last executing test programs:

1.479779934s ago: executing program 2 (id=3173):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000080000000000000004850000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
connect$can_bcm(r0, &(0x7f00000005c0), 0x10)
sendmsg$can_raw(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000380)={&(0x7f000000a000)=@canfd={{0x5}, 0x2, 0x0, 0x0, 0x0, "0327e1b22b5fcef7739c699f5ff986ca08990039576a7d5cb2bdac3fa80acf584ecb5fee496e6866856b76b5ee00000000000000094e2f9663a918fa1efd9b0b"}, 0x48}, 0x2}, 0x24000895)

1.436075975s ago: executing program 2 (id=3174):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000710000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'lo\x00', <r5=>0x0})
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYRES64=r0, @ANYRESHEX=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r6}, &(0x7f00000002c0), &(0x7f0000000340)=r7}, 0x20)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r8}, 0x10)
r9 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r9)
ptrace$setregs(0xd, r9, 0xfffffffffffffffe, &(0x7f0000000140)="18607651149d7b10b4024fbbdc08899b8f589df2dbb5d7a8d1b36cfab675cb3976ee8100e2878c9cfa178c0900000000000000f39ed4b41924dc225ad4028dd63debb87d698be5c749450b350a789dcfc6b2d6a69600026d1e52f19274566d1da0f353dd65e330ebf71c5e823f2753c5fd76724828ef31b353e71805205c3dceb44cc4c7b3664e29fbf057bb711116e53eb0b55667f1a28c2d6506cf26422d389b")
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f00000003c0)=ANY=[@ANYRESHEX=r5], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r11 = socket$nl_route(0x10, 0x3, 0x0)
r12 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYRESDEC=r5], &(0x7f0000000580)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', r5, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r12}, 0x18)
r13 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r13, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[], 0x60}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="2c000400000005020000000001000000020020000000000000ac1414aa00"/44], 0x2c}}, 0x26048880)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r10}, 0x10)
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=@newqdisc={0x70, 0x24, 0x4ee4e6a52ff56541, 0x40000, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0x18}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x44, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x8, 0x0, 0x2, 0x8, 0xc, 0x7}, {0x1, 0x0, 0x9, 0x401, 0x0, 0x7fffffff}, 0x2000001, 0x1000, 0x575}}, @TCA_TBF_RATE64={0xc, 0x4, 0x274bdcb7db3981e2}, @TCA_TBF_PRATE64={0xc, 0x5, 0xe1e31d5aa9748ab8}]}}]}, 0x70}, 0x1, 0x0, 0x0, 0x404}, 0x0)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000280)={'wg2\x00'})
r14 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r14}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r15=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r15, 0x8914, &(0x7f0000000040)={'wg2\x00', @multicast})

1.435810165s ago: executing program 0 (id=3175):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
sendmsg$nl_route_sched(r1, 0x0, 0x0)

1.390689746s ago: executing program 1 (id=3178):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4}, &(0x7f0000bbdffc)=<r0=>0x0)
setrlimit(0x7, &(0x7f0000000000)={0x1fe0, 0xfffffffffffffffb})
timer_settime(r0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x100004)
splice(r1, 0x0, r3, 0x0, 0x1, 0x0)
vmsplice(r2, &(0x7f0000001280)=[{&(0x7f0000001180)="83", 0x1}], 0x1, 0x200000000000000)
vmsplice(r3, &(0x7f00000005c0)=[{&(0x7f0000000180)="04", 0x1}], 0x1, 0x6)
r4 = socket$netlink(0x10, 0x3, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
alarm(0x7fff)
mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0x1010, r4, 0x298bd000)

1.366476187s ago: executing program 0 (id=3179):
r0 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r0, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
socket$isdn_base(0x22, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0}, 0x90)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000100)={0x2, 0x3, 0x0, 0x0, 0xe, 0x0, 0x70bd26, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @empty}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x3, 0xc}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @mcast1}}]}, 0x70}, 0x1, 0x7}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
sendmsg$rds(r0, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0, 0x2c}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x2c}], 0x1}}, @rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f00000004c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1}}], 0x90}, 0x0)

1.366110627s ago: executing program 4 (id=3180):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
link(0x0, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x4, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffeffffc}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r1}, 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x4e20, @private=0xa010101}]}, &(0x7f0000000180)=0x10)

1.365395487s ago: executing program 2 (id=3190):
socket$kcm(0x10, 0x2, 0x10)
syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
socket$inet6(0xa, 0x1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000d40)={0x64, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x12, 0x3, 'bitmap:ip,mac\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0x18, 0x7, 0x0, 0x1, [@IPSET_ATTR_CIDR={0x5, 0x3, 0x1f}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x64}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="400000000906010200000000000a0000000000000900020073797a31000000000500010007000000180007800c00018008000140ffffffff080009"], 0x40}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000180)={'syz_tun\x00'})
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000540)={r7, &(0x7f0000000480), &(0x7f0000000340)=@udp6=r4}, 0x20)
syz_emit_ethernet(0x2e, &(0x7f0000000000)=ANY=[], 0x0)

1.297254148s ago: executing program 0 (id=3181):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000003d00)=@newtaction={0xfc0, 0x30, 0x200, 0x70bd2b, 0x25dfdbff, {}, [{0x128, 0x1, [@m_vlan={0x124, 0x9, 0x0, 0x0, {{0x9}, {0xc, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x2}]}, {0xed, 0x6, "0a13a916fa37eb545b2be35aab0246ef94149c451cff15bd0df2e6e7c46522391d3c776251569524b20c2c0bfa56d272dcb1c17ccc2537ebc977a2b954ed8ff9906947d35a7fbf9d20533e3c6c8369931ed051227308dc8f5f8ebf19e4a5fe1885233adf69e27eb8c8c412ceb6c67b30854de4d3265e08e8f05970d67c6431d29a8d6fd4ac7a4d1c124bfd58855e25a89ae5b6f3f155d3f394135c8b1d2c4a54559d7f2d4cfcdaaa31a30845aea4354a30aa1bd05ae52d05eed3010d167e5fbbca9afce2d56ef909bc439010825ae4f4113ae5440352a4568de20043e482a96c574eaf3de14be39f1c"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}, {0xe84, 0x1, [@m_pedit={0xe80, 0x19, 0x0, 0x0, {{0xa}, {0xe54, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe50, 0x2, {{{0x2, 0x7, 0x20000000, 0xc, 0xfffffff8}, 0xc, 0x3, [{0xca7, 0x8, 0x401, 0xd8, 0x6, 0x2}, {0xa619, 0x7ff, 0x9, 0x10000, 0x9, 0xb}]}, [{0x6, 0x7, 0x9, 0x8, 0xb7d}, {0x6, 0x0, 0xfff, 0x6, 0x2, 0x200}, {0x5, 0x6, 0x5, 0x8, 0x8, 0x8001}, {0x1, 0xb96, 0x87f, 0x1, 0x49, 0x5}, {0x80000001, 0x28e, 0x2, 0x42, 0x80, 0x2}, {0xb, 0x7d, 0x7, 0x9, 0x7fff, 0xffffff80}, {0x9, 0x7, 0x37, 0x3, 0x7, 0x8}, {0x5, 0x7, 0xf1e, 0x1, 0x10000000, 0x9}, {0x5, 0xfffffff9, 0x1, 0x8, 0x3, 0x85}, {0x5, 0x200, 0x10000, 0x2, 0x0, 0x5}, {0x2, 0xfffffffb, 0x2, 0xf4, 0xf42, 0x7}, {0x9, 0xffff, 0x6, 0x7ff, 0x200, 0xe}, {0xf, 0x2, 0x6, 0xffff, 0x23145486, 0x4}, {0x9, 0xa95, 0x81, 0x2, 0x7, 0xffffc625}, {0x8, 0xdd8, 0xffffffff, 0x80000000, 0x6, 0x7}, {0x7, 0x9, 0xba11, 0xd, 0x3}, {0x10000, 0xc20, 0x10001, 0x1, 0x8000, 0xd}, {0x63, 0x5, 0xfffffff4, 0xfffffff8, 0x9, 0x80}, {0x7, 0xffff, 0x6, 0x717, 0x7, 0x10}, {0x21d8615, 0x8, 0x4b07, 0x1, 0xc, 0xc5}, {0xffff, 0x1, 0x0, 0x5, 0x140000, 0x1}, {0x3, 0x3bc00000, 0x2, 0xfffffffd, 0xfff, 0x2}, {0xfffffffb, 0x2, 0x8, 0x9, 0x1, 0x6}, {0x401, 0xb1b, 0x62, 0x4, 0xbe, 0xd}, {0x7, 0x2, 0x3ff, 0x1e, 0x1, 0x2}, {0xffff8d49, 0x8, 0x8, 0xffffffff, 0x40, 0x8001}, {0x2, 0x5, 0x6, 0x9, 0x10001, 0x7}, {0x7, 0x3, 0x4, 0x5, 0x80, 0x2}, {0x0, 0x40, 0x7fffffff, 0xcf, 0xc, 0x5}, {0x8001, 0x42c, 0x8, 0xaddd, 0x9, 0xa}, {0x4e8f, 0x2, 0x2, 0x9, 0xc, 0x1000}, {0x40e0, 0xcd4e, 0x7fffffff, 0xffe000, 0x85, 0x8}, {0x0, 0x8, 0x8, 0x7, 0x3, 0xd}, {0x4e0, 0x7fff, 0x3, 0xff, 0xfffffff7, 0xda}, {0x2, 0x1, 0x8, 0x49d, 0x6, 0x2}, {0x55, 0xfffffff8, 0x7, 0x8, 0x800, 0xf0}, {0x4, 0x4, 0xfffffffc, 0xfffffff4, 0xa0d, 0x7}, {0x2, 0x3, 0x8001, 0x8, 0xa, 0x1}, {0x8, 0x0, 0x4, 0x4, 0x10001, 0x1ff}, {0x7, 0x2, 0x1, 0x2, 0x7, 0x2}, {0x3, 0x8, 0x2, 0x9, 0x7, 0x8}, {0x1, 0x7, 0x5, 0x782b, 0xc, 0xb}, {0x8, 0xd7, 0x9f, 0x3ff, 0x9, 0x3}, {0x4639, 0x3, 0xfffffff9, 0x9, 0x9f, 0x1}, {0x1, 0x1000, 0xdd43, 0x4, 0x9, 0x80}, {0x1000, 0xa, 0x2, 0x2, 0x8, 0xffffff6b}, {0xee, 0x2, 0xffffffff, 0x60b5, 0x800, 0x3}, {0x7, 0x5, 0x0, 0x2, 0x1000, 0x401}, {0x29, 0xf, 0x6, 0xfffffff4, 0x7fff, 0x1}, {0x9, 0x0, 0x2, 0xb0000000, 0x7fffffff, 0x2}, {0x2, 0xfffffff9, 0x1, 0x795, 0x0, 0x2}, {0x6e15, 0x800, 0x6, 0x4, 0x5, 0x3}, {0x7, 0x0, 0xc, 0xfffffffd, 0x3ff, 0x93}, {0x3, 0x3, 0xead, 0x7fffffff, 0x5, 0x9}, {0xd1ea, 0x5, 0xffffff57, 0x4, 0x1405, 0x2}, {0x3, 0x8, 0x2, 0x5, 0xd3cb, 0x9}, {0x9, 0x5, 0x66eb, 0x1, 0x7, 0xc229}, {0x7, 0x38000000, 0x0, 0xc678, 0x5, 0x2be}, {0x0, 0x2, 0xf2, 0x5, 0x10001, 0xfff}, {0x1fffc0, 0x0, 0x2, 0x1, 0x80000001, 0x6}, {0x6, 0x2, 0x0, 0x1ccad6fc, 0x9, 0x1}, {0x8, 0xf, 0x5, 0xc, 0x0, 0x100}, {0x9, 0x0, 0x2, 0x7, 0x2, 0x92fd}, {0x101, 0x9, 0x4, 0x8, 0x3, 0x1}, {0x1, 0xe7ab, 0x0, 0x4, 0x2566, 0x8}, {0x7, 0x7, 0x8, 0x10, 0x7, 0x8000}, {0x1, 0x10, 0x8, 0x4, 0x8, 0x4}, {0x6, 0xfffff800, 0x7, 0x101, 0x3, 0x89e3}, {0x3ff, 0x6, 0x5, 0x80000000, 0xf8, 0x21c4d336}, {0x9, 0x5, 0x4, 0x1, 0x3, 0x401}, {0x0, 0xaa, 0x1, 0x4, 0xbf, 0x2}, {0x8001, 0xfffffff8, 0x1, 0x0, 0x545c, 0x1}, {0x2, 0xfff, 0xe2b, 0x7f, 0x79a, 0x4}, {0x3, 0x7, 0xfffffffa, 0x9a69, 0x200, 0x2}, {0xca, 0x145, 0xab9, 0xc, 0x6, 0x9}, {0x80000001, 0x7, 0x4, 0x3, 0x5, 0x6}, {0x5, 0x91, 0x3, 0x5, 0xe90, 0x10001}, {0x5, 0xc7, 0xc496, 0xfe3, 0x82b, 0xeb}, {0x7, 0xf7, 0x719, 0x3, 0xcb97}, {0x7, 0x8a48, 0x7fffffff, 0x5, 0x5, 0xb476}, {0xffff4641, 0x9, 0x0, 0x81, 0x9, 0x4}, {0x1, 0x1, 0x8, 0xffffffc0, 0x6d, 0x55b}, {0x100, 0x6, 0xffff, 0x6, 0x6, 0xfffffffa}, {0xffff, 0x3, 0x7c, 0xd, 0x3ff, 0x6}, {0x8, 0x10000, 0x10001, 0x6, 0x8, 0x8}, {0x1, 0xe, 0x101, 0x8, 0xb, 0x4}, {0x7, 0x40, 0x3, 0x96, 0x3, 0x1}, {0x5, 0x2, 0x7, 0x9, 0x6, 0x3}, {0x10001, 0x1, 0x100, 0x8d12, 0x6, 0xc649}, {0x7, 0x9, 0xffff1e3b, 0x4, 0x200, 0x4}, {0xb, 0x3, 0xc, 0x1, 0xffff0ae0, 0xee}, {0x6, 0x8, 0x3ff, 0x0, 0x77e, 0x9}, {0x9, 0x40, 0x2, 0x5, 0x7, 0x6}, {0x8, 0x100, 0x2, 0x5, 0x3, 0x323}, {0x800, 0x9d, 0x1cd05445, 0x2, 0x80000000, 0x2}, {0x4, 0x6, 0x870a, 0x80000001, 0x5, 0x4}, {0x9, 0x3, 0x8, 0x4, 0xb04a, 0x8000}, {0x7, 0x8, 0x3, 0x1, 0x8001, 0x101}, {0xf, 0x10001, 0x2b6f, 0xb7, 0xfd, 0x7}, {0x7, 0x7, 0xd, 0xa, 0x5, 0x7f0d}, {0x1, 0x34, 0x40, 0xffff0000, 0xfffffff9, 0x3}, {0xc75a, 0x5, 0x0, 0x3, 0x10000, 0xffff7fff}, {0x8, 0x6c4, 0x5204, 0x1000, 0x1, 0xe9a0}, {0xc3, 0x1, 0x1, 0xfffffffb, 0xffffffff, 0x2}, {0xb, 0x5, 0x800, 0x8, 0x1, 0x1}, {0x6, 0x9, 0x6, 0x0, 0x4, 0x4}, {0x7, 0x6, 0x1, 0x6, 0x4f3, 0x8000}, {0x10, 0x8000, 0x4, 0x6, 0x1, 0x7}, {0xd, 0x9, 0x0, 0x1, 0xfff, 0x3}, {0x0, 0x7ffe, 0x5e46, 0x8, 0x6, 0x5}, {0xffffff81, 0x7, 0xd6, 0x401, 0x2, 0x3}, {0x7, 0x5, 0x9, 0xc5, 0x2}, {0x8000, 0x80000001, 0x4, 0x7, 0x5, 0x16a9}, {0x4685, 0xd, 0x5, 0x1, 0x2, 0x4}, {0x7e5f, 0x1df4, 0xb, 0x2f2e, 0x8000, 0x6}, {0x4, 0xfffffffe, 0x4, 0x2, 0x1, 0xa9}, {0x8, 0x3, 0x3, 0x6, 0x7, 0x7}, {0x7fff, 0x8001, 0x40, 0xfffffffd, 0x79e, 0x7}, {0xffff, 0x6, 0x7f, 0x8, 0x9, 0x4}, {0x5, 0xdb, 0x8, 0x6, 0x74ac86a8, 0x5}, {0x4, 0x1, 0x6, 0xfffffffd, 0xec000000, 0x5}, {0xb, 0x800, 0x7fffffff, 0x2, 0xa, 0x1}, {0xb, 0x3, 0x4c1, 0x2, 0x0, 0x2}, {0x6, 0x689, 0x7, 0x800, 0x4, 0xf98}, {0x8, 0xb1, 0x7, 0x1, 0xe8, 0x5c9db697}, {0x7, 0x8de, 0xe370, 0x3, 0xa609, 0x35}, {0x3, 0x6, 0x9, 0x9, 0x3, 0x6}, {0x157dde4b, 0x1, 0xf, 0x0, 0x7, 0x1}], [{}, {}, {0x5}, {0x0, 0x1}, {0x4}, {0x4}, {0x2, 0x1}, {0x0, 0x1}, {0x2, 0x1}, {0x1}, {0x5, 0x1}, {0x0, 0x1}, {}, {0x1}, {0x5}, {0x5, 0x3}, {0x3}, {0x3}, {0x5}, {0x5}, {0x3}, {0x2}, {0x4}, {0x2, 0x1}, {0x1}, {0x2}, {0x0, 0x1}, {0x0, 0x1}, {0x5, 0x1}, {0x1, 0x1}, {0x3, 0x1}, {0x3}, {0x3}, {0x5, 0x1}, {0x1, 0x1}, {0x3, 0x1}, {0x5}, {0x3, 0x1}, {0x4, 0x1}, {0x1}, {0x4, 0x1}, {0x4, 0x1}, {0x2, 0x1}, {0x0, 0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x0, 0x1}, {0x2, 0x1}, {0x1}, {0x3, 0x1}, {0x5, 0x1}, {0x2, 0x1}, {0x2, 0x1}, {0x1, 0x1}, {}, {}, {0x1}, {0x2}, {0x3, 0x1}, {0x7, 0x1}, {}, {0x3}, {0x1}, {0x1}, {0x1, 0x1}, {0x3}, {0x3}, {0x2, 0x1}, {0x1, 0x1}, {0x6}, {0x2}, {}, {0x1, 0x1}, {0x5}, {}, {0x1}, {0x1, 0x1}, {0x2, 0x1}, {0xbb8882a69f2524cb}, {0x0, 0x1}, {0x3, 0x1}, {0x5}, {0x5}, {0x0, 0x1}, {0x1, 0x1}, {}, {0x5}, {}, {0x3}, {0x3, 0x1}, {0x4}, {0x2}, {0x3, 0x1}, {0x4}, {0x2, 0x1}, {0x1}, {}, {0x4, 0x1}, {0x2, 0x1}, {0x2, 0x1}, {0x2, 0x1}, {0x1}, {0x83e6e88e375774fa}, {}, {}, {0x2}, {0x2, 0x1}, {0x3, 0x1}, {0x5}, {0x4, 0x1}, {0x5}, {0x2, 0x1}, {0x1}, {0x3}, {0x0, 0x1}, {0x2}, {0x3}, {0x2}, {0x1}, {0x2, 0x1}, {0x2}, {0x4}, {0x5, 0x1}, {0x5, 0x1}, {0x1}, {0x3, 0x1}, {0x5}, {0x2}]}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}]}]}, 0xfc0}, 0x1, 0x0, 0x0, 0x40050}, 0x80)
prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil)
prctl$PR_SET_MM(0x23, 0x9, &(0x7f0000004000/0x3000)=nil)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000006100)='cmdline\x00')
preadv(r1, &(0x7f0000010440)=[{&(0x7f0000000040)=""/160, 0xa0}], 0x1, 0xc03, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

1.296741678s ago: executing program 2 (id=3182):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='kfree\x00', r1}, 0x18)
r2 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000000c0)={0x0, 0xfff1, &(0x7f0000000240)={&(0x7f0000000800)=@newqdisc={0x60, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x6, 0x6}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_QUANTUM={0x8}]}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x9, 0xc, 0xc89f, 0xffff5ef5, 0x0, 0x19, 0x3}}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x803}, 0x20004004)

1.289699128s ago: executing program 2 (id=3183):
openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0)
socket$packet(0x11, 0x3, 0x300)
socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x4)
writev(r0, &(0x7f0000000000)=[{&(0x7f0000000440)="580000001400192340834b80040d8c560a067fbc45ff810500000000070058000b480400945f640094272d7061d328b92d0000000000008000f0fffeffe809000000fff5dd00000010000100040808004149004001040800", 0x58}], 0x1)
socket(0x10, 0x802, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x204410, &(0x7f0000000740), 0x1, 0x4a1, &(0x7f00000007c0)="$eJzs3M1vVFUbAPDn3mnLN+3Li6h8SBWNjR8tLags3Gh0p4mJLnBjUttCKgM1tCRCiFZjcGlI3BvdGKJ/gSvdGHVl4lb3hoQoMQFdmDF35t4yU2ZKW6YdcH6/5JZz5p7pOc+ce+499x6mAXStwexHErE1In6JiP5atrHAYO2f61fPT/x19fxEEpXKq78n1XLXrp6fKIoW79uSZ4bSiPTDJK+k0ezZcyfGy+Wp03l+ZO7k2yOzZ889OX1y/PjU8alTY0eOHD40+szTY0+1Jc4srmu7353Zm/S8fvHliaMX3/zhqzQidu2r7a+P47akWxaSg1ngf1SqFhd7pC2V3Tm21aWTng42hBUpRUTWXb3V8d8fpbjRef3x4gcdbRywprJr04bWu+crwH9YEp1uAdAZxYU+u/8ttnWaetwRrjxXuwHK4r6eb7U9PZHmZXrXsP77IuLo/N+fZlvk/fDP1jWsEADoet9k858nms3/0thVV257voYyEBH/i4gdEfH/iNgZEfdEVMvem89nVqK2NFRayN88/0wvrzq4Zcjmf8/ma1uN879i9hcDpTy3rRp/b3Jsujx1MP9MhqJ3Q5YfXaKOb1/4+eNW+wbr5n/ZltVfzAXzdlzuWfSAbnJ8brxdk9Ir70fs7mkWf7KwEpBExP0RsXtlv3p7kZh+7NLeVoVuHf8S2rDOVPks4tFa/8/HovgLydLrkyMbozx1cKQ4Km72408XXmle+8bbi78Nsv7f3Hj8LyrR/2dSv147u/I6Lvz6Uct7ytUe/33Ja9Ux2Ze/9s743Nzp0Yi+5KVqvuH1sRvvLfJF+Sz+oQPNx/+O/D1Z/HsiIjuI90XEAxGxP2/7gxHxUEQcWCL+759/+K0VxT+9vv0/2fT8t3D8DzT2/8oTpRPffd2q/jz+4mTbov8PV1ND+SvV898ttG5OlKciKpVVH80AAABw98luvLdGkg4vpNN0eLj2f/h3xua0PDM79/ixmTOnJmvfERiI3rR40tWfPw/N7rZHk/n8N9aej47lz4qL56WH8ufGn5Q2VfPDEzPlyQ7HDt1uS4vxn/mt1OnWAWvO97Wgey0e/2mH2gGsP9d/6F7GP3Qv4x+6V934//LMhT3VxHvVn/sXdjRdC1jiL4cAd4dF1/9Ln3eqIcC6M/+H7mX8Q/cy/qEr3c73+juT2JS3/FaF+zrf1NUlvuidLWXx1e1KeiI637DGRKRLlXkjmu8ajIg1aljcER9LuxPJMg715SaOHc+HznIKd/KsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0D7/BgAA//9ajd4t")
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r2, 0x0, r1, 0x0, 0x1, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000500)=ANY=[@ANYRESOCT=r3, @ANYRES32=r4, @ANYBLOB], 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b40)={&(0x7f00000002c0)='br_fdb_update\x00', r3}, 0x18)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001200), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000e80), 0x111, 0x6}}, 0x20)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
futex_waitv(0x0, 0x0, 0x0, 0x0, 0x0)
munlock(&(0x7f0000ffb000/0x1000)=nil, 0x1000)

836.578256ms ago: executing program 3 (id=3189):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
sendmsg$nl_route_sched(r1, 0x0, 0x0)

751.396627ms ago: executing program 3 (id=3191):
socket$kcm(0x10, 0x2, 0x10)
syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
socket$can_bcm(0x1d, 0x2, 0x2)
socket$inet6(0xa, 0x1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000d40)={0x64, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x12, 0x3, 'bitmap:ip,mac\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0x18, 0x7, 0x0, 0x1, [@IPSET_ATTR_CIDR={0x5, 0x3, 0x1f}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x64}}, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r5=>0x0})
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000540)={r7, &(0x7f0000000480), &(0x7f0000000340)=@udp6=r3}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000380)={r8, r5, 0x25, 0x2, @val=@tcx}, 0x1c)
syz_emit_ethernet(0x2e, &(0x7f0000000000)=ANY=[], 0x0)

750.665787ms ago: executing program 3 (id=3192):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000710000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'lo\x00', <r5=>0x0})
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB, @ANYRES64=r0, @ANYRESHEX=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r6}, &(0x7f00000002c0), &(0x7f0000000340)=r7}, 0x20)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r8}, 0x10)
r9 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r9)
ptrace$setregs(0xd, r9, 0xfffffffffffffffe, &(0x7f0000000140)="18607651149d7b10b4024fbbdc08899b8f589df2dbb5d7a8d1b36cfab675cb3976ee8100e2878c9cfa178c0900000000000000f39ed4b41924dc225ad4028dd63debb87d698be5c749450b350a789dcfc6b2d6a69600026d1e52f19274566d1da0f353dd65e330ebf71c5e823f2753c5fd76724828ef31b353e71805205c3dceb44cc4c7b3664e29fbf057bb711116e53eb0b55667f1a28c2d6506cf26422d389b")
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f00000003c0)=ANY=[@ANYRESHEX=r5], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r11 = socket$nl_route(0x10, 0x3, 0x0)
r12 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYRESDEC=r5], &(0x7f0000000580)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', r5, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r12}, 0x18)
r13 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r13, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[], 0x60}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="2c000400000005020000000001000000020020000000000000ac1414aa00"/44], 0x2c}}, 0x26048880)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r10}, 0x10)
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=@newqdisc={0x70, 0x24, 0x4ee4e6a52ff56541, 0x40000, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0x18}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x44, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x8, 0x0, 0x2, 0x8, 0xc, 0x7}, {0x1, 0x0, 0x9, 0x401, 0x0, 0x7fffffff}, 0x2000001, 0x1000, 0x575}}, @TCA_TBF_RATE64={0xc, 0x4, 0x274bdcb7db3981e2}, @TCA_TBF_PRATE64={0xc, 0x5, 0xe1e31d5aa9748ab8}]}}]}, 0x70}, 0x1, 0x0, 0x0, 0x404}, 0x0)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000280)={'wg2\x00'})
r14 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r14}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r15=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r15, 0x8914, &(0x7f0000000040)={'wg2\x00', @multicast})

702.925728ms ago: executing program 3 (id=3193):
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x80080, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000600000000000000000085"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000012c0)={&(0x7f0000000040)='kfree\x00', r0}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$selinux_relabel(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f00000002c0)={@dev, <r2=>0x0}, &(0x7f0000000300)=0x14)
open(&(0x7f0000000380)='./file0\x00', 0xa2802, 0x0)
r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000400)=0xffffffffffffffff, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0xc, 0x0, &(0x7f0000000340)='syzkaller\x00', 0x81, 0x0, 0x0, 0x40f00, 0x40, '\x00', r2, @fallback=0x1c, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="070000000400000008000000d9"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000240)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r5}, 0x18)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000050000000000020000000024000a20000000000a1f000000000000000000010000000900010073797a300000000058000000030a0104000000000000000001000000090003803d2175fbe782c2eb2b00048008000240172af2e40800014000000003080002401c791e7108000240423930ce08000140000000030900010073797a30"], 0x122}}, 0x8010)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r4, 0x0, 0xffffffffffffffff}, 0x18)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=ANY=[@ANYBLOB="440000001000090600"/20, @ANYRES32=0x0], 0x44}}, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/wakeup_count', 0xa00, 0xb)
syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x2a82)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e"], 0x50}}, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000005c0)=[{{0x0, 0x0, &(0x7f0000000bc0)=[{&(0x7f0000001300)=""/4096, 0x1000}, {&(0x7f00000008c0)=""/100, 0x64}, {&(0x7f0000000940)=""/133, 0x85}, {&(0x7f0000000a00)=""/213, 0xd5}, {&(0x7f0000002300)=""/4096, 0x1000}, {&(0x7f0000000b00)=""/159, 0x9f}], 0x6, &(0x7f0000000100)=""/12, 0xc}, 0x5136}], 0x1, 0x2, &(0x7f0000000c40)={0x77359400})

639.494399ms ago: executing program 3 (id=3194):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='kfree\x00', r1}, 0x18)
r2 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000000c0)={0x0, 0xfff1, &(0x7f0000000240)={&(0x7f0000000800)=@newqdisc={0x60, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x6, 0x6}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_QUANTUM={0x8}]}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x9, 0xc, 0xc89f, 0xffff5ef5, 0x0, 0x19, 0x3}}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x803}, 0x20004004)

638.494259ms ago: executing program 3 (id=3195):
syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
bpf$PROG_LOAD(0x5, &(0x7f00000014c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'tunl0\x00'})
sendmsg$nl_route_sched(r3, &(0x7f0000001200)={0x0, 0x0, 0x0}, 0x4000010)

510.384441ms ago: executing program 1 (id=3196):
socket$kcm(0x10, 0x2, 0x10)
syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
socket$inet6(0xa, 0x1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000d40)={0x64, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x12, 0x3, 'bitmap:ip,mac\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0x18, 0x7, 0x0, 0x1, [@IPSET_ATTR_CIDR={0x5, 0x3, 0x1f}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x64}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="400000000906010200000000000a0000000000000900020073797a31000000000500010007000000180007800c00018008000140ffffffff080009"], 0x40}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000180)={'syz_tun\x00'})
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000540)={r7, &(0x7f0000000480), &(0x7f0000000340)=@udp6=r4}, 0x20)
syz_emit_ethernet(0x2e, &(0x7f0000000000)=ANY=[], 0x0)

509.815731ms ago: executing program 4 (id=3197):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x3}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r2, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000080)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e0000000000000000001800028014000380100001800800010000000000040003"], 0x44}, 0x1, 0x0, 0x0, 0x20004080}, 0x0)

504.420631ms ago: executing program 1 (id=3198):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000080000000000000004850000006d00"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
connect$can_bcm(r0, &(0x7f00000005c0), 0x10)
sendmsg$can_raw(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000380)={&(0x7f000000a000)=@canfd={{0x5}, 0x2, 0x0, 0x0, 0x0, "0327e1b22b5fcef7739c699f5ff986ca08990039576a7d5cb2bdac3fa80acf584ecb5fee496e6866856b76b5ee00000000000000094e2f9663a918fa1efd9b0b"}, 0x48}, 0x2}, 0x24000895)

469.204462ms ago: executing program 0 (id=3199):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="180000000000000000000000fdffffff18110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x8}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r2, &(0x7f0000001ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000c00}, 0x0)

436.539482ms ago: executing program 4 (id=3200):
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0, 0x0)
fcntl$lock(r0, 0x24, &(0x7f0000000200)={0x0, 0x2, 0x0, 0x7fffffffffffffff})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x30, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0xb, <r1=>0x0}, 0x8)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002078316e00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000006000000850000000500000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r2}, 0x10)
clock_getres(0x7, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1a, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x366)
shutdown(0xffffffffffffffff, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r4 = socket(0x10, 0x80003, 0x0)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_pfifo_head_drop={{0x14}, {0x8, 0x2, 0x7}}]}, 0x40}, 0x1, 0x0, 0x0, 0x2000000}, 0x50)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x24000080, 0x0, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r8}, 0x18)
r9 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
r10 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
write$selinux_load(r9, &(0x7f0000000000)=ANY=[], 0x2000)

345.173434ms ago: executing program 4 (id=3201):
socket$kcm(0x10, 0x2, 0x10)
syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
socket$can_bcm(0x1d, 0x2, 0x2)
socket$inet6(0xa, 0x1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e000000000000000400"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000d40)={0x64, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x12, 0x3, 'bitmap:ip,mac\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0x18, 0x7, 0x0, 0x1, [@IPSET_ATTR_CIDR={0x5, 0x3, 0x1f}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x64}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="400000000906010200000000000a0000000000000900020073797a31000000000500010007000000180007800c00018008000140ffffffff080009"], 0x40}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r6=>0x0})
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000540)={r8, &(0x7f0000000480), &(0x7f0000000340)=@udp6=r4}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000380)={r9, r6, 0x25, 0x2, @val=@tcx}, 0x1c)
syz_emit_ethernet(0x2e, &(0x7f0000000000)=ANY=[], 0x0)

153.504687ms ago: executing program 1 (id=3202):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
setrlimit(0x7, &(0x7f0000000000)={0x1fe0, 0xfffffffffffffffb})
timer_settime(r1, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0))
pipe(&(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$rds(0xffffffffffffffff, 0x0, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x100004)
vmsplice(r2, &(0x7f0000001280)=[{&(0x7f0000001180)="83", 0x1}], 0x1, 0x200000000000000)
vmsplice(r3, &(0x7f00000005c0)=[{&(0x7f0000000180)="04", 0x1}], 0x1, 0x6)
r4 = socket$netlink(0x10, 0x3, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
alarm(0x7fff)
mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0x1010, r4, 0x298bd000)

108.041708ms ago: executing program 4 (id=3203):
socket$kcm(0x10, 0x2, 0x10)
syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
socket$can_bcm(0x1d, 0x2, 0x2)
socket$inet6(0xa, 0x1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000d40)={0x64, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x12, 0x3, 'bitmap:ip,mac\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0x18, 0x7, 0x0, 0x1, [@IPSET_ATTR_CIDR={0x5, 0x3, 0x1f}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x64}}, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r5=>0x0})
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000540)={r7, &(0x7f0000000480), &(0x7f0000000340)=@udp6=r3}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000380)={r8, r5, 0x25, 0x2, @val=@tcx}, 0x1c)
syz_emit_ethernet(0x2e, &(0x7f0000000000)=ANY=[], 0x0)

96.164788ms ago: executing program 0 (id=3204):
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000200)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@errors_remount}, {@quota}]}, 0x3, 0x442, &(0x7f0000000d80)="$eJzs3MtvG8UfAPDvrpO26eOX/Kry6AMIFETEI2nSUnrgAgKJA0hIcCjHkKRVqNugJki0iiAgVLihStwRRyT+Ak5wQcAJiSvcUaUK5dLCyWjtdWK7thO3Ttziz0faZGZ3rJmvd8ee2ckmgL41mv1IIvZGxO8RMVzJ1hcYrfy6ubo88/fq8kwSpdKbfyXlcjdWl2eqRauv21PNDESknyZxuEm9i5cun5suFucu5vmJpfPvTSxeuvzs/Pnps3Nn5y5MnTp14vjk8yennutKnFlcNw59uHDk4KtvX3195vTVd37+NqnGv6s+ji4ZbXfwiVKpy9X11r6adDLQw4bQkUKlm8Zguf8PRyHWT95wvPJJTxsHbKlSqVS6v/XhlRLwH5ZEr1sA9Eb1iz6b/1a3bRp63BWuv1iZAGVx38y3ypGBSPMygw3z224ajYjTK/98lW0RW3IfAgCgzvfZ+OeZZuO/NGrvC/0vX0MZiYj/R8T+iDgZEQci4r6IctkHIuLBDutvXCS5dfyTXmt8TdphHe1k478X8rWt+vHfWi0jhTy3rxz/YHJmvjh3LH9PxmJwZ5afbFPHDy//9kWrY7Xjv2zL6q+OBfN2XBvYWf+a2eml6TuJudb1jyMODTSLP1lbCUgi4mBEHLrNOuaf+uZIq2Mbx99GF9aZSl9HPFk5/yvREH9V0n59cmJXFOeOTVSvilv98uuVN1rVf0fxd0F2/nc3vf7X4h9JatdrFzuv48ofn7Wc0zSNf+fG1/+O5K26fR9MLy1dnIzYkbxWaXTt/qmGclPr5bP4x4427//7Y/2dOBwR2UX8UEQ8HBGP5G1/NCIei4ijbeL/6aXH3+0o/m0+/7Mdnf/1xI5o3NM8UTj343d1lY50En92/k+UU2P5ns18/m2mXbd3NQMAAMC9J42IvZGk42vpNB0fr/wN/4HYnRYXFpeePrPw/oXZyjMCIzGYVu90DdfcD53Mp/XV/FRD/nh+3/jLwlA5Pz6zUJztdfDQ5/a06P+ZPwu9bh2w5TyvBf1L/4f+pf9D/9L/oX816f9DvWgHsP2aff9/1IN2ANuvof9b9oM+Yv4P/Uv/h/6l/0NfWhyKjR+S7+vEUAf/TeDeT3y+6cKR3i1tltiKRK8/mQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrj3wAAAP//lDzk2Q==")
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000640)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00'}, 0x10)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f00000000c0)={0x0, 0x9, 0x3, 0x7de0, 0x8e, 0xfff, 0xb92, 0x7fff, {0x0, @in6={{0xa, 0x4e22, 0x9, @dev={0xfe, 0x80, '\x00', 0x17}, 0xf96}}, 0xf247, 0x401, 0x82e7f8, 0x800, 0x6}}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="9feb0100180000000000000024000000240000000a000000080000000200000f"], &(0x7f0000000040)=""/249, 0x46, 0xf9, 0x9}, 0x28)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000880)=@newtaction={0x70, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x5c, 0x1, [@m_sample={0x58, 0x1, 0x0, 0x0, {{0xb}, {0x48, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x15}, @TCA_SAMPLE_PARMS={0x18}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x20}]}, {0x4}, {0xc}, {0xc, 0x4}}}]}]}, 0x70}}, 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f00000000c0)=ANY=[@ANYBLOB='S\x00\x00\x00\a\x00\x00F\x00'], 0x53)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x800000, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}})

90.703698ms ago: executing program 2 (id=3205):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000003800)=@delchain={0x13b4, 0x65, 0x2, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0xc, 0x2}, {0x0, 0x1}, {0x0, 0xb}}, [@TCA_CHAIN={0x8, 0xb, 0x6}, @TCA_CHAIN={0x8, 0xb, 0x6}, @filter_kind_options=@f_bpf={{0x8}, {0x1358, 0x2, [@TCA_BPF_FD={0x8}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}, @TCA_BPF_ACT={0x21c, 0x1, [@m_simple={0x30, 0x1e, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x1}}}}, @m_simple={0x17c, 0x1e, 0x0, 0x0, {{0xb}, {0xbc, 0x2, 0x0, 0x1, [@TCA_DEF_DATA={0xb6, 0x3, 'bpf\x00\x02\xd7(\x83\xdd}&\xc5\xb3\x93rS\xcdP\xd8\xed\x8d\xfd\x9a\xf0\x88\x8c$\x18\x1ee\xee\xb2\xbb8\x8a\x88\xa2\xd8X\x86\xa1a\x9d\x8a\xfc\x89\xf1\x8d\xe0,\x14h|\xde5\x86\xf2z\xf4\x9d\xe3\xfc\x95\xd9\x06P\xf9\x03\xb0\xe1\xb5\xb2\x8d&?R\xc9-.\xd8\x7f\xedb\\J\x97\x8d\xf4\x0e\x10S~\x00\x00\x00\x00s\x82\xf9\xcb\x88\xb3z2u\x91\xd4B\xad\x86sIT\x04\x87\xe2p\xf3OU\xa3\xc0\\\xd2DZ\xa3\\\x11\xd5\x81\xa2\x8a\xf2\x9e\xbd\xb6\xac\xd7e\xcc\r\x80\xdc\x10\x8e\xaa\xe6\xf5\xa3nV\x04\xa98\\\x16z\xa5+AV\xe2\x88\xe1\xc6h\x01d\xaa\x9bSw\xffm\xe0\xedO'}]}, {0x95, 0x6, "9787c29d6ac649e7ec160dfef7c4cea330102e688fe12213d2bf7dae04880a34e7bf775010127b2a9ceab9c4085f9bd00ceff17d69ca7a27324ef7a1ad28d4b3c6a826826e9c291c16ab3d13e1f337751959e47bf0fe515b70ea5a3584d9cdba83a705d3257305f931866cf9f1faa34fce0e8a7ee76e20f05d4e1adbee4ba00ddd7b896197ea2a0391ef62c651d59ed7e0"}, {0xc, 0x7, {0x0, 0x79d0f023c2b305dd}}, {0xc, 0x8, {0x3, 0x2}}}}, @m_connmark={0x34, 0x15, 0x0, 0x0, {{0xd}, {0x4}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}, @m_csum={0x38, 0x8, 0x0, 0x0, {{0x9}, {0x4}, {0x9, 0x6, "4ac6768e05"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}]}, @TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x3}, @TCA_BPF_ACT={0x111c, 0x1, [@m_pedit={0x1010, 0x11, 0x0, 0x0, {{0xa}, {0xf48, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe68, 0x2, {{{0xff, 0x4, 0xffffffffeffffff5, 0x5, 0x53}, 0x6, 0x40, [{0x62a02584, 0x1ff, 0x8, 0x2, 0xffff7fff, 0x5}, {0x80000000, 0x0, 0x5, 0x2, 0x7ea, 0x9}, {0x9, 0x1, 0xfffffffe, 0x8, 0xd, 0x6b}]}, [{0x1ff, 0x4, 0x3, 0xa82, 0x80000000, 0xd7}, {0x5, 0x200, 0xb, 0x6b00000, 0x57, 0xffffffe6}, {0xc, 0x9, 0x7f, 0x3, 0x4, 0x4}, {0xfffffffc, 0x5, 0x4, 0x9, 0x5, 0x1}, {0x3, 0x40000, 0xff, 0x6, 0x5, 0x200000}, {0x0, 0x1, 0x1000, 0x6, 0x3, 0x64}, {0x400, 0x48, 0x7fff, 0x2, 0x6, 0x1ff}, {0x8, 0xf57, 0x8, 0x462e, 0x7, 0x200}, {0x1, 0x80, 0x8, 0x6, 0x1, 0xe}, {0xffff7fad, 0x9, 0x3, 0x3, 0x80000000, 0x8}, {0x6, 0x1, 0x3, 0x0, 0x10000, 0x4}, {0xb88, 0x3, 0x9b, 0x57, 0x40, 0x401}, {0x7, 0x1, 0x6, 0x0, 0x2, 0xc}, {0xeb3, 0x1, 0xa, 0x1, 0x7, 0x2}, {0x0, 0x2, 0x3, 0x101, 0x8, 0x5d00377a}, {0x7f, 0x5, 0xc, 0x7, 0xfffff1ab, 0x7}, {0xe, 0xe, 0x9, 0x4, 0x1}, {0x1ff, 0x9, 0xd, 0x0, 0x8, 0x7}, {0xf2a, 0x400, 0x8ac, 0x4ec, 0x3ff, 0xfffffbff}, {0x7, 0x4, 0x7f, 0x7c, 0x1, 0x4ba}, {0x7, 0x6, 0x6, 0xff, 0x40000, 0x3}, {0x7ff, 0x0, 0x4, 0x9, 0x7, 0x3}, {0xfffffff9, 0x0, 0x5, 0x19, 0x7, 0x9}, {0x6, 0x1, 0x1, 0x23b, 0x1a0c, 0x7ff}, {0x6, 0x8, 0x5, 0x4, 0x4d07}, {0x800, 0xfffffffa, 0xcb0c, 0x4, 0x3034000}, {0x10, 0xabbc, 0x80000000, 0x7, 0xe71, 0xc}, {0x10000, 0xd, 0x3, 0x7, 0x1, 0x7b59}, {0x7fff, 0x5, 0x0, 0x3, 0x8000, 0x7fffffff}, {0x0, 0x8, 0x2, 0x7fffffff, 0x6, 0x4}, {0x10000, 0x6, 0x81, 0x1000, 0x2, 0x2}, {0x0, 0x200, 0x80, 0x0, 0x96da, 0x1}, {0xeb0, 0x2, 0x9, 0x2, 0xa2, 0x40000000}, {0x9, 0x1, 0xc4, 0xe, 0x3, 0x8}, {0x7ff, 0x5, 0x7, 0x1000, 0x7, 0x2400}, {0x13b, 0x7, 0x10, 0xffffffff, 0x4}, {0x6, 0x7, 0x8, 0x1, 0x6, 0x3}, {0x8, 0x47361e1a, 0xfffff000, 0xcb, 0x6, 0xeae7}, {0xffff, 0x2, 0x5, 0xffffffff, 0xdd, 0x8}, {0x0, 0x7ff, 0x4f46, 0x1, 0x8, 0x4a1fba9a}, {0x5, 0xc, 0xf260, 0x0, 0x7fff, 0x3134}, {0x81, 0x2, 0x2a65, 0x7ff, 0x6596, 0x928}, {0xa00, 0x400, 0x9, 0x0, 0x8, 0x6}, {0x6, 0x4, 0x9, 0x6, 0x5, 0x2}, {0x0, 0x3, 0x8000, 0x4000000, 0x7f, 0x6}, {0x80000000, 0x8, 0x2, 0x4, 0x3, 0x2}, {0x66, 0x0, 0x100, 0x8000, 0x5, 0x2}, {0x220, 0x7, 0x6, 0x5, 0x4, 0xbe1}, {0x1, 0x10000, 0x3, 0x785b, 0x200, 0x6}, {0x1c045826, 0x3, 0xfff, 0x4, 0x7, 0x8}, {0x4, 0xfa2, 0x7fffffff, 0x7fffffff, 0xffffffff, 0x6}, {0x9bc, 0x5, 0x8, 0x1, 0xe, 0x3}, {0x3, 0x0, 0x2, 0x7ff, 0x8, 0x7}, {0x7ff, 0x6, 0x1, 0x4000, 0xffffffff, 0x1}, {0x2, 0xe, 0x7, 0x5, 0x7f, 0x9}, {0xffffffff, 0x9, 0x3, 0x5, 0x6, 0x200}, {0x7f, 0xfd8, 0x8, 0x9, 0xffffd026, 0x5}, {0x3, 0x4, 0x4, 0x8, 0x4, 0x80000001}, {0x7e7, 0x8000, 0x58, 0x2, 0x7, 0x6}, {0x81, 0x8, 0x7, 0x80000001, 0x9, 0x6}, {0x7c1c, 0x6, 0x7f, 0x727a, 0xd, 0x10}, {0x6, 0x7, 0x78b, 0xf, 0x3}, {0x4b, 0x0, 0x133b, 0x1ff, 0x7e3b, 0x500000}, {0x4, 0xb, 0xff, 0x7, 0x6, 0xc}, {0xfc9, 0x1, 0x2, 0x4, 0x1ff, 0x9c4}, {0x6, 0x5, 0x4e5, 0x80000000, 0x10000, 0x9}, {0x7ff, 0xff, 0x0, 0xf0, 0x9, 0xb}, {0x5, 0x5, 0xf7c5, 0x5, 0x9caa}, {0x7, 0x7fffffff, 0x2, 0x9, 0x8, 0x7}, {0x1ff, 0x8, 0x4a78eb5c, 0x0, 0x8, 0xfffffffa}, {0x9, 0x8001, 0x4, 0xfffffffe, 0x400, 0x8}, {0x4c, 0x1ff, 0x3cb, 0x1, 0xbd5d, 0x7}, {0x1, 0x3c9b, 0x8, 0x6, 0x8, 0x5}, {0x8, 0x2, 0xffffffff, 0x7, 0xfff, 0xffffffff}, {0x9, 0xd, 0x6dfb, 0xffffff56, 0x8, 0x22f4}, {0x8, 0x3, 0x2, 0x200, 0x1, 0x6}, {0x0, 0x5, 0xffff, 0x1, 0x6, 0x4}, {0x2383, 0xffff, 0x9, 0x5, 0x6}, {0x1, 0x9, 0x2, 0x7, 0x7, 0xaa}, {0x4, 0x66c, 0x9, 0x2, 0x5, 0x8001}, {0x3, 0xfffffff7, 0x7, 0x16, 0xffffffff, 0x7fff}, {0x2ab2, 0x1, 0x9, 0xc, 0x62015bce, 0x3}, {0x3, 0xffffffff, 0x7, 0x6, 0x401, 0x4}, {0x2, 0x7ff, 0x8, 0xffff, 0x3, 0x9}, {0x0, 0x40, 0x0, 0x3, 0x5, 0x4}, {0x2, 0x5, 0x4, 0xe, 0x0, 0x1}, {0xfcfd, 0x5b7, 0xd, 0x2, 0x1000, 0x8b}, {0x7, 0xfffff000, 0x621, 0xf, 0x8, 0x4}, {0x4, 0x55, 0x5, 0x3, 0x60, 0x8000}, {0x6, 0x400, 0x4, 0xfffffff2, 0x10000, 0x5}, {0x3, 0x9, 0x7a, 0x800, 0x6, 0x2}, {0x6, 0x0, 0x401e, 0x800, 0x9, 0xffffffff}, {0x6, 0x2, 0x1, 0x1, 0x2, 0x4}, {0x4, 0x0, 0x1, 0x200, 0x8, 0x9}, {0x401, 0x6, 0x6, 0x1c, 0xfb26, 0x4}, {0x4, 0x1, 0x1, 0x10, 0x2ed, 0x1ff00000}, {0xf319, 0x4, 0xfd, 0x11, 0x8, 0x4}, {0x6613, 0xf, 0x9, 0x8, 0x7, 0x300}, {0xb21a, 0x1, 0x10001, 0x200, 0x80000000, 0x2}, {0xff, 0x1, 0xcdb, 0x536c, 0x5, 0x82}, {0xffffab55, 0x7, 0x1, 0xffff0001, 0x8000, 0x90f9}, {0x8000, 0xa7, 0x5, 0x69, 0x20000, 0x2}, {0x7, 0x5, 0x1, 0x2, 0x1, 0x3}, {0xd, 0x6, 0x1, 0x3, 0x6, 0xc8}, {0x0, 0x5, 0x3, 0x0, 0x5, 0x1ff}, {0x989b, 0x2, 0x0, 0x5, 0x0, 0x80000001}, {0xffffffff, 0x8, 0x9, 0x1, 0xcc}, {0x2, 0xa5d, 0x1d0d, 0xc3d, 0x0, 0x4}, {0x8, 0x2, 0xdbd, 0xf910, 0x9, 0x2}, {0x8, 0x4, 0x5, 0x4, 0xb, 0x1}, {0x2, 0x80000000, 0x3, 0x9, 0x0, 0xfffffffe}, {0x0, 0xcd94, 0x0, 0x1, 0x4}, {0x9, 0x8, 0x2, 0x8001, 0x7cf85c00, 0x1}, {0x3, 0xe, 0x7, 0x1, 0x2, 0x7}, {0xfffffe00, 0x6, 0x5, 0x4, 0x7656130d, 0x7}, {0xb, 0x5795792a, 0x4, 0xffff, 0x9, 0x2}, {0x4, 0x3, 0x4, 0x3ff, 0x8, 0x800}, {0x4, 0x6c44, 0x101, 0x4, 0x2, 0x1ff}, {0x6, 0x0, 0x3, 0x9, 0x9, 0x101}, {0xfe, 0x2, 0x1, 0x3, 0x6, 0x7}, {0x4, 0x10001, 0x4, 0x0, 0x4bd, 0x3}, {0x0, 0xffff, 0x7, 0x6, 0x101, 0x3}, {0x7, 0x80000001, 0x9, 0x101, 0x8, 0x7}, {0x3ff, 0x1, 0xdc1, 0x7fe, 0x8, 0xf}, {0x2, 0x5f688859, 0xb1, 0xffffffff, 0x5de4, 0x3}, {0x7fffffff, 0x0, 0x8, 0x6, 0x0, 0x8}, {0x3, 0xe9a, 0x30000, 0xf, 0xd0, 0x326}, {0x2, 0x400, 0xf3, 0x0, 0xb, 0x8}], [{0x3}, {0x2, 0x1}, {0x4, 0x1}, {0x4, 0x1}, {}, {0x1, 0x1}, {0x5}, {0x1, 0x1}, {0x4}, {0x1}, {0x1}, {0x1}, {0x4}, {0x0, 0x1}, {0x4}, {0x1, 0x1}, {0x2}, {0x6}, {0x4, 0x1}, {}, {0x1, 0x1}, {0x1}, {0x5}, {0x5}, {0x2}, {0x1}, {0xf8a12baccb22d23}, {0x4, 0x1}, {}, {0x0, 0x1}, {0x4}, {0x1, 0x1}, {0x4}, {0x3, 0x1}, {0x7}, {0x1}, {0x2}, {0x2, 0x1}, {0x1}, {0x3, 0x1}, {0x2, 0x1}, {0x2, 0x1}, {0x4, 0x1}, {0x5, 0x1}, {0x0, 0x1}, {0x2, 0x1}, {0x1}, {}, {0x1}, {0x5}, {0x3}, {0x0, 0x1}, {0x5, 0x1}, {0x4, 0x1}, {0x4}, {}, {0x5, 0x1}, {0x4}, {0x5}, {0x4, 0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x5}, {}, {0x5, 0x1}, {0x5, 0x1}, {}, {0x2}, {0x1}, {0x5, 0x1}, {0x3, 0x1}, {0x4}, {0x5}, {0x5}, {0x4, 0x1}, {0x4}, {0x0, 0x518aa8d1e2bb545a}, {0x2, 0x1}, {0x5, 0x1}, {0x3}, {0x2, 0x1}, {0x5}, {0x0, 0x1}, {0x5}, {0x5}, {0x4}, {0x3, 0x1}, {0x3, 0x1}, {0x0, 0x1}, {0x2}, {0x0, 0x1}, {0x5, 0x1}, {0x2}, {0x1, 0x1}, {0x1, 0x1}, {}, {0x5}, {0x1, 0x1}, {0x1}, {0x3}, {0x4, 0x1}, {0x2, 0x1}, {}, {0x0, 0x1}, {0x2}, {0x5, 0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x5, 0x1}, {0x4, 0x1}, {0x2, 0x1}, {0x2}, {0x3}, {0x0, 0x1}, {0x0, 0x1}, {0x1, 0x1}, {0x2}, {0x3}, {0x4}, {0x5}, {0x4, 0x1}, {0x3, 0x1}, {0x2}, {}, {0x5}, {0x1, 0x1}, {0x0, 0x1}, {0x0, 0x1}], 0x1}}, @TCA_PEDIT_KEYS_EX={0xdc, 0x5, 0x0, 0x1, [{0x3c, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x3}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x5}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x2}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x5}]}, {0x54, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x4}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0xb}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_HTYPE={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x1}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x3}]}, {0x2c, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x4}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x7b4f990e179599aa}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6}]}, {0x1c, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x5}, @TCA_PEDIT_KEY_EX_CMD={0x6}]}]}]}, {0x9d, 0x6, "8901e361b494b5d8b0d32d835539ead4af550bea79e34365d32c492ff2e22234f2b145ddfc4f30f688e0164a553709adb1ccfc33f7bfc5becc42c696048040e4af43c9d285d1929094f5f40aa47666599f464f6df29bb65f74bbfc47c573c887701724a39e55989a4e5554729f6e53e8719a8bf21160b4676b58ad17436dd03428b944405d29d7f2cda329b961ab58304018c8ec4f47d32b79"}, {0xfffffe81, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x3}}}}, @m_ct={0x108, 0x2, 0x0, 0x0, {{0x7}, {0x58, 0x2, 0x0, 0x1, [@TCA_CT_LABELS={0x14, 0x7, "57512c7328557d10b965d75ac9efcd29"}, @TCA_CT_LABELS={0x14, 0x7, "8d60149ca32328c8edfdc3932ed2949b"}, @TCA_CT_ZONE={0x6, 0x4, 0x8000}, @TCA_CT_NAT_IPV4_MAX={0x8, 0xa, @remote}, @TCA_CT_ACTION={0x6, 0x3, 0x3c}, @TCA_CT_LABELS={0x14, 0x7, "563a101103fc28bace1d7baeed16f654"}]}, {0x89, 0x6, "a8ac60a5c02cb307a2d4bd88100e383a56bcac0ef91a36ca7b23f8a3b3ac8212c5b55af1ed7b3d7324e8dee052ddf2bec6c9681278fd0104852520d8895bc36a40c1b7ef79ad021940e59775a6a4db78cc2753995c5d27f21e38676e72468eb0467ce7f663d2f9596b724b1aafe8680a2d0d906fc4076104055c4dbefacb20e8683cb78d43"}, {0xc}, {0xc, 0x8, {0x1}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x6, 0x2}}, @filter_kind_options=@f_route={{0xa}, {0xc, 0x2, [@TCA_ROUTE4_TO={0x8, 0x2, 0xca}]}}]}, 0x13b4}, 0x1, 0x0, 0x0, 0x81}, 0x20000084)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=@ipv6_newnexthop={0x20, 0x68, 0x309, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}, @NHA_FDB={0x4}]}, 0x20}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x13, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40}, 0x94)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000040)={0x100000011, @multicast2, 0x0, 0x0, 'lblc\x00', 0x2d, 0x40085, 0x13}, 0x2c)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r4 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r3, &(0x7f0000000280)={@val={0x6f01, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x20}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x5, 0xb, 0x0, 0x700, 0x0, 0x20, {[@window={0x9, 0xfffffffffffffec4}, @timestamp={0x5, 0x2}, @generic={0x0, 0x2, "d58838068b91"}]}}}}}}, 0x4e)
sendmsg$nl_xfrm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=@newsa={0x150, 0x1a, 0x413, 0x0, 0x0, {{@in=@multicast1, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x4e24, 0x0, 0x2, 0x0, 0x20, 0x0, 0x0, 0xee00}, {@in6=@ipv4={'\x00', '\xff\xff', @remote}, 0x0, 0x32}, @in=@loopback, {0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x20000000008}, {0x0, 0x8, 0xcc}, {0xf6}, 0x0, 0x0, 0xa, 0x1, 0x1}, [@algo_aead={0x60, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0xa0, 0x80, "25cac5216d1c8af0a976902918bf448c5d9f5459"}}]}, 0x150}}, 0x0)
ioctl$EXT4_IOC_PRECACHE_EXTENTS(r4, 0x6612)
r5 = socket(0x10, 0x803, 0x0)
sendto(r5, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)

59.848219ms ago: executing program 1 (id=3206):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='kfree\x00', r1}, 0x18)
r2 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000000c0)={0x0, 0xfff1, &(0x7f0000000240)={&(0x7f0000000800)=@newqdisc={0x60, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x6, 0x6}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_QUANTUM={0x8}]}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x9, 0xc, 0xc89f, 0xffff5ef5, 0x0, 0x19, 0x3}}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x803}, 0x20004004)

20.133389ms ago: executing program 4 (id=3207):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4}, &(0x7f0000bbdffc)=<r0=>0x0)
setrlimit(0x7, &(0x7f0000000000)={0x1fe0, 0xfffffffffffffffb})
timer_settime(r0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x100004)
splice(r1, 0x0, r3, 0x0, 0x1, 0x0)
vmsplice(r2, &(0x7f0000001280)=[{&(0x7f0000001180)="83", 0x1}], 0x1, 0x200000000000000)
vmsplice(r3, &(0x7f00000005c0)=[{&(0x7f0000000180)="04", 0x1}], 0x1, 0x6)
r4 = socket$netlink(0x10, 0x3, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
alarm(0x7fff)
mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0x1010, r4, 0x298bd000)

11.11738ms ago: executing program 1 (id=3208):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
link(0x0, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x4, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffeffffc}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r1}, 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x4e20, @private=0xa010101}]}, &(0x7f0000000180)=0x10)

0s ago: executing program 0 (id=3209):
socket$kcm(0x10, 0x2, 0x10)
syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
socket$inet6(0xa, 0x1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000d40)={0x64, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x12, 0x3, 'bitmap:ip,mac\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0x18, 0x7, 0x0, 0x1, [@IPSET_ATTR_CIDR={0x5, 0x3, 0x1f}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x64}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="400000000906010200000000000a0000000000000900020073797a31000000000500010007000000180007800c00018008000140ffffffff080009"], 0x40}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r5=>0x0})
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000380)={r8, r5, 0x25, 0x2, @val=@tcx}, 0x1c)
syz_emit_ethernet(0x2e, &(0x7f0000000000)=ANY=[], 0x0)

kernel console output (not intermixed with test programs):

l_64+0xd2/0x200
[  188.664428][T10431]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  188.664533][T10431]  ? clear_bhb_loop+0x40/0x90
[  188.664574][T10431]  ? clear_bhb_loop+0x40/0x90
[  188.664655][T10431]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.664675][T10431] RIP: 0033:0x7f68f2a7e9a9
[  188.664691][T10431] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  188.664709][T10431] RSP: 002b:00007f68f10e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000061
[  188.664732][T10431] RAX: ffffffffffffffda RBX: 00007f68f2ca5fa0 RCX: 00007f68f2a7e9a9
[  188.664818][T10431] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 000000000000000a
[  188.664830][T10431] RBP: 00007f68f10e7090 R08: 0000000000000000 R09: 0000000000000000
[  188.664842][T10431] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  188.664853][T10431] R13: 0000000000000000 R14: 00007f68f2ca5fa0 R15: 00007ffdc1104898
[  188.664878][T10431]  </TASK>
[  188.865723][T10435] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2631'.
[  188.874849][T10435] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2631'.
[  188.905569][   T29] kauditd_printk_skb: 1239 callbacks suppressed
[  188.905587][   T29] audit: type=1400 audit(1753350279.424:20887): avc:  denied  { map_create } for  pid=10434 comm="syz.0.2631" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  188.931264][   T29] audit: type=1400 audit(1753350279.424:20888): avc:  denied  { prog_load } for  pid=10434 comm="syz.0.2631" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  188.950578][   T29] audit: type=1400 audit(1753350279.424:20889): avc:  denied  { prog_load } for  pid=10434 comm="syz.0.2631" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  188.969864][   T29] audit: type=1400 audit(1753350279.424:20890): avc:  denied  { read write } for  pid=10434 comm="syz.0.2631" name="raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=0
[  188.993773][   T29] audit: type=1400 audit(1753350279.444:20891): avc:  denied  { read write } for  pid=3313 comm="syz-executor" name="loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  189.032468][   T29] audit: type=1400 audit(1753350279.454:20892): avc:  denied  { read write } for  pid=3306 comm="syz-executor" name="loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  189.056945][   T29] audit: type=1400 audit(1753350279.504:20893): avc:  denied  { prog_load } for  pid=10436 comm="syz.2.2630" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  189.076392][   T29] audit: type=1400 audit(1753350279.514:20894): avc:  denied  { prog_load } for  pid=10436 comm="syz.2.2630" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  189.095891][   T29] audit: type=1400 audit(1753350279.514:20895): avc:  denied  { prog_load } for  pid=10436 comm="syz.2.2630" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  189.115191][   T29] audit: type=1400 audit(1753350279.554:20896): avc:  denied  { create } for  pid=10436 comm="syz.2.2630" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=0
[  189.190934][T10451] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2636'.
[  189.200052][T10451] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2636'.
[  189.214631][T10451] erspan0: entered promiscuous mode
[  189.220704][T10451] erspan0: left promiscuous mode
[  189.291421][T10462] FAULT_INJECTION: forcing a failure.
[  189.291421][T10462] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  189.304740][T10462] CPU: 1 UID: 0 PID: 10462 Comm: syz.3.2642 Not tainted 6.16.0-rc7-syzkaller-00018-g01a412d06bc5 #0 PREEMPT(voluntary) 
[  189.304778][T10462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  189.304790][T10462] Call Trace:
[  189.304796][T10462]  <TASK>
[  189.304804][T10462]  __dump_stack+0x1d/0x30
[  189.304906][T10462]  dump_stack_lvl+0xe8/0x140
[  189.304930][T10462]  dump_stack+0x15/0x1b
[  189.304945][T10462]  should_fail_ex+0x265/0x280
[  189.304976][T10462]  should_fail+0xb/0x20
[  189.305001][T10462]  should_fail_usercopy+0x1a/0x20
[  189.305087][T10462]  _copy_to_user+0x20/0xa0
[  189.305112][T10462]  simple_read_from_buffer+0xb5/0x130
[  189.305149][T10462]  proc_fail_nth_read+0x100/0x140
[  189.305190][T10462]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  189.305276][T10462]  vfs_read+0x19d/0x6f0
[  189.305363][T10462]  ? __rcu_read_unlock+0x4f/0x70
[  189.305465][T10462]  ? __fget_files+0x184/0x1c0
[  189.305486][T10462]  ? fput+0x8f/0xc0
[  189.305518][T10462]  ksys_read+0xda/0x1a0
[  189.305557][T10462]  __x64_sys_read+0x40/0x50
[  189.305618][T10462]  x64_sys_call+0x2d77/0x2fb0
[  189.305638][T10462]  do_syscall_64+0xd2/0x200
[  189.305657][T10462]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  189.305752][T10462]  ? clear_bhb_loop+0x40/0x90
[  189.305779][T10462]  ? clear_bhb_loop+0x40/0x90
[  189.305801][T10462]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.305821][T10462] RIP: 0033:0x7f68f2a7d3bc
[  189.305838][T10462] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  189.305900][T10462] RSP: 002b:00007f68f10e7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  189.305919][T10462] RAX: ffffffffffffffda RBX: 00007f68f2ca5fa0 RCX: 00007f68f2a7d3bc
[  189.305934][T10462] RDX: 000000000000000f RSI: 00007f68f10e70a0 RDI: 0000000000000005
[  189.305999][T10462] RBP: 00007f68f10e7090 R08: 0000000000000000 R09: 0000000000000000
[  189.306015][T10462] R10: 0000200000000280 R11: 0000000000000246 R12: 0000000000000001
[  189.306028][T10462] R13: 0000000000000000 R14: 00007f68f2ca5fa0 R15: 00007ffdc1104898
[  189.306049][T10462]  </TASK>
[  189.611145][T10460] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2641'.
[  189.633800][T10471] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2644'.
[  189.668435][T10471] 8021q: adding VLAN 0 to HW filter on device bond2
[  189.691161][T10471] bond2: (slave gretap1): Enslaving as an active interface with an up link
[  189.732830][T10478] FAULT_INJECTION: forcing a failure.
[  189.732830][T10478] name failslab, interval 1, probability 0, space 0, times 0
[  189.745612][T10478] CPU: 1 UID: 0 PID: 10478 Comm: syz.0.2648 Not tainted 6.16.0-rc7-syzkaller-00018-g01a412d06bc5 #0 PREEMPT(voluntary) 
[  189.745649][T10478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  189.745662][T10478] Call Trace:
[  189.745668][T10478]  <TASK>
[  189.745755][T10478]  __dump_stack+0x1d/0x30
[  189.745780][T10478]  dump_stack_lvl+0xe8/0x140
[  189.745801][T10478]  dump_stack+0x15/0x1b
[  189.745817][T10478]  should_fail_ex+0x265/0x280
[  189.745850][T10478]  should_failslab+0x8c/0xb0
[  189.745933][T10478]  kmem_cache_alloc_noprof+0x50/0x310
[  189.745962][T10478]  ? getname_flags+0x80/0x3b0
[  189.745992][T10478]  getname_flags+0x80/0x3b0
[  189.746020][T10478]  user_path_at+0x28/0x130
[  189.746053][T10478]  __se_sys_mount+0x25b/0x2e0
[  189.746103][T10478]  ? fput+0x8f/0xc0
[  189.746129][T10478]  __x64_sys_mount+0x67/0x80
[  189.746184][T10478]  x64_sys_call+0xd36/0x2fb0
[  189.746211][T10478]  do_syscall_64+0xd2/0x200
[  189.746262][T10478]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  189.746289][T10478]  ? clear_bhb_loop+0x40/0x90
[  189.746316][T10478]  ? clear_bhb_loop+0x40/0x90
[  189.746409][T10478]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.746437][T10478] RIP: 0033:0x7f56b0a5e9a9
[  189.746456][T10478] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  189.746480][T10478] RSP: 002b:00007f56af0c7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  189.746534][T10478] RAX: ffffffffffffffda RBX: 00007f56b0c85fa0 RCX: 00007f56b0a5e9a9
[  189.746551][T10478] RDX: 0000200000000240 RSI: 0000200000000200 RDI: 0000000000000000
[  189.746566][T10478] RBP: 00007f56af0c7090 R08: 0000200000000000 R09: 0000000000000000
[  189.746582][T10478] R10: 000000000021004a R11: 0000000000000246 R12: 0000000000000001
[  189.746598][T10478] R13: 0000000000000000 R14: 00007f56b0c85fa0 R15: 00007ffdd9781338
[  189.746620][T10478]  </TASK>
[  189.947660][T10479] bond2 (unregistering): (slave gretap1): Releasing backup interface
[  189.958706][T10479] bond2 (unregistering): Released all slaves
[  190.017404][T10487] FAULT_INJECTION: forcing a failure.
[  190.017404][T10487] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  190.030690][T10487] CPU: 0 UID: 0 PID: 10487 Comm: syz.2.2652 Not tainted 6.16.0-rc7-syzkaller-00018-g01a412d06bc5 #0 PREEMPT(voluntary) 
[  190.030797][T10487] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  190.030813][T10487] Call Trace:
[  190.030821][T10487]  <TASK>
[  190.030831][T10487]  __dump_stack+0x1d/0x30
[  190.030857][T10487]  dump_stack_lvl+0xe8/0x140
[  190.030882][T10487]  dump_stack+0x15/0x1b
[  190.030939][T10487]  should_fail_ex+0x265/0x280
[  190.030978][T10487]  should_fail+0xb/0x20
[  190.031010][T10487]  should_fail_usercopy+0x1a/0x20
[  190.031047][T10487]  strncpy_from_user+0x25/0x230
[  190.031077][T10487]  ? kmem_cache_alloc_noprof+0x186/0x310
[  190.031108][T10487]  ? getname_flags+0x80/0x3b0
[  190.031154][T10487]  getname_flags+0xae/0x3b0
[  190.031181][T10487]  user_path_at+0x28/0x130
[  190.031213][T10487]  __x64_sys_umount+0x85/0xe0
[  190.031248][T10487]  x64_sys_call+0x2915/0x2fb0
[  190.031274][T10487]  do_syscall_64+0xd2/0x200
[  190.031328][T10487]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  190.031360][T10487]  ? clear_bhb_loop+0x40/0x90
[  190.031385][T10487]  ? clear_bhb_loop+0x40/0x90
[  190.031456][T10487]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.031482][T10487] RIP: 0033:0x7fb404c6e9a9
[  190.031512][T10487] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  190.031533][T10487] RSP: 002b:00007fb4032d7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  190.031556][T10487] RAX: ffffffffffffffda RBX: 00007fb404e95fa0 RCX: 00007fb404c6e9a9
[  190.031572][T10487] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000200000000580
[  190.031586][T10487] RBP: 00007fb4032d7090 R08: 0000000000000000 R09: 0000000000000000
[  190.031601][T10487] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  190.031615][T10487] R13: 0000000000000000 R14: 00007fb404e95fa0 R15: 00007ffe90181fd8
[  190.031665][T10487]  </TASK>
[  190.698952][T10535] FAULT_INJECTION: forcing a failure.
[  190.698952][T10535] name failslab, interval 1, probability 0, space 0, times 0
[  190.711682][T10535] CPU: 1 UID: 0 PID: 10535 Comm: syz.4.2658 Not tainted 6.16.0-rc7-syzkaller-00018-g01a412d06bc5 #0 PREEMPT(voluntary) 
[  190.711717][T10535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  190.711762][T10535] Call Trace:
[  190.711771][T10535]  <TASK>
[  190.711781][T10535]  __dump_stack+0x1d/0x30
[  190.711807][T10535]  dump_stack_lvl+0xe8/0x140
[  190.711828][T10535]  dump_stack+0x15/0x1b
[  190.711849][T10535]  should_fail_ex+0x265/0x280
[  190.711884][T10535]  ? percpu_ref_init+0x9c/0x250
[  190.711979][T10535]  should_failslab+0x8c/0xb0
[  190.712042][T10535]  ? __pfx_free_ioctx_users+0x10/0x10
[  190.712078][T10535]  __kmalloc_cache_noprof+0x4c/0x320
[  190.712181][T10535]  ? __pfx_free_ioctx_users+0x10/0x10
[  190.712216][T10535]  percpu_ref_init+0x9c/0x250
[  190.712253][T10535]  ioctx_alloc+0x1be/0x4e0
[  190.712355][T10535]  ? fput+0x8f/0xc0
[  190.712380][T10535]  __se_sys_io_setup+0x6b/0x1b0
[  190.712417][T10535]  __x64_sys_io_setup+0x31/0x40
[  190.712491][T10535]  x64_sys_call+0x2f0e/0x2fb0
[  190.712512][T10535]  do_syscall_64+0xd2/0x200
[  190.712531][T10535]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  190.712560][T10535]  ? clear_bhb_loop+0x40/0x90
[  190.712583][T10535]  ? clear_bhb_loop+0x40/0x90
[  190.712656][T10535]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.712679][T10535] RIP: 0033:0x7f3a5581e9a9
[  190.712698][T10535] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  190.712717][T10535] RSP: 002b:00007f3a53e45038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce
[  190.712737][T10535] RAX: ffffffffffffffda RBX: 00007f3a55a46160 RCX: 00007f3a5581e9a9
[  190.712779][T10535] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000002
[  190.712790][T10535] RBP: 00007f3a53e45090 R08: 0000000000000000 R09: 0000000000000000
[  190.712801][T10535] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  190.712813][T10535] R13: 0000000000000000 R14: 00007f3a55a46160 R15: 00007ffc6f8a8568
[  190.712955][T10535]  </TASK>
[  191.141297][T10542] SET target dimension over the limit!
[  191.156140][T10543] netlink: 'syz.2.2672': attribute type 8 has an invalid length.
[  191.274852][T10555] FAULT_INJECTION: forcing a failure.
[  191.274852][T10555] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  191.288081][T10555] CPU: 0 UID: 0 PID: 10555 Comm: syz.0.2677 Not tainted 6.16.0-rc7-syzkaller-00018-g01a412d06bc5 #0 PREEMPT(voluntary) 
[  191.288175][T10555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  191.288192][T10555] Call Trace:
[  191.288200][T10555]  <TASK>
[  191.288210][T10555]  __dump_stack+0x1d/0x30
[  191.288250][T10555]  dump_stack_lvl+0xe8/0x140
[  191.288269][T10555]  dump_stack+0x15/0x1b
[  191.288284][T10555]  should_fail_ex+0x265/0x280
[  191.288378][T10555]  should_fail+0xb/0x20
[  191.288406][T10555]  should_fail_usercopy+0x1a/0x20
[  191.288443][T10555]  strncpy_from_user+0x25/0x230
[  191.288482][T10555]  __x64_sys_lgetxattr+0xa5/0x140
[  191.288580][T10555]  x64_sys_call+0x1b0e/0x2fb0
[  191.288652][T10555]  do_syscall_64+0xd2/0x200
[  191.288721][T10555]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  191.288755][T10555]  ? clear_bhb_loop+0x40/0x90
[  191.288782][T10555]  ? clear_bhb_loop+0x40/0x90
[  191.288844][T10555]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  191.288869][T10555] RIP: 0033:0x7f56b0a5e9a9
[  191.288943][T10555] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  191.289003][T10555] RSP: 002b:00007f56af0c7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c0
[  191.289022][T10555] RAX: ffffffffffffffda RBX: 00007f56b0c85fa0 RCX: 00007f56b0a5e9a9
[  191.289034][T10555] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000200000000000
[  191.289046][T10555] RBP: 00007f56af0c7090 R08: 0000000000000000 R09: 0000000000000000
[  191.289067][T10555] R10: 00000000000001ee R11: 0000000000000246 R12: 0000000000000001
[  191.289083][T10555] R13: 0000000000000000 R14: 00007f56b0c85fa0 R15: 00007ffdd9781338
[  191.289110][T10555]  </TASK>
[  191.947025][T10591] FAULT_INJECTION: forcing a failure.
[  191.947025][T10591] name failslab, interval 1, probability 0, space 0, times 0
[  191.960070][T10591] CPU: 1 UID: 0 PID: 10591 Comm: syz.0.2688 Not tainted 6.16.0-rc7-syzkaller-00018-g01a412d06bc5 #0 PREEMPT(voluntary) 
[  191.960106][T10591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  191.960118][T10591] Call Trace:
[  191.960125][T10591]  <TASK>
[  191.960133][T10591]  __dump_stack+0x1d/0x30
[  191.960211][T10591]  dump_stack_lvl+0xe8/0x140
[  191.960263][T10591]  dump_stack+0x15/0x1b
[  191.960279][T10591]  should_fail_ex+0x265/0x280
[  191.960308][T10591]  ? sctp_add_bind_addr+0x71/0x1e0
[  191.960340][T10591]  should_failslab+0x8c/0xb0
[  191.960367][T10591]  __kmalloc_cache_noprof+0x4c/0x320
[  191.960411][T10591]  sctp_add_bind_addr+0x71/0x1e0
[  191.960435][T10591]  sctp_copy_local_addr_list+0x199/0x220
[  191.960492][T10591]  sctp_copy_one_addr+0x7f/0x280
[  191.960519][T10591]  sctp_bind_addr_copy+0x79/0x290
[  191.960543][T10591]  sctp_assoc_set_bind_addr_from_ep+0xce/0xe0
[  191.960630][T10591]  sctp_connect_new_asoc+0x1c3/0x3a0
[  191.960672][T10591]  sctp_sendmsg+0xf10/0x18d0
[  191.960711][T10591]  ? selinux_socket_sendmsg+0xe1/0x1b0
[  191.960802][T10591]  ? __pfx_sctp_sendmsg+0x10/0x10
[  191.960894][T10591]  inet_sendmsg+0xc2/0xd0
[  191.960913][T10591]  __sock_sendmsg+0x102/0x180
[  191.960939][T10591]  ____sys_sendmsg+0x345/0x4e0
[  191.960975][T10591]  ___sys_sendmsg+0x17b/0x1d0
[  191.961089][T10591]  __sys_sendmmsg+0x178/0x300
[  191.961123][T10591]  __x64_sys_sendmmsg+0x57/0x70
[  191.961159][T10591]  x64_sys_call+0x2f2f/0x2fb0
[  191.961184][T10591]  do_syscall_64+0xd2/0x200
[  191.961207][T10591]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  191.961237][T10591]  ? clear_bhb_loop+0x40/0x90
[  191.961324][T10591]  ? clear_bhb_loop+0x40/0x90
[  191.961412][T10591]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  191.961432][T10591] RIP: 0033:0x7f56b0a5e9a9
[  191.961447][T10591] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  191.961464][T10591] RSP: 002b:00007f56af0c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  191.961487][T10591] RAX: ffffffffffffffda RBX: 00007f56b0c85fa0 RCX: 00007f56b0a5e9a9
[  191.961502][T10591] RDX: 0000000000000002 RSI: 0000200000000e40 RDI: 0000000000000003
[  191.961517][T10591] RBP: 00007f56af0c7090 R08: 0000000000000000 R09: 0000000000000000
[  191.961563][T10591] R10: 0000000000000844 R11: 0000000000000246 R12: 0000000000000001
[  191.961579][T10591] R13: 0000000000000000 R14: 00007f56b0c85fa0 R15: 00007ffdd9781338
[  191.961605][T10591]  </TASK>
[  192.489090][T10617] FAULT_INJECTION: forcing a failure.
[  192.489090][T10617] name failslab, interval 1, probability 0, space 0, times 0
[  192.501930][T10617] CPU: 1 UID: 0 PID: 10617 Comm: syz.3.2699 Not tainted 6.16.0-rc7-syzkaller-00018-g01a412d06bc5 #0 PREEMPT(voluntary) 
[  192.501964][T10617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  192.501991][T10617] Call Trace:
[  192.501998][T10617]  <TASK>
[  192.502005][T10617]  __dump_stack+0x1d/0x30
[  192.502029][T10617]  dump_stack_lvl+0xe8/0x140
[  192.502054][T10617]  dump_stack+0x15/0x1b
[  192.502071][T10617]  should_fail_ex+0x265/0x280
[  192.502159][T10617]  should_failslab+0x8c/0xb0
[  192.502183][T10617]  kmem_cache_alloc_node_noprof+0x57/0x320
[  192.502272][T10617]  ? __alloc_skb+0x101/0x320
[  192.502319][T10617]  __alloc_skb+0x101/0x320
[  192.502353][T10617]  ? mntput+0x4b/0x80
[  192.502388][T10617]  sock_wmalloc+0x7e/0xc0
[  192.502412][T10617]  unix_stream_connect+0x302/0xa50
[  192.502444][T10617]  ? selinux_socket_connect+0x57/0x70
[  192.502477][T10617]  ? __pfx_unix_stream_connect+0x10/0x10
[  192.502507][T10617]  __sys_connect+0x1ef/0x2b0
[  192.502552][T10617]  __x64_sys_connect+0x3f/0x50
[  192.502633][T10617]  x64_sys_call+0x1daa/0x2fb0
[  192.502660][T10617]  do_syscall_64+0xd2/0x200
[  192.502685][T10617]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  192.502717][T10617]  ? clear_bhb_loop+0x40/0x90
[  192.502741][T10617]  ? clear_bhb_loop+0x40/0x90
[  192.502802][T10617]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.502829][T10617] RIP: 0033:0x7f68f2a7e9a9
[  192.502844][T10617] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  192.502861][T10617] RSP: 002b:00007f68f10e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  192.502924][T10617] RAX: ffffffffffffffda RBX: 00007f68f2ca5fa0 RCX: 00007f68f2a7e9a9
[  192.502936][T10617] RDX: 000000000000006e RSI: 0000200000000280 RDI: 0000000000000004
[  192.502948][T10617] RBP: 00007f68f10e7090 R08: 0000000000000000 R09: 0000000000000000
[  192.502995][T10617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  192.503010][T10617] R13: 0000000000000000 R14: 00007f68f2ca5fa0 R15: 00007ffdc1104898
[  192.503031][T10617]  </TASK>
[  192.845920][T10633] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2705'.
[  193.253606][T10657] loop4: detected capacity change from 0 to 2048
[  193.282679][T10657] EXT4-fs mount: 48 callbacks suppressed
[  193.282699][T10657] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  193.329949][T10662] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2714'.
[  193.356341][T10662] team0: left allmulticast mode
[  193.378908][T10662] team_slave_0: left allmulticast mode
[  193.385804][T10662] team_slave_1: left allmulticast mode
[  193.392704][T10662] team0: left promiscuous mode
[  193.435496][T10662] team_slave_0: left promiscuous mode
[  193.439014][T10666] loop2: detected capacity change from 0 to 512
[  193.441690][T10662] team_slave_1: left promiscuous mode
[  193.449125][T10666] EXT4-fs: Ignoring removed nomblk_io_submit option
[  193.454762][T10662] bridge0: port 3(team0) entered disabled state
[  193.470718][T10666] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  193.478922][T10666] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01d, mo2=0102]
[  193.503293][T10666] EXT4-fs (loop2): couldn't mount RDWR because of unsupported optional features (80)
[  193.512999][T10666] EXT4-fs (loop2): Skipping orphan cleanup due to unknown ROCOMPAT features
[  193.522605][T10662] bridge_slave_1: left allmulticast mode
[  193.528633][T10662] bridge_slave_1: left promiscuous mode
[  193.534665][T10662] bridge0: port 2(bridge_slave_1) entered disabled state
[  193.540863][T10666] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  193.567358][T10662] bridge_slave_0: left allmulticast mode
[  193.573215][T10662] bridge_slave_0: left promiscuous mode
[  193.579013][T10662] bridge0: port 1(bridge_slave_0) entered disabled state
[  193.603802][T10666] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.628254][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.799180][T10678] openvswitch: netlink: Message has 6 unknown bytes.
[  193.941478][   T29] kauditd_printk_skb: 512 callbacks suppressed
[  193.941495][   T29] audit: type=1400 audit(1753350284.474:21409): avc:  denied  { allowed } for  pid=10688 comm="syz.1.2721" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  193.968458][   T29] audit: type=1400 audit(1753350284.474:21410): avc:  denied  { create } for  pid=10688 comm="syz.1.2721" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  193.990336][   T29] audit: type=1400 audit(1753350284.504:21411): avc:  denied  { mount } for  pid=10688 comm="syz.1.2721" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  194.012909][   T29] audit: type=1400 audit(1753350284.504:21412): avc:  denied  { read } for  pid=10688 comm="syz.1.2721" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1
[  194.034962][   T29] audit: type=1400 audit(1753350284.504:21413): avc:  denied  { open } for  pid=10688 comm="syz.1.2721" path="/560/file0" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1
[  194.076266][   T29] audit: type=1400 audit(1753350284.614:21414): avc:  denied  { create } for  pid=10699 comm="syz.2.2724" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  194.102081][   T29] audit: type=1400 audit(1753350284.634:21415): avc:  denied  { connect } for  pid=10699 comm="syz.2.2724" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  194.130086][T10702] FAULT_INJECTION: forcing a failure.
[  194.130086][T10702] name failslab, interval 1, probability 0, space 0, times 0
[  194.143008][T10702] CPU: 1 UID: 0 PID: 10702 Comm: syz.3.2725 Not tainted 6.16.0-rc7-syzkaller-00018-g01a412d06bc5 #0 PREEMPT(voluntary) 
[  194.143035][T10702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  194.143046][T10702] Call Trace:
[  194.143122][T10702]  <TASK>
[  194.143131][T10702]  __dump_stack+0x1d/0x30
[  194.143216][T10702]  dump_stack_lvl+0xe8/0x140
[  194.143237][T10702]  dump_stack+0x15/0x1b
[  194.143253][T10702]  should_fail_ex+0x265/0x280
[  194.143290][T10702]  should_failslab+0x8c/0xb0
[  194.143395][T10702]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  194.143458][T10702]  ? __request_module+0x1c4/0x3e0
[  194.143530][T10702]  ? __request_module+0x1df/0x3e0
[  194.143548][T10702]  ? should_failslab+0x8c/0xb0
[  194.143567][T10702]  kstrdup+0x3e/0xd0
[  194.143585][T10702]  __request_module+0x1df/0x3e0
[  194.143705][T10702]  blk_request_module+0x108/0x1e0
[  194.143722][T10702]  blkdev_get_no_open+0x4b/0x100
[  194.143780][T10702]  bdev_file_open_by_dev+0xa5/0x250
[  194.143868][T10702]  swsusp_check+0x3f/0x290
[  194.143893][T10702]  software_resume+0x41/0x2f0
[  194.143913][T10702]  resume_store+0x2d9/0x3d0
[  194.143983][T10702]  ? __pfx_resume_store+0x10/0x10
[  194.144020][T10702]  kobj_attr_store+0x4a/0x70
[  194.144042][T10702]  ? __pfx_kobj_attr_store+0x10/0x10
[  194.144063][T10702]  sysfs_kf_write+0xfe/0x120
[  194.144095][T10702]  ? __pfx_sysfs_kf_write+0x10/0x10
[  194.144177][T10702]  kernfs_fop_write_iter+0x1c1/0x2d0
[  194.144200][T10702]  iter_file_splice_write+0x5f2/0x970
[  194.144241][T10702]  ? __pfx_iter_file_splice_write+0x10/0x10
[  194.144267][T10702]  direct_splice_actor+0x156/0x2a0
[  194.144376][T10702]  ? shmem_file_open+0x1/0x40
[  194.144393][T10702]  splice_direct_to_actor+0x312/0x680
[  194.144485][T10702]  ? __pfx_direct_splice_actor+0x10/0x10
[  194.144516][T10702]  do_splice_direct+0xda/0x150
[  194.144542][T10702]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  194.144597][T10702]  do_sendfile+0x380/0x650
[  194.144621][T10702]  __x64_sys_sendfile64+0x105/0x150
[  194.144643][T10702]  x64_sys_call+0xb39/0x2fb0
[  194.144662][T10702]  do_syscall_64+0xd2/0x200
[  194.144708][T10702]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  194.144737][T10702]  ? clear_bhb_loop+0x40/0x90
[  194.144756][T10702]  ? clear_bhb_loop+0x40/0x90
[  194.144776][T10702]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.144796][T10702] RIP: 0033:0x7f68f2a7e9a9
[  194.144851][T10702] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  194.144867][T10702] RSP: 002b:00007f68f10e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  194.144883][T10702] RAX: ffffffffffffffda RBX: 00007f68f2ca5fa0 RCX: 00007f68f2a7e9a9
[  194.144894][T10702] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000008
[  194.144936][T10702] RBP: 00007f68f10e7090 R08: 0000000000000000 R09: 0000000000000000
[  194.144947][T10702] R10: 00008000fffffffc R11: 0000000000000246 R12: 0000000000000002
[  194.144957][T10702] R13: 0000000000000000 R14: 00007f68f2ca5fa0 R15: 00007ffdc1104898
[  194.144982][T10702]  </TASK>
[  194.467557][   T29] audit: type=1400 audit(1753350285.004:21416): avc:  denied  { write } for  pid=10708 comm="syz.4.2727" name="001" dev="devtmpfs" ino=171 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  194.592456][T10721] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[  194.594628][   T29] audit: type=1400 audit(1753350285.124:21417): avc:  denied  { append } for  pid=10720 comm="syz.2.2728" name="001" dev="devtmpfs" ino=165 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  194.732260][   T29] audit: type=1400 audit(1753350285.264:21418): avc:  denied  { write } for  pid=10733 comm="syz.3.2732" name="if_inet6" dev="proc" ino=4026532601 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  195.371443][T10758] loop1: detected capacity change from 0 to 1024
[  195.381677][T10759] loop3: detected capacity change from 0 to 512
[  195.388361][T10759] EXT4-fs: Ignoring removed nomblk_io_submit option
[  195.396745][T10759] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  195.396983][T10758] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  195.405038][T10759] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01d, mo2=0102]
[  195.427666][T10759] EXT4-fs (loop3): couldn't mount RDWR because of unsupported optional features (80)
[  195.437371][T10759] EXT4-fs (loop3): Skipping orphan cleanup due to unknown ROCOMPAT features
[  195.448826][T10759] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  195.461949][T10759] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.516083][T10771] FAULT_INJECTION: forcing a failure.
[  195.516083][T10771] name failslab, interval 1, probability 0, space 0, times 0
[  195.529031][T10771] CPU: 1 UID: 0 PID: 10771 Comm: syz.0.2744 Not tainted 6.16.0-rc7-syzkaller-00018-g01a412d06bc5 #0 PREEMPT(voluntary) 
[  195.529060][T10771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  195.529086][T10771] Call Trace:
[  195.529094][T10771]  <TASK>
[  195.529102][T10771]  __dump_stack+0x1d/0x30
[  195.529198][T10771]  dump_stack_lvl+0xe8/0x140
[  195.529217][T10771]  dump_stack+0x15/0x1b
[  195.529236][T10771]  should_fail_ex+0x265/0x280
[  195.529275][T10771]  ? nf_tables_newtable+0x375/0xea0
[  195.529315][T10771]  should_failslab+0x8c/0xb0
[  195.529406][T10771]  __kmalloc_cache_noprof+0x4c/0x320
[  195.529436][T10771]  ? __nla_validate_parse+0x1652/0x1d00
[  195.529481][T10771]  nf_tables_newtable+0x375/0xea0
[  195.529629][T10771]  nfnetlink_rcv+0xb99/0x1690
[  195.529753][T10771]  netlink_unicast+0x5a8/0x680
[  195.529788][T10771]  netlink_sendmsg+0x58b/0x6b0
[  195.529884][T10771]  ? __pfx_netlink_sendmsg+0x10/0x10
[  195.529919][T10771]  __sock_sendmsg+0x145/0x180
[  195.529944][T10771]  ____sys_sendmsg+0x31e/0x4e0
[  195.529991][T10771]  ___sys_sendmsg+0x17b/0x1d0
[  195.530089][T10771]  __x64_sys_sendmsg+0xd4/0x160
[  195.530113][T10771]  x64_sys_call+0x2999/0x2fb0
[  195.530134][T10771]  do_syscall_64+0xd2/0x200
[  195.530157][T10771]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  195.530189][T10771]  ? clear_bhb_loop+0x40/0x90
[  195.530270][T10771]  ? clear_bhb_loop+0x40/0x90
[  195.530291][T10771]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.530361][T10771] RIP: 0033:0x7f56b0a5e9a9
[  195.530378][T10771] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  195.530397][T10771] RSP: 002b:00007f56af0c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  195.530491][T10771] RAX: ffffffffffffffda RBX: 00007f56b0c85fa0 RCX: 00007f56b0a5e9a9
[  195.530583][T10771] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  195.530595][T10771] RBP: 00007f56af0c7090 R08: 0000000000000000 R09: 0000000000000000
[  195.530609][T10771] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  195.530624][T10771] R13: 0000000000000000 R14: 00007f56b0c85fa0 R15: 00007ffdd9781338
[  195.530651][T10771]  </TASK>
[  195.909868][T10801] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.975597][T10801] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  196.125047][T10801] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  196.279128][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.292103][T10801] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  196.376129][T10816] sit0: left promiscuous mode
[  196.381007][T10816] sit0: left allmulticast mode
[  196.425117][T10816] 8021q: adding VLAN 0 to HW filter on device bond0
[  196.461195][T10816] 8021q: adding VLAN 0 to HW filter on device team0
[  196.496383][T10816] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  196.543647][T10801] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  196.617325][T10801] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  196.640603][T10801] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  196.666834][T10801] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  196.684102][T10820] loop1: detected capacity change from 0 to 128
[  196.709264][T10820] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  196.740690][T10820] ext4 filesystem being mounted at /566/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  196.752002][T10822] loop4: detected capacity change from 0 to 2048
[  196.813480][T10822]  loop4: p1 < > p2 < > p3 p4 < >
[  196.818594][T10822] loop4: partition table partially beyond EOD, truncated
[  196.843255][T10822] loop4: p1 start 2305 is beyond EOD, truncated
[  196.849571][T10822] loop4: p2 start 4294902784 is beyond EOD, truncated
[  196.856529][T10822] loop4: p3 start 3724543488 is beyond EOD, truncated
[  196.932100][T10836] vlan2: entered allmulticast mode
[  196.967224][T10841] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  196.974793][T10841] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  196.994175][T10841] vhci_hcd: USB_PORT_FEAT_BH_PORT_RESET req not supported for USB 2.0 roothub
[  197.041949][T10847] loop2: detected capacity change from 0 to 512
[  197.060317][T10849] loop3: detected capacity change from 0 to 2048
[  197.067928][T10849] EXT4-fs: Ignoring removed mblk_io_submit option
[  197.075226][T10849] EXT4-fs: Ignoring removed nobh option
[  197.085764][T10849] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  197.099878][T10847] EXT4-fs (loop2): 1 orphan inode deleted
[  197.103864][T10837] mmap: syz.0.2760 (10837): VmData 17453056 exceed data ulimit 8. Update limits or use boot option ignore_rlimit_data.
[  197.114497][T10847] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  197.130801][ T7803] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:20: Failed to release dquot type 1
[  197.182374][T10847] ext4 filesystem being mounted at /510/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  197.194035][T10849] rdma_op ffff8881273f2d80 conn xmit_rdma 0000000000000000
[  197.217968][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.242419][T10859] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2768'.
[  197.256019][T10859] loop3: detected capacity change from 0 to 764
[  197.264388][T10861] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2764'.
[  197.273382][T10861] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2764'.
[  197.284496][T10859] rock: directory entry would overflow storage
[  197.291065][T10859] rock: sig=0x4654, size=5, remaining=4
[  197.301372][T10859] rock: directory entry would overflow storage
[  197.302748][T10862] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2769'.
[  197.308280][T10859] rock: sig=0x4f50, size=4, remaining=3
[  197.322863][T10859] iso9660: Corrupted directory entry in block 4 of inode 1792
[  197.334261][T10861] 9pnet_fd: Insufficient options for proto=fd
[  197.335628][T10862] netlink: 168 bytes leftover after parsing attributes in process `syz.0.2769'.
[  197.345371][T10859] SELinux:  Context system_u:object_r:inetd_var_run_t:s0 is not valid (left unmapped).
[  197.436082][T10864] vhci_hcd: invalid port number 176
[  197.640299][ T3305] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  197.671423][T10883] loop4: detected capacity change from 0 to 512
[  197.680637][T10883] EXT4-fs: Ignoring removed nomblk_io_submit option
[  197.694868][T10883] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  197.703146][T10883] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01d, mo2=0102]
[  197.726986][T10883] EXT4-fs (loop4): couldn't mount RDWR because of unsupported optional features (80)
[  197.736627][T10883] EXT4-fs (loop4): Skipping orphan cleanup due to unknown ROCOMPAT features
[  197.746320][T10887] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  197.754163][T10883] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  197.766781][T10883] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.777830][T10887] loop1: detected capacity change from 0 to 1024
[  197.807138][T10887] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  197.827020][T10893] loop3: detected capacity change from 0 to 512
[  197.833977][T10893] EXT4-fs: dax option not supported
[  197.878227][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.066550][T10908] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  198.078611][T10908] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  198.164097][T10914] usb usb8: usbfs: process 10914 (syz.4.2786) did not claim interface 0 before use
[  198.193784][T10916] random: crng reseeded on system resumption
[  198.209837][T10916] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  198.242144][T10918] bond0: (slave dummy0): Releasing backup interface
[  198.251135][T10918] bridge_slave_0: left allmulticast mode
[  198.256877][T10918] bridge_slave_0: left promiscuous mode
[  198.262555][T10918] bridge0: port 1(bridge_slave_0) entered disabled state
[  198.270876][T10918] bridge_slave_1: left allmulticast mode
[  198.276872][T10918] bridge_slave_1: left promiscuous mode
[  198.282666][T10918] bridge0: port 2(bridge_slave_1) entered disabled state
[  198.291557][T10918] bond0: (slave bond_slave_0): Releasing backup interface
[  198.299847][T10919] ref_ctr increment failed for inode: 0xbd8 offset: 0x9 ref_ctr_offset: 0x82 of mm: 0xffff88812e50d800
[  198.312491][T10918] bond0: (slave bond_slave_1): Releasing backup interface
[  198.321876][T10918] team0: Port device team_slave_0 removed
[  198.329206][T10918] team0: Port device team_slave_1 removed
[  198.336191][T10918] batman_adv: batadv0: Removing interface: batadv_slave_0
[  198.343951][T10918] batman_adv: batadv0: Removing interface: batadv_slave_1
[  198.351966][T10918] bond0: (slave veth0_to_hsr): Releasing backup interface
[  198.362091][T10918] batman_adv: batadv0: Interface deactivated: macvlan0
[  198.369599][T10918] batman_adv: batadv0: Removing interface: macvlan0
[  198.381574][T10917] uprobe: syz.4.2788:10917 failed to unregister, leaking uprobe
[  198.524784][T10926] smc: net device bond0 applied user defined pnetid SYZ0
[  198.533802][T10926] smc: net device bond0 erased user defined pnetid SYZ0
[  198.565641][T10928] loop2: detected capacity change from 0 to 512
[  198.574840][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.597042][T10928] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  198.609888][T10928] ext4 filesystem being mounted at /515/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  198.622309][T10928] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 94 vs 96 free clusters
[  198.637114][T10928] EXT4-fs (loop2): Remounting filesystem read-only
[  198.645518][T10928] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2792'.
[  198.674445][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.695542][T10938] loop4: detected capacity change from 0 to 512
[  198.710765][T10938] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  198.724633][T10940] loop3: detected capacity change from 0 to 1024
[  198.724688][T10938] EXT4-fs (loop4): 1 truncate cleaned up
[  198.738032][T10940] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  198.771838][T10938] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  198.786583][T10940] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  198.797100][T10940] EXT4-fs (loop3): can't mount with data=, fs mounted w/o journal
[  198.812717][T10945] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2798'.
[  198.855799][T10940] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=22 sclass=netlink_tcpdiag_socket pid=10940 comm=syz.3.2797
[  198.893703][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.951702][   T29] kauditd_printk_skb: 293 callbacks suppressed
[  198.951722][   T29] audit: type=1400 audit(1753350289.484:21709): avc:  denied  { name_connect } for  pid=10953 comm="syz.4.2801" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[  199.008248][   T29] audit: type=1400 audit(1753350289.544:21710): avc:  denied  { read } for  pid=10953 comm="syz.4.2801" lport=55814 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  199.044883][   T29] audit: type=1400 audit(1753350289.574:21711): avc:  denied  { mount } for  pid=10954 comm="syz.2.2803" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  199.045129][T10967] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=10967 comm=syz.2.2803
[  199.079930][T10968] loop1: detected capacity change from 0 to 512
[  199.079954][   T29] audit: type=1400 audit(1753350289.604:21712): avc:  denied  { name_connect } for  pid=10953 comm="syz.4.2801" dest=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1
[  199.080171][T10968] EXT4-fs: Ignoring removed nomblk_io_submit option
[  199.116991][T10968] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  199.117012][T10968] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01d, mo2=0102]
[  199.117151][T10968] EXT4-fs (loop1): couldn't mount RDWR because of unsupported optional features (80)
[  199.117173][T10968] EXT4-fs (loop1): Skipping orphan cleanup due to unknown ROCOMPAT features
[  199.117615][T10968] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  199.118164][T10968] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.263268][T10976] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2807'.
[  199.275608][   T29] audit: type=1400 audit(1753350289.814:21713): avc:  denied  { name_bind } for  pid=10975 comm="syz.3.2807" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  199.297087][   T29] audit: type=1400 audit(1753350289.814:21714): avc:  denied  { node_bind } for  pid=10975 comm="syz.3.2807" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[  199.359913][T10980] can-isotp: isotp_sendmsg: can_send_ret -ENETDOWN
[  199.393531][T10983] loop3: detected capacity change from 0 to 128
[  199.403015][   T29] audit: type=1400 audit(1753350289.934:21715): avc:  denied  { mount } for  pid=10982 comm="syz.3.2809" name="/" dev="loop3" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  199.425792][   T29] audit: type=1400 audit(1753874577.967:21716): avc:  denied  { name_bind } for  pid=10982 comm="syz.3.2809" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  199.474639][   T29] audit: type=1400 audit(1753874577.967:21717): avc:  denied  { read } for  pid=10982 comm="syz.3.2809" name="qrtr-tun" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  199.497851][   T29] audit: type=1400 audit(1753874577.967:21718): avc:  denied  { open } for  pid=10982 comm="syz.3.2809" path="/dev/qrtr-tun" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  199.609822][T10992] FAULT_INJECTION: forcing a failure.
[  199.609822][T10992] name failslab, interval 1, probability 0, space 0, times 0
[  199.622584][T10992] CPU: 1 UID: 0 PID: 10992 Comm: syz.1.2813 Not tainted 6.16.0-rc7-syzkaller-00018-g01a412d06bc5 #0 PREEMPT(voluntary) 
[  199.622621][T10992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  199.622637][T10992] Call Trace:
[  199.622646][T10992]  <TASK>
[  199.622655][T10992]  __dump_stack+0x1d/0x30
[  199.622676][T10992]  dump_stack_lvl+0xe8/0x140
[  199.622711][T10992]  dump_stack+0x15/0x1b
[  199.622726][T10992]  should_fail_ex+0x265/0x280
[  199.622765][T10992]  should_failslab+0x8c/0xb0
[  199.622794][T10992]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  199.622842][T10992]  ? __d_alloc+0x3d/0x350
[  199.622874][T10992]  __d_alloc+0x3d/0x350
[  199.622971][T10992]  ? selinux_socket_post_create+0x214/0x2a0
[  199.623012][T10992]  d_alloc_pseudo+0x1e/0x80
[  199.623048][T10992]  alloc_file_pseudo+0x71/0x160
[  199.623079][T10992]  ? alloc_fd+0x38a/0x3c0
[  199.623131][T10992]  sock_alloc_file+0x9c/0x1e0
[  199.623271][T10992]  __sys_socket+0x116/0x180
[  199.623300][T10992]  __x64_sys_socket+0x3f/0x50
[  199.623338][T10992]  x64_sys_call+0x285a/0x2fb0
[  199.623412][T10992]  do_syscall_64+0xd2/0x200
[  199.623431][T10992]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  199.623461][T10992]  ? clear_bhb_loop+0x40/0x90
[  199.623488][T10992]  ? clear_bhb_loop+0x40/0x90
[  199.623515][T10992]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.623574][T10992] RIP: 0033:0x7f08088c08c7
[  199.623590][T10992] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  199.623640][T10992] RSP: 002b:00007f0806f1dfa8 EFLAGS: 00000286 ORIG_RAX: 0000000000000029
[  199.623663][T10992] RAX: ffffffffffffffda RBX: 00007f0808ae5fa0 RCX: 00007f08088c08c7
[  199.623679][T10992] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[  199.623694][T10992] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000
[  199.623767][T10992] R10: 0000200000000000 R11: 0000000000000286 R12: 0000000000000001
[  199.623783][T10992] R13: 0000000000000000 R14: 00007f0808ae5fa0 R15: 00007ffe4468ccf8
[  199.623809][T10992]  </TASK>
[  199.898379][T10999] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2816'.
[  199.938622][T11002] FAULT_INJECTION: forcing a failure.
[  199.938622][T11002] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  199.951998][T11002] CPU: 1 UID: 0 PID: 11002 Comm: syz.3.2817 Not tainted 6.16.0-rc7-syzkaller-00018-g01a412d06bc5 #0 PREEMPT(voluntary) 
[  199.952035][T11002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  199.952050][T11002] Call Trace:
[  199.952194][T11002]  <TASK>
[  199.952203][T11002]  __dump_stack+0x1d/0x30
[  199.952227][T11002]  dump_stack_lvl+0xe8/0x140
[  199.952248][T11002]  dump_stack+0x15/0x1b
[  199.952264][T11002]  should_fail_ex+0x265/0x280
[  199.952300][T11002]  should_fail_alloc_page+0xf2/0x100
[  199.952384][T11002]  __alloc_frozen_pages_noprof+0xff/0x360
[  199.952429][T11002]  alloc_pages_mpol+0xb3/0x250
[  199.952458][T11002]  alloc_pages_noprof+0x90/0x130
[  199.952488][T11002]  __pud_alloc+0x47/0x4c0
[  199.952547][T11002]  handle_mm_fault+0x1882/0x2be0
[  199.952610][T11002]  ? check_vma_flags+0x26e/0x340
[  199.952633][T11002]  __get_user_pages+0x1036/0x1fb0
[  199.952700][T11002]  get_user_pages_remote+0x1dc/0x7a0
[  199.952732][T11002]  get_arg_page+0x8e/0x1e0
[  199.952762][T11002]  copy_string_kernel+0x134/0x340
[  199.952800][T11002]  do_execveat_common+0x5ad/0x750
[  199.952915][T11002]  ? getname_flags+0x154/0x3b0
[  199.952944][T11002]  __x64_sys_execveat+0x73/0x90
[  199.953059][T11002]  x64_sys_call+0x2dae/0x2fb0
[  199.953110][T11002]  do_syscall_64+0xd2/0x200
[  199.953204][T11002]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  199.953234][T11002]  ? clear_bhb_loop+0x40/0x90
[  199.953326][T11002]  ? clear_bhb_loop+0x40/0x90
[  199.953354][T11002]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.953379][T11002] RIP: 0033:0x7f68f2a7e9a9
[  199.953397][T11002] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  199.953419][T11002] RSP: 002b:00007f68f10e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[  199.953519][T11002] RAX: ffffffffffffffda RBX: 00007f68f2ca5fa0 RCX: 00007f68f2a7e9a9
[  199.953534][T11002] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  199.953548][T11002] RBP: 00007f68f10e7090 R08: 0000000000001000 R09: 0000000000000000
[  199.953563][T11002] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  199.953578][T11002] R13: 0000000000000000 R14: 00007f68f2ca5fa0 R15: 00007ffdc1104898
[  199.953603][T11002]  </TASK>
[  200.236168][T11009] loop4: detected capacity change from 0 to 512
[  200.251784][T11009] EXT4-fs error (device loop4): ext4_iget_extra_inode:5035: inode #15: comm syz.4.2820: corrupted in-inode xattr: invalid ea_ino
[  200.265707][T11009] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.2820: couldn't read orphan inode 15 (err -117)
[  200.279277][T11009] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  200.312731][T11022] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  200.325836][T11022] infiniband srz1: RDMA CMA: cma_listen_on_dev, error -98
[  200.383031][T11035] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2829'.
[  200.569687][T11058] FAULT_INJECTION: forcing a failure.
[  200.569687][T11058] name failslab, interval 1, probability 0, space 0, times 0
[  200.582684][T11058] CPU: 0 UID: 0 PID: 11058 Comm: syz.3.2839 Not tainted 6.16.0-rc7-syzkaller-00018-g01a412d06bc5 #0 PREEMPT(voluntary) 
[  200.582731][T11058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  200.582756][T11058] Call Trace:
[  200.582765][T11058]  <TASK>
[  200.582851][T11058]  __dump_stack+0x1d/0x30
[  200.582872][T11058]  dump_stack_lvl+0xe8/0x140
[  200.582892][T11058]  dump_stack+0x15/0x1b
[  200.582985][T11058]  should_fail_ex+0x265/0x280
[  200.583049][T11058]  should_failslab+0x8c/0xb0
[  200.583076][T11058]  kmem_cache_alloc_node_noprof+0x57/0x320
[  200.583103][T11058]  ? __alloc_skb+0x101/0x320
[  200.583132][T11058]  __alloc_skb+0x101/0x320
[  200.583217][T11058]  netlink_alloc_large_skb+0xba/0xf0
[  200.583256][T11058]  netlink_sendmsg+0x3cf/0x6b0
[  200.583284][T11058]  ? __pfx_netlink_sendmsg+0x10/0x10
[  200.583346][T11058]  __sock_sendmsg+0x145/0x180
[  200.583428][T11058]  ____sys_sendmsg+0x31e/0x4e0
[  200.583475][T11058]  ___sys_sendmsg+0x17b/0x1d0
[  200.583666][T11058]  __x64_sys_sendmsg+0xd4/0x160
[  200.583691][T11058]  x64_sys_call+0x2999/0x2fb0
[  200.583711][T11058]  do_syscall_64+0xd2/0x200
[  200.583727][T11058]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  200.583762][T11058]  ? clear_bhb_loop+0x40/0x90
[  200.583782][T11058]  ? clear_bhb_loop+0x40/0x90
[  200.583801][T11058]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  200.583820][T11058] RIP: 0033:0x7f68f2a7e9a9
[  200.583833][T11058] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  200.583875][T11058] RSP: 002b:00007f68f10e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  200.583892][T11058] RAX: ffffffffffffffda RBX: 00007f68f2ca5fa0 RCX: 00007f68f2a7e9a9
[  200.583903][T11058] RDX: 0000000000000040 RSI: 00002000000001c0 RDI: 0000000000000006
[  200.583913][T11058] RBP: 00007f68f10e7090 R08: 0000000000000000 R09: 0000000000000000
[  200.583923][T11058] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  200.584060][T11058] R13: 0000000000000000 R14: 00007f68f2ca5fa0 R15: 00007ffdc1104898
[  200.584080][T11058]  </TASK>
[  200.823846][T11060] loop3: detected capacity change from 0 to 2048
[  200.837014][T11060] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  200.859588][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  200.935014][T11070] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2843'.
[  201.064754][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.252725][T11085] program syz.4.2849 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  201.263375][T11085] 9pnet_fd: p9_fd_create_tcp (11085): problem connecting socket to 127.0.0.1
[  201.369326][T11090] 9pnet_fd: Insufficient options for proto=fd
[  201.475308][T11098] loop1: detected capacity change from 0 to 512
[  201.495796][T11098] EXT4-fs error (device loop1): ext4_iget_extra_inode:5035: inode #15: comm syz.1.2855: corrupted in-inode xattr: invalid ea_ino
[  201.525678][T11098] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.2855: couldn't read orphan inode 15 (err -117)
[  201.546844][T11098] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  201.745874][T11103] loop4: detected capacity change from 0 to 512
[  201.752634][T11103] EXT4-fs: Ignoring removed nomblk_io_submit option
[  201.760470][T11103] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  201.768516][T11103] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01d, mo2=0102]
[  201.777682][T11103] EXT4-fs (loop4): couldn't mount RDWR because of unsupported optional features (80)
[  201.787272][T11103] EXT4-fs (loop4): Skipping orphan cleanup due to unknown ROCOMPAT features
[  201.797525][T11103] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  201.810328][T11103] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.150136][T11107] netlink: 76 bytes leftover after parsing attributes in process `syz.3.2856'.
[  202.169003][T11121] FAULT_INJECTION: forcing a failure.
[  202.169003][T11121] name failslab, interval 1, probability 0, space 0, times 0
[  202.181818][T11121] CPU: 0 UID: 0 PID: 11121 Comm: syz.2.2862 Not tainted 6.16.0-rc7-syzkaller-00018-g01a412d06bc5 #0 PREEMPT(voluntary) 
[  202.181911][T11121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  202.181925][T11121] Call Trace:
[  202.181931][T11121]  <TASK>
[  202.182020][T11121]  __dump_stack+0x1d/0x30
[  202.182049][T11121]  dump_stack_lvl+0xe8/0x140
[  202.182077][T11121]  dump_stack+0x15/0x1b
[  202.182099][T11121]  should_fail_ex+0x265/0x280
[  202.182141][T11121]  should_failslab+0x8c/0xb0
[  202.182248][T11121]  __kmalloc_noprof+0xa5/0x3e0
[  202.182281][T11121]  ? nla_strdup+0x78/0xc0
[  202.182308][T11121]  nla_strdup+0x78/0xc0
[  202.182374][T11121]  nf_tables_newflowtable+0x644/0x1200
[  202.182417][T11121]  nfnetlink_rcv+0xb99/0x1690
[  202.182510][T11121]  netlink_unicast+0x5a8/0x680
[  202.182555][T11121]  netlink_sendmsg+0x58b/0x6b0
[  202.182583][T11121]  ? __pfx_netlink_sendmsg+0x10/0x10
[  202.182680][T11121]  __sock_sendmsg+0x145/0x180
[  202.182707][T11121]  ____sys_sendmsg+0x31e/0x4e0
[  202.182789][T11121]  ___sys_sendmsg+0x17b/0x1d0
[  202.182851][T11121]  __x64_sys_sendmsg+0xd4/0x160
[  202.182916][T11121]  x64_sys_call+0x2999/0x2fb0
[  202.183005][T11121]  do_syscall_64+0xd2/0x200
[  202.183117][T11121]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  202.183154][T11121]  ? clear_bhb_loop+0x40/0x90
[  202.183249][T11121]  ? clear_bhb_loop+0x40/0x90
[  202.183279][T11121]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.183307][T11121] RIP: 0033:0x7fb404c6e9a9
[  202.183328][T11121] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  202.183352][T11121] RSP: 002b:00007fb4032d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  202.183378][T11121] RAX: ffffffffffffffda RBX: 00007fb404e95fa0 RCX: 00007fb404c6e9a9
[  202.183419][T11121] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000006
[  202.183441][T11121] RBP: 00007fb4032d7090 R08: 0000000000000000 R09: 0000000000000000
[  202.183494][T11121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  202.183510][T11121] R13: 0000000000000000 R14: 00007fb404e95fa0 R15: 00007ffe90181fd8
[  202.183569][T11121]  </TASK>
[  202.419963][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.488032][T11134] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2867'.
[  202.527293][T11136] veth3: entered promiscuous mode
[  202.532478][T11136] veth3: entered allmulticast mode
[  202.565180][T11148] netlink: 168 bytes leftover after parsing attributes in process `syz.4.2872'.
[  202.831778][T11161] FAULT_INJECTION: forcing a failure.
[  202.831778][T11161] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  202.844980][T11161] CPU: 0 UID: 0 PID: 11161 Comm: syz.2.2877 Not tainted 6.16.0-rc7-syzkaller-00018-g01a412d06bc5 #0 PREEMPT(voluntary) 
[  202.845064][T11161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  202.845158][T11161] Call Trace:
[  202.845168][T11161]  <TASK>
[  202.845179][T11161]  __dump_stack+0x1d/0x30
[  202.845208][T11161]  dump_stack_lvl+0xe8/0x140
[  202.845231][T11161]  dump_stack+0x15/0x1b
[  202.845249][T11161]  should_fail_ex+0x265/0x280
[  202.845359][T11161]  should_fail+0xb/0x20
[  202.845398][T11161]  should_fail_usercopy+0x1a/0x20
[  202.845466][T11161]  _copy_from_user+0x1c/0xb0
[  202.845494][T11161]  __sys_sendto+0x19e/0x330
[  202.845541][T11161]  __x64_sys_sendto+0x76/0x90
[  202.845715][T11161]  x64_sys_call+0x2eb6/0x2fb0
[  202.845746][T11161]  do_syscall_64+0xd2/0x200
[  202.845811][T11161]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  202.845845][T11161]  ? clear_bhb_loop+0x40/0x90
[  202.845874][T11161]  ? clear_bhb_loop+0x40/0x90
[  202.845901][T11161]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.846010][T11161] RIP: 0033:0x7fb404c6e9a9
[  202.846031][T11161] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  202.846094][T11161] RSP: 002b:00007fb4032d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  202.846120][T11161] RAX: ffffffffffffffda RBX: 00007fb404e95fa0 RCX: 00007fb404c6e9a9
[  202.846138][T11161] RDX: 00000000000100a6 RSI: 0000200000000180 RDI: 0000000000000006
[  202.846155][T11161] RBP: 00007fb4032d7090 R08: 0000200000000140 R09: 0000000000000014
[  202.846174][T11161] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  202.846191][T11161] R13: 0000000000000000 R14: 00007fb404e95fa0 R15: 00007ffe90181fd8
[  202.846222][T11161]  </TASK>
[  203.124705][T11170] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2881'.
[  203.160424][T11173] loop1: detected capacity change from 0 to 512
[  203.186429][T11173] EXT4-fs: Ignoring removed nomblk_io_submit option
[  203.202839][T11173] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  203.211053][T11173] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01d, mo2=0102]
[  203.219613][T11173] EXT4-fs (loop1): couldn't mount RDWR because of unsupported optional features (80)
[  203.229200][T11173] EXT4-fs (loop1): Skipping orphan cleanup due to unknown ROCOMPAT features
[  203.238824][T11173] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  203.252540][T11173] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  203.477728][T11194] FAULT_INJECTION: forcing a failure.
[  203.477728][T11194] name failslab, interval 1, probability 0, space 0, times 0
[  203.490541][T11194] CPU: 0 UID: 0 PID: 11194 Comm: syz.4.2890 Not tainted 6.16.0-rc7-syzkaller-00018-g01a412d06bc5 #0 PREEMPT(voluntary) 
[  203.490571][T11194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  203.490667][T11194] Call Trace:
[  203.490676][T11194]  <TASK>
[  203.490687][T11194]  __dump_stack+0x1d/0x30
[  203.490714][T11194]  dump_stack_lvl+0xe8/0x140
[  203.490738][T11194]  dump_stack+0x15/0x1b
[  203.490755][T11194]  should_fail_ex+0x265/0x280
[  203.490787][T11194]  ? nft_netdev_hook_alloc+0x15e/0x340
[  203.490956][T11194]  should_failslab+0x8c/0xb0
[  203.490982][T11194]  __kmalloc_cache_noprof+0x4c/0x320
[  203.491038][T11194]  nft_netdev_hook_alloc+0x15e/0x340
[  203.491121][T11194]  nf_tables_parse_netdev_hooks+0xcf/0x570
[  203.491151][T11194]  nft_flowtable_parse_hook+0x2c6/0x450
[  203.491194][T11194]  ? nla_strcmp+0xc3/0xe0
[  203.491217][T11194]  nf_tables_delflowtable+0x71c/0xb50
[  203.491269][T11194]  nfnetlink_rcv+0xb99/0x1690
[  203.491377][T11194]  netlink_unicast+0x5a8/0x680
[  203.491412][T11194]  netlink_sendmsg+0x58b/0x6b0
[  203.491440][T11194]  ? __pfx_netlink_sendmsg+0x10/0x10
[  203.491478][T11194]  __sock_sendmsg+0x145/0x180
[  203.491519][T11194]  ____sys_sendmsg+0x31e/0x4e0
[  203.491636][T11194]  ___sys_sendmsg+0x17b/0x1d0
[  203.491676][T11194]  __x64_sys_sendmsg+0xd4/0x160
[  203.491707][T11194]  x64_sys_call+0x2999/0x2fb0
[  203.491734][T11194]  do_syscall_64+0xd2/0x200
[  203.491831][T11194]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  203.491863][T11194]  ? clear_bhb_loop+0x40/0x90
[  203.491887][T11194]  ? clear_bhb_loop+0x40/0x90
[  203.491915][T11194]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.492000][T11194] RIP: 0033:0x7f3a5581e9a9
[  203.492016][T11194] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  203.492037][T11194] RSP: 002b:00007f3a53e87038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  203.492060][T11194] RAX: ffffffffffffffda RBX: 00007f3a55a45fa0 RCX: 00007f3a5581e9a9
[  203.492130][T11194] RDX: 000000002000c000 RSI: 0000200000000040 RDI: 0000000000000007
[  203.492142][T11194] RBP: 00007f3a53e87090 R08: 0000000000000000 R09: 0000000000000000
[  203.492153][T11194] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  203.492165][T11194] R13: 0000000000000000 R14: 00007f3a55a45fa0 R15: 00007ffc6f8a8568
[  203.492186][T11194]  </TASK>
[  203.844190][T11209] __nla_validate_parse: 4 callbacks suppressed
[  203.844209][T11209] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2894'.
[  203.859501][T11209] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2894'.
[  203.868531][T11209] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2894'.
[  203.877884][T11209] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2894'.
[  203.887008][T11209] netlink: 'syz.0.2894': attribute type 6 has an invalid length.
[  203.897453][T11209] ÿÿÿÿÿÿ: renamed from vlan1
[  203.953903][T11217] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=3778 sclass=netlink_route_socket pid=11217 comm=syz.4.2897
[  203.960928][T11216] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=3778 sclass=netlink_route_socket pid=11216 comm=syz.4.2897
[  204.206823][   T29] kauditd_printk_skb: 247 callbacks suppressed
[  204.206841][   T29] audit: type=1400 audit(1753874582.614:21966): avc:  denied  { mounton } for  pid=11234 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  204.667276][T11234] chnl_net:caif_netlink_parms(): no params data found
[  204.852107][T11234] bridge0: port 1(bridge_slave_0) entered blocking state
[  204.859338][T11234] bridge0: port 1(bridge_slave_0) entered disabled state
[  204.932550][T11234] bridge_slave_0: entered allmulticast mode
[  204.951185][T11234] bridge_slave_0: entered promiscuous mode
[  204.968564][   T29] audit: type=1400 audit(1753874583.357:21967): avc:  denied  { setopt } for  pid=11263 comm="syz.1.2909" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  204.969351][T11234] bridge0: port 2(bridge_slave_1) entered blocking state
[  204.996790][T11234] bridge0: port 2(bridge_slave_1) entered disabled state
[  205.003057][T11264] loop1: detected capacity change from 0 to 1764
[  205.014662][T11264] iso9660: Unknown parameter '0x00000000000005ba00000000000000000000'
[  205.030408][   T29] audit: type=1400 audit(1753874583.406:21968): avc:  denied  { ioctl } for  pid=11249 comm="syz.0.2907" path="socket:[31199]" dev="sockfs" ino=31199 ioctlcmd=0x8955 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  205.041988][T11234] bridge_slave_1: entered allmulticast mode
[  205.071989][T11264] loop1: detected capacity change from 0 to 512
[  205.080158][T11234] bridge_slave_1: entered promiscuous mode
[  205.100050][T11264] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  205.116147][T11264] ext4 filesystem being mounted at /588/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  205.134945][T11234] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  205.142886][T11264] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #15: comm syz.1.2909: corrupted xattr block 33: e_value out of bounds
[  205.159523][T11234] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  205.180922][T11264] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=15
[  205.202591][T11269] netlink: 156 bytes leftover after parsing attributes in process `syz.1.2909'.
[  205.215665][T11264] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #15: comm syz.1.2909: corrupted xattr block 33: e_value out of bounds
[  205.235088][T11234] team0: Port device team_slave_0 added
[  205.236136][T11269] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2909'.
[  205.251535][T11234] team0: Port device team_slave_1 added
[  205.278071][T11264] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=15
[  205.316886][T11269] netlink: 68 bytes leftover after parsing attributes in process `syz.1.2909'.
[  205.329944][T11269] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2909'.
[  205.339083][T11269] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2909'.
[  205.376607][T11234] batman_adv: batadv0: Adding interface: batadv_slave_0
[  205.383702][T11234] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  205.409956][T11234] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  205.421783][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  205.439531][T11272] loop3: detected capacity change from 0 to 512
[  205.448668][T11234] batman_adv: batadv0: Adding interface: batadv_slave_1
[  205.455745][T11234] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  205.456698][T11272] EXT4-fs: Ignoring removed nomblk_io_submit option
[  205.482240][T11234] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  205.542823][T11272] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  205.550904][T11272] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01d, mo2=0102]
[  205.564823][   T29] audit: type=1326 audit(1753874583.933:21969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11282 comm="syz.1.2912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08088be9a9 code=0x7ffc0000
[  205.569712][T11234] hsr_slave_0: entered promiscuous mode
[  205.588639][   T29] audit: type=1326 audit(1753874583.933:21970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11282 comm="syz.1.2912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08088be9a9 code=0x7ffc0000
[  205.594744][T11234] hsr_slave_1: entered promiscuous mode
[  205.617892][   T29] audit: type=1326 audit(1753874583.933:21971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11282 comm="syz.1.2912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=221 compat=0 ip=0x7f08088be9a9 code=0x7ffc0000
[  205.623906][T11234] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  205.647130][   T29] audit: type=1326 audit(1753874583.933:21972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11282 comm="syz.1.2912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08088be9a9 code=0x7ffc0000
[  205.654757][T11234] Cannot create hsr debugfs directory
[  205.678383][   T29] audit: type=1326 audit(1753874583.933:21973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11282 comm="syz.1.2912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08088be9a9 code=0x7ffc0000
[  205.689566][T11272] EXT4-fs (loop3): couldn't mount RDWR because of unsupported optional features (80)
[  205.717408][T11272] EXT4-fs (loop3): Skipping orphan cleanup due to unknown ROCOMPAT features
[  205.732596][T11272] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  205.745595][T11272] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  205.762493][T11288] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2914'.
[  205.815126][T11293] loop1: detected capacity change from 0 to 512
[  205.834469][T11293] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  205.853231][T11293] ext4 filesystem being mounted at /592/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  205.875806][   T29] audit: type=1326 audit(1753874584.246:21974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11292 comm="syz.1.2916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08088be9a9 code=0x7ffc0000
[  205.899483][   T29] audit: type=1326 audit(1753874584.246:21975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11292 comm="syz.1.2916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7f08088be9a9 code=0x7ffc0000
[  205.935745][T11234] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.968632][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  205.987720][T11296] bond2: entered promiscuous mode
[  205.992860][T11296] bond2: entered allmulticast mode
[  206.001555][T11296] 8021q: adding VLAN 0 to HW filter on device bond2
[  206.011602][T11296] bond2 (unregistering): Released all slaves
[  206.023587][T11234] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.101274][T11234] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.181754][T11234] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.239054][T11234] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  206.248614][T11234] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  206.260003][T11234] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  206.269644][T11234] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  206.318974][T11234] 8021q: adding VLAN 0 to HW filter on device bond0
[  206.334215][T11234] 8021q: adding VLAN 0 to HW filter on device team0
[  206.345744][ T7798] bridge0: port 1(bridge_slave_0) entered blocking state
[  206.353356][ T7798] bridge0: port 1(bridge_slave_0) entered forwarding state
[  206.365157][ T7801] bridge0: port 2(bridge_slave_1) entered blocking state
[  206.372467][ T7801] bridge0: port 2(bridge_slave_1) entered forwarding state
[  206.451313][T11234] 8021q: adding VLAN 0 to HW filter on device batadv0
[  206.581046][T11234] veth0_vlan: entered promiscuous mode
[  206.590315][T11234] veth1_vlan: entered promiscuous mode
[  206.607985][T11234] veth0_macvtap: entered promiscuous mode
[  206.616008][T11234] veth1_macvtap: entered promiscuous mode
[  206.629095][T11234] batman_adv: batadv0: Interface activated: batadv_slave_0
[  206.642211][T11234] batman_adv: batadv0: Interface activated: batadv_slave_1
[  206.654112][T11234] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  206.663187][T11234] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  206.672080][T11234] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  206.680930][T11234] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  207.463276][T11358] chnl_net:caif_netlink_parms(): no params data found
[  207.606787][T11377] netlink: 'syz.2.2930': attribute type 1 has an invalid length.
[  207.832648][T11358] bridge0: port 1(bridge_slave_0) entered blocking state
[  207.840224][T11358] bridge0: port 1(bridge_slave_0) entered disabled state
[  207.847863][T11358] bridge_slave_0: entered allmulticast mode
[  207.854582][T11358] bridge_slave_0: entered promiscuous mode
[  207.861560][T11358] bridge0: port 2(bridge_slave_1) entered blocking state
[  207.868791][T11358] bridge0: port 2(bridge_slave_1) entered disabled state
[  207.876195][T11358] bridge_slave_1: entered allmulticast mode
[  207.883054][T11358] bridge_slave_1: entered promiscuous mode
[  207.941729][T11358] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  207.974587][T11358] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  207.986520][T11382] SELinux: failed to load policy
[  207.992146][T11384] FAULT_INJECTION: forcing a failure.
[  207.992146][T11384] name failslab, interval 1, probability 0, space 0, times 0
[  208.004885][T11384] CPU: 1 UID: 0 PID: 11384 Comm: syz.0.2932 Not tainted 6.16.0-rc7-syzkaller-00018-g01a412d06bc5 #0 PREEMPT(voluntary) 
[  208.004919][T11384] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  208.004935][T11384] Call Trace:
[  208.004943][T11384]  <TASK>
[  208.004952][T11384]  __dump_stack+0x1d/0x30
[  208.005056][T11384]  dump_stack_lvl+0xe8/0x140
[  208.005078][T11384]  dump_stack+0x15/0x1b
[  208.005095][T11384]  should_fail_ex+0x265/0x280
[  208.005124][T11384]  ? netlbl_cipsov4_add+0x351/0x1280
[  208.005295][T11384]  should_failslab+0x8c/0xb0
[  208.005319][T11384]  __kmalloc_cache_noprof+0x4c/0x320
[  208.005355][T11384]  netlbl_cipsov4_add+0x351/0x1280
[  208.005389][T11384]  ? genl_family_rcv_msg_attrs_parse+0x13b/0x190
[  208.005416][T11384]  ? genl_family_rcv_msg_attrs_parse+0x184/0x190
[  208.005487][T11384]  genl_family_rcv_msg_doit+0x143/0x1b0
[  208.005523][T11384]  genl_rcv_msg+0x422/0x460
[  208.005554][T11384]  ? __pfx_netlbl_cipsov4_add+0x10/0x10
[  208.005645][T11384]  netlink_rcv_skb+0x120/0x220
[  208.005735][T11384]  ? __pfx_genl_rcv_msg+0x10/0x10
[  208.005775][T11384]  genl_rcv+0x28/0x40
[  208.005803][T11384]  netlink_unicast+0x5a8/0x680
[  208.005876][T11384]  netlink_sendmsg+0x58b/0x6b0
[  208.005898][T11384]  ? __pfx_netlink_sendmsg+0x10/0x10
[  208.005999][T11384]  __sock_sendmsg+0x145/0x180
[  208.006025][T11384]  ____sys_sendmsg+0x31e/0x4e0
[  208.006087][T11384]  ___sys_sendmsg+0x17b/0x1d0
[  208.006123][T11384]  __x64_sys_sendmsg+0xd4/0x160
[  208.006146][T11384]  x64_sys_call+0x2999/0x2fb0
[  208.006167][T11384]  do_syscall_64+0xd2/0x200
[  208.006189][T11384]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  208.006228][T11384]  ? clear_bhb_loop+0x40/0x90
[  208.006323][T11384]  ? clear_bhb_loop+0x40/0x90
[  208.006350][T11384]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.006377][T11384] RIP: 0033:0x7f56b0a5e9a9
[  208.006396][T11384] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  208.006419][T11384] RSP: 002b:00007f56af0c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  208.006498][T11384] RAX: ffffffffffffffda RBX: 00007f56b0c85fa0 RCX: 00007f56b0a5e9a9
[  208.006514][T11384] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 000000000000000b
[  208.006530][T11384] RBP: 00007f56af0c7090 R08: 0000000000000000 R09: 0000000000000000
[  208.006545][T11384] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  208.006561][T11384] R13: 0000000000000000 R14: 00007f56b0c85fa0 R15: 00007ffdd9781338
[  208.006585][T11384]  </TASK>
[  208.299618][T11358] team0: Port device team_slave_0 added
[  208.307977][T11358] team0: Port device team_slave_1 added
[  208.333817][T11358] batman_adv: batadv0: Adding interface: batadv_slave_0
[  208.340936][T11358] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  208.367383][T11358] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  208.386607][T11387] loop1: detected capacity change from 0 to 512
[  208.396471][T11387] EXT4-fs: Ignoring removed nomblk_io_submit option
[  208.428734][T11387] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  208.437248][T11387] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01d, mo2=0102]
[  208.464318][T11387] EXT4-fs (loop1): couldn't mount RDWR because of unsupported optional features (80)
[  208.470822][T11398] loop4: detected capacity change from 0 to 512
[  208.474258][T11387] EXT4-fs (loop1): Skipping orphan cleanup due to unknown ROCOMPAT features
[  208.491256][T11358] batman_adv: batadv0: Adding interface: batadv_slave_1
[  208.498439][T11358] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  208.524663][T11358] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  208.536574][T11387] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  208.550366][T11387] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  208.583830][T11398] EXT4-fs (loop4): too many log groups per flexible block group
[  208.591677][T11398] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  208.605360][T11398] EXT4-fs (loop4): mount failed
[  208.629106][T11358] hsr_slave_0: entered promiscuous mode
[  208.645906][T11358] hsr_slave_1: entered promiscuous mode
[  208.656118][T11358] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  208.669596][T11358] Cannot create hsr debugfs directory
[  208.848517][T11414] netlink: 'syz.1.2940': attribute type 27 has an invalid length.
[  208.858571][T11414] wg2: left promiscuous mode
[  208.863431][T11414] wg2: left allmulticast mode
[  208.881503][T11414] loop1: detected capacity change from 0 to 512
[  209.056330][T11358] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  209.068388][T11358] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  209.080773][T11358] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  209.091167][T11358] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  209.181746][T11358] 8021q: adding VLAN 0 to HW filter on device bond0
[  209.202797][T11358] 8021q: adding VLAN 0 to HW filter on device team0
[  209.224991][ T7800] bridge0: port 1(bridge_slave_0) entered blocking state
[  209.232211][ T7800] bridge0: port 1(bridge_slave_0) entered forwarding state
[  209.265964][ T7800] bridge0: port 2(bridge_slave_1) entered blocking state
[  209.273321][ T7800] bridge0: port 2(bridge_slave_1) entered forwarding state
[  209.360461][T11358] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  209.391355][T11435] usb usb1: usbfs: interface 0 claimed by hub while 'syz.0.2944' sets config #0
[  209.478162][T11441] __nla_validate_parse: 9 callbacks suppressed
[  209.478179][T11441] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2945'.
[  209.480702][   T29] kauditd_printk_skb: 81 callbacks suppressed
[  209.480720][   T29] audit: type=1326 audit(1753874587.767:22057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11442 comm="syz.2.2946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb404c6e9a9 code=0x7ffc0000
[  209.484511][T11441] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2945'.
[  209.513717][   T29] audit: type=1326 audit(1753874587.797:22058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11442 comm="syz.2.2946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb404c65967 code=0x7ffc0000
[  209.557674][   T29] audit: type=1326 audit(1753874587.797:22059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11442 comm="syz.2.2946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb404c0ab89 code=0x7ffc0000
[  209.581314][   T29] audit: type=1326 audit(1753874587.797:22060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11442 comm="syz.2.2946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7fb404c6e9a9 code=0x7ffc0000
[  209.604954][   T29] audit: type=1326 audit(1753874587.797:22061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11442 comm="syz.2.2946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb404c6e9a9 code=0x7ffc0000
[  209.628937][   T29] audit: type=1326 audit(1753874587.797:22062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11442 comm="syz.2.2946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb404c6e9a9 code=0x7ffc0000
[  209.652732][   T29] audit: type=1326 audit(1753874587.797:22063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11442 comm="syz.2.2946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb404c65967 code=0x7ffc0000
[  209.676480][   T29] audit: type=1326 audit(1753874587.797:22064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11442 comm="syz.2.2946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb404c0ab89 code=0x7ffc0000
[  209.700171][   T29] audit: type=1326 audit(1753874587.797:22065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11442 comm="syz.2.2946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fb404c6e9a9 code=0x7ffc0000
[  209.723946][   T29] audit: type=1326 audit(1753874587.797:22066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11442 comm="syz.2.2946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb404c6e9a9 code=0x7ffc0000
[  209.783042][T11358] 8021q: adding VLAN 0 to HW filter on device batadv0
[  209.831390][T11452] netlink: 'syz.0.2949': attribute type 4 has an invalid length.
[  209.874027][T11452] netlink: 'syz.0.2949': attribute type 4 has an invalid length.
[  209.928103][T11358] veth0_vlan: entered promiscuous mode
[  209.980547][T11459] netlink: 168 bytes leftover after parsing attributes in process `syz.0.2950'.
[  210.005291][T11358] veth1_vlan: entered promiscuous mode
[  210.063805][T11358] veth0_macvtap: entered promiscuous mode
[  210.096286][T11358] veth1_macvtap: entered promiscuous mode
[  210.129477][T11358] batman_adv: batadv0: Interface activated: batadv_slave_0
[  210.166138][T11358] batman_adv: batadv0: Interface activated: batadv_slave_1
[  210.195794][T11358] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  210.204970][T11358] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  210.214388][T11358] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  210.223371][T11358] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  210.413820][T11463] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2925'.
[  210.519373][T11465] loop3: detected capacity change from 0 to 512
[  210.537033][T11465] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  210.567494][T11465] EXT4-fs (loop3): 1 truncate cleaned up
[  210.575128][T11465] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  210.632799][T11465] 9pnet: p9_errstr2errno: server reported unknown error 25 vlen=2
[  210.632799][T11465] 	 type_id=8579064 offset=2048 size=6 Invalid 
[  210.656852][T11468] loop2: detected capacity change from 0 to 512
[  210.686146][T11468] EXT4-fs: Ignoring removed nomblk_io_submit option
[  210.706176][T11469] loop1: detected capacity change from 0 to 512
[  210.714562][T11468] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  210.723011][T11468] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01d, mo2=0102]
[  210.724215][T11469] EXT4-fs: Ignoring removed nomblk_io_submit option
[  210.758517][T11358] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  210.774168][T11468] EXT4-fs (loop2): couldn't mount RDWR because of unsupported optional features (80)
[  210.780793][T11469] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  210.784316][T11468] EXT4-fs (loop2): Skipping orphan cleanup due to unknown ROCOMPAT features
[  210.792693][T11469] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01d, mo2=0102]
[  210.838321][T11469] EXT4-fs (loop1): couldn't mount RDWR because of unsupported optional features (80)
[  210.850798][T11469] EXT4-fs (loop1): Skipping orphan cleanup due to unknown ROCOMPAT features
[  210.860653][T11469] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  210.875355][T11469] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  210.911895][T11468] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  210.940730][T11468] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  211.504386][T11495] loop2: detected capacity change from 0 to 512
[  211.512632][T11495] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.2959: corrupted in-inode xattr: invalid ea_ino
[  211.528319][T11495] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.2959: couldn't read orphan inode 15 (err -117)
[  211.543388][T11495] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  211.555778][T11481] chnl_net:caif_netlink_parms(): no params data found
[  211.607713][T11481] bridge0: port 1(bridge_slave_0) entered blocking state
[  211.615421][T11481] bridge0: port 1(bridge_slave_0) entered disabled state
[  211.623088][T11481] bridge_slave_0: entered allmulticast mode
[  211.631215][T11481] bridge_slave_0: entered promiscuous mode
[  211.644701][T11481] bridge0: port 2(bridge_slave_1) entered blocking state
[  211.653759][T11481] bridge0: port 2(bridge_slave_1) entered disabled state
[  211.662921][T11481] bridge_slave_1: entered allmulticast mode
[  211.671003][T11481] bridge_slave_1: entered promiscuous mode
[  211.695279][T11481] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  211.708216][T11481] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  211.724197][ T7801] dummy0: left allmulticast mode
[  211.731743][ T7801] bridge0: port 3(dummy0) entered disabled state
[  211.739641][ T7801] bridge_slave_1: left allmulticast mode
[  211.745553][ T7801] bridge_slave_1: left promiscuous mode
[  211.751538][ T7801] bridge0: port 2(bridge_slave_1) entered disabled state
[  211.759749][ T7801] bridge_slave_0: left allmulticast mode
[  211.766151][ T7801] bridge_slave_0: left promiscuous mode
[  211.772639][ T7801] bridge0: port 1(bridge_slave_0) entered disabled state
[  211.842918][ T7801] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  211.852807][ T7801] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  211.862024][ T7801] bond0 (unregistering): Released all slaves
[  211.875905][ T7801] bond1 (unregistering): (slave wireguard0): Releasing backup interface
[  211.885483][ T7801] wireguard0: left promiscuous mode
[  211.892292][ T7801] bond1 (unregistering): Released all slaves
[  211.912813][T11513] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2963'.
[  211.925748][T11481] team0: Port device team_slave_0 added
[  211.937363][T11481] team0: Port device team_slave_1 added
[  211.944463][T11517] wg2: entered promiscuous mode
[  211.949383][T11517] wg2: entered allmulticast mode
[  211.959490][ T7801] hsr_slave_0: left promiscuous mode
[  211.975345][ T7801] hsr_slave_1: left promiscuous mode
[  211.984227][ T7801] batman_adv: batadv0: Removing interface: batadv_slave_0
[  211.993663][ T7801] batman_adv: batadv0: Removing interface: batadv_slave_1
[  212.042957][ T7801] team0 (unregistering): Port device team_slave_1 removed
[  212.060480][ T7801] team0 (unregistering): Port device team_slave_0 removed
[  212.119436][T11481] batman_adv: batadv0: Adding interface: batadv_slave_0
[  212.126849][T11481] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  212.154340][T11481] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  212.167516][T11481] batman_adv: batadv0: Adding interface: batadv_slave_1
[  212.169224][T11525] netlink: 76 bytes leftover after parsing attributes in process `syz.3.2966'.
[  212.174786][T11481] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  212.211338][T11481] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  212.245239][T11481] hsr_slave_0: entered promiscuous mode
[  212.251966][T11481] hsr_slave_1: entered promiscuous mode
[  212.258339][T11481] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  212.266101][T11481] Cannot create hsr debugfs directory
[  212.308215][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  212.547399][T11540] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  212.547399][T11540]    program syz.2.2972 not setting count and/or reply_len properly
[  212.626118][T11481] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  212.636101][T11548] program syz.4.2975 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  212.647254][T11548] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  212.659776][T11549] loop1: detected capacity change from 0 to 512
[  212.666484][T11549] EXT4-fs: Ignoring removed nomblk_io_submit option
[  212.669202][T11481] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  212.684855][T11481] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  212.692134][T11548] netlink: 'syz.4.2975': attribute type 4 has an invalid length.
[  212.695653][T11481] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  212.703633][T11549] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  212.714710][T11549] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01d, mo2=0102]
[  212.722987][T11549] EXT4-fs (loop1): couldn't mount RDWR because of unsupported optional features (80)
[  212.732566][T11549] EXT4-fs (loop1): Skipping orphan cleanup due to unknown ROCOMPAT features
[  212.741991][T11549] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  212.758570][T11549] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  212.773956][T11481] 8021q: adding VLAN 0 to HW filter on device bond0
[  212.806640][T11481] 8021q: adding VLAN 0 to HW filter on device team0
[  212.831437][ T7800] bridge0: port 1(bridge_slave_0) entered blocking state
[  212.838604][ T7800] bridge0: port 1(bridge_slave_0) entered forwarding state
[  212.877122][ T7800] bridge0: port 2(bridge_slave_1) entered blocking state
[  212.884240][ T7800] bridge0: port 2(bridge_slave_1) entered forwarding state
[  212.917248][T11561] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2977'.
[  212.933565][T11481] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  213.001628][T11569] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2980'.
[  213.079366][T11575] wg2: entered promiscuous mode
[  213.084333][T11575] wg2: entered allmulticast mode
[  213.247862][T11481] 8021q: adding VLAN 0 to HW filter on device batadv0
[  213.727879][T11595] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.2986'.
[  213.738589][T11593] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.2986'.
[  213.823888][T11481] veth0_vlan: entered promiscuous mode
[  213.902610][T11481] veth1_vlan: entered promiscuous mode
[  213.958019][T11481] veth0_macvtap: entered promiscuous mode
[  213.976871][T11481] veth1_macvtap: entered promiscuous mode
[  214.019021][T11481] batman_adv: batadv0: Interface activated: batadv_slave_0
[  214.050425][T11481] batman_adv: batadv0: Interface activated: batadv_slave_1
[  214.082009][T11605] loop4: detected capacity change from 0 to 512
[  214.090068][T11481] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  214.099024][T11481] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  214.107919][T11481] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  214.116718][T11481] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  214.130163][T11605] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  214.168417][T11605] EXT4-fs (loop4): 1 truncate cleaned up
[  214.174592][T11605] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  214.207455][T11605] 9pnet: p9_errstr2errno: server reported unknown error 25 vlen=2
[  214.207455][T11605] 	 type_id=8579064 offset=2048 size=6 Invalid 
[  214.303458][T11234] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.559041][T11618] wg2: entered promiscuous mode
[  214.564272][T11618] wg2: entered allmulticast mode
[  214.638105][T11630] __nla_validate_parse: 4 callbacks suppressed
[  214.638121][T11630] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2998'.
[  215.257468][T11624] chnl_net:caif_netlink_parms(): no params data found
[  215.300610][   T29] kauditd_printk_skb: 71 callbacks suppressed
[  215.300628][   T29] audit: type=1326 audit(1753874593.513:22138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11653 comm="syz.4.3003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f900178e9a9 code=0x7ffc0000
[  215.380194][   T29] audit: type=1326 audit(1753874593.513:22139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11653 comm="syz.4.3003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f900178e9a9 code=0x7ffc0000
[  215.403989][   T29] audit: type=1326 audit(1753874593.513:22140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11653 comm="syz.4.3003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f900178e9a9 code=0x7ffc0000
[  215.404024][   T29] audit: type=1326 audit(1753874593.513:22141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11653 comm="syz.4.3003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f900178e9a9 code=0x7ffc0000
[  215.404102][   T29] audit: type=1326 audit(1753874593.513:22142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11653 comm="syz.4.3003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f900178e9a9 code=0x7ffc0000
[  215.404175][   T29] audit: type=1326 audit(1753874593.513:22143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11653 comm="syz.4.3003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f900178e9a9 code=0x7ffc0000
[  215.404200][   T29] audit: type=1326 audit(1753874593.513:22144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11653 comm="syz.4.3003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f900178e9a9 code=0x7ffc0000
[  215.404229][   T29] audit: type=1326 audit(1753874593.513:22145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11653 comm="syz.4.3003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f900178e9a9 code=0x7ffc0000
[  215.404262][   T29] audit: type=1326 audit(1753874593.513:22146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11653 comm="syz.4.3003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f900178e9a9 code=0x7ffc0000
[  215.404352][   T29] audit: type=1326 audit(1753874593.513:22147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11653 comm="syz.4.3003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=51 compat=0 ip=0x7f900178e9a9 code=0x7ffc0000
[  215.419906][T11624] bridge0: port 1(bridge_slave_0) entered blocking state
[  215.420013][T11624] bridge0: port 1(bridge_slave_0) entered disabled state
[  215.420408][T11624] bridge_slave_0: entered allmulticast mode
[  215.421888][T11624] bridge_slave_0: entered promiscuous mode
[  215.423628][T11624] bridge0: port 2(bridge_slave_1) entered blocking state
[  215.423735][T11624] bridge0: port 2(bridge_slave_1) entered disabled state
[  215.424846][T11624] bridge_slave_1: entered allmulticast mode
[  215.426641][T11624] bridge_slave_1: entered promiscuous mode
[  215.486633][T11664] netlink: 'syz.4.3004': attribute type 3 has an invalid length.
[  215.694415][T11624] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  215.697017][T11664] netlink: 224 bytes leftover after parsing attributes in process `syz.4.3004'.
[  215.725317][T11624] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  215.799794][T11624] team0: Port device team_slave_0 added
[  215.828842][T11624] team0: Port device team_slave_1 added
[  215.873136][T11624] batman_adv: batadv0: Adding interface: batadv_slave_0
[  215.880439][T11624] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  215.906582][T11624] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  215.997852][T11624] batman_adv: batadv0: Adding interface: batadv_slave_1
[  216.004926][T11624] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  216.031158][T11624] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  216.084454][T11624] hsr_slave_0: entered promiscuous mode
[  216.092074][T11624] hsr_slave_1: entered promiscuous mode
[  216.099450][T11624] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  216.107245][T11624] Cannot create hsr debugfs directory
[  216.147589][T11678] loop2: detected capacity change from 0 to 512
[  216.168179][T11678] EXT4-fs: Ignoring removed nomblk_io_submit option
[  216.181998][T11676] loop4: detected capacity change from 0 to 8192
[  216.184725][T11678] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  216.196352][T11678] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01d, mo2=0102]
[  216.204569][T11678] EXT4-fs (loop2): couldn't mount RDWR because of unsupported optional features (80)
[  216.214088][T11678] EXT4-fs (loop2): Skipping orphan cleanup due to unknown ROCOMPAT features
[  216.223245][T11678] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  216.235571][T11678] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  216.307225][T11683] netlink: 'syz.4.3012': attribute type 3 has an invalid length.
[  216.315093][T11683] netlink: 224 bytes leftover after parsing attributes in process `syz.4.3012'.
[  216.415961][T11686] loop4: detected capacity change from 0 to 512
[  216.432220][T11686] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  216.453428][T11686] EXT4-fs (loop4): 1 truncate cleaned up
[  216.459550][T11686] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  216.497988][T11686] 9pnet: p9_errstr2errno: server reported unknown error 25 vlen=2
[  216.497988][T11686] 	 type_id=8579064 offset=2048 size=6 Invalid 
[  216.534865][T11624] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  216.558528][T11624] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  216.590349][T11234] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  216.601546][T11624] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  216.622574][T11624] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  216.701044][T11695] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3016'.
[  216.732445][T11703] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  216.742822][T11703] SELinux: failed to load policy
[  216.792665][T11624] 8021q: adding VLAN 0 to HW filter on device bond0
[  216.831319][T11624] 8021q: adding VLAN 0 to HW filter on device team0
[  216.847683][ T7799] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.854930][ T7799] bridge0: port 1(bridge_slave_0) entered forwarding state
[  216.902976][ T7799] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.910244][ T7799] bridge0: port 2(bridge_slave_1) entered forwarding state
[  216.990353][T11624] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  217.000846][T11624] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  217.237522][T11624] 8021q: adding VLAN 0 to HW filter on device batadv0
[  217.353767][T11624] veth0_vlan: entered promiscuous mode
[  217.377913][T11624] veth1_vlan: entered promiscuous mode
[  217.405663][T11624] veth0_macvtap: entered promiscuous mode
[  217.415699][T11624] veth1_macvtap: entered promiscuous mode
[  217.428885][T11624] batman_adv: batadv0: Interface activated: batadv_slave_0
[  217.443895][T11624] batman_adv: batadv0: Interface activated: batadv_slave_1
[  217.454759][T11624] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  217.463665][T11624] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  217.472618][T11624] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  217.481386][T11624] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  217.485472][T11735] netlink: 76 bytes leftover after parsing attributes in process `syz.4.3022'.
[  217.565204][T11738] netlink: 'syz.2.3026': attribute type 3 has an invalid length.
[  217.573053][T11738] netlink: 224 bytes leftover after parsing attributes in process `syz.2.3026'.
[  217.687534][T11749] FAULT_INJECTION: forcing a failure.
[  217.687534][T11749] name failslab, interval 1, probability 0, space 0, times 0
[  217.700531][T11749] CPU: 1 UID: 0 PID: 11749 Comm: syz.1.3030 Not tainted 6.16.0-rc7-syzkaller-00018-g01a412d06bc5 #0 PREEMPT(voluntary) 
[  217.700587][T11749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  217.700604][T11749] Call Trace:
[  217.700612][T11749]  <TASK>
[  217.700656][T11749]  __dump_stack+0x1d/0x30
[  217.700683][T11749]  dump_stack_lvl+0xe8/0x140
[  217.700708][T11749]  dump_stack+0x15/0x1b
[  217.700723][T11749]  should_fail_ex+0x265/0x280
[  217.700752][T11749]  ? sctp_auth_asoc_copy_shkeys+0xfa/0x330
[  217.700847][T11749]  should_failslab+0x8c/0xb0
[  217.700889][T11749]  __kmalloc_cache_noprof+0x4c/0x320
[  217.700923][T11749]  sctp_auth_asoc_copy_shkeys+0xfa/0x330
[  217.700950][T11749]  sctp_association_new+0xde5/0x1200
[  217.700983][T11749]  sctp_connect_new_asoc+0x1a8/0x3a0
[  217.701076][T11749]  sctp_sendmsg+0xf10/0x18d0
[  217.701112][T11749]  ? selinux_socket_sendmsg+0xe1/0x1b0
[  217.701156][T11749]  ? __pfx_sctp_sendmsg+0x10/0x10
[  217.701233][T11749]  inet_sendmsg+0xc2/0xd0
[  217.701258][T11749]  __sock_sendmsg+0x102/0x180
[  217.701291][T11749]  ____sys_sendmsg+0x345/0x4e0
[  217.701337][T11749]  ___sys_sendmsg+0x17b/0x1d0
[  217.701380][T11749]  __sys_sendmmsg+0x178/0x300
[  217.701488][T11749]  __x64_sys_sendmmsg+0x57/0x70
[  217.701508][T11749]  x64_sys_call+0x2f2f/0x2fb0
[  217.701533][T11749]  do_syscall_64+0xd2/0x200
[  217.701557][T11749]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  217.701602][T11749]  ? clear_bhb_loop+0x40/0x90
[  217.701630][T11749]  ? clear_bhb_loop+0x40/0x90
[  217.701658][T11749]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.701686][T11749] RIP: 0033:0x7f3a7718e9a9
[  217.701705][T11749] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  217.701726][T11749] RSP: 002b:00007f3a757f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  217.701749][T11749] RAX: ffffffffffffffda RBX: 00007f3a773b5fa0 RCX: 00007f3a7718e9a9
[  217.701788][T11749] RDX: 0000000000000002 RSI: 0000200000000e40 RDI: 0000000000000003
[  217.701804][T11749] RBP: 00007f3a757f7090 R08: 0000000000000000 R09: 0000000000000000
[  217.701817][T11749] R10: 0000000000000844 R11: 0000000000000246 R12: 0000000000000001
[  217.701829][T11749] R13: 0000000000000000 R14: 00007f3a773b5fa0 R15: 00007ffc138f33b8
[  217.701849][T11749]  </TASK>
[  217.934266][T11750] loop3: detected capacity change from 0 to 512
[  217.943957][T11750] EXT4-fs: Ignoring removed nomblk_io_submit option
[  217.966132][T11750] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  217.974288][T11750] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01d, mo2=0102]
[  217.987746][T11750] EXT4-fs (loop3): couldn't mount RDWR because of unsupported optional features (80)
[  217.997558][T11750] EXT4-fs (loop3): Skipping orphan cleanup due to unknown ROCOMPAT features
[  218.006756][T11750] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  218.019827][T11750] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.033359][T11753] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(10)
[  218.040037][T11753] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  218.047796][T11753] vhci_hcd vhci_hcd.0: Device attached
[  218.057411][T11758] vhci_hcd: connection closed
[  218.067077][ T7801] vhci_hcd: stop threads
[  218.076511][ T7801] vhci_hcd: release socket
[  218.081167][ T7801] vhci_hcd: disconnect device
[  218.335403][T11771] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  218.412367][T11771] SELinux: failed to load policy
[  218.470185][T11774] netlink: 'syz.3.3037': attribute type 3 has an invalid length.
[  218.478031][T11774] netlink: 224 bytes leftover after parsing attributes in process `syz.3.3037'.
[  219.027697][T11795] loop1: detected capacity change from 0 to 128
[  219.034836][T11795] vfat: Unknown parameter 'usi_xlate'
[  219.474096][   T36] IPVS: starting estimator thread 0...
[  219.481151][T11802] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  219.559978][T11802] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3046'.
[  219.571014][T11804] IPVS: using max 2448 ests per chain, 122400 per kthread
[  219.594989][T11802] ipvlan2: entered promiscuous mode
[  219.832962][T11809] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3048'.
[  219.947080][T11814] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3050'.
[  220.777419][T11827] netlink: 76 bytes leftover after parsing attributes in process `syz.4.3045'.
[  221.013580][   T29] kauditd_printk_skb: 281 callbacks suppressed
[  221.013595][   T29] audit: type=1400 audit(1753874599.176:22429): avc:  denied  { ioctl } for  pid=11834 comm="syz.4.3058" path="socket:[34847]" dev="sockfs" ino=34847 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  221.086815][   T29] audit: type=1400 audit(1753874599.236:22430): avc:  denied  { setopt } for  pid=11836 comm="syz.3.3059" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  221.117342][T11833] SELinux: ebitmap: truncated map
[  221.136728][T11833] SELinux: failed to load policy
[  221.242622][T11846] loop4: detected capacity change from 0 to 512
[  221.249440][T11846] EXT4-fs: Ignoring removed nomblk_io_submit option
[  221.257590][T11846] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  221.265600][T11846] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01d, mo2=0102]
[  221.273723][T11848] loop1: detected capacity change from 0 to 512
[  221.275495][T11846] EXT4-fs (loop4): couldn't mount RDWR because of unsupported optional features (80)
[  221.280756][T11848] EXT4-fs: Ignoring removed nomblk_io_submit option
[  221.289535][T11846] EXT4-fs (loop4): Skipping orphan cleanup due to unknown ROCOMPAT features
[  221.305532][T11846] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  221.318316][T11846] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.318440][T11848] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  221.335556][T11848] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01d, mo2=0102]
[  221.351405][T11848] EXT4-fs (loop1): couldn't mount RDWR because of unsupported optional features (80)
[  221.361028][T11848] EXT4-fs (loop1): Skipping orphan cleanup due to unknown ROCOMPAT features
[  221.371768][T11848] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  221.385150][T11848] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.439054][   T29] audit: type=1326 audit(1753874599.593:22431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11861 comm="syz.1.3068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a7718e9a9 code=0x7ffc0000
[  221.463012][   T29] audit: type=1326 audit(1753874599.593:22432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11861 comm="syz.1.3068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=221 compat=0 ip=0x7f3a7718e9a9 code=0x7ffc0000
[  221.486615][   T29] audit: type=1326 audit(1753874599.593:22433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11861 comm="syz.1.3068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a7718e9a9 code=0x7ffc0000
[  221.510282][   T29] audit: type=1326 audit(1753874599.593:22434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11861 comm="syz.1.3068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a7718e9a9 code=0x7ffc0000
[  221.674599][   T29] audit: type=1326 audit(1753874599.821:22435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11867 comm="syz.0.3070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9fd99e9a9 code=0x7ffc0000
[  221.698321][   T29] audit: type=1326 audit(1753874599.821:22436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11867 comm="syz.0.3070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9fd99e9a9 code=0x7ffc0000
[  221.726441][   T29] audit: type=1326 audit(1753874599.871:22437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11867 comm="syz.0.3070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=109 compat=0 ip=0x7fe9fd99e9a9 code=0x7ffc0000
[  221.750196][   T29] audit: type=1326 audit(1753874599.871:22438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11867 comm="syz.0.3070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9fd99e9a9 code=0x7ffc0000
[  221.776094][T11868] netlink: 'syz.0.3070': attribute type 3 has an invalid length.
[  221.783946][T11868] netlink: 224 bytes leftover after parsing attributes in process `syz.0.3070'.
[  221.798734][T11865] netlink: 76 bytes leftover after parsing attributes in process `syz.1.3069'.
[  221.887787][T11878] SELinux: ebitmap: truncated map
[  221.893340][T11878] SELinux: failed to load policy
[  222.003510][T11887] loop2: detected capacity change from 0 to 512
[  222.010138][T11887] EXT4-fs: Ignoring removed nomblk_io_submit option
[  222.018233][T11887] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  222.026241][T11887] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01d, mo2=0102]
[  222.034410][T11887] EXT4-fs (loop2): couldn't mount RDWR because of unsupported optional features (80)
[  222.043961][T11887] EXT4-fs (loop2): Skipping orphan cleanup due to unknown ROCOMPAT features
[  222.146907][T11892] loop2: detected capacity change from 0 to 512
[  222.174925][T11892] EXT4-fs: Ignoring removed nomblk_io_submit option
[  222.183387][T11892] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  222.191487][T11892] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01d, mo2=0102]
[  222.201473][T11892] EXT4-fs (loop2): couldn't mount RDWR because of unsupported optional features (80)
[  222.211097][T11892] EXT4-fs (loop2): Skipping orphan cleanup due to unknown ROCOMPAT features
[  222.310091][T11901] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3082'.
[  222.352735][T11903] netlink: 'syz.4.3083': attribute type 3 has an invalid length.
[  222.360692][T11903] netlink: 224 bytes leftover after parsing attributes in process `syz.4.3083'.
[  222.578601][T11910] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3085'.
[  222.794317][T11919] loop1: detected capacity change from 0 to 512
[  222.812725][T11919] EXT4-fs: Ignoring removed nomblk_io_submit option
[  222.831846][T11919] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  222.839890][T11919] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01d, mo2=0102]
[  222.877932][T11919] EXT4-fs (loop1): couldn't mount RDWR because of unsupported optional features (80)
[  222.887592][T11919] EXT4-fs (loop1): Skipping orphan cleanup due to unknown ROCOMPAT features
[  222.937642][T11922] SELinux:  policydb magic number 0x4c5047 does not match expected magic number 0xf97cff8c
[  222.959312][T11922] SELinux: failed to load policy
[  223.017781][T11933] netlink: 'syz.1.3094': attribute type 3 has an invalid length.
[  223.025712][T11933] netlink: 224 bytes leftover after parsing attributes in process `syz.1.3094'.
[  223.043108][T11926] loop3: detected capacity change from 0 to 512
[  223.060787][T11926] EXT4-fs: Ignoring removed nomblk_io_submit option
[  223.081022][T11926] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  223.089057][T11926] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01d, mo2=0102]
[  223.099189][T11926] EXT4-fs (loop3): couldn't mount RDWR because of unsupported optional features (80)
[  223.108986][T11926] EXT4-fs (loop3): Skipping orphan cleanup due to unknown ROCOMPAT features
[  223.139034][T11939] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3096'.
[  223.297480][T11951] loop1: detected capacity change from 0 to 512
[  223.315079][T11951] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  223.343372][T11951] EXT4-fs (loop1): 1 truncate cleaned up
[  223.359485][T11951] 9pnet: p9_errstr2errno: server reported unknown error 25 vlen=2
[  223.359485][T11951] 	 type_id=8579064 offset=2048 size=6 Invalid 
[  223.538267][T11957] loop1: detected capacity change from 0 to 512
[  223.557056][T11957] EXT4-fs: Ignoring removed nomblk_io_submit option
[  223.574180][T11957] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  223.582322][T11957] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01d, mo2=0102]
[  223.610878][T11957] EXT4-fs (loop1): couldn't mount RDWR because of unsupported optional features (80)
[  223.620445][T11957] EXT4-fs (loop1): Skipping orphan cleanup due to unknown ROCOMPAT features
[  223.723697][T11963] netlink: 'syz.1.3105': attribute type 3 has an invalid length.
[  224.074811][T11988] netlink: 'syz.4.3117': attribute type 3 has an invalid length.
[  224.472430][T11992] loop3: detected capacity change from 0 to 512
[  224.479369][T11992] EXT4-fs: Ignoring removed nomblk_io_submit option
[  224.487588][T11992] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  224.495623][T11992] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01d, mo2=0102]
[  224.505996][T11992] EXT4-fs (loop3): couldn't mount RDWR because of unsupported optional features (80)
[  224.515824][T11992] EXT4-fs (loop3): Skipping orphan cleanup due to unknown ROCOMPAT features
[  224.524979][T11992] EXT4-fs mount: 12 callbacks suppressed
[  224.525015][T11992] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  224.543446][T11992] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.580006][T12005] loop4: detected capacity change from 0 to 128
[  224.586549][T12005] vfat: Unknown parameter 'ut'
[  224.789562][T12022] netlink: 'syz.2.3128': attribute type 3 has an invalid length.
[  225.353707][T12045] loop3: detected capacity change from 0 to 128
[  225.373563][T12045] vfat: Unknown parameter 'ut'
[  225.476741][ T3570] IPVS: starting estimator thread 0...
[  225.482370][T12052] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  225.545402][T12059] netlink: 'syz.3.3140': attribute type 3 has an invalid length.
[  225.553291][T12059] __nla_validate_parse: 6 callbacks suppressed
[  225.553307][T12059] netlink: 224 bytes leftover after parsing attributes in process `syz.3.3140'.
[  225.601594][T12056] IPVS: using max 1728 ests per chain, 86400 per kthread
[  225.665368][T12067] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3142'.
[  225.718325][T12068] wg2: entered promiscuous mode
[  225.723339][T12068] wg2: entered allmulticast mode
[  225.983963][T12090] SELinux:  policydb magic number 0x4c5047 does not match expected magic number 0xf97cff8c
[  226.006672][T12090] SELinux: failed to load policy
[  226.071307][T12098] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  226.080094][   T29] kauditd_printk_skb: 470 callbacks suppressed
[  226.080118][   T29] audit: type=1326 audit(1753874604.201:22909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12096 comm="syz.2.3155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb404c6e9a9 code=0x7ffc0000
[  226.131445][T12097] netlink: 'syz.2.3155': attribute type 3 has an invalid length.
[  226.139252][T12097] netlink: 224 bytes leftover after parsing attributes in process `syz.2.3155'.
[  226.178806][   T29] audit: type=1326 audit(1753874604.231:22910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12096 comm="syz.2.3155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=109 compat=0 ip=0x7fb404c6e9a9 code=0x7ffc0000
[  226.202771][   T29] audit: type=1326 audit(1753874604.231:22911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12096 comm="syz.2.3155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb404c6e9a9 code=0x7ffc0000
[  226.211466][T12106] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3156'.
[  226.226528][   T29] audit: type=1326 audit(1753874604.231:22912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12096 comm="syz.2.3155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb404c6e9a9 code=0x7ffc0000
[  226.259357][   T29] audit: type=1326 audit(1753874604.251:22913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12096 comm="syz.2.3155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb404c6e9a9 code=0x7ffc0000
[  226.283015][   T29] audit: type=1326 audit(1753874604.251:22914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12096 comm="syz.2.3155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb404c6e9a9 code=0x7ffc0000
[  226.306636][   T29] audit: type=1326 audit(1753874604.251:22915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12096 comm="syz.2.3155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb404c6e9a9 code=0x7ffc0000
[  226.330511][   T29] audit: type=1326 audit(1753874604.251:22916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12096 comm="syz.2.3155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb404c6e9a9 code=0x7ffc0000
[  226.354238][   T29] audit: type=1326 audit(1753874604.251:22917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12096 comm="syz.2.3155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb404c6e9a9 code=0x7ffc0000
[  226.378055][   T29] audit: type=1326 audit(1753874604.251:22918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12096 comm="syz.2.3155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb404c6e9a9 code=0x7ffc0000
[  226.403150][T12111] wg2: left promiscuous mode
[  226.407817][T12111] wg2: left allmulticast mode
[  226.461957][T12111] wg2: entered promiscuous mode
[  226.466933][T12111] wg2: entered allmulticast mode
[  226.560200][T12125] SELinux: ebitmap: truncated map
[  226.566972][T12125] SELinux: failed to load policy
[  226.579301][T12085] loop3: detected capacity change from 0 to 512
[  226.588362][T12085] EXT4-fs: Ignoring removed nomblk_io_submit option
[  226.596183][T12085] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  226.604320][T12085] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01d, mo2=0102]
[  226.614324][T12085] EXT4-fs (loop3): couldn't mount RDWR because of unsupported optional features (80)
[  226.623912][T12085] EXT4-fs (loop3): Skipping orphan cleanup due to unknown ROCOMPAT features
[  226.625105][T12132] loop4: detected capacity change from 0 to 512
[  226.637019][T12085] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  226.642350][T12132] EXT4-fs error (device loop4): ext4_iget_extra_inode:5035: inode #15: comm syz.4.3165: corrupted in-inode xattr: invalid ea_ino
[  226.651760][T12085] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.666477][T12132] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.3165: couldn't read orphan inode 15 (err -117)
[  226.686311][T12132] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  227.392741][T12144] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3168'.
[  227.496797][T12148] netlink: 'syz.1.3170': attribute type 3 has an invalid length.
[  227.504739][T12148] netlink: 224 bytes leftover after parsing attributes in process `syz.1.3170'.
[  227.552583][T11234] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  227.630826][T12157] wg2: left promiscuous mode
[  227.635527][T12157] wg2: left allmulticast mode
[  227.643420][T12157] wg2: entered promiscuous mode
[  227.648551][T12157] wg2: entered allmulticast mode
[  227.737407][T12179] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3182'.
[  227.789383][T12181] loop2: detected capacity change from 0 to 512
[  227.797695][T12181] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.3183: corrupted in-inode xattr: invalid ea_ino
[  227.811378][T12181] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.3183: couldn't read orphan inode 15 (err -117)
[  227.824021][T12181] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  228.308532][T12203] wg2: left promiscuous mode
[  228.313270][T12203] wg2: left allmulticast mode
[  228.320223][T12203] wg2: entered promiscuous mode
[  228.325237][T12203] wg2: entered allmulticast mode
[  228.351691][T12206] netlink: 7 bytes leftover after parsing attributes in process `syz.3.3193'.
[  228.361248][T12206] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3193'.
[  228.387933][T12208] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3194'.
[  228.660613][T12222] SELinux:  policydb magic number 0x4c5047 does not match expected magic number 0xf97cff8c
[  228.671881][T12222] SELinux: failed to load policy
[  228.957953][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  229.050864][T12235] ==================================================================
[  229.059384][T12235] BUG: KCSAN: data-race in ip_vs_add_service / ip_vs_out_hook
[  229.067610][T12235] 
[  229.069965][T12235] write to 0xffff88810c301004 of 4 bytes by task 12242 on cpu 0:
[  229.077710][T12235]  ip_vs_add_service+0xa18/0xa70
[  229.082781][T12235]  do_ip_vs_set_ctl+0x6ec/0x8c0
[  229.087666][T12235]  nf_setsockopt+0x196/0x1b0
[  229.092372][T12235]  ip_setsockopt+0x102/0x110
[  229.097001][T12235]  udp_setsockopt+0x99/0xb0
[  229.101624][T12235]  sock_common_setsockopt+0x69/0x80
[  229.106853][T12235]  __sys_setsockopt+0x184/0x200
[  229.111740][T12235]  __x64_sys_setsockopt+0x64/0x80
[  229.116806][T12235]  x64_sys_call+0x2bd5/0x2fb0
[  229.121503][T12235]  do_syscall_64+0xd2/0x200
[  229.126024][T12235]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.131936][T12235] 
[  229.134269][T12235] read to 0xffff88810c301004 of 4 bytes by task 12235 on cpu 1:
[  229.141912][T12235]  ip_vs_out_hook+0x1c1/0x920
[  229.146611][T12235]  nf_hook_slow+0x75/0x180
[  229.151068][T12235]  __ip_local_out+0x2cb/0x2f0
[  229.155775][T12235]  ip_send_skb+0x32/0x140
[  229.160132][T12235]  udp_send_skb+0x6e3/0xa40
[  229.164661][T12235]  udp_sendmsg+0x1050/0x13b0
[  229.169270][T12235]  inet_sendmsg+0xac/0xd0
[  229.173623][T12235]  __sock_sendmsg+0x102/0x180
[  229.178325][T12235]  ____sys_sendmsg+0x345/0x4e0
[  229.183126][T12235]  ___sys_sendmsg+0x17b/0x1d0
[  229.187818][T12235]  __sys_sendmmsg+0x178/0x300
[  229.192529][T12235]  __x64_sys_sendmmsg+0x57/0x70
[  229.197412][T12235]  x64_sys_call+0x2f2f/0x2fb0
[  229.202118][T12235]  do_syscall_64+0xd2/0x200
[  229.206645][T12235]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.212561][T12235] 
[  229.214896][T12235] value changed: 0x00000000 -> 0x00000001
[  229.220630][T12235] 
[  229.222970][T12235] Reported by Kernel Concurrency Sanitizer on:
[  229.229138][T12235] CPU: 1 UID: 0 PID: 12235 Comm: syz.2.3205 Not tainted 6.16.0-rc7-syzkaller-00018-g01a412d06bc5 #0 PREEMPT(voluntary) 
[  229.242103][T12235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  229.252201][T12235] ==================================================================
[  229.274410][T12235] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  229.313561][ T3570] IPVS: starting estimator thread 0...
[  229.426916][T12245] IPVS: using max 2160 ests per chain, 108000 per kthread