716][T23702] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7112'.
[  326.213750][T23702] bridge0: port 2(bridge_slave_1) entered disabled state
[  326.289494][T23702] bridge_slave_1 (unregistering): left allmulticast mode
[  326.296632][T23702] bridge_slave_1 (unregistering): left promiscuous mode
[  326.303589][T23702] bridge0: port 2(bridge_slave_1) entered disabled state
[  326.340720][T23706] rdma_rxe: rxe_newlink: failed to add lo
[  326.452254][   T29] kauditd_printk_skb: 490 callbacks suppressed
[  326.452274][   T29] audit: type=1326 audit(2000000251.108:14422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23719 comm="syz.3.7119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e41ddd169 code=0x7ffc0000
[  326.482279][   T29] audit: type=1326 audit(2000000251.108:14423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23719 comm="syz.3.7119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e41ddd169 code=0x7ffc0000
[  326.506064][   T29] audit: type=1326 audit(2000000251.108:14424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23719 comm="syz.3.7119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9e41ddd169 code=0x7ffc0000
[  326.529692][   T29] audit: type=1326 audit(2000000251.108:14425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23719 comm="syz.3.7119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e41ddd169 code=0x7ffc0000
[  326.553310][   T29] audit: type=1326 audit(2000000251.108:14426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23719 comm="syz.3.7119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9e41ddd169 code=0x7ffc0000
[  326.577466][   T29] audit: type=1326 audit(2000000251.211:14427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23719 comm="syz.3.7119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e41ddd169 code=0x7ffc0000
[  326.601205][   T29] audit: type=1326 audit(2000000251.211:14428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23719 comm="syz.3.7119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=251 compat=0 ip=0x7f9e41ddd169 code=0x7ffc0000
[  326.624926][   T29] audit: type=1326 audit(2000000251.211:14429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23719 comm="syz.3.7119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e41ddd169 code=0x7ffc0000
[  326.648511][   T29] audit: type=1326 audit(2000000251.211:14430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23719 comm="syz.3.7119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e41ddd169 code=0x7ffc0000
[  326.688235][   T29] audit: type=1326 audit(2000000251.323:14431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23724 comm="syz.0.7121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2b066d169 code=0x7ffc0000
[  326.713319][T23722] netlink: 16 bytes leftover after parsing attributes in process `syz.3.7120'.
[  326.813390][T23736] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7127'.
[  326.827141][T23736] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  326.964285][T23746] lo speed is unknown, defaulting to 1000
[  327.151576][T23749] sch_tbf: peakrate 8 is lower than or equals to rate 12 !
[  327.279433][T23751] FAULT_INJECTION: forcing a failure.
[  327.279433][T23751] name failslab, interval 1, probability 0, space 0, times 0
[  327.292127][T23751] CPU: 1 UID: 0 PID: 23751 Comm: syz.1.7133 Tainted: G        W          6.14.0-rc5-syzkaller #0
[  327.292153][T23751] Tainted: [W]=WARN
[  327.292210][T23751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  327.292223][T23751] Call Trace:
[  327.292230][T23751]  <TASK>
[  327.292236][T23751]  dump_stack_lvl+0xf2/0x150
[  327.292276][T23751]  dump_stack+0x15/0x1a
[  327.292295][T23751]  should_fail_ex+0x24a/0x260
[  327.292324][T23751]  should_failslab+0x8f/0xb0
[  327.292352][T23751]  kmem_cache_alloc_lru_noprof+0x57/0x320
[  327.292420][T23751]  ? shmem_alloc_inode+0x34/0x50
[  327.292442][T23751]  shmem_alloc_inode+0x34/0x50
[  327.292463][T23751]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  327.292553][T23751]  alloc_inode+0x3c/0x160
[  327.292578][T23751]  new_inode+0x1e/0x100
[  327.292658][T23751]  shmem_get_inode+0x24e/0x730
[  327.292733][T23751]  shmem_mknod+0x44/0x180
[  327.292754][T23751]  shmem_mkdir+0x33/0x70
[  327.292810][T23751]  vfs_mkdir+0x1f4/0x320
[  327.292830][T23751]  do_mkdirat+0x136/0x2c0
[  327.292917][T23751]  __x64_sys_mkdir+0x42/0x50
[  327.292942][T23751]  x64_sys_call+0x1b2b/0x2dc0
[  327.293029][T23751]  do_syscall_64+0xc9/0x1c0
[  327.293057][T23751]  ? clear_bhb_loop+0x55/0xb0
[  327.293129][T23751]  ? clear_bhb_loop+0x55/0xb0
[  327.293152][T23751]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  327.293174][T23751] RIP: 0033:0x7f0b53b1d169
[  327.293242][T23751] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  327.293333][T23751] RSP: 002b:00007f0b52187038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  327.293375][T23751] RAX: ffffffffffffffda RBX: 00007f0b53d35fa0 RCX: 00007f0b53b1d169
[  327.293441][T23751] RDX: 0000000000000000 RSI: 0000000000000044 RDI: 00004000000003c0
[  327.293505][T23751] RBP: 00007f0b52187090 R08: 0000000000000000 R09: 0000000000000000
[  327.293515][T23751] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  327.293525][T23751] R13: 0000000000000000 R14: 00007f0b53d35fa0 R15: 00007ffed9561168
[  327.293539][T23751]  </TASK>
[  327.294947][T23753] netlink: 20 bytes leftover after parsing attributes in process `syz.3.7131'.
[  327.461546][ T6087] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  327.560912][T23773] FAULT_INJECTION: forcing a failure.
[  327.560912][T23773] name failslab, interval 1, probability 0, space 0, times 0
[  327.573612][T23773] CPU: 0 UID: 0 PID: 23773 Comm: syz.3.7136 Tainted: G        W          6.14.0-rc5-syzkaller #0
[  327.573639][T23773] Tainted: [W]=WARN
[  327.573645][T23773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  327.573657][T23773] Call Trace:
[  327.573663][T23773]  <TASK>
[  327.573669][T23773]  dump_stack_lvl+0xf2/0x150
[  327.573696][T23773]  dump_stack+0x15/0x1a
[  327.573715][T23773]  should_fail_ex+0x24a/0x260
[  327.573731][T23773]  should_failslab+0x8f/0xb0
[  327.573825][T23773]  kmem_cache_alloc_node_noprof+0x59/0x320
[  327.573861][T23773]  ? __alloc_skb+0x10b/0x310
[  327.573883][T23773]  __alloc_skb+0x10b/0x310
[  327.573895][T23773]  rtmsg_ifinfo_build_skb+0x63/0x1b0
[  327.574026][T23773]  ? up_write+0x30/0xf0
[  327.574067][T23773]  ? mutex_is_locked+0x12/0x30
[  327.574078][T23773]  unregister_netdevice_many_notify+0xa01/0x1280
[  327.574093][T23773]  ? _raw_spin_unlock_irqrestore+0x2b/0x60
[  327.574134][T23773]  ? __flush_work+0x4a1/0x580
[  327.574207][T23773]  ? detach_if_pending+0x94/0x200
[  327.574218][T23773]  unregister_netdevice_queue+0x1f4/0x220
[  327.574288][T23773]  unregister_netdev+0x1f/0x50
[  327.574300][T23773]  slip_close+0xe5/0x100
[  327.574310][T23773]  ? __pfx_slip_close+0x10/0x10
[  327.574320][T23773]  tty_ldisc_close+0x77/0xa0
[  327.574333][T23773]  tty_set_ldisc+0x1e2/0x3b0
[  327.574346][T23773]  tiocsetd+0x52/0x60
[  327.574429][T23773]  tty_ioctl+0xa94/0xbe0
[  327.574442][T23773]  ? __pfx_tty_ioctl+0x10/0x10
[  327.574454][T23773]  __se_sys_ioctl+0xc9/0x140
[  327.574468][T23773]  __x64_sys_ioctl+0x43/0x50
[  327.574549][T23773]  x64_sys_call+0x1690/0x2dc0
[  327.574562][T23773]  do_syscall_64+0xc9/0x1c0
[  327.574580][T23773]  ? clear_bhb_loop+0x55/0xb0
[  327.574594][T23773]  ? clear_bhb_loop+0x55/0xb0
[  327.574608][T23773]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  327.574654][T23773] RIP: 0033:0x7f9e41ddd169
[  327.574663][T23773] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  327.574703][T23773] RSP: 002b:00007f9e40441038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  327.574714][T23773] RAX: ffffffffffffffda RBX: 00007f9e41ff5fa0 RCX: 00007f9e41ddd169
[  327.574720][T23773] RDX: 0000400000000140 RSI: 0000000000005423 RDI: 0000000000000003
[  327.574727][T23773] RBP: 00007f9e40441090 R08: 0000000000000000 R09: 0000000000000000
[  327.574733][T23773] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  327.574739][T23773] R13: 0000000000000000 R14: 00007f9e41ff5fa0 R15: 00007fff41ec3a18
[  327.574793][T23773]  </TASK>
[  327.871397][T23775] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7137'.
[  327.880382][T23775] bridge_slave_1: left allmulticast mode
[  327.886051][T23775] bridge_slave_1: left promiscuous mode
[  327.891918][T23775] bridge0: port 2(bridge_slave_1) entered disabled state
[  327.902465][T23775] bridge_slave_0: left allmulticast mode
[  327.908186][T23775] bridge_slave_0: left promiscuous mode
[  327.914023][T23775] bridge0: port 1(bridge_slave_0) entered disabled state
[  327.925483][T23782] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7140'.
[  327.964541][T23782] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  327.989713][T23787] tls_set_device_offload: netdev not found
[  328.061526][T23799] netlink: 56 bytes leftover after parsing attributes in process `syz.0.7148'.
[  328.070997][T23800] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=513 sclass=netlink_route_socket pid=23800 comm=syz.0.7148
[  328.330522][T23814] netlink: 'syz.0.7152': attribute type 3 has an invalid length.
[  328.367173][T23816] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7153'.
[  328.379610][T23818] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7154'.
[  328.388937][T23818] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  328.415488][T23824] netlink: 60 bytes leftover after parsing attributes in process `syz.3.7157'.
[  328.425439][T23824] 9pnet_fd: Insufficient options for proto=fd
[  328.465598][T23833] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  328.543895][T23847] netlink: 'syz.3.7164': attribute type 3 has an invalid length.
[  328.674071][T23569] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  328.684913][T23569] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  328.695688][T23569] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  328.706219][T23569] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  328.739648][T23855] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  328.826303][T23870] lo speed is unknown, defaulting to 1000
[  329.230738][T23878] FAULT_INJECTION: forcing a failure.
[  329.230738][T23878] name failslab, interval 1, probability 0, space 0, times 0
[  329.230766][T23878] CPU: 0 UID: 0 PID: 23878 Comm: syz.4.7175 Tainted: G        W          6.14.0-rc5-syzkaller #0
[  329.230809][T23878] Tainted: [W]=WARN
[  329.230814][T23878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  329.230824][T23878] Call Trace:
[  329.230830][T23878]  <TASK>
[  329.230836][T23878]  dump_stack_lvl+0xf2/0x150
[  329.230863][T23878]  dump_stack+0x15/0x1a
[  329.230895][T23878]  should_fail_ex+0x24a/0x260
[  329.230920][T23878]  should_failslab+0x8f/0xb0
[  329.231022][T23878]  __kmalloc_node_noprof+0xad/0x410
[  329.231054][T23878]  ? kstrtouint+0x77/0xc0
[  329.231090][T23878]  ? __kvmalloc_node_noprof+0x72/0x170
[  329.231120][T23878]  __kvmalloc_node_noprof+0x72/0x170
[  329.231211][T23878]  file_tty_write+0x1a9/0x680
[  329.231232][T23878]  tty_write+0x28/0x30
[  329.231287][T23878]  vfs_write+0x77b/0x920
[  329.231312][T23878]  ? __pfx_tty_write+0x10/0x10
[  329.231336][T23878]  ksys_write+0xe8/0x1b0
[  329.231362][T23878]  __x64_sys_write+0x42/0x50
[  329.231418][T23878]  x64_sys_call+0x287e/0x2dc0
[  329.231533][T23878]  do_syscall_64+0xc9/0x1c0
[  329.231560][T23878]  ? clear_bhb_loop+0x55/0xb0
[  329.231586][T23878]  ? clear_bhb_loop+0x55/0xb0
[  329.231612][T23878]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  329.231679][T23878] RIP: 0033:0x7fc593eed169
[  329.231694][T23878] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  329.231710][T23878] RSP: 002b:00007fc592557038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  329.231728][T23878] RAX: ffffffffffffffda RBX: 00007fc594105fa0 RCX: 00007fc593eed169
[  329.231740][T23878] RDX: 00000000fffffd5f RSI: 0000400000000240 RDI: 0000000000000004
[  329.231808][T23878] RBP: 00007fc592557090 R08: 0000000000000000 R09: 0000000000000000
[  329.231819][T23878] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  329.231831][T23878] R13: 0000000000000000 R14: 00007fc594105fa0 R15: 00007ffc40d14ee8
[  329.231846][T23878]  </TASK>
[  329.543802][T23883] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.794240][T23883] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.848247][T23883] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.896693][T23883] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.926419][T23892] netlink: 'syz.1.7179': attribute type 3 has an invalid length.
[  329.951729][T23883] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  329.964695][T23883] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  329.977339][T23883] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  329.989326][T23883] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  330.087798][T23906] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  330.330553][T23943] binfmt_misc: register: failed to install interpreter file ./file0
[  330.397158][T23950] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  330.412109][T23953] netlink: 'syz.2.7206': attribute type 3 has an invalid length.
[  330.456417][T23950] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  330.520701][T23950] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  330.573569][T23950] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  330.622389][T23950] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  330.634867][T23950] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  330.648048][T23950] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  330.662262][T23950] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  330.851306][T23989] netlink: 'syz.4.7221': attribute type 1 has an invalid length.
[  330.885104][ T6049] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  331.006083][T23997] Invalid ELF header magic: != ELF
[  331.376350][T24024] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  331.574060][T24052] lo speed is unknown, defaulting to 1000
[  331.619607][T24059] __nla_validate_parse: 12 callbacks suppressed
[  331.619622][T24059] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7244'.
[  331.635670][T24059] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  331.785730][T24074] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7250'.
[  331.930459][T24076] lo speed is unknown, defaulting to 1000
[  332.035366][T24078] lo speed is unknown, defaulting to 1000
[  332.173404][T24081] syzkaller0: tun_chr_ioctl cmd 2147767506
[  332.250374][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  332.606328][T24097] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=24097 comm=syz.2.7260
[  332.618976][T24097] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=24097 comm=syz.2.7260
[  332.642926][T24097] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2560 sclass=netlink_route_socket pid=24097 comm=syz.2.7260
[  332.655720][T24097] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2563 sclass=netlink_route_socket pid=24097 comm=syz.2.7260
[  332.668420][T24097] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2566 sclass=netlink_route_socket pid=24097 comm=syz.2.7260
[  332.674497][T24104] FAULT_INJECTION: forcing a failure.
[  332.674497][T24104] name failslab, interval 1, probability 0, space 0, times 0
[  332.693735][T24104] CPU: 0 UID: 0 PID: 24104 Comm: syz.0.7261 Tainted: G        W          6.14.0-rc5-syzkaller #0
[  332.693756][T24104] Tainted: [W]=WARN
[  332.693761][T24104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  332.693771][T24104] Call Trace:
[  332.693776][T24104]  <TASK>
[  332.693782][T24104]  dump_stack_lvl+0xf2/0x150
[  332.693802][T24104]  dump_stack+0x15/0x1a
[  332.693816][T24104]  should_fail_ex+0x24a/0x260
[  332.693838][T24104]  should_failslab+0x8f/0xb0
[  332.693859][T24104]  kmem_cache_alloc_noprof+0x52/0x320
[  332.693874][T24104]  ? __mpol_dup+0x43/0x1b0
[  332.693890][T24104]  __mpol_dup+0x43/0x1b0
[  332.693906][T24104]  __se_sys_set_mempolicy_home_node+0x298/0x580
[  332.693925][T24104]  __x64_sys_set_mempolicy_home_node+0x55/0x70
[  332.693941][T24104]  x64_sys_call+0x2d10/0x2dc0
[  332.693959][T24104]  do_syscall_64+0xc9/0x1c0
[  332.693980][T24104]  ? clear_bhb_loop+0x55/0xb0
[  332.693999][T24104]  ? clear_bhb_loop+0x55/0xb0
[  332.694016][T24104]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  332.694035][T24104] RIP: 0033:0x7fa2b066d169
[  332.694047][T24104] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  332.694060][T24104] RSP: 002b:00007fa2aecd7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001c2
[  332.694080][T24104] RAX: ffffffffffffffda RBX: 00007fa2b0885fa0 RCX: 00007fa2b066d169
[  332.694089][T24104] RDX: 0000000000000000 RSI: 0000000000001000 RDI: 0000400000ffd000
[  332.694098][T24104] RBP: 00007fa2aecd7090 R08: 0000000000000000 R09: 0000000000000000
[  332.694107][T24104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  332.694116][T24104] R13: 0000000000000000 R14: 00007fa2b0885fa0 R15: 00007ffd352ea148
[  332.694128][T24104]  </TASK>
[  332.766017][T24100] FAULT_INJECTION: forcing a failure.
[  332.766017][T24100] name failslab, interval 1, probability 0, space 0, times 0
[  332.886890][T24100] CPU: 1 UID: 0 PID: 24100 Comm: syz.1.7262 Tainted: G        W          6.14.0-rc5-syzkaller #0
[  332.886962][T24100] Tainted: [W]=WARN
[  332.886968][T24100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  332.887021][T24100] Call Trace:
[  332.887028][T24100]  <TASK>
[  332.887036][T24100]  dump_stack_lvl+0xf2/0x150
[  332.887119][T24100]  dump_stack+0x15/0x1a
[  332.887140][T24100]  should_fail_ex+0x24a/0x260
[  332.887166][T24100]  should_failslab+0x8f/0xb0
[  332.887190][T24100]  __kmalloc_node_noprof+0xad/0x410
[  332.887281][T24100]  ? __kvmalloc_node_noprof+0x72/0x170
[  332.887375][T24100]  ? vfs_write+0x644/0x920
[  332.887396][T24100]  __kvmalloc_node_noprof+0x72/0x170
[  332.887419][T24100]  traverse+0x9f/0x3c0
[  332.887436][T24100]  ? __rcu_read_unlock+0x4e/0x70
[  332.887494][T24100]  seq_lseek+0xa8/0x160
[  332.887512][T24100]  __x64_sys_lseek+0xe7/0x160
[  332.887547][T24100]  x64_sys_call+0x2a7c/0x2dc0
[  332.887614][T24100]  do_syscall_64+0xc9/0x1c0
[  332.887645][T24100]  ? clear_bhb_loop+0x55/0xb0
[  332.887681][T24100]  ? clear_bhb_loop+0x55/0xb0
[  332.887705][T24100]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  332.887731][T24100] RIP: 0033:0x7f0b53b1d169
[  332.887772][T24100] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  332.887787][T24100] RSP: 002b:00007f0b52187038 EFLAGS: 00000246 ORIG_RAX: 0000000000000008
[  332.887803][T24100] RAX: ffffffffffffffda RBX: 00007f0b53d35fa0 RCX: 00007f0b53b1d169
[  332.887821][T24100] RDX: 0000000000000000 RSI: 0000000000010001 RDI: 0000000000000003
[  332.887833][T24100] RBP: 00007f0b52187090 R08: 0000000000000000 R09: 0000000000000000
[  332.887845][T24100] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  332.887856][T24100] R13: 0000000000000000 R14: 00007f0b53d35fa0 R15: 00007ffed9561168
[  332.887898][T24100]  </TASK>
[  333.140567][T24119] binfmt_misc: register: failed to install interpreter file ./file0
[  333.186092][T24126] FAULT_INJECTION: forcing a failure.
[  333.186092][T24126] name failslab, interval 1, probability 0, space 0, times 0
[  333.198780][T24126] CPU: 0 UID: 0 PID: 24126 Comm: syz.2.7271 Tainted: G        W          6.14.0-rc5-syzkaller #0
[  333.198805][T24126] Tainted: [W]=WARN
[  333.198811][T24126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  333.198822][T24126] Call Trace:
[  333.198828][T24126]  <TASK>
[  333.198834][T24126]  dump_stack_lvl+0xf2/0x150
[  333.198860][T24126]  dump_stack+0x15/0x1a
[  333.198878][T24126]  should_fail_ex+0x24a/0x260
[  333.198903][T24126]  should_failslab+0x8f/0xb0
[  333.198928][T24126]  kmem_cache_alloc_noprof+0x52/0x320
[  333.198945][T24126]  ? __mpol_dup+0x43/0x1b0
[  333.198962][T24126]  __mpol_dup+0x43/0x1b0
[  333.198979][T24126]  __se_sys_set_mempolicy_home_node+0x298/0x580
[  333.198999][T24126]  __x64_sys_set_mempolicy_home_node+0x55/0x70
[  333.199017][T24126]  x64_sys_call+0x2d10/0x2dc0
[  333.199048][T24126]  do_syscall_64+0xc9/0x1c0
[  333.199074][T24126]  ? clear_bhb_loop+0x55/0xb0
[  333.199097][T24126]  ? clear_bhb_loop+0x55/0xb0
[  333.199120][T24126]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  333.199143][T24126] RIP: 0033:0x7fd60cbfd169
[  333.199156][T24126] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  333.199169][T24126] RSP: 002b:00007fd60b267038 EFLAGS: 00000246 ORIG_RAX: 00000000000001c2
[  333.199186][T24126] RAX: ffffffffffffffda RBX: 00007fd60ce15fa0 RCX: 00007fd60cbfd169
[  333.199196][T24126] RDX: 0000000000000000 RSI: 0000000000001000 RDI: 0000400000ffd000
[  333.199206][T24126] RBP: 00007fd60b267090 R08: 0000000000000000 R09: 0000000000000000
[  333.199215][T24126] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  333.199224][T24126] R13: 0000000000000000 R14: 00007fd60ce15fa0 R15: 00007ffd1c625438
[  333.199238][T24126]  </TASK>
[  333.427714][T24110] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  333.523044][T24110] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  333.554019][T24135] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  333.621280][ T6091] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  333.638114][T24110] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  333.709049][T24135] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  333.735929][   T29] kauditd_printk_skb: 1027 callbacks suppressed
[  333.736007][   T29] audit: type=1326 audit(2000000257.890:15457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24140 comm="syz.4.7277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc593ee4127 code=0x7ffc0000
[  333.765908][   T29] audit: type=1326 audit(2000000257.890:15458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24140 comm="syz.4.7277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc593e89359 code=0x7ffc0000
[  333.789534][   T29] audit: type=1326 audit(2000000257.890:15459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24140 comm="syz.4.7277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc593ee4127 code=0x7ffc0000
[  333.813266][   T29] audit: type=1326 audit(2000000257.890:15460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24140 comm="syz.4.7277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc593e89359 code=0x7ffc0000
[  333.836901][   T29] audit: type=1326 audit(2000000257.890:15461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24140 comm="syz.4.7277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc593eed169 code=0x7ffc0000
[  333.860599][   T29] audit: type=1326 audit(2000000257.890:15462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24140 comm="syz.4.7277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc593eed169 code=0x7ffc0000
[  333.884352][   T29] audit: type=1326 audit(2000000257.890:15463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24140 comm="syz.4.7277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc593eed169 code=0x7ffc0000
[  333.907966][   T29] audit: type=1326 audit(2000000257.890:15464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24140 comm="syz.4.7277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7fc593eed169 code=0x7ffc0000
[  333.931664][   T29] audit: type=1326 audit(2000000257.890:15465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24140 comm="syz.4.7277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc593eed169 code=0x7ffc0000
[  333.970660][T24110] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  333.984330][T24143] netlink: 'syz.4.7278': attribute type 3 has an invalid length.
[  334.009534][T24135] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  334.042168][T24110] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  334.055724][T24110] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  334.069588][T24110] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  334.087158][T24135] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  334.107167][T24110] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  334.149754][T24135] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  334.159871][T24155] sch_tbf: peakrate 8 is lower than or equals to rate 12 !
[  334.175186][T24135] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  334.202269][T24135] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  334.220360][T24163] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  334.234504][T24135] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  334.274925][T24167] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  334.290568][T24170] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2567 sclass=netlink_route_socket pid=24170 comm=syz.4.7287
[  334.307956][T24163] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  334.335453][T24172] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7289'.
[  334.373652][T24167] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  334.394471][T24172] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  334.416585][T24163] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  334.454621][T24167] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  334.523596][T24163] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  334.543480][T24191] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7297'.
[  334.552511][T24191] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7297'.
[  334.572569][T24167] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  334.583759][   T29] audit: type=1400 audit(2000000258.713:15466): avc:  denied  { shutdown } for  pid=24192 comm="syz.1.7298" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  334.619360][T24196] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2567 sclass=netlink_route_socket pid=24196 comm=syz.1.7300
[  334.640210][T24199] block device autoloading is deprecated and will be removed.
[  334.666051][T24201] sch_tbf: peakrate 8 is lower than or equals to rate 12 !
[  334.695874][T24205] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7304'.
[  334.705076][T24205] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  334.741381][T24209] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=24209 comm=syz.4.7306
[  334.813761][T24218] rdma_rxe: rxe_newlink: failed to add lo
[  334.819987][T24216] lo speed is unknown, defaulting to 1000
[  334.877968][T24224] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  334.905646][T24227] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  334.935184][T24224] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  334.977715][T24227] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  335.009807][T24224] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  335.043165][T24227] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  335.067285][T24231] netlink: 96 bytes leftover after parsing attributes in process `syz.4.7312'.
[  335.091363][T24233] block device autoloading is deprecated and will be removed.
[  335.100301][T24224] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  335.118862][T24227] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  335.134381][T24237] sch_tbf: peakrate 8 is lower than or equals to rate 12 !
[  335.183124][T24244] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  335.183189][T24243] IPVS: stopping master sync thread 24244 ...
[  335.229597][T24227] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  335.240986][T24227] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  335.252107][T24227] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  335.263112][T24227] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  335.298782][T24247] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7319'.
[  335.307710][T24247] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7319'.
[  335.538916][T24224] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  335.551549][T24224] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  335.562935][T24224] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  335.574590][T24224] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  335.611448][T24259] netlink: 96 bytes leftover after parsing attributes in process `syz.3.7324'.
[  335.820816][T24284] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  335.897353][T24284] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  335.961803][T24284] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  336.025809][T24284] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  336.356341][   T40] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  336.496576][T24294] netlink: 'syz.1.7340': attribute type 3 has an invalid length.
[  336.541905][T24296] block device autoloading is deprecated and will be removed.
[  336.604716][T24302] s
z1: rxe_newlink: already configured on lo
[  336.672401][T24313] s
z1: rxe_newlink: already configured on lo
[  336.840477][T24329] netlink: 'syz.1.7354': attribute type 3 has an invalid length.
[  336.982328][T24341] s
z1: rxe_newlink: already configured on lo
[  337.214594][T24370] netlink: 'syz.4.7371': attribute type 3 has an invalid length.
[  337.276784][T24372] s
z1: rxe_newlink: already configured on lo
[  337.439610][T24401] netlink: 'syz.1.7383': attribute type 27 has an invalid length.
[  337.890867][T24413] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  337.902044][T24412] IPVS: stopping master sync thread 24413 ...
[  338.489002][T24422] __nla_validate_parse: 4 callbacks suppressed
[  338.489016][T24422] netlink: 28 bytes leftover after parsing attributes in process `syz.1.7392'.
[  338.504353][T24422] netlink: 28 bytes leftover after parsing attributes in process `syz.1.7392'.
[  338.513361][T24422] netlink: 28 bytes leftover after parsing attributes in process `syz.1.7392'.
[  338.529968][T24422] netlink: 28 bytes leftover after parsing attributes in process `syz.1.7392'.
[  338.539020][T24422] netlink: 28 bytes leftover after parsing attributes in process `syz.1.7392'.
[  338.548121][T24422] netlink: 28 bytes leftover after parsing attributes in process `syz.1.7392'.
[  338.563612][T24163] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  338.572294][T24422] netlink: 28 bytes leftover after parsing attributes in process `syz.1.7392'.
[  338.574749][T24163] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  338.581318][T24422] netlink: 28 bytes leftover after parsing attributes in process `syz.1.7392'.
[  338.592630][T24163] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  338.598401][T24422] netlink: 28 bytes leftover after parsing attributes in process `syz.1.7392'.
[  338.609331][T24163] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  338.626381][T24167] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  338.638177][T24167] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  338.649661][T24167] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  338.663012][T24167] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  338.710805][T24432] FAULT_INJECTION: forcing a failure.
[  338.710805][T24432] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  338.723914][T24432] CPU: 0 UID: 0 PID: 24432 Comm: syz.2.7396 Tainted: G        W          6.14.0-rc5-syzkaller #0
[  338.723996][T24432] Tainted: [W]=WARN
[  338.724003][T24432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  338.724093][T24432] Call Trace:
[  338.724100][T24432]  <TASK>
[  338.724107][T24432]  dump_stack_lvl+0xf2/0x150
[  338.724132][T24432]  dump_stack+0x15/0x1a
[  338.724152][T24432]  should_fail_ex+0x24a/0x260
[  338.724177][T24432]  should_fail+0xb/0x10
[  338.724249][T24432]  should_fail_usercopy+0x1a/0x20
[  338.724415][T24432]  _copy_to_user+0x20/0xa0
[  338.724435][T24432]  simple_read_from_buffer+0xa0/0x110
[  338.724462][T24432]  proc_fail_nth_read+0xf9/0x140
[  338.724486][T24432]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  338.724581][T24432]  vfs_read+0x19b/0x6f0
[  338.724605][T24432]  ? __rcu_read_unlock+0x4e/0x70
[  338.724627][T24432]  ? __fget_files+0x17c/0x1c0
[  338.724720][T24432]  ksys_read+0xe8/0x1b0
[  338.724746][T24432]  __x64_sys_read+0x42/0x50
[  338.724767][T24432]  x64_sys_call+0x2874/0x2dc0
[  338.724806][T24432]  do_syscall_64+0xc9/0x1c0
[  338.724875][T24432]  ? clear_bhb_loop+0x55/0xb0
[  338.724915][T24432]  ? clear_bhb_loop+0x55/0xb0
[  338.724940][T24432]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.724965][T24432] RIP: 0033:0x7fd60cbfbb7c
[  338.725021][T24432] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  338.725039][T24432] RSP: 002b:00007fd60b267030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  338.725058][T24432] RAX: ffffffffffffffda RBX: 00007fd60ce15fa0 RCX: 00007fd60cbfbb7c
[  338.725069][T24432] RDX: 000000000000000f RSI: 00007fd60b2670a0 RDI: 0000000000000004
[  338.725079][T24432] RBP: 00007fd60b267090 R08: 0000000000000000 R09: 0000000000000000
[  338.725088][T24432] R10: 00004000000001c0 R11: 0000000000000246 R12: 0000000000000001
[  338.725098][T24432] R13: 0000000000000000 R14: 00007fd60ce15fa0 R15: 00007ffd1c625438
[  338.725193][T24432]  </TASK>
[  339.128069][   T29] kauditd_printk_skb: 181 callbacks suppressed
[  339.128083][   T29] audit: type=1400 audit(2000000262.969:15648): avc:  denied  { create } for  pid=24443 comm="syz.1.7399" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  339.390738][T24449] binfmt_misc: register: failed to install interpreter file ./file0
[  339.394984][T24445] Process accounting paused
[  339.437077][T24457] netlink: 28 bytes leftover after parsing attributes in process `syz.1.7404'.
[  339.490831][T24465] loop2: detected capacity change from 0 to 2048
[  339.497656][   T29] audit: type=1400 audit(2000000263.315:15649): avc:  denied  { mounton } for  pid=24450 comm="syz.2.7401" path="/276/file0" dev="tmpfs" ino=1464 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  339.536375][   T29] audit: type=1400 audit(2000000263.343:15650): avc:  denied  { mount } for  pid=24450 comm="syz.2.7401" name="/" dev="loop2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  339.558562][   T29] audit: type=1326 audit(2000000263.343:15651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24462 comm="syz.4.7406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc593eed169 code=0x7ffc0000
[  339.582316][   T29] audit: type=1326 audit(2000000263.343:15652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24462 comm="syz.4.7406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc593eed169 code=0x7ffc0000
[  339.605939][   T29] audit: type=1326 audit(2000000263.343:15653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24462 comm="syz.4.7406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc593eed169 code=0x7ffc0000
[  339.629633][   T29] audit: type=1326 audit(2000000263.343:15654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24462 comm="syz.4.7406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc593eed169 code=0x7ffc0000
[  339.653330][   T29] audit: type=1326 audit(2000000263.343:15655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24462 comm="syz.4.7406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc593eed169 code=0x7ffc0000
[  339.677171][   T29] audit: type=1326 audit(2000000263.343:15656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24462 comm="syz.4.7406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc593eed169 code=0x7ffc0000
[  339.700936][   T29] audit: type=1326 audit(2000000263.353:15657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24462 comm="syz.4.7406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc593eed169 code=0x7ffc0000
[  339.739456][T24471] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  339.751680][T24470] IPVS: stopping master sync thread 24471 ...
[  339.787956][ T6048] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  339.818656][T24480] sch_tbf: burst 65536 is lower than device lo mtu (65550) !
[  339.839050][T24482] sch_tbf: peakrate 8 is lower than or equals to rate 12 !
[  339.883367][T24485] s
z1: rxe_newlink: already configured on lo
[  340.007526][T24497] IPVS: Error connecting to the multicast addr
[  340.020111][T24493] tap0: tun_chr_ioctl cmd 1074025677
[  340.025569][T24493] tap0: linktype set to 823
[  340.040209][T24493] lo speed is unknown, defaulting to 1000
[  340.330247][T24501] loop2: detected capacity change from 0 to 2048
[  340.344667][T24501] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  340.367923][T20169] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  340.436655][T24515] loop2: detected capacity change from 0 to 128
[  340.444477][T24515] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  340.456947][T24515] ext4 filesystem being mounted at /280/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  340.475045][T24284] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  340.488594][T24284] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  340.499664][T24284] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  340.512359][T24284] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  340.598718][T24524] sch_tbf: peakrate 8 is lower than or equals to rate 12 !
[  340.647981][T24527] tipc: Can't bind to reserved service type 0
[  340.768241][T24533] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2567 sclass=netlink_route_socket pid=24533 comm=syz.4.7425
[  341.010799][T24546] sch_tbf: peakrate 8 is lower than or equals to rate 12 !
[  341.035870][T24548] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  341.067068][T24554] netlink: 'syz.4.7435': attribute type 3 has an invalid length.
[  341.114855][T24548] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  341.159683][T24548] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  341.215595][ T3376] hid-generic 0000:3000000:0000.004A: unknown main item tag 0x4
[  341.223338][ T3376] hid-generic 0000:3000000:0000.004A: unknown main item tag 0x2
[  341.231825][ T3376] hid-generic 0000:3000000:0000.004A: unknown main item tag 0x0
[  341.239499][ T3376] hid-generic 0000:3000000:0000.004A: unknown main item tag 0x0
[  341.247246][ T3376] hid-generic 0000:3000000:0000.004A: unknown main item tag 0x0
[  341.254968][ T3376] hid-generic 0000:3000000:0000.004A: unknown main item tag 0x0
[  341.262625][ T3376] hid-generic 0000:3000000:0000.004A: unknown main item tag 0x0
[  341.270310][ T3376] hid-generic 0000:3000000:0000.004A: unknown main item tag 0x0
[  341.277949][ T3376] hid-generic 0000:3000000:0000.004A: unknown main item tag 0x0
[  341.278465][T24562] SELinux:  Context system_u:object_r:net_conf_t:s0 is not valid (left unmapped).
[  341.285641][ T3376] hid-generic 0000:3000000:0000.004A: unknown main item tag 0x0
[  341.302441][ T3376] hid-generic 0000:3000000:0000.004A: unknown main item tag 0x0
[  341.310092][ T3376] hid-generic 0000:3000000:0000.004A: unknown main item tag 0x0
[  341.317722][ T3376] hid-generic 0000:3000000:0000.004A: unknown main item tag 0x0
[  341.325368][ T3376] hid-generic 0000:3000000:0000.004A: unknown main item tag 0x0
[  341.333029][ T3376] hid-generic 0000:3000000:0000.004A: unknown main item tag 0x0
[  341.340666][ T3376] hid-generic 0000:3000000:0000.004A: unknown main item tag 0x0
[  341.349556][T24548] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  341.360138][ T3376] hid-generic 0000:3000000:0000.004A: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  341.387317][T24566] netlink: 'syz.3.7439': attribute type 3 has an invalid length.
[  341.402255][T20169] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  341.475173][T24568] IPVS: stopping master sync thread 24573 ...
[  341.479756][T24575] binfmt_misc: register: failed to install interpreter file ./file0
[  341.481330][T24573] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  341.585538][T24590] FAULT_INJECTION: forcing a failure.
[  341.585538][T24590] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  341.598822][T24590] CPU: 0 UID: 0 PID: 24590 Comm: syz.3.7450 Tainted: G        W          6.14.0-rc5-syzkaller #0
[  341.598980][T24590] Tainted: [W]=WARN
[  341.598985][T24590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  341.598996][T24590] Call Trace:
[  341.599002][T24590]  <TASK>
[  341.599008][T24590]  dump_stack_lvl+0xf2/0x150
[  341.599031][T24590]  dump_stack+0x15/0x1a
[  341.599053][T24590]  should_fail_ex+0x24a/0x260
[  341.599141][T24590]  should_fail_alloc_page+0xfd/0x110
[  341.599218][T24590]  __alloc_frozen_pages_noprof+0x109/0x340
[  341.599247][T24590]  alloc_pages_mpol+0xb4/0x260
[  341.599309][T24590]  folio_alloc_mpol_noprof+0x36/0x80
[  341.599329][T24590]  shmem_get_folio_gfp+0x3d1/0xd90
[  341.599359][T24590]  shmem_write_begin+0xa2/0x180
[  341.599405][T24590]  generic_perform_write+0x1a8/0x4a0
[  341.599429][T24590]  shmem_file_write_iter+0xc2/0xe0
[  341.599451][T24590]  iter_file_splice_write+0x5f1/0x980
[  341.599479][T24590]  ? __pfx_iter_file_splice_write+0x10/0x10
[  341.599501][T24590]  direct_splice_actor+0x160/0x2c0
[  341.599520][T24590]  splice_direct_to_actor+0x302/0x670
[  341.599539][T24590]  ? __pfx_direct_splice_actor+0x10/0x10
[  341.599618][T24590]  do_splice_direct+0xd7/0x150
[  341.599636][T24590]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  341.599705][T24590]  do_sendfile+0x398/0x660
[  341.599723][T24590]  __x64_sys_sendfile64+0x110/0x150
[  341.599748][T24590]  x64_sys_call+0xfbd/0x2dc0
[  341.599821][T24590]  do_syscall_64+0xc9/0x1c0
[  341.599843][T24590]  ? clear_bhb_loop+0x55/0xb0
[  341.599863][T24590]  ? clear_bhb_loop+0x55/0xb0
[  341.599925][T24590]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  341.599944][T24590] RIP: 0033:0x7f9e41ddd169
[  341.599956][T24590] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  341.600019][T24590] RSP: 002b:00007f9e40441038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  341.600033][T24590] RAX: ffffffffffffffda RBX: 00007f9e41ff5fa0 RCX: 00007f9e41ddd169
[  341.600043][T24590] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000005
[  341.600052][T24590] RBP: 00007f9e40441090 R08: 0000000000000000 R09: 0000000000000000
[  341.600061][T24590] R10: 000000007a680000 R11: 0000000000000246 R12: 0000000000000001
[  341.600070][T24590] R13: 0000000000000000 R14: 00007f9e41ff5fa0 R15: 00007fff41ec3a18
[  341.600083][T24590]  </TASK>
[  341.878528][T24594] rdma_rxe: rxe_newlink: failed to add lo
[  341.900485][T24601] netlink: 'syz.3.7454': attribute type 3 has an invalid length.
[  341.963734][T24611] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2567 sclass=netlink_route_socket pid=24611 comm=syz.1.7459
[  341.972638][T24609] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  342.100005][T24633] binfmt_misc: register: failed to install interpreter file ./file0
[  342.123298][T24635] sch_tbf: peakrate 8 is lower than or equals to rate 12 !
[  342.158385][T24641] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  342.286464][T24660] sch_tbf: peakrate 8 is lower than or equals to rate 12 !
[  342.325815][T24664] loop2: detected capacity change from 0 to 512
[  342.332664][T24664] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  342.355222][T24664] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  342.368826][T24664] ext4 filesystem being mounted at /282/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  342.389907][T20169] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  342.406940][T24672] loop2: detected capacity change from 0 to 512
[  342.413865][T24672] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  342.440205][T24672] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  342.452722][T24672] ext4 filesystem being mounted at /283/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  342.472127][T20169] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  342.498892][T24678] netlink: 'syz.2.7488': attribute type 3 has an invalid length.
[  342.514029][ T6030] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  342.931399][T24686] netlink: 'syz.4.7492': attribute type 10 has an invalid length.
[  342.942655][T24686] bridge0: port 2(bridge_slave_1) entered disabled state
[  342.950850][T24686] bridge_slave_1: left allmulticast mode
[  342.956710][T24686] bridge_slave_1: left promiscuous mode
[  342.962512][T24686] bridge0: port 2(bridge_slave_1) entered disabled state
[  342.971353][T24686] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[  343.170685][T24700] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  343.258719][T24706] veth0_to_bond: entered promiscuous mode
[  343.265205][T24706] veth0_to_bond (unregistering): left promiscuous mode
[  343.273227][T24706] $Hÿ: (slave bond_slave_0): Releasing backup interface
[  343.280566][T24706] bond_slave_0 (unregistering): left promiscuous mode
[  343.479922][T24719] FAULT_INJECTION: forcing a failure.
[  343.479922][T24719] name failslab, interval 1, probability 0, space 0, times 0
[  343.492791][T24719] CPU: 0 UID: 0 PID: 24719 Comm: syz.2.7504 Tainted: G        W          6.14.0-rc5-syzkaller #0
[  343.492808][T24719] Tainted: [W]=WARN
[  343.492812][T24719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  343.492821][T24719] Call Trace:
[  343.492828][T24719]  <TASK>
[  343.492835][T24719]  dump_stack_lvl+0xf2/0x150
[  343.492862][T24719]  dump_stack+0x15/0x1a
[  343.492927][T24719]  should_fail_ex+0x24a/0x260
[  343.492943][T24719]  ? audit_log_d_path+0x8e/0x150
[  343.492990][T24719]  should_failslab+0x8f/0xb0
[  343.493006][T24719]  __kmalloc_cache_noprof+0x4e/0x320
[  343.493018][T24719]  audit_log_d_path+0x8e/0x150
[  343.493095][T24719]  audit_log_d_path_exe+0x42/0x70
[  343.493112][T24719]  audit_log_task+0x1ec/0x250
[  343.493128][T24719]  audit_seccomp+0x68/0x130
[  343.493169][T24719]  __seccomp_filter+0x6fa/0x1180
[  343.493182][T24719]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  343.493197][T24719]  ? vfs_write+0x644/0x920
[  343.493210][T24719]  ? putname+0xcf/0xf0
[  343.493269][T24719]  __secure_computing+0x9f/0x1c0
[  343.493281][T24719]  syscall_trace_enter+0xd1/0x1f0
[  343.493296][T24719]  ? fpregs_assert_state_consistent+0x83/0xa0
[  343.493362][T24719]  do_syscall_64+0xaa/0x1c0
[  343.493382][T24719]  ? clear_bhb_loop+0x55/0xb0
[  343.493397][T24719]  ? clear_bhb_loop+0x55/0xb0
[  343.493411][T24719]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  343.493427][T24719] RIP: 0033:0x7fd60cbfd169
[  343.493436][T24719] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  343.493445][T24719] RSP: 002b:00007fd60b267038 EFLAGS: 00000246 ORIG_RAX: 0000000000000012
[  343.493456][T24719] RAX: ffffffffffffffda RBX: 00007fd60ce15fa0 RCX: 00007fd60cbfd169
[  343.493462][T24719] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffffff
[  343.493469][T24719] RBP: 00007fd60b267090 R08: 0000000000000000 R09: 0000000000000000
[  343.493475][T24719] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000001
[  343.493481][T24719] R13: 0000000000000000 R14: 00007fd60ce15fa0 R15: 00007ffd1c625438
[  343.493491][T24719]  </TASK>
[  343.714746][T24721] netlink: 'syz.2.7505': attribute type 3 has an invalid length.
[  343.837984][T24731] sch_tbf: peakrate 8 is lower than or equals to rate 12 !
[  343.859076][T24548] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  343.875086][T24548] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  343.885845][T24548] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  343.897442][T24548] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  343.934368][T24739] loop2: detected capacity change from 0 to 2048
[  343.940964][T24741] __nla_validate_parse: 36 callbacks suppressed
[  343.940976][T24741] netlink: 96 bytes leftover after parsing attributes in process `syz.0.7513'.
[  344.038412][T24747] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56681 sclass=netlink_route_socket pid=24747 comm=syz.0.7515
[  344.151480][T24751] netlink: 'syz.0.7517': attribute type 3 has an invalid length.
[  344.226394][T24753] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7518'.
[  344.252384][T24757] netlink: 28 bytes leftover after parsing attributes in process `syz.0.7520'.
[  344.261385][T24757] netlink: 28 bytes leftover after parsing attributes in process `syz.0.7520'.
[  344.270362][T24757] netlink: 28 bytes leftover after parsing attributes in process `syz.0.7520'.
[  344.286139][T24757] netlink: 28 bytes leftover after parsing attributes in process `syz.0.7520'.
[  344.295310][T24757] netlink: 28 bytes leftover after parsing attributes in process `syz.0.7520'.
[  344.304330][T24757] netlink: 28 bytes leftover after parsing attributes in process `syz.0.7520'.
[  344.329695][T24757] netlink: 28 bytes leftover after parsing attributes in process `syz.0.7520'.
[  344.338863][T24757] netlink: 28 bytes leftover after parsing attributes in process `syz.0.7520'.
[  344.384486][T24767] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  344.439234][T24767] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  344.513822][T24767] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  344.567931][T24767] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  344.802145][T24783] binfmt_misc: register: failed to install interpreter file ./file0
[  344.838561][T24789] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  344.859901][T24790] ==================================================================
[  344.868007][T24790] BUG: KCSAN: data-race in mas_replace_node / mtree_range_walk
[  344.875557][T24790] 
[  344.877869][T24790] write to 0xffff8881036ec300 of 8 bytes by task 24791 on cpu 1:
[  344.885573][T24790]  mas_replace_node+0x1b8/0x430
[  344.890410][T24790]  mas_wr_store_entry+0x1e12/0x23f0
[  344.895597][T24790]  mas_store_prealloc+0x6bf/0x960
[  344.900616][T24790]  mmap_region+0xf4e/0x1620
[  344.905105][T24790]  do_mmap+0x98a/0xc30
[  344.909162][T24790]  vm_mmap_pgoff+0x16d/0x2d0
[  344.913741][T24790]  ksys_mmap_pgoff+0x286/0x330
[  344.918495][T24790]  x64_sys_call+0x1940/0x2dc0
[  344.923163][T24790]  do_syscall_64+0xc9/0x1c0
[  344.927661][T24790]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  344.933561][T24790] 
[  344.935867][T24790] read to 0xffff8881036ec300 of 8 bytes by task 24790 on cpu 0:
[  344.943482][T24790]  mtree_range_walk+0x33d/0x460
[  344.948325][T24790]  mas_walk+0x16e/0x320
[  344.952471][T24790]  lock_vma_under_rcu+0x95/0x270
[  344.957391][T24790]  exc_page_fault+0x150/0x650
[  344.962074][T24790]  asm_exc_page_fault+0x26/0x30
[  344.966927][T24790] 
[  344.969235][T24790] value changed: 0xffff8881036ec406 -> 0xffff8881036ec300
[  344.976324][T24790] 
[  344.978630][T24790] Reported by Kernel Concurrency Sanitizer on:
[  344.985109][T24790] CPU: 0 UID: 0 PID: 24790 Comm: syz.2.7533 Tainted: G        W          6.14.0-rc5-syzkaller #0
[  344.996030][T24790] Tainted: [W]=WARN
[  344.999815][T24790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  345.009940][T24790] ==================================================================
[  345.250772][ T6097] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  347.302742][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  347.987593][ T6097] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  348.430051][T24767] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  348.440623][T24767] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  348.451277][T24767] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  348.461716][T24767] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  351.408355][   T40] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  354.155648][   T40] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration