last executing test programs:

4m41.490274687s ago: executing program 1 (id=202):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000840)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@mb_optimize_scan}]}, 0x1, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000740)='./file1\x00', 0x183042, 0x15)
pwrite64(r0, &(0x7f0000000140)='2', 0xfdef, 0xe7c)
r1 = open(0x0, 0x2, 0x80)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000002040)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_elf32(r2, &(0x7f0000000a00)=ANY=[@ANYBLOB="7f454c4604070003070000000000000002000300030000000903000038000000fcffffff0e000000000020000100050000000000000000000300000008000000f30000007f00000004"], 0x58)
close(r2)
openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x28240, 0xda)
rmdir(&(0x7f0000000300)='./file1\x00')
execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)
arch_prctl$ARCH_GET_GS(0x1004, &(0x7f0000000080))
read$rfkill(r1, &(0x7f0000000100), 0x8)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000280), 0x8)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[@ANYBLOB="9feb01001800000000000000610000006100000008000000030000000000000803000000000000000000000300000000050000000200000010000000050000000200000f01000000050000400900000004000000040000000600004e1fb400000000000000000000030000000002000000020011000700"], &(0x7f00000002c0)=""/166, 0x84, 0xa6, 0x0, 0x200, 0x10000, @value=r2}, 0x28)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc1ffb}]})
io_setup(0x2007, &(0x7f0000000980)=<r3=>0x0)
io_destroy(r3)

4m40.687751312s ago: executing program 1 (id=213):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x23)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x6}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_MEMORY_LIMIT={0x8, 0x8, 0x100}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2}, 0x2000400c)
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000340)='kmem_cache_free\x00', r3}, 0x18)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r4}, 0x18)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_DISALLOCATE(r5, 0x5608)

4m40.636585026s ago: executing program 1 (id=216):
bpf$TOKEN_CREATE(0x24, &(0x7f00000002c0), 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000d40)={0x4, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8fff7ff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001000000b70500000000e000720aa3fe00000000850000000a000000b70000000000000095000000000000004e6258941c823b7505608556ba4ababb42684e890d31ae450400373a0a5447a801b8c1c4f0c4bd97c6555e61345400f9bd42abeb9ade0105000000000000a21902ff07000094a2b51c21df74924f5436a6ed89b98f75e800230c49c90fe1336481f3b92a63336c36fcd745d61d7739c6554ca201000000bebbe8282f8b1e26407437a397bf8f50e87ed4d27adfd876bffc402887781979461c4363bc5c9b6202ea471428197ef88bc333fbcec0ea4334f1ddb9d679ae95a90fd41d528f587e05000000435883df6c10ce86188c92292b2d0226082960be682836bdff8b0971f2a5405e453228e7b1005bd73479358a90df3e481947de6453736aa572158af6ea63d6d418fbbd2bba050000001da000ef78df03000000d19913a5fb03c79dac2e489f68127892658115e7ffb588a71dffffff951b8535167ab8069a2c92a3aa18e22517000026637b4c34bf2d0aa304ed42bf70480e9e97203fd169411f37fddd1f7fbe16dbbc0f307bceb5064f388a0350c3dc9271aa8b0e638b1e2b2a9d25264233e5d45eb377f56b95241024dbe30f67191c2b56b70328d6d3215dfffe5d89af1d10599bd494d921d1fb2db99b6aba0fa978f41eb1d4c553e5a9326ed550c13f8dd36716a899a1e79234294707c5312b924d142c17b20bb80ee202222c03fa84ccc374e717f694018630366397266090a82343aedfbf7afe892390c2eb775b0d16073da2229958db05de7df6ab7600004000010000006d8081cb3bf251d906c00da0e23b50465f8394820be571e3592d0000c7ef10fdc462e7040e7074ec43aa461fc54401a76406db718d4efd6c1bd10ce1d087cf9bba461162555a95524c84df0952d32093082b7aa71304e0d2d9ec310d1b676b378a5879e47941de1a28c3a8f400000000000000000e032b7d2badd0bc6617a859b7ac273b6304555f664469cec152030f06cc0ca1765838eb5590264736fbccfc3a8f4e3b10daf6a275daf5db2dac7096fe8ac8876acaad043663b3b0fedb05e6d31408fa20140c9d2db1c59ac8a3ce28e489d67d87d3a107ccea3007f58f2c5017e8807107f79ac50cc1d4f546b4443d137eb706b71b1767a10cca7a7c82b76c96e874aff249f36329a6526b354b6e674b08f7ef492b804c4b08fb10de807d79fd782027318cd7632e22d2faa16209272b39b5ec8d239832ea02cc88e249a2e77753a58987547571fbc8de747faab724bebb6401412b496e078fcb6c78ab447e871b76a8b0506f49594aa1d610567e14d739a60ff3ce04d0d2e5681e787c7e1ad25467bb81f2f440128207fe07a83759ec30cf9e0a3fd3f2fcee97fe8d273f8e712a8a64eaf2d89a1fa44554357fcd7ab531ff7a41c27164fca430a62d015b477de61853f5ee2e25b00a63642ec32ece2ff3bb5883deb895f52a923b5c744d8dccdd6a09ded8b90f1eeda8e6e884a4f090edb6ab9fc8107846508d51f3735493d5860cf80200ce31b92eb3563d485b5a7d192092d7a9fd2bc67d305d1d1b4b8345f6501d1cd27657ce17330402dacb78d72d776330711645eed7d4c292f4448733c0826c4eb950f3d40457f82d7f792d106518f6bde874aff9e2bea7d73f74bebeeacfc700000000000000000000d40d73be47803297db004264c8c70b7761b22a7114a078a87d63d63b0c9dcc263a5b773bfeba212abef4181ad9e4872e328c0f105d5100000000b717051d7681ba04552eeba18a000000b22b50d76d85040c9000ea68a528049a60d5e26b20455194f4be3b8466fd66d0e6cefcff7891c485d61cb66f4076cd60a22733cb00cf7cc12ca7d9bb864c0e650236a79a5c85349a9b1e6bbc3bace197e72490c566431cd3a08e9d1b641c1ba1f661d01573b904c3fa1427370fa15cecd294ac21fefe3d161fdf58e8bc5957ef145839f4370176e1be88d2e3516a1998c1621a00b4438b85a4dfee6f61827a1e50e158038b037dfda3ffb35069e41fc740ae720800de53948f176c3c15f3a529c02434b920d87f12a6e3420a2fdcb3559e7a5b1ddbb06b7a5977f63bfac701e673bf626d126b213c92e7169a930beb8d76f9db34e8098bea301baa96916d6458c923866dc192928b320738d1b298fb55f2a64500000000000000000000000000509885a38d9d995a46817e7ff7acddcc5f9253c63f86baf33f92820c9ff497cf76b6482c3ab53fb6ecea6d220b91b99b2fb4279ab09ae0645ab92df309000000000000a4868411948f8e3e259b717d722a1eebd3f6860a17f1ae9e10a1178f6aef4951b192d13e9600c1f700ca7b1d127e451034469bf2a8f93dbae6ad8e932e431dc18323794156238625bb9c45c5a76a68a8646e701b29a71ffbd854f50f195823106a5625ff94221f1f04c72525b50aae69081de9626de9847bf53475d90642d9730101d80b1b0000000000000000822b0641698d60160d9157548302dd2636d12c431f96728ae4a45361e6d47a1c4a52d67c0f0a62585c09fcfd70d0f249f87c44b47283c1c6f2430d70c751e4ada9b646e6e7c1719faee476d88a2943c71a21db55b7497dd7ed385ac2e8cb916390a3a0ed141e69afa07b46ac20f3521fb251b72c82ee1c7eb4f67c0deed5618d0db925ce7a7c50a99835544c540f5d528587d1a26e78df1bc9a8e4d90c57d0b8122eae7b23e4456624f5337c16c42648c7a3d0b799ad409befe0cbe2aa781ba826918df7aa80dff4f62258e54419629eb1d37de7f6a3512bd618781d1ad3a4d4b0da44df9f9a93f0487f79a9b16dfa6f68b06ce6a96ca344d194cded05702c2300d1a4f451b33830765f8131f6c28fada65701851bba089b8a8347900e72d68cea965feb6a06225dd3f0e135323a5bde3b43c9d242b73abf9e05336af040a4a6bb5918146393f1d50705c1d1e986bf2f690de51ee8727d37339df5391db535bb1e9bb3e5dadb6e5a2bb4faa2dcbc6ca9b40ac96e448b9dadeb08fc2cf3a960f22bf20b9e967b7a75687372b8e3edc543896c360674d901a7f56b07ba1479b46eea3d94026a9c7e670ab40bb2c1ca1a7c90299361239bef"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00'}, 0x18)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x10004801)
r0 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r0, &(0x7f0000000000)={0x2a, 0x2, 0x7ffe}, 0xc)
bind$qrtr(r0, &(0x7f00000000c0)={0x2a, 0x1, 0x7fff}, 0xc)
r1 = socket$netlink(0x10, 0x3, 0xf)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18030000000000000000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x18)
r4 = socket$netlink(0x10, 0x3, 0xf)
bind$netlink(r4, &(0x7f0000000a40)={0x10, 0x0, 0x25dfdbfb, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000000), 0x4)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r4, 0x10e, 0x4, &(0x7f00000003c0)=0x6, 0xdc)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000000108f4ffffff0000000000000a000002"], 0x14}, 0x1, 0x0, 0x0, 0x20000050}, 0x40)
syz_open_dev$tty20(0xc, 0x4, 0x0)
openat$selinux_access(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)

4m40.587380511s ago: executing program 1 (id=217):
r0 = socket(0xa, 0x3, 0x38)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000003, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', <r4=>0x0})
sendmsg$ETHTOOL_MSG_WOL_GET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010029bd7000000000001b0000000c00018008000100", @ANYRES32=r4, @ANYRESHEX=r1], 0x20}}, 0x0)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r0, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r2, 0x2, 0x70bd2a, 0x25dfdbfe, {}, [@ETHTOOL_A_PAUSE_TX={0x5, 0x4, 0x1}]}, 0x1c}}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = socket(0x1e, 0x4, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mkdir(&(0x7f0000000140)='./control\x00', 0x5)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffa}]})
rmdir(&(0x7f0000000100)='./control\x00')
setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000140)=@req={0x2, 0xb, 0x8000, 0x3}, 0x10)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f00000005c0)=@mangle={'mangle\x00', 0x2, 0x6, 0x580, 0x0, 0x310, 0x0, 0x0, 0x1d8, 0x4b0, 0x4b0, 0x4b0, 0x4b0, 0x4b0, 0x6, 0x0, {[{{@ipv6={@mcast2, @ipv4={'\x00', '\xff\xff', @remote}, [0x0, 0xff, 0xff000000, 0xff000000], [0x0, 0xffffff00, 0xffffff00, 0xffffffff], 'gretap0\x00', 'batadv_slave_0\x00', {}, {0xff}, 0x2b, 0x5, 0x1, 0x18}, 0x0, 0xd0, 0xf8, 0x0, {0x7a00000010000000}, [@inet=@rpfilter={{0x28}, {0x1}}]}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0x0, 0xfc, 0x6}}}}, {{@ipv6={@dev={0xfe, 0x80, '\x00', 0xb4}, @initdev={0xfe, 0x88, '\x00', 0xfd, 0x0}, [0xff], [0xffffff00], '\x00', 'bond_slave_0\x00', {}, {0xff}}, 0x0, 0xf0, 0x138, 0x48000000, {}, [@common=@dst={{0x48}, {0xff, 0x4, 0x0, [0x1, 0x7a, 0xfffd, 0x3f4, 0x0, 0x3, 0x5, 0x0, 0x8, 0x30, 0xe5, 0x4, 0x1, 0x6, 0x0, 0x1], 0x6}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@initdev={0xac, 0x1e, 0x1, 0x0}, 'ip6gre0\x00', {0x4}}}}, {{@ipv6={@remote, @dev={0xfe, 0x80, '\x00', 0xd}, [0x0, 0xffff00, 0xffffffff], [0xffffff00, 0xffffff00, 0xffffff00, 0xff000000], 'nr0\x00', 'vxcan1\x00', {}, {}, 0x62, 0x5, 0x3, 0x20}, 0x0, 0xa8, 0xd0}, @HL={0x28, 'HL\x00', 0x0, {0x2, 0xf}}}, {{@ipv6={@mcast1, @private0, [0xff000000, 0xffffff, 0x0, 0xffffff00], [0xffffff00, 0xffffff00, 0xff, 0xff000000], 'pim6reg1\x00', 'hsr0\x00', {}, {}, 0x6c, 0x80, 0x5, 0x61}, 0x0, 0xa8, 0xd0}, @HL={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5e0)
syz_clone(0x21100, 0x0, 0x0, 0x0, 0x0, 0x0)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r9}, 0x18)
perf_event_open(0x0, 0x0, 0xfffffeffffffffff, 0xffffffffffffffff, 0x0)
socket$rds(0x15, 0x5, 0x0)
setresuid(0x0, 0xee00, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[], 0x48)

4m40.079277678s ago: executing program 1 (id=223):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000005000000000000010018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x18)
syz_emit_ethernet(0x2a, &(0x7f0000000100)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x4, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0x800001c, @multicast1}, {0x1, 0x17c1, 0x8}}}}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r4, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x32, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0xc, &(0x7f00000003c0)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x16, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)
sendmsg$IPCTNL_MSG_CT_GET(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="44000000010101030000000000000000020000000c00198008000100ad04"], 0x44}, 0x1, 0x0, 0x0, 0x801}, 0x0)
socket$packet(0x11, 0x2, 0x300)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=ANY=[@ANYBLOB="3400000015000302289d7000fbdbdf25021010fd", @ANYRES32=r4, @ANYBLOB="140006000700000006000000f3f600000100000008000400ac14141d"], 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1000000004000000080000000900000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000040000000000000000000000000000000000000000000000aa211dd52ff790b722c8c1676a6ca04b10484f0dfecc9d1234856376028a0664210c925350741d363283dac1dad4f226ec280e3ee44838c7f2dc5b882cc5e2f363630102e759e8e4d550e223bcb89df80988bb1c283a8cd271bc0109dde610ed886015dcb3d85aefefaba72ffe9a3f93d4"], 0x50)
renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffffff, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'batadv0\x00', <r9=>0x0})
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000380)={{0x1, 0x1, 0x18, <r10=>r8}, './file2\x00'})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', r9, @fallback=0x4, r10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000010000000000000000000018110000ee901dfd445e080000000000000031e761128bef8d484501c9f63a1fd2f465154a4517392a471e560eb15a18ce5987e252d92428efee8c537e9a49ece7f84a7664708efa418caae9aaa514a027afc7c87538d08d4821ba3b033341a6019584665f1705463b0d10ebdd0336d92a97d50b9aa7ea1bcb4706271708cc9e63fa5679170f641d094be2e8fc8bae57db4b10b7de9a81ab185f1b37cb937b07f88278fab305084fc6a5", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000840000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400004d44e5c585000000820000009500000000000000"], 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r12}, 0x10)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xc5c, &(0x7f00000005c0), 0x3, 0x445, &(0x7f0000000b00)="$eJzs28+PE1UcAPDvTLeLCLgr4g9+qKto3PhjlwVUDh7UaOIBExM96HGzuxCksIZdEyFEwRg8GWPi3Xj0X/CkF2M8mXjVuyEhhgvgqWbaGbYtbdktLUX6+SQD78282fe+nXnte/PaAEbWVPZPErE1Iv6MiIl6trnAVP2/q5fPLly7fHYhiWr13X+SWrkrl88uFEWL87bkmek0Iv0iid1t6l05feb4fKWydCrPz66e+Gh25fSZF46dmD+6dHTp5P5Dhw4emHv5pf0v9iXOrE1Xdn26vGfnWx988/bhr5rib4mjT6a6HXy6Wu1zdcO1rSGdjA2xIWxIKSKyy1Wu9f+JKMXaxZuINz8fauOAgapWq9UtnQ+fqwJ3sSSa87o8jIrigz6b/xZb6yDg1cENP4bu0mv1CVAW99V8qx8ZizQvU26Z3/bTVES8f+7f77ItBvMcAgCgyU/Z+Of5duO/NB5qKHdfvjY0GRH3R8T2iHggInZExIMRtbIPR8QjG6y/dZHkxvFPerGnwNYpG/+9kq9tNY//itFfTJby3LZa/OXkyLHK0r78NZmO8qYsP9eljp/f+OPrTscax3/ZltVfjAXzdlwc29R8zuL86vytxNzo0vmIXWPt4k+urwQkEbEzInb1WMexZ3/Y0+nYzePvog/rTNXvI56pX/9z0RJ/Iem+Pjl7T1SW9s0Wd8WNfvv9wjud6r+l+Psgu/73tr3/r8c/mTSu165svI4Lf33ZcU7T6/0/nrxXS4/n+z6ZX109NRcxnhyuN7px//61c4t8UT6Lf3pv+/6/PdZeid0Rkd3Ej0bEYxHxeN72JyLiyYjY2yX+X19/6sPe4x+sLP7FDV3/tcR4tO5pnygd/+XHpkonb4j/Wvfrf7CWms73rOf9bz3t6u1uBgAAgP+fNCK2RpLOXE+n6cxM/fvyOyLSyvLK6nNHlj8+uVj/jcBklNPiSddEw/PQuXxaX8+fj4j6VwuK4wfy58bfljbX8jMLy5XFYQcPI25Lh/6f+bs07NYBA+f3WjC69H8YXfo/jC79H0ZXm/6/eRjtAG6/dp//nw2hHcDt19L/LfvBCDH/h9Gl/8Po0v9hJK1sjpv/SL5rovhLPZ5+1yaifEc0Y2CJSO+IZkgMKDHc9yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB++S8AAP///fHg0g==")
r13 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0)
pwrite64(r13, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
lseek(r13, 0x5, 0x4)

4m39.800640814s ago: executing program 1 (id=224):
bpf$MAP_CREATE(0x0, 0x0, 0x48) (async)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socket$packet(0x11, 0x3, 0x300) (async)
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket(0x10, 0x80003, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x7, 0x4, 0x80, 0x1, 0x28}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x18) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x18)
syz_open_procfs(0x0, &(0x7f0000000140)='net/netlink\x00')
close_range(r1, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'xfrm0\x00', <r4=>0x0})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) (async)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r5}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r5}, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) (async)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r9, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0xd, 0xfffffffb, 0x7fffffff}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084)
sendmsg$nl_route_sched(r6, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000b00)=@newqdisc={0x44, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r9, {}, {0x10d9bc9a72cb4bea}, {0x2, 0x1}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x0, 0x5}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x40098}, 0x0)
pipe2(&(0x7f0000001cc0)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff}, 0x80000)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r10}, 0x2c, {'wfdno', 0x3d, r11}, 0x2c, {[{@access_uid}]}}) (async)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r10}, 0x2c, {'wfdno', 0x3d, r11}, 0x2c, {[{@access_uid}]}})
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x2010400, &(0x7f0000000240)={[{@errors_remount}, {@grpquota}, {@i_version}, {@inlinecrypt}]}, 0x21, 0x44b, &(0x7f0000000dc0)="$eJzs281vG0UbAPBn7aR9274lKSof/YAGCqICkTRpgR44tAgkDiAhwaEcQ5JWoW6DmiDRKoKAUDmiShy4IY5I/AWc4IKAExJXuKNKFcqlhZPR2ruJ49hJnNh1iH8/aZWZ3XFmHu+OPbPjDaBnDUXEpxHx/4j4PSIGIiKpLzBU/XN3cX7i78X5iSTK5Tf/Sirl7izOT+RF89ftyzML1fyRBvXOXrt+abxUmrqa5UfmLr83Mnvt+rPTl8cvTl2cujJ25szpU6MvPD/2XFviTNt05/CHM0cPvfr2zdcnzt985+dvkyy8qIujTYbWOvhkmyvrtv016aSviw2hJcWISE9Xf6X/D0Qxlk/eQLzySVcbB3RUuVwu725+eKEM7GBJdLsFQHfkX/Tp/Dff7tHQY1u4fa46AUrjvptt1SN9UcjK9NfNb9spnW2dX/jnq3SLztyHAABY4ftz1b+rx3+FeLCm3NlsbWgwIg7ULG4cjIgHIiplH4qIh1usv36RZPX4p3CrxX/ZknT892K2trVy/JeP/mKwmOX2V+LvTy5Ml6ZORsR9EXEi+nen+dE16vjh5d8+b3ZsqGb8l25p/flYMGvHrb66G3ST43PjW4m51u2PIw73NYo/WVoJSCLiUEQcPra5Oqaf/uZos2Prx7+GNqwzlb+OeKp6/heiLv5csvb65Mj/ojR1ciS/Klb75dcbbzSrv9X4D3y5PGdrh/T87214/S/FP1gu1qzXzrZex40/Pms6p9ns9b8reauS3pXt+2B8bu7qaMSu5LVs/9nl/WPLr83zefk0/hPHG/f/+2P5nTgSEelF/EhEPBoRx7K2PxYRj0fE8TXi/+mlJ97dfPydlcY/uc75T2rX6zeRKF768bsVlQ62En96/k9XUieyPRv5/NtoA7f6/gEAAMB/QaHy2/+kMLyULhSGh6u/lz8Yewulmdm5Zy7MvH9lsvqMwGD0F/I7XQM190NHs2l9nh+ry5/K7ht/UdxTyQ9PzJQmux089Lh9Tfp/6s9it1sHdJzntaB36f/Qu/R/6F36P/SsRs//79lAGWAHaPT9/1EX2gHce8b/0Lta7f/VyYEpAewEvv+hd+n/0JO28lx/JxP5+sN2ac+KRLm8Xpm+7dLUziWisC2aIdGhRJc/mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANrk3wAAAP//+TvoKw==")
bind$packet(r0, &(0x7f0000000040)={0x11, 0x1, r4, 0x1, 0x9}, 0x14)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r11, 0x89f2, &(0x7f0000000140)={'ip6tnl0\x00', &(0x7f00000000c0)={'ip6gre0\x00', 0x0, 0x29, 0x87, 0x10, 0x4, 0x1, @private2={0xfc, 0x2, '\x00', 0x1}, @empty, 0x700, 0x700, 0x90}})
r12 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route_sched(r12, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000440)=@getchain={0x24, 0x11, 0x1, 0x70bd2a, 0x2000001, {0x0, 0x0, 0x0, r4, {0x7, 0xa}, {0xd, 0xffe0}, {0x8, 0x9}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x20048054)

4m24.771202782s ago: executing program 32 (id=224):
bpf$MAP_CREATE(0x0, 0x0, 0x48) (async)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socket$packet(0x11, 0x3, 0x300) (async)
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket(0x10, 0x80003, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x7, 0x4, 0x80, 0x1, 0x28}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x18) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x18)
syz_open_procfs(0x0, &(0x7f0000000140)='net/netlink\x00')
close_range(r1, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'xfrm0\x00', <r4=>0x0})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) (async)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r5}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r5}, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) (async)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r9, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0xd, 0xfffffffb, 0x7fffffff}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084)
sendmsg$nl_route_sched(r6, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000b00)=@newqdisc={0x44, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r9, {}, {0x10d9bc9a72cb4bea}, {0x2, 0x1}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x0, 0x5}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x40098}, 0x0)
pipe2(&(0x7f0000001cc0)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff}, 0x80000)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r10}, 0x2c, {'wfdno', 0x3d, r11}, 0x2c, {[{@access_uid}]}}) (async)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r10}, 0x2c, {'wfdno', 0x3d, r11}, 0x2c, {[{@access_uid}]}})
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x2010400, &(0x7f0000000240)={[{@errors_remount}, {@grpquota}, {@i_version}, {@inlinecrypt}]}, 0x21, 0x44b, &(0x7f0000000dc0)="$eJzs281vG0UbAPBn7aR9274lKSof/YAGCqICkTRpgR44tAgkDiAhwaEcQ5JWoW6DmiDRKoKAUDmiShy4IY5I/AWc4IKAExJXuKNKFcqlhZPR2ruJ49hJnNh1iH8/aZWZ3XFmHu+OPbPjDaBnDUXEpxHx/4j4PSIGIiKpLzBU/XN3cX7i78X5iSTK5Tf/Sirl7izOT+RF89ftyzML1fyRBvXOXrt+abxUmrqa5UfmLr83Mnvt+rPTl8cvTl2cujJ25szpU6MvPD/2XFviTNt05/CHM0cPvfr2zdcnzt985+dvkyy8qIujTYbWOvhkmyvrtv016aSviw2hJcWISE9Xf6X/D0Qxlk/eQLzySVcbB3RUuVwu725+eKEM7GBJdLsFQHfkX/Tp/Dff7tHQY1u4fa46AUrjvptt1SN9UcjK9NfNb9spnW2dX/jnq3SLztyHAABY4ftz1b+rx3+FeLCm3NlsbWgwIg7ULG4cjIgHIiplH4qIh1usv36RZPX4p3CrxX/ZknT892K2trVy/JeP/mKwmOX2V+LvTy5Ml6ZORsR9EXEi+nen+dE16vjh5d8+b3ZsqGb8l25p/flYMGvHrb66G3ST43PjW4m51u2PIw73NYo/WVoJSCLiUEQcPra5Oqaf/uZos2Prx7+GNqwzlb+OeKp6/heiLv5csvb65Mj/ojR1ciS/Klb75dcbbzSrv9X4D3y5PGdrh/T87214/S/FP1gu1qzXzrZex40/Pms6p9ns9b8reauS3pXt+2B8bu7qaMSu5LVs/9nl/WPLr83zefk0/hPHG/f/+2P5nTgSEelF/EhEPBoRx7K2PxYRj0fE8TXi/+mlJ97dfPydlcY/uc75T2rX6zeRKF768bsVlQ62En96/k9XUieyPRv5/NtoA7f6/gEAAMB/QaHy2/+kMLyULhSGh6u/lz8Yewulmdm5Zy7MvH9lsvqMwGD0F/I7XQM190NHs2l9nh+ry5/K7ht/UdxTyQ9PzJQmux089Lh9Tfp/6s9it1sHdJzntaB36f/Qu/R/6F36P/SsRs//79lAGWAHaPT9/1EX2gHce8b/0Lta7f/VyYEpAewEvv+hd+n/0JO28lx/JxP5+sN2ac+KRLm8Xpm+7dLUziWisC2aIdGhRJc/mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANrk3wAAAP//+TvoKw==")
bind$packet(r0, &(0x7f0000000040)={0x11, 0x1, r4, 0x1, 0x9}, 0x14)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r11, 0x89f2, &(0x7f0000000140)={'ip6tnl0\x00', &(0x7f00000000c0)={'ip6gre0\x00', 0x0, 0x29, 0x87, 0x10, 0x4, 0x1, @private2={0xfc, 0x2, '\x00', 0x1}, @empty, 0x700, 0x700, 0x90}})
r12 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route_sched(r12, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000440)=@getchain={0x24, 0x11, 0x1, 0x70bd2a, 0x2000001, {0x0, 0x0, 0x0, r4, {0x7, 0xa}, {0xd, 0xffe0}, {0x8, 0x9}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x20048054)

3m57.012404666s ago: executing program 5 (id=803):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000640)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
r1 = inotify_init1(0x80000)
r2 = inotify_add_watch(r1, &(0x7f0000000200)='.\x00', 0x400000a0)
r3 = dup(r1)
inotify_rm_watch(r3, r2)
sendmsg$kcm(r0, 0x0, 0x20008800)

3m56.925104974s ago: executing program 5 (id=805):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = syz_io_uring_setup(0x891, &(0x7f0000000140)={0x0, 0xa326, 0x80, 0x0, 0xbfdffdfa}, &(0x7f0000000040)=<r2=>0x0, &(0x7f00000000c0)=<r3=>0x0)
execveat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', &(0x7f0000000300)={[&(0x7f00000001c0)=']-F1\\.\x00', &(0x7f0000000200)='\x00', &(0x7f0000000240)='\x00', &(0x7f0000000280)=',\x00']}, &(0x7f0000000580)={[&(0x7f0000000340)='/dev/ttyS3\x00', &(0x7f0000000380)='3]$/%\'^/\x00', &(0x7f00000003c0)=',^}\x00', &(0x7f0000000400)='\x00', &(0x7f0000000440)='\x00', &(0x7f0000000480)='\x00', &(0x7f00000004c0)='/dev/ttyS3\x00', &(0x7f0000000500)='{+,-\x00', &(0x7f0000000540)='/dev/ttyS3\x00']}, 0x1400)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xe, &(0x7f0000000740)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000fdfdfff67a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040000010000400404000001000000b7050000050000006a0a00fe00000000850000000a000000b70000000000000095000000000000009cc6b3fcd62c061c6238975d43a4505f80e39c9f3c530cf08e467b592f868ee3b0a435df0a0e8c1bf176db2a6b2feb4b77d3d5707bfd2d84aaa3b1d4e984c46ea7e2b347a36f5662403e1b2be4284322a4908a0d411a9872971c7c46f0979bd10b97163c066d0e196bf02f46c7953ab1abdaf9de9ca3c00cb9bf4e418d076feafa22f0610a70f2bdf4000200000066b60d00b0c2c1254f0963f63223b7b80197aa3161f45346b100000000000000000089e399f6609876b5887437a172ebc02a740694298b79dc194e533583412dff048fc21f28bdd3e26a1a8a0481e9f0da43bb6ca66e2f55a9ff19ffcafe3e64be033c9d2f972cc93c1c13caec04a367c24a9fb6a6991ddb737d527d6acb15426415b6e8b14f822e86067a5e991c3b404984dfa2c6e94bd0339454c13ad3c328a182c15dc760a3000000005dc2ed0e0b29e98fa883c71949a34d84030323e3d54f45b29d27643453ad9211e3550ee5520211d9370175133f260c6882a146880b9387f1beb5418618bc83a3becf9bb57da7ba8b913c685fc6700848dc6665d73248c1f74e08ad04ce905faf32706e0000249a028044ede964362cfb7830a246c3b2f60000fc4deb8eda1368b0960b8d69bd99c64893d44f962524429dc058528e7e541c903869d96989b9a986620cb2c95c83f2a082c52764f49e51188f9418b01bcd8ae164acdac95318ec8b2c6feacdcf4b528e5e582160ed048c46e1dccca05bfa1d67c83795eae2d31968c055d325a9c794ef88b30c2de4a274878b73c05ffa88b7033be648b12bb1fee58958d6a6f31bfe568215dfbde59dad00008a73b40f09cf018cd496b36050d70c28f76749262e33e16429a6da35ceb1a989de81c3f8b8bc3a4763948a1cbc10348ef2ac3781b847611fcb0a26acafdd6d9ab05865fcf7c493d8f8cd344a1d470ca0d6f16ab0293774b5509fb0e7113936d59d5a60dbd84a938476adeebab9ff44f531bb81c53f16d80f51006cbc71570a5e272b223425e09dc6b6cc1fbc455a64fd449284f71761092a0302000000000000008a05d36fd9b814b4292745418c92d944763a4bf5e138d810e29a31f08f7dea7762d28484e15dc4320e4f85c16a8fbffadf8214d6d24cabe17ad4135d8872935ce0e6a468fd20fa4461d1d600234feac6eb4f046f2acc1b0efb4438abddcabb4e4e72a450aab72b589bec83bbb688e659fb426cb43d0ee993516fd4e867232cde69b6ffad447dcd92e0ef8234ff850ec3948dd1fa7afb77d951fe4abf618121b7894c1044ef221973432ccc7e62b151eb898a01010a7ec5acd0a5dcb2de443880c8a682515d1da9a3048744acb44384d1591df789883c0560495cb0cb32283529926d25e5c7f4815237c3aa356217738898a16ba603439f6eaad8e70b"], 0x0}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000bc0)=@base={0x9, 0x4, 0x6, 0xff, 0x42}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000080), 0x619, r4}, 0x38)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0x528d, 0x8000, 0x0, 0x0, 0xffffffd4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000002c0)=0x1)

3m56.174674044s ago: executing program 5 (id=811):
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file0\x00', 0x8000, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0x1, 0x2c7, &(0x7f0000000580)="$eJzs3M9rE1sUwPHzmrRJU9rkweOB4o+DbnQztPEP0CAtiAGlNkVdCFM70ZBpUmZCJCI2G3Hr31FcuhPUf6AbcePeXREEN12Ikcxk2qRNNI1pk7bfD5R7pveemdN2ppwp9G7efbWSz7pG1izJSFRlRKQqW1JN1KOGfxrjiBePSbOqXJ74/vnsnXv3b6bS6dl51bnUwpWkqk6df/fk2esLH0oTi2+m3kZkI/Fg81vyy8b/G6c2fy48zrmac7VQLKmpS8ViyVyyLV3OuXlD9bZtma6luYJrOS3zWbu4ulpRs7A8GVt1LNdVs1DRvFXRUlFLTkXNR2auoIZh6GRMTrZwF2sy6/PzZqrjdC3U14rQf5HWw/F2axwnVW0/mVk/qLoAAMDw6tD/i9//+71+5/4/veiPfe7/RZr7/3oTSv/fJ9WWoz/0/zgWHCdlxhrPbyv6fwAAAAAAAAAAAAAAAAAAAAAAjoKtWi1eq9XiwRh8REQkKiLB8aDrxMHo8ed/dUDlos+a/nEvKmK/LGfKGX/051NZyYktlkxLXH5490ODH8/dSM9Oq2e0ccp6/lo5E/L2JvDyA4l2+ef+nfHzVd7X88qN/FGJBflhsSQpcfmv/fWTO/nBdghr5cyYXLrYVL8hcfn4UIpiy7J3X+/kP59RvX4rvev64946AAAAAACOA0O3JVrff/29Hw1vQVT2zvv5+/j7wK7367Cc7maLSgAAAAAA8NfcytO8aduW00MQEZFOa86s+Ofv7cxHOgjJUJSxK7gmIkNQxmEFURHxP6O9pH/dTu8qq9bFmnD9aRj0t2UfwaB/MwEAAADot52mfx9Jn14cYEUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJw83e4HFqzfMxVM/Ca96XKhQ/8CAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCHyKwAA//8ZYxaA")
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x7, 0x0, 0x0, 0x0, 0x100, 0x24100, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2}, 0x4000, 0x0, 0x0, 0x0, 0xffffeffffffffffd, 0x5}, 0x0, 0x10, 0xffffffffffffffff, 0xa)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
timer_settime(r1, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r2 = eventfd(0x0)
read$eventfd(r2, &(0x7f0000000240), 0x8)

3m55.325076133s ago: executing program 5 (id=823):
r0 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000100), 0xffffffffffffffff)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000500)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r2, 0x0, 0x800000000006}, 0x18)
connect$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
openat$random(0xffffffffffffff9c, &(0x7f0000000080), 0x482, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, 0x0, 0x1)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="0b0000000700000001000100090000000100000064e5799a36aba1f768580f4ca3e028885199e4d0898953a5a72221745a0334d7a675799736a84da7631c10c1c61cdef2f82f", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r4, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='GPL\x00', 0xc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r5}, 0x10)
r6 = socket(0x10, 0x3, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r8)
getsockname$packet(r8, &(0x7f0000000680)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000006c0)=ANY=[@ANYRESOCT, @ANYRES32=r9, @ANYRES64], 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newqdisc={0x2c, 0x24, 0x5820a61ca228651, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r9, {0x0, 0x8}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000780)=@newtfilter={0x34, 0x28, 0x575ac7824d421509, 0x70bd2a, 0x4, {0x0, 0x0, 0x0, r9, {}, {0x1}, {0x4, 0x3d}}, [@filter_kind_options=@f_basic={{0xa}, {0x4}}]}, 0x34}}, 0x40)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000004c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="a80000001800000826bd7000fddbdf251d01080008000a00", @ANYRES32=r9, @ANYBLOB="1500040000000000070100000c7796872dbac77d0000000015005cd21cccf60c8f94000051cae53523923427020000000c000b00000000e00100006005000d00090000001500030001000060080100003299adb5f1eee681010000001500040000000080070100692042ca67996a914b000000001500030004000020010000002363959f1df2d4c900000000"], 0xa8}, 0x1, 0x0, 0x0, 0x80}, 0x4000800)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r10}, 0x10)
socket(0x1e, 0x805, 0x0)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$WG_CMD_SET_DEVICE(r11, &(0x7f0000000d00)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c020000", @ANYRES16=r0, @ANYBLOB="01000000000000000000010000001400020077673100000000000000000000000000f40108807000008048000980280000f8060001000a00000014000200fe8000000000000000000000000000aa05000300000000001c000080060001000200000908000200e0000001050003000000000024000100000000000000000000000000000000000000000000000000000000000000000080010080200004000a004e2000000005200100000000000000000000000000000800000006000500b01f00000800030006000000060005000500000008000a000100000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff200004000a034e2000"], 0x21c}, 0x1, 0x0, 0x0, 0x20040010}, 0x4008804)

3m54.341611304s ago: executing program 5 (id=835):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0xffefffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x0)
openat$cgroup_subtree(r2, &(0x7f0000000100), 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00'}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000700)='signal_generate\x00', r3}, 0x18)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'vxcan0\x00', <r4=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xa, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)={0x28, r5, 0xacf5e67dd0b583a1, 0x0, 0x0, {{0x5}, {@val={0x8}, @val={0xc, 0x99, {0x0, 0xffffffff}}}}}, 0x28}}, 0x0)
bind$can_raw(0xffffffffffffffff, &(0x7f0000000240)={0x1d, r4}, 0x10)
timer_create(0x2, 0x0, &(0x7f0000044000))
timer_settime(0x0, 0x1, &(0x7f0000000240)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000b40)={{}, {0x0, 0x3938700}}, &(0x7f0000000c00))

3m53.772046288s ago: executing program 5 (id=842):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x9, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5f, 0x0, 0x0, 0x0, 0x609e495c}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000400)='kfree\x00', r0}, 0x18)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f00000002c0), 0x60400, 0x0)
r3 = syz_io_uring_setup(0xd1, &(0x7f0000000480)={0x0, 0x0, 0x100, 0x0, 0x333}, &(0x7f0000000000)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x10, 0x6000, @fd=r0, 0x0, 0x0, 0x0, 0xc, 0x1})
syz_genetlink_get_family_id$mptcp(&(0x7f0000000200), r2)
sendmsg$kcm(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000340)="d8000000180081084e81f782db44b904021d0800fd007c06e8fe55a10a0015400600142603600e120800060000000201a80016000800014003e01100036010fab94dcf5c0461c1d67f6f9400e08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef409001b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed1bffec62070000cbee5de6ccd44a677575a62cef352a92954b43370e9701ee1b6ec75a526c5d5b5701cf8773", 0xd8}], 0x1}, 0x400c0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = socket$netlink(0x10, 0x3, 0xf)
bind$netlink(r6, &(0x7f0000000180)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006, 0x0, 0xfe}]}, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001580)=ANY=[@ANYBLOB="1b00486bc951fce49bbaccecca000000000000e1ffffffffffffff00000000f2b351b31619d3eb4510042ca586a875e5c75b8aa5e71d03f117a10139da646ddd290b854d2c0e3511c7571ef5e18c5b9c93eba93463c1354e543bced52cb07a839a1564944de166aa058dfb0a6ad0b860079f048f", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x7, &(0x7f0000000880)=ANY=[@ANYBLOB="1800000001000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x18)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x316, &(0x7f0000000780)={[], [{@uid_eq}, {@rootcontext={'rootcontext', 0x3d, 'root'}}, {@uid_gt}, {@fscontext={'fscontext', 0x3d, 'sysadm_u'}}, {@mask={'mask', 0x3d, '^MAY_WRITE'}}, {@context={'context', 0x3d, 'unconfined_u'}}, {@smackfstransmute={'smackfstransmute', 0x3d, 'kfree\x00'}}, {@mask={'mask', 0x3d, '^MAY_APPEND'}}]}, 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
llistxattr(&(0x7f0000000080)='./file1\x00', &(0x7f0000000c00)=""/4096, 0x1000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000740)='fsi_master_gpio_break\x00'}, 0x18)
syz_clone(0x20324000, 0x0, 0x0, 0x0, 0x0, 0x0)
r8 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00'}, 0x18)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000840)={0x5, &(0x7f0000000700)=[{0x6c, 0x53, 0x1, 0x23}, {0xe763, 0x3, 0x3, 0x7}, {0x7, 0x5, 0x9f, 0x1}, {0x3ff, 0x10, 0x6, 0x97b}, {0xa85, 0x48, 0x2, 0x5f}]})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r9}, &(0x7f0000000680), &(0x7f00000005c0)=r7}, 0x20)
ioctl$PPPIOCNEWUNIT(r8, 0xc004743e, &(0x7f0000000000)=0x2)
ioctl$PPPIOCSPASS(r8, 0x40107447, &(0x7f00000000c0)={0x3, &(0x7f0000000440)=[{0x6, 0x58, 0x0, 0x8}, {0x2, 0xf5, 0xd, 0x6}, {0x6, 0x5d, 0x1, 0x40}]})
openat$nci(0xffffffffffffff9c, &(0x7f00000001c0), 0x5400, 0x0)

3m38.034958151s ago: executing program 33 (id=842):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x9, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5f, 0x0, 0x0, 0x0, 0x609e495c}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000400)='kfree\x00', r0}, 0x18)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f00000002c0), 0x60400, 0x0)
r3 = syz_io_uring_setup(0xd1, &(0x7f0000000480)={0x0, 0x0, 0x100, 0x0, 0x333}, &(0x7f0000000000)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x10, 0x6000, @fd=r0, 0x0, 0x0, 0x0, 0xc, 0x1})
syz_genetlink_get_family_id$mptcp(&(0x7f0000000200), r2)
sendmsg$kcm(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000340)="d8000000180081084e81f782db44b904021d0800fd007c06e8fe55a10a0015400600142603600e120800060000000201a80016000800014003e01100036010fab94dcf5c0461c1d67f6f9400e08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef409001b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed1bffec62070000cbee5de6ccd44a677575a62cef352a92954b43370e9701ee1b6ec75a526c5d5b5701cf8773", 0xd8}], 0x1}, 0x400c0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = socket$netlink(0x10, 0x3, 0xf)
bind$netlink(r6, &(0x7f0000000180)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006, 0x0, 0xfe}]}, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001580)=ANY=[@ANYBLOB="1b00486bc951fce49bbaccecca000000000000e1ffffffffffffff00000000f2b351b31619d3eb4510042ca586a875e5c75b8aa5e71d03f117a10139da646ddd290b854d2c0e3511c7571ef5e18c5b9c93eba93463c1354e543bced52cb07a839a1564944de166aa058dfb0a6ad0b860079f048f", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x7, &(0x7f0000000880)=ANY=[@ANYBLOB="1800000001000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x18)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x316, &(0x7f0000000780)={[], [{@uid_eq}, {@rootcontext={'rootcontext', 0x3d, 'root'}}, {@uid_gt}, {@fscontext={'fscontext', 0x3d, 'sysadm_u'}}, {@mask={'mask', 0x3d, '^MAY_WRITE'}}, {@context={'context', 0x3d, 'unconfined_u'}}, {@smackfstransmute={'smackfstransmute', 0x3d, 'kfree\x00'}}, {@mask={'mask', 0x3d, '^MAY_APPEND'}}]}, 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
llistxattr(&(0x7f0000000080)='./file1\x00', &(0x7f0000000c00)=""/4096, 0x1000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000740)='fsi_master_gpio_break\x00'}, 0x18)
syz_clone(0x20324000, 0x0, 0x0, 0x0, 0x0, 0x0)
r8 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00'}, 0x18)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000840)={0x5, &(0x7f0000000700)=[{0x6c, 0x53, 0x1, 0x23}, {0xe763, 0x3, 0x3, 0x7}, {0x7, 0x5, 0x9f, 0x1}, {0x3ff, 0x10, 0x6, 0x97b}, {0xa85, 0x48, 0x2, 0x5f}]})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r9}, &(0x7f0000000680), &(0x7f00000005c0)=r7}, 0x20)
ioctl$PPPIOCNEWUNIT(r8, 0xc004743e, &(0x7f0000000000)=0x2)
ioctl$PPPIOCSPASS(r8, 0x40107447, &(0x7f00000000c0)={0x3, &(0x7f0000000440)=[{0x6, 0x58, 0x0, 0x8}, {0x2, 0xf5, 0xd, 0x6}, {0x6, 0x5d, 0x1, 0x40}]})
openat$nci(0xffffffffffffff9c, &(0x7f00000001c0), 0x5400, 0x0)

1.549452254s ago: executing program 2 (id=4642):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001400b59500000000000000000a400000", @ANYRES32, @ANYBLOB="140002"], 0x48}}, 0x0)

1.507394608s ago: executing program 2 (id=4644):
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x19, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0, 0x0, 0xb}, 0x18)
semop(0x0, &(0x7f0000000240)=[{0x3, 0x0, 0x1800}, {0x0, 0xe65b}], 0x2)
semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000280))
syz_init_net_socket$llc(0x1a, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x248, &(0x7f00000002c0), 0xfd, 0x4a0, &(0x7f0000000e00)="$eJzs3MtrXNUfAPDvnZkkfSe//uqjtdpoFYuPpEmrFhR8gOBCQdBFXUlM0lKbNtJEsCXYKKVuBC24F8GN4F/gypWoK8Gt7qVQpJtWVyM3c+90kszk0Ztkms7nAzdzzsy5c873Ps89d24C6Fj96Z8kYkdE/BERvRFRaiywtTal5W5enxn95/rMaBLV6lt/J+lsceP6zGheNMlet9cylfSLSpeSeKlJvVPnL5wemZgYP5flB6fPfDA4df7C06fOjJwcPzl+dvjYsaNHhp57dviZNYkzbdONfR9P7t/72jtX3hg9fuW9X75PGhrdGEdBz/fWkzP1ZbLQY2tU2Z1iZ0M6qbSxIaxKT0Skq6trbv/vjfKlXfXPeuPVT9vaOGBdVavV6nDrj2erwF0siXa3AGiP/ESfXv/m0wZ1Pe4I116uXQClcd/Mptonldo4SE/t2mjnOtXfHxHHZ//9Op1i1eMQXevUKgDgbvZj2v95qkn/rxJxb0O5Xdm9ob6I+F9E7I6I/0fEnoi4J2pl74uI+5tX0/9ui/r7F+QX939KVwuEt6y0//dCdm9rfv+vfhesr5zlds7F35WcODUxfjhbJoeiqyfNDzX99iRiNn39/YtW9Tf2/9IprT/vC2btuFrpmT/P2Mj0SOHAM9c+idhXaRZ/EpVbUcTeiNh3m3WceuK7/fPfKddTy8e/hDW4z1T9JuLx2vqfjQXx55Kl708ObomJ8cOD+Vax2K+/XX6zVf21+EuxdPxbiwfaQrr+tzXb/l+sx9+XNN6vnVr0Fd3L1XH5z89aXtPcWv8RW+beWdn23528Pa/yj0amp88NRXQnry9+v2GAO8/n5dP4Dx1svv/vzuZJ438gItKN+MGIeCgiDmRtfzgiHomIg0vE//Mrj77fMv4DBbb/NZDGP9b0+Ndq/a8+UT790w+t6l/Z8e9onplr1EqOfyttYJFlBwAAAJtFKSJ2RFIaqKdLpYGB2u/l98S20sTk1PSTJyY/PDtWe0agL7pK+UhXb8N46FA2Npznh7P8xSx/JBs3/qq8dS4/MDo5Mdbu4KHDbW+x/6f+KjeZYf2GooF28LwWdK7V7//L3vMFNonbP//rOcBmt8xeXNqodgAbz1kcOlez/f9iYyaJ2q/kgbuO8z90rvr+/+UKCjcM/S98eBPYfJY6/1d7N7AhwIbT/4eOVOS5/jwRUWj2Yon4NmLpMkl7GlYw8XmR2Ssb0MIotXH5dLdlpQyX27qpV1b6Xy3ifPVi4UrbfWQCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABYG/8FAAD//64O3bE=")
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_mreq(r1, 0x29, 0x1c, &(0x7f0000000240)={@dev={0xfe, 0x80, '\x00', 0x33}}, 0x14)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r2, &(0x7f0000000140)={0x28, 0x0, 0x2710, @local}, 0x10)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00'}, 0x10)
open(&(0x7f0000000180)='./bus\x00', 0xa37e, 0x100)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xe, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r6}, 0x10)
listen(r2, 0x0)
r7 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r7, &(0x7f0000000080)={0x28, 0x0, 0x2710}, 0x10)
r8 = accept4(r2, 0x0, 0x0, 0x0)
sendto(r8, 0x0, 0x0, 0x0, 0x0, 0x0)
recvfrom(r7, &(0x7f00000001c0)=""/62, 0x3e, 0x10120, 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x511a01, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='qgroup_update_counters\x00', r0, 0x0, 0x3}, 0x18)

1.142889792s ago: executing program 3 (id=4647):
r0 = syz_open_dev$loop(&(0x7f0000000bc0), 0x5, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000001c0), r1)
ioctl$TUNGETDEVNETNS(0xffffffffffffffff, 0x54e3, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x8, &(0x7f0000000340)=[{0xfffb, 0xb3, 0x0, 0xffff}, {0x5, 0x4b, 0xf1, 0x65}, {0xf, 0x73, 0x5, 0x5}, {0x80, 0x6, 0xf5, 0x9}, {0xe00, 0xc, 0xf, 0x180000}, {0xfffb, 0x8, 0x4f, 0x1}, {0x0, 0x0, 0xb, 0x6}, {0x0, 0x4, 0x6, 0x3}]})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r3}, &(0x7f0000000580), &(0x7f00000005c0)=r4}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
io_setup(0x1, &(0x7f0000000b80))
msgrcv(0x0, 0x0, 0x0, 0xda72ed5a9dc29567, 0x2000)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000080)={'ip6tnl0\x00', &(0x7f0000000240)={'ip6_vti0\x00', 0x0, 0x29, 0x5, 0xc0, 0x1000, 0x0, @remote, @local, 0x80, 0x7, 0x4, 0x9bc}})
msgsnd(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="630b89cd6e4d4221808f1d61148e6d5ba8ab544eb9a7f7aba0887974f454d8a9cb54fd9049f02bc35c26a0644ad79d9309464aa385ddd46bc030337a5c720f19456430ab5b62a6e60ecea8bff8b24d7cb1347cf5d8ea0cce", @ANYRESHEX=r0], 0x8, 0x800)
fsopen(0x0, 0x1)
msgctl$MSG_STAT(0x0, 0xb, &(0x7f0000000580)=""/49)
openat$selinux_avc_hash_stats(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getresgid(0x0, &(0x7f0000003000), 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0xffffffffffffffa5)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x80078b, &(0x7f0000000680)={[{@nodioread_nolock}, {@journal_dev={'journal_dev', 0x3d, 0xff}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@nouid32}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x8d55}}]}, 0x0, 0x473, &(0x7f0000000bc0)="$eJzs281rHGUYAPBnJh9t7UdirR+tVaNFCIpJk1btwYui4KGioId6jMm2hG4baaLYUmwqUi+CFPQsHgX/Am8iiHoSvOrFkxSK9tLqKTKzM+1mm02N2WRi9veDzb7vzrs7z5P5eud9dwPoWkPZnyRiR0T8EhEDjeriBkONpxvXzk/+de38ZBILC6//keTtrl87P1k2Ld+3vagMpxHph0mxksVmz547OVGv184U9dG5U2+Pzp4999S7pyZO1E7UTo8fOXL40Nizz4w/3ZE8s7yu73t/Zv/el9+8/Mrksctv/fBVFu+OYnlzHp0ylCX+50KuddnjnV5ZxXY2lZPeCgNhRXoiIttcffnxPxA9cWvjDcRLH1QaHLCmsmvTlvaL5xeATSyJqiMAqlFe6LP73/KxTl2PDeHq840boCzvG8WjsaQ30qJNX8v9bScNRcSx+b8/zx6xRuMQAADNPp787Gh/UV7c/0vjvvz5t/zvrmIOZTAi7o6I3RFxT0TsiYh7I/K290fEA6uM5/b+T3pllR+5rKz/91wxt7W4/1f2/mKwp6jtzPPvS45P12sHi//JcPRtyepjy6zjmxd//qTdsub+X/bI1l/2BYs4rvS2DNBNTcxN5J3SDrh6MWJf71L5JzdnApKI2BsR+1b20bvKwvQTX+5v1+jO+S+jA/NMC19k6c1n+c9HS/6lpHl+cvq2+cnRrVGvHRwt94rb/fjTpdfarX9V+XfA1VrjuWn7tzYZTJrna2dXvo5Lv37U9p7mP+7/aX/yRj7PXJ673puYmzszFtGfHM3ri14fv/Xesl62z/b/4QNLH/+7i/dk+T8YEdlO/FBEPBwRjxSxPxoRj0XEgWXy//6F9svK/COtaPtfjJha8vx3c/9v2f4rL/Sc/O7rduv/d9v/cF4aLl7Jz393sFQ42emiNcDV/O8AAADg/yLNvwOfpCM3y2k6MtL4Dv+euCutz8zOPXl85p3TU43vyg9GX1qOdA0U46H16XptLJkvPrExPjpejBWX46WHinHjT3u25fWRyZn6VMW5Q7fb3ub4z/zeU3V0wBrbtuSr4/3rHghQgdZ59HRx9cKr4WQAm5Xfa0P3usPxn65XHMD6c/2H7rXU8X+hpW4uADYn13/oXo5/6FLpt1VHAFTI9R+60mp+17+Gha0bI4xqCht1o+SFiLKQboh4FNaoUPWZCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDP+CQAA//9Chukd")
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="0202000311000000000000000000000005000500000000000a00000000000000fe8000000000000000000000000000bb000000000000000002000100000007000000000b000000000200090000000000000000000000000005000600000000000a00000000000000fe8800000000000000000000000000010000000000000000"], 0x88}}, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="acbefa93", @ANYRES16=r2, @ANYBLOB="0100000000000000000004740906080004006401010114000600626f6e643000000000000000000000000500"], 0x38}, 0x1, 0xffffffff00000003, 0x0, 0x28040840}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r1)
socket$netlink(0x10, 0x3, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x48, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

1.016275654s ago: executing program 3 (id=4648):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000b00)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000280)={0x2, 0x3, 0x0, 0x3, 0xa, 0x0, 0x4070bd2c, 0x25dfdbfc, [@sadb_key={0x3, 0x9, 0x80, 0x0, "1cdc0dca1d9f68846960e56de42944af"}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x7, 0xc, 0x80000000}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0xa}}}]}, 0x50}, 0x1, 0x7}, 0x0)

978.428728ms ago: executing program 3 (id=4649):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000e8f70000000000ff000044850000000e000000650000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000240)='cachefiles_ondemand_open\x00', r1}, 0x18)
syz_usb_connect$uac1(0x4, 0x71, &(0x7f0000000040)=ANY=[], 0x0)
close_range(r0, 0xffffffffffffffff, 0x200000000000000)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x1, 0x0, 0x7ffc0005}]})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$GIO_UNIMAP(r3, 0x4b66, &(0x7f0000000000)={0xfffffc64, 0x0})
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYRES8=0x0, @ANYRES32=r2, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x10)
ioprio_set$uid(0x3, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x10, &(0x7f0000000400)=ANY=[@ANYRES64=r4, @ANYRESDEC=r5, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000340)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00', r6}, 0x10)
r7 = socket(0x1e, 0x5, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r8}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
mq_open(0x0, 0x40, 0x9, 0x0)
setsockopt$packet_tx_ring(r7, 0x10f, 0x87, 0x0, 0x0)
r9 = socket(0x1e, 0x805, 0x0)
setsockopt$packet_tx_ring(r9, 0x10f, 0x87, &(0x7f00000000c0)=@req3={0x80000000, 0x0, 0x2}, 0x1c)
socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r9, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)

680.861656ms ago: executing program 4 (id=4655):
r0 = syz_open_dev$loop(&(0x7f0000000bc0), 0x5, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000001c0), r1)
ioctl$TUNGETDEVNETNS(0xffffffffffffffff, 0x54e3, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x8, &(0x7f0000000340)=[{0xfffb, 0xb3, 0x0, 0xffff}, {0x5, 0x4b, 0xf1, 0x65}, {0xf, 0x73, 0x5, 0x5}, {0x80, 0x6, 0xf5, 0x9}, {0xe00, 0xc, 0xf, 0x180000}, {0xfffb, 0x8, 0x4f, 0x1}, {0x0, 0x0, 0xb, 0x6}, {0x0, 0x4, 0x6, 0x3}]})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r2}, &(0x7f0000000580), &(0x7f00000005c0)=r3}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
io_setup(0x1, &(0x7f0000000b80))
msgrcv(0x0, 0x0, 0x0, 0xda72ed5a9dc29567, 0x2000)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000080)={'ip6tnl0\x00', &(0x7f0000000240)={'ip6_vti0\x00', 0x0, 0x29, 0x5, 0xc0, 0x1000, 0x0, @remote, @local, 0x80, 0x7, 0x4, 0x9bc}})
msgsnd(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="630b89cd6e4d4221808f1d61148e6d5ba8ab544eb9a7f7aba0887974f454d8a9cb54fd9049f02bc35c26a064", @ANYRESHEX=r0], 0x8, 0x800)
fsopen(0x0, 0x1)
msgctl$MSG_STAT(0x0, 0xb, &(0x7f0000000580)=""/49)
openat$selinux_avc_hash_stats(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getresgid(0x0, &(0x7f0000003000), 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0xffffffffffffffa5)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x80078b, &(0x7f0000000680)={[{@nodioread_nolock}, {@journal_dev={'journal_dev', 0x3d, 0xff}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@nouid32}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x8d55}}]}, 0x0, 0x473, &(0x7f0000000bc0)="$eJzs281rHGUYAPBnJh9t7UdirR+tVaNFCIpJk1btwYui4KGioId6jMm2hG4baaLYUmwqUi+CFPQsHgX/Am8iiHoSvOrFkxSK9tLqKTKzM+1mm02N2WRi9veDzb7vzrs7z5P5eud9dwPoWkPZnyRiR0T8EhEDjeriBkONpxvXzk/+de38ZBILC6//keTtrl87P1k2Ld+3vagMpxHph0mxksVmz547OVGv184U9dG5U2+Pzp4999S7pyZO1E7UTo8fOXL40Nizz4w/3ZE8s7yu73t/Zv/el9+8/Mrksctv/fBVFu+OYnlzHp0ylCX+50KuddnjnV5ZxXY2lZPeCgNhRXoiIttcffnxPxA9cWvjDcRLH1QaHLCmsmvTlvaL5xeATSyJqiMAqlFe6LP73/KxTl2PDeHq840boCzvG8WjsaQ30qJNX8v9bScNRcSx+b8/zx6xRuMQAADNPp787Gh/UV7c/0vjvvz5t/zvrmIOZTAi7o6I3RFxT0TsiYh7I/K290fEA6uM5/b+T3pllR+5rKz/91wxt7W4/1f2/mKwp6jtzPPvS45P12sHi//JcPRtyepjy6zjmxd//qTdsub+X/bI1l/2BYs4rvS2DNBNTcxN5J3SDrh6MWJf71L5JzdnApKI2BsR+1b20bvKwvQTX+5v1+jO+S+jA/NMC19k6c1n+c9HS/6lpHl+cvq2+cnRrVGvHRwt94rb/fjTpdfarX9V+XfA1VrjuWn7tzYZTJrna2dXvo5Lv37U9p7mP+7/aX/yRj7PXJ673puYmzszFtGfHM3ri14fv/Xesl62z/b/4QNLH/+7i/dk+T8YEdlO/FBEPBwRjxSxPxoRj0XEgWXy//6F9svK/COtaPtfjJha8vx3c/9v2f4rL/Sc/O7rduv/d9v/cF4aLl7Jz393sFQ42emiNcDV/O8AAADg/yLNvwOfpCM3y2k6MtL4Dv+euCutz8zOPXl85p3TU43vyg9GX1qOdA0U46H16XptLJkvPrExPjpejBWX46WHinHjT3u25fWRyZn6VMW5Q7fb3ub4z/zeU3V0wBrbtuSr4/3rHghQgdZ59HRx9cKr4WQAm5Xfa0P3usPxn65XHMD6c/2H7rXU8X+hpW4uADYn13/oXo5/6FLpt1VHAFTI9R+60mp+17+Gha0bI4xqCht1o+SFiLKQboh4FNaoUPWZCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDP+CQAA//9Chukd")
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="0202000311000000000000000000000005000500000000000a00000000000000fe8000000000000000000000000000bb000000000000000002000100000007000000000b000000000200090000000000000000000000000005000600000000000a00000000000000fe8800000000000000000000000000010000000000000000"], 0x88}}, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
lseek(r5, 0xd, 0x1)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[], 0x38}, 0x1, 0xffffffff00000003, 0x0, 0x28040840}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r1)
socket$netlink(0x10, 0x3, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x48, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

551.551548ms ago: executing program 4 (id=4659):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000b00)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000280)={0x2, 0x3, 0x0, 0x3, 0xa, 0x0, 0x4070bd2c, 0x25dfdbfc, [@sadb_key={0x3, 0x9, 0x80, 0x0, "1cdc0dca1d9f68846960e56de42944af"}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x7, 0xc, 0x80000000}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0xa}}}]}, 0x50}, 0x1, 0x7}, 0x0)

550.697438ms ago: executing program 2 (id=4660):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="1800"/14, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000b8ffffffb702000004000000b7030000000000de850000000400000095"], &(0x7f0000000680)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r2, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
shutdown(r2, 0x1)

550.144778ms ago: executing program 4 (id=4661):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000ff0f00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0b00000007000000010001000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)={0x114, 0x29, 0x1, 0x0, 0x25dfdbfc, "", [@nested={0x103, 0xf2, 0x0, 0x1, [@typed={0xc, 0x18, 0x0, 0x0, @u64=0xfac0b}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@remote}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8", @typed={0x8, 0x145, 0x0, 0x0, @ipv4=@remote}]}]}, 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

507.129802ms ago: executing program 2 (id=4664):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'macvlan1\x00'})
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=ANY=[@ANYBLOB="fc000000190001002dbd70000000000000000000000000000000000000000001fe8000000000000000000000000000bb00000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000c00000000000000000000000000000000000000000000000000000000000000ffffffffffffffff000000000020000000000000000000008000000000000000000a000000000000feffffffff7f400002000000000000080000000000000000010000000000000044000500ac1414aa000000000000000000000000000000003c00000002000000ffffffff0000000000000000000000000600000004"], 0xfc}, 0x1, 0x0, 0x0, 0x800}, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f00000000c0)=ANY=[], 0x8)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x4e24, 0x0, @mcast2, 0x2}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4400c800)

499.259773ms ago: executing program 4 (id=4665):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x40, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='task_newtask\x00', r1}, 0x18)
syz_emit_ethernet(0x12c, &(0x7f0000000940)={@link_local, @random="50a245d5cde0", @void, {@ipv4={0x800, @tcp={{0x23, 0x4, 0x3, 0x9, 0x11e, 0x65, 0x0, 0x5, 0x6, 0x0, @dev={0xac, 0x14, 0x14, 0x33}, @broadcast, {[@timestamp_addr={0x44, 0x44, 0x37, 0x1, 0x5, [{@rand_addr=0x64010100, 0x7}, {@broadcast, 0x4a199e54}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0xfff}, {@dev={0xac, 0x14, 0x14, 0xd}, 0x7}, {@local, 0x9}, {@broadcast, 0xfff}, {@multicast1, 0xfffffff7}, {@local, 0x7}]}, @cipso={0x86, 0x32, 0x0, [{0x7, 0x12, "ac75e088ede38aae9176f7d86c00daa0"}, {0x7, 0x5, "f9f469"}, {0x5, 0x12, "8e4b4b60de8f1f1de4423f113997dc77"}, {0x7, 0x3, "0f"}]}]}}, {{0x4e20, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x16, 0x0, 0x0, 0x0, 0x860, {[@md5sig={0x13, 0x12, "3774ce8d84c9b33235357050803ce880"}, @eol, @md5sig={0x13, 0x12, "6f8c56dd578ca51f48d1beeaaa345f2d"}, @generic={0xfe, 0x12, "0f80bf1d6eed39b50e7a01d880722f99"}, @timestamp={0x8, 0xa, 0xfffffffd, 0x4}, @window={0x3, 0x3, 0xb}]}}, {"887d9f9b1203d34b63bfe60f9c760a9d96759ae7dde346ab2756c02c376892deaa8ac4a47cb63b4d452f008f8d148868bf83f513cacfb5d895c1"}}}}}}, 0x0)
ioperm(0x0, 0x5, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x40e00, 0x5a, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
r3 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x5a, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = getpid()
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r4, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x0], 0x0, 0x0, 0x1, 0x1, r5}}, 0x40)
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1, 0x10012, r3, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r7, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000100)={0x2, 0x3, 0x0, 0x3, 0xc, 0x0, 0x70bd2c, 0x25dfdbfb, [@sadb_key={0x2, 0x9, 0x8, 0x0, "1c"}, @sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x4e22, @remote}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x7, 0xc, 0x1}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x60}, 0x1, 0x7}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x24, 0xc, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x4}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x4c}, 0x1, 0x0, 0x0, 0x24000840}, 0x40)
r8 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8)
close(r8)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r9 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r9, &(0x7f0000003d80)=[{{&(0x7f0000000000)={0xa, 0x4e28, 0x0, @remote, 0x9}, 0x1c, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="38020000000000002900000036000000004300000000000004013f040100c910ff010000000000000000000000000001c910fc0000000000000000000000000000000001000740000000000e07010101000000010000000200000000000000000000000000000001000000010000002000000000000000ffffffff00000000ffffffffffffff7f06aeb07c1c192077cc9e7c45705803ad5588ca8b194d23f748fe792cfa5732221f25d73b8ffe64a4ddda6efcfb7483b588194d29c7a04395d8500965a9a1d07879040c44db1d5d6f618d2ab920f0bf168ddc9acc6a51edd1230760d4ae8bf30f5f82a78e8114849ee8e37364560400000035bfa8197ef2ba99103ee5f5aae28ec5c8e2675db11530f5c466d55f2244d479dc653c854406155eada3eaeb90d39149b8d13bab75a9bd1452c8c76284b9ddfbeff41344e64f1771d78a706e1c5a6d63f1c954e24a1e73f75c26e9f09ec9b606cc3470f11c4842db651926bd2263a4a0a8fe80de8b2f9cb176e51819d5f4d10a5d1f0488d5e46953fbfd750f6137fbebe89a8d462158a87f9622355104b4f68d7a6d3ad85c373ea52a25afad37ffb743a5c361158087904b09fcc806d032bac00ee0e0251fc032446e45a3e12417ff4703526ffc45f71567857777927903799e0ba453334186009d22e38099c67b5350c7e82136bba947a18fb61d36fcba1f9efe3d79485d06252702833dc8ee417f40bb9064878fb89dd75a49135e5df148c4ad1e1d5626b44c8112d822f4c9a05e693fd5ae5595627f8684016b37a2bf6d0040030000000000002900000037000000006500000000000000fb1a63687c244e6df3aecb13d6eb957495b669cc032f6d0a11a5e16eed9937b046c9dc1a61dcf9754b767df4735c3f8c37b4d5cd15a99c5a19cc62c921ad4e90d6e3695e85000000a53600d5031b5735acafb556e22279975f958ad437c76573e544506e58455772eb11493af933099a5dc7e9e0c8b907e68e23e59d7b94bc774309e2047132758b60955301f277a9032b0bc47e660b243e9e2126733f13ab99055a0999068ada35a38d105a5efe6c7115774effe28695ecae3944413b7764eefde26ed571d857b2cb2dd1b2a4a84c1fec0799cf90f57f7a6d35e2b60cd425b9372ae4a27f453e5d7da2eacd3b98cdb10cec9152d5829c2511eb0f9600a0cd280f3d08849b6cd43d25e3dcd62f7c7dee6123a2682daf4aa9a856b31e9204c5c2b80b84dbeec05d93a64a550f1ebc326488cd620c6fe1aa266a0ce5b24be03b5037786e037cc85ed61f362e081fb694e12e54fcb9eb0f86d6d91fd159023a073278f84d6ada8f9aa25ec223d268f3291b25392c941740932bd1a82f40a8fc586db23d2f6240ce883e3c1dc1e0d07fc3aa73a9ac82a1538d129c9e66cb6a8100abe95bc4064581e8c01ce65ba3ea751db5d8c0a1173fe62b2fd2d415042a97ade4d274a466b6d997eed6bf5d7a305ead804c36b9e1c314b26676ed83412417610d3cf4d07e5b24cf3de9c790ae93850e0f8bba047b710cf340c78a80cef5f6665a647681ff5f7b6ecce8ab65e26406b6a6e0e72ff8501c545bffc00f034dc3a5b251390ae68bb61d936dc9a24e6f66c72e7911c51c716dfd4304566fb32e6c2745d232f990d0bbe0ddf9dc58398dda292c07b16da766a37c60bd9993b4f21e641036a8afa2ccdb47d7990d5a007faccb2f86664179f2e229723bce870aec3f7f4e529c92add713590ce6c0ea1a0499fb76d32636cfd18b6b39fb48f1a6d46f6ae8f45c47ee8260f9531070d170ab92739be0bdf5b76f8a9b93a5e550dfecab79d2e46085a67024b6be883c79ade2873458fda5a7f4eb62b05634356ee3b45723f4cff19c654ad441ff5b8792df7f18d841c351e195151b1b3532e742a6525c86efdb29653f35ce8e0a41c8c6d39f39531e13aeb1172893eeedd83b6afb939f8e6abc5482696aa4891800"], 0x590}}, {{0x0, 0x0, &(0x7f0000001c00)=[{&(0x7f0000001d80)="89d678ce056c6ec3a758a18badbd3f1e8e69623f3a521c407ec0d5f1a2755b4249a56d0b131c3bb9f38c99db3a276c94a27e6f85360ab92b31216fad2398a44e7cd39359af752369a27c1852725ddbf74a2b5dec2e27c4dcefd2ddc9b5a41af61293026e8ef680188f6ad68f8f85264053b003a1a119ff6bca14fbb9238a3d699738efaef34f6cf94a487157402c5c4a27dcdf687365710b68b4d89cb38359f3e57aee5d8c4bd49a421acc3eb0f92fc9dd28df931d97a80f4f0dbe59b0778f2cc02fe8d0ce1a96b578b4546abc5122ef4f94f79816abfa2e0555043ccf0b1e4ac1febe6a6a7e0f19ffc02c1d925f9236382928a5ea08be32cb8ca2571b6c94c5dc893541472b70d102c1a36219f4fb9f0690284b7d4cf8f99ab014688db7c7b0d1cfe978b9275a8269870ba255e17282fa697100b6cf1756a521e22b7411836b6a20d6e74b689d31e0f34c061d42fd4730ca843e86a09945d45a55ac0b5f7d003afdc2c6654a59dc8820d86c7dbee17f35142c6c20a1ac6afe27a4b862373e62609908ecb8f752a9359c09af8700a366c5838b03832b184feaee01c8f7fb55eae5ffd05e33b66d8547c48f258da49186f2b8f36ec8d1191f70637c194e2ba5576e98d78bdf617ae2bb8253318b869459d4abc16160fc35d55bfc7520c021aa66f424522215e7a11f36df3433d321b8578ad5e5340d594321f9e40de502539a910c6f7483fdf7194d59765b987c2a938683aa05c29d1c851d1ac03b2c261c1e027cee876d0c192272eb5504714bccf86d8eca4448dc905c3d99e4fc40297f56c90e9e845e40f9573899e308f7bda4137c4088e0ad0bc1583104094f5820dbe4861ea8988aaaf564419d75e602694a7e0b6a9d3dfd19818bd79d5d117be2d9002b24", 0x281}], 0x1}}], 0x2, 0x8008800)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000240), 0x743002, 0x0)
fsconfig$FSCONFIG_SET_PATH(r8, 0x3, &(0x7f0000000040)='\x00', &(0x7f0000000080)='./file0\x00', 0xffffffffffffff9c)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{r0}, &(0x7f0000000000), &(0x7f00000000c0)=r10}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r10}, 0x9)
socket$nl_route(0x10, 0x3, 0x0)
r11 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000c80)={'lo\x00'})

455.835107ms ago: executing program 2 (id=4666):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=ANY=[@ANYBLOB="fc000000190001002dbd70000000000000000000000000000000000000000001fe8000000000000000000000000000bb00000000000000000a0000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000c00000000000000000000000000000000000000000000000000000000000000ffffffffffffffff000000000020000000000000000000008000000000000000000a000000000000feffffffff7f400002000000000000080000000000000000010000000000000044000500ac1414aa000000000000000000000000000000003c00000002000000ffffffff0000000000000000000000000600000004"], 0xfc}, 0x1, 0x0, 0x0, 0x800}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r2, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x2c)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x4e24, 0x0, @mcast2, 0x2}, 0x1c)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0)

454.839147ms ago: executing program 2 (id=4667):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000240)='cachefiles_ondemand_open\x00'}, 0x18)
syz_usb_connect$uac1(0x4, 0x71, &(0x7f0000000040)=ANY=[], 0x0)
close_range(r1, 0xffffffffffffffff, 0x200000000000000)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x1, 0x0, 0x7ffc0005}]})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$GIO_UNIMAP(r3, 0x4b66, &(0x7f0000000000)={0xfffffc64, 0x0})
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYRES8=0x0, @ANYRES32=r2, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x10)
ioprio_set$uid(0x3, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x10, &(0x7f0000000400)=ANY=[@ANYRES64=r4, @ANYRESDEC=r5, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000340)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00', r6}, 0x10)
r7 = socket(0x1e, 0x5, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r8}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
mq_open(0x0, 0x40, 0x9, 0x0)
setsockopt$packet_tx_ring(r7, 0x10f, 0x87, 0x0, 0x0)
renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x4)
r9 = socket(0x1e, 0x805, 0x0)
setsockopt$packet_tx_ring(r9, 0x10f, 0x87, &(0x7f00000000c0)=@req3={0x80000000, 0x0, 0x2}, 0x1c)
r10 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r9, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r10, 0x0, 0x0, 0x10008095, 0x0, 0x0)
shutdown(r10, 0x1)

418.21071ms ago: executing program 4 (id=4668):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000180), r1)
sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000480)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01022dbd7000ffdb652520e7000109001f0070687931000000000a0001007770616e33000000050020"], 0x34}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)

416.73355ms ago: executing program 3 (id=4669):
syz_emit_ethernet(0xfdef, &(0x7f0000000240)=ANY=[@ANYRES32=0x41424344], 0x0)

407.213222ms ago: executing program 6 (id=4670):
r0 = socket$packet(0x11, 0x3, 0x300)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xb, 0x2, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'ipvlan1\x00', <r4=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="680000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000400012800c0001006d6163766c616e00300002800800010010000000100005800a000400aaaaaaaaaabb000008000300030000000a000400aaaaaaaab1aa000008000500", @ANYRES32=r4], 0x68}}, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r5)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
write$cgroup_subtree(r1, &(0x7f0000000180)=ANY=[@ANYBLOB="8fedcb5d07081175f37538e46558"], 0xb2)
ioctl$sock_SIOCGIFINDEX(r0, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00'})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'syzkaller0\x00', <r6=>0x0})
bind$packet(r0, &(0x7f0000000080)={0x11, 0x1a, r6, 0x1, 0x8, 0x6, @broadcast}, 0x14)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x13, &(0x7f0000000700)=ANY=[@ANYBLOB="18080000000001000000000000000000851000000600000018000000", @ANYRES32=0x0, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x40f00, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000a80)='kfree\x00', r7, 0x0, 0xfffffffffffffffd}, 0x18)
r8 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r8, 0x89a1, &(0x7f0000000040)={'syzkaller0\x00'})

406.804031ms ago: executing program 4 (id=4671):
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x19, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0, 0x0, 0xb}, 0x18)
semop(0x0, &(0x7f0000000240)=[{0x3, 0x0, 0x1800}, {0x0, 0xe65b}], 0x2)
semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000280))
syz_init_net_socket$llc(0x1a, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x248, &(0x7f00000002c0), 0xfd, 0x4a0, &(0x7f0000000e00)="$eJzs3MtrXNUfAPDvnZkkfSe//uqjtdpoFYuPpEmrFhR8gOBCQdBFXUlM0lKbNtJEsCXYKKVuBC24F8GN4F/gypWoK8Gt7qVQpJtWVyM3c+90kszk0Ztkms7nAzdzzsy5c873Ps89d24C6Fj96Z8kYkdE/BERvRFRaiywtTal5W5enxn95/rMaBLV6lt/J+lsceP6zGheNMlet9cylfSLSpeSeKlJvVPnL5wemZgYP5flB6fPfDA4df7C06fOjJwcPzl+dvjYsaNHhp57dviZNYkzbdONfR9P7t/72jtX3hg9fuW9X75PGhrdGEdBz/fWkzP1ZbLQY2tU2Z1iZ0M6qbSxIaxKT0Skq6trbv/vjfKlXfXPeuPVT9vaOGBdVavV6nDrj2erwF0siXa3AGiP/ESfXv/m0wZ1Pe4I116uXQClcd/Mptonldo4SE/t2mjnOtXfHxHHZ//9Op1i1eMQXevUKgDgbvZj2v95qkn/rxJxb0O5Xdm9ob6I+F9E7I6I/0fEnoi4J2pl74uI+5tX0/9ui/r7F+QX939KVwuEt6y0//dCdm9rfv+vfhesr5zlds7F35WcODUxfjhbJoeiqyfNDzX99iRiNn39/YtW9Tf2/9IprT/vC2btuFrpmT/P2Mj0SOHAM9c+idhXaRZ/EpVbUcTeiNh3m3WceuK7/fPfKddTy8e/hDW4z1T9JuLx2vqfjQXx55Kl708ObomJ8cOD+Vax2K+/XX6zVf21+EuxdPxbiwfaQrr+tzXb/l+sx9+XNN6vnVr0Fd3L1XH5z89aXtPcWv8RW+beWdn23528Pa/yj0amp88NRXQnry9+v2GAO8/n5dP4Dx1svv/vzuZJ438gItKN+MGIeCgiDmRtfzgiHomIg0vE//Mrj77fMv4DBbb/NZDGP9b0+Ndq/a8+UT790w+t6l/Z8e9onplr1EqOfyttYJFlBwAAAJtFKSJ2RFIaqKdLpYGB2u/l98S20sTk1PSTJyY/PDtWe0agL7pK+UhXb8N46FA2Npznh7P8xSx/JBs3/qq8dS4/MDo5Mdbu4KHDbW+x/6f+KjeZYf2GooF28LwWdK7V7//L3vMFNonbP//rOcBmt8xeXNqodgAbz1kcOlez/f9iYyaJ2q/kgbuO8z90rvr+/+UKCjcM/S98eBPYfJY6/1d7N7AhwIbT/4eOVOS5/jwRUWj2Yon4NmLpMkl7GlYw8XmR2Ssb0MIotXH5dLdlpQyX27qpV1b6Xy3ifPVi4UrbfWQCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABYG/8FAAD//64O3bE=")
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_mreq(r1, 0x29, 0x1c, &(0x7f0000000240)={@dev={0xfe, 0x80, '\x00', 0x33}}, 0x14)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r2, &(0x7f0000000140)={0x28, 0x0, 0x2710, @local}, 0x10)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00'}, 0x10)
open(&(0x7f0000000180)='./bus\x00', 0xa37e, 0x100)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xe, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r6}, 0x10)
listen(r2, 0x0)
r7 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r7, &(0x7f0000000080)={0x28, 0x0, 0x2710}, 0x10)
r8 = accept4(r2, 0x0, 0x0, 0x0)
sendto(r8, 0x0, 0x0, 0x0, 0x0, 0x0)
recvfrom(r7, &(0x7f00000001c0)=""/62, 0x3e, 0x10120, 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x511a01, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='qgroup_update_counters\x00', r0, 0x0, 0x3}, 0x18)

396.135343ms ago: executing program 3 (id=4672):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000b00)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000280)={0x2, 0x3, 0x0, 0x3, 0xa, 0x0, 0x4070bd2c, 0x25dfdbfc, [@sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x4e22, @remote}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x7, 0xc, 0x80000000}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0xa}}}]}, 0x50}, 0x1, 0x7}, 0x0)

376.092984ms ago: executing program 3 (id=4673):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000e8f70000000000ff00004485"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000240)='cachefiles_ondemand_open\x00', r1}, 0x18)
syz_usb_connect$uac1(0x4, 0x71, &(0x7f0000000040)=ANY=[], 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x1, 0x0, 0x7ffc0005}]})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$GIO_UNIMAP(r3, 0x4b66, &(0x7f0000000000)={0xfffffc64, 0x0})
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYRES8=0x0, @ANYRES32=r2, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x10)
ioprio_set$uid(0x3, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x10, &(0x7f0000000400)=ANY=[@ANYRES64=r4, @ANYRESDEC=r5, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000340)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00', r6}, 0x10)
r7 = socket(0x1e, 0x5, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r8}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
mq_open(0x0, 0x40, 0x9, 0x0)
setsockopt$packet_tx_ring(r7, 0x10f, 0x87, 0x0, 0x0)
r9 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r9, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r9, 0x0, 0x0, 0x10008095, 0x0, 0x0)
shutdown(r9, 0x1)

285.565713ms ago: executing program 0 (id=4675):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000ff0f00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0b00000007000000010001000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)={0x114, 0x29, 0x1, 0x0, 0x25dfdbfc, "", [@nested={0x103, 0xf2, 0x0, 0x1, [@typed={0xc, 0x18, 0x0, 0x0, @u64=0xfac0b}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@remote}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8", @typed={0x8, 0x145, 0x0, 0x0, @ipv4=@remote}]}]}, 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

251.178296ms ago: executing program 0 (id=4676):
r0 = syz_open_dev$loop(&(0x7f0000000bc0), 0x5, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000001c0), r1)
ioctl$TUNGETDEVNETNS(0xffffffffffffffff, 0x54e3, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x8, &(0x7f0000000340)=[{0xfffb, 0xb3, 0x0, 0xffff}, {0x5, 0x4b, 0xf1, 0x65}, {0xf, 0x73, 0x5, 0x5}, {0x80, 0x6, 0xf5, 0x9}, {0xe00, 0xc, 0xf, 0x180000}, {0xfffb, 0x8, 0x4f, 0x1}, {0x0, 0x0, 0xb, 0x6}, {0x0, 0x4, 0x6, 0x3}]})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r3}, &(0x7f0000000580), &(0x7f00000005c0)=r4}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
io_setup(0x1, &(0x7f0000000b80))
msgrcv(0x0, 0x0, 0x0, 0xda72ed5a9dc29567, 0x2000)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000080)={'ip6tnl0\x00', &(0x7f0000000240)={'ip6_vti0\x00', 0x0, 0x29, 0x5, 0xc0, 0x1000, 0x0, @remote, @local, 0x80, 0x7, 0x4, 0x9bc}})
msgsnd(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="630b89cd6e4d4221808f1d61148e6d5ba8ab544eb9a7f7aba0887974f454d8a9cb54fd9049f02bc35c26a0644ad79d9309464aa385ddd46bc030337a5c720f19456430ab5b62a6e60ecea8bff8b24d7cb1347cf5d8ea0cce", @ANYRESHEX=r0], 0x8, 0x800)
fsopen(0x0, 0x1)
msgctl$MSG_STAT(0x0, 0xb, &(0x7f0000000580)=""/49)
openat$selinux_avc_hash_stats(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getresgid(0x0, &(0x7f0000003000), 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0xffffffffffffffa5)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x80078b, &(0x7f0000000680)={[{@nodioread_nolock}, {@journal_dev={'journal_dev', 0x3d, 0xff}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@nouid32}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x8d55}}]}, 0x0, 0x473, &(0x7f0000000bc0)="$eJzs281rHGUYAPBnJh9t7UdirR+tVaNFCIpJk1btwYui4KGioId6jMm2hG4baaLYUmwqUi+CFPQsHgX/Am8iiHoSvOrFkxSK9tLqKTKzM+1mm02N2WRi9veDzb7vzrs7z5P5eud9dwPoWkPZnyRiR0T8EhEDjeriBkONpxvXzk/+de38ZBILC6//keTtrl87P1k2Ld+3vagMpxHph0mxksVmz547OVGv184U9dG5U2+Pzp4999S7pyZO1E7UTo8fOXL40Nizz4w/3ZE8s7yu73t/Zv/el9+8/Mrksctv/fBVFu+OYnlzHp0ylCX+50KuddnjnV5ZxXY2lZPeCgNhRXoiIttcffnxPxA9cWvjDcRLH1QaHLCmsmvTlvaL5xeATSyJqiMAqlFe6LP73/KxTl2PDeHq840boCzvG8WjsaQ30qJNX8v9bScNRcSx+b8/zx6xRuMQAADNPp787Gh/UV7c/0vjvvz5t/zvrmIOZTAi7o6I3RFxT0TsiYh7I/K290fEA6uM5/b+T3pllR+5rKz/91wxt7W4/1f2/mKwp6jtzPPvS45P12sHi//JcPRtyepjy6zjmxd//qTdsub+X/bI1l/2BYs4rvS2DNBNTcxN5J3SDrh6MWJf71L5JzdnApKI2BsR+1b20bvKwvQTX+5v1+jO+S+jA/NMC19k6c1n+c9HS/6lpHl+cvq2+cnRrVGvHRwt94rb/fjTpdfarX9V+XfA1VrjuWn7tzYZTJrna2dXvo5Lv37U9p7mP+7/aX/yRj7PXJ673puYmzszFtGfHM3ri14fv/Xesl62z/b/4QNLH/+7i/dk+T8YEdlO/FBEPBwRjxSxPxoRj0XEgWXy//6F9svK/COtaPtfjJha8vx3c/9v2f4rL/Sc/O7rduv/d9v/cF4aLl7Jz393sFQ42emiNcDV/O8AAADg/yLNvwOfpCM3y2k6MtL4Dv+euCutz8zOPXl85p3TU43vyg9GX1qOdA0U46H16XptLJkvPrExPjpejBWX46WHinHjT3u25fWRyZn6VMW5Q7fb3ub4z/zeU3V0wBrbtuSr4/3rHghQgdZ59HRx9cKr4WQAm5Xfa0P3usPxn65XHMD6c/2H7rXU8X+hpW4uADYn13/oXo5/6FLpt1VHAFTI9R+60mp+17+Gha0bI4xqCht1o+SFiLKQboh4FNaoUPWZCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDP+CQAA//9Chukd")
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="0202000311000000000000000000000005000500000000000a00000000000000fe8000000000000000000000000000bb000000000000000002000100000007000000000b000000000200090000000000000000000000000005000600000000000a00000000000000fe8800000000000000000000000000010000000000000000"], 0x88}}, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="acbefa93", @ANYRES16=r2, @ANYBLOB="0100000000000000000004740906080004006401010114000600626f6e643000000000000000000000000500010001"], 0x38}, 0x1, 0xffffffff00000003, 0x0, 0x28040840}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r1)
socket$netlink(0x10, 0x3, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x48, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

208.25788ms ago: executing program 6 (id=4677):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=ANY=[@ANYBLOB="fc000000190001002dbd70000000000000000000000000000000000000000001fe8000000000000000000000000000bb00000000000000000a0000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000c00000000000000000000000000000000000000000000000000000000000000ffffffffffffffff000000000020000000000000000000008000000000000000000a000000000000feffffffff7f400002000000000000080000000000000000010000000000000044000500ac1414aa000000000000000000000000000000003c00000002000000ffffffff0000000000000000000000000600000004"], 0xfc}, 0x1, 0x0, 0x0, 0x800}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r2, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x2c)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x4e24, 0x0, @mcast2, 0x2}, 0x1c)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0)

193.546102ms ago: executing program 6 (id=4678):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000400)={0x0, r0}, 0x8)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000340), &(0x7f0000000300)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
syz_clone(0x26801000, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x5, 0x9fd, 0x84, 0x105}, 0x50)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'lo\x00'})
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x6c, r2, 0x0, 0xc00000000000000}, 0x38)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0b000000080000000c0000000300000001"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x18)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r6, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000500)={0x14, 0x4, 0x8, 0x201, 0x0, 0x0, {0x1}}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x40)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000780)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_GET_TARGET(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000040)={0x14, 0x0, 0x4}, 0x14}}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000380), r8)
r9 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), r8)
sendmsg$NL802154_CMD_NEW_INTERFACE(r8, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000580)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="0100000000000000eeff110000000a0004007778616e3300000008001500", @ANYRES32, @ANYBLOB="080001"], 0x30}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x18)
r10 = syz_open_procfs(0x0, &(0x7f0000000200)='net/igmp6\x00')
close_range(r10, 0xffffffffffffffff, 0x0)
socket$inet6_icmp(0xa, 0x2, 0x3a)
r11 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000640)=@newlink={0x60, 0x10, 0x437, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x8d0}, [@IFLA_LINKINFO={0x38, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x28, 0x2, 0x0, 0x1, [@IFLA_GRE_OFLAGS={0x6, 0x3, 0x7}, @IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_IFLAGS={0x6, 0x2, 0x7}, @IFLA_GRE_TTL={0x5, 0x8, 0x7}, @IFLA_GRE_REMOTE={0x8, 0x7, @multicast1}]}}}, @IFLA_PROTO_DOWN={0x5, 0x27, 0x6}]}, 0x60}, 0x1, 0x0, 0x0, 0x24000015}, 0x0)

144.894596ms ago: executing program 6 (id=4679):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'bridge_slave_1\x00'})
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000008000000000000005000100070000000900020073797a30000000001400078008001240000000000500150004000000050005000000000005000400000000000d000300686173683a6d6163"], 0x5c}}, 0x0)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000740)=ANY=[@ANYBLOB="44000000090605000000000000000000010000050900020073797a30000006000500010007000000080009400000000114000880100007800a001100b4"], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x44000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000b00)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000280)={0x2, 0x3, 0x0, 0x3, 0xd, 0x0, 0x4070bd2c, 0x25dfdbfc, [@sadb_key={0x3, 0x9, 0x80, 0x0, "1cdc0dca1d9f68846960e56de42944af"}, @sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x4e22, @remote}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x7, 0xc, 0x80000000}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0xa}}}]}, 0x68}, 0x1, 0x7}, 0x0)

141.212286ms ago: executing program 0 (id=4680):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7050000080000008500000069000000"], &(0x7f0000000500)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0x800000000006}, 0x18)
iopl(0x2)

122.738098ms ago: executing program 6 (id=4681):
r0 = socket$kcm(0x2, 0x200000000000001, 0x106)
setsockopt$sock_attach_bpf(r0, 0x29, 0x4b, 0x0, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$inet(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x4000008)
fchmodat(0xffffffffffffffff, &(0x7f0000000340)='./file0\x00', 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x480000000000000b, 0x954b, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x76, 0x1ef7}, 0x11efa, 0x4, 0x98, 0x0, 0x2, 0xfffff271, 0xfffd, 0x0, 0x0, 0x0, 0x20}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000300)={'macsec0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000480)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x2000, {0x0, 0x0, 0x74, r5, {0xfffd, 0x10}, {0x10, 0xfff1}, {0xfff2, 0x3}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x14004804}, 0x840)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r3, 0x0, 0x9}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2000008, &(0x7f00000003c0), 0xfc, 0x53e, &(0x7f0000000940)="$eJzs3UFvI1cdAPD/eO3d7G62SYEDVGoptGi3grWThrYRh1IkBKdKiMJ5CYkTRXHiKHbaTVRB9hMgIQRInODCBYkPgIRW4sKxQqoEZ5CKQIhuQYIDdJDtcRKcceKsnHjX+f2kybz3xjP/9xy/8YznaSaAC+vZiHgtIj5M0/SFiJjKygvZFHudqfW6Dx68vdiakkjTN/6eRJKVdbeVZPPr2WoTEfH1r0Z8Ozkat7Gzu7ZQqxW7+UpzfbPS2Nm9vbq+sFJdqW7Mzc2+PP/K/EvzM0Np542IePXLf/7h937+lVd//bm3/nTnr7e+06rWZLb8cDtOqXjcwk7TS1cmelbYeshgj6JWe0rdzNXB1rl3hvUBAKC/1jH+RyLi0xHxQkzFpeMPZwEAAIDHUPrFyfhPEpHmu9ynHAAAAHiMFNpjYJNCORsLMBmFQrncGcP7sbhWqNUbzc8u17c3ljpjZaejVFherVVnsrHC01FKWvnZdvog/2JPfi4inoyIH0xdbefLi/Xa0qh//AAAAIAL4nrP+f8/pzrn/wAAAMCYmT5+8dR51QMAAAA4Oyec/wMAAABjwPk/AAAAjLWvvf56a0q7z79eenNne63+5u2lamOtvL69WF6sb22WV+r1lfY9+9ZP2l6tXt/8fGxs3600q41mpbGze2e9vr3RvLMaE+fSIAAAAOCIJz95/w9JROx94Wp7ark86koB56K4n0qyeU7v/+MTnfl751Qp4FxcGuA1713JL3ecAI+3Ym9Bn74OjJ/SqCsAjFxywvKewTvX9lPvZPNPDb9OAADAcN38RP71/5OvC+wVzqF6wBnSieHi6vmeTz3rBy6O9vX/QQfyOFiAsVIaaAQgMM5Oef3/wDuDRkjTU1UIAAAYusn2lBTK2c97k1EolMsRN9qPBSgly6u16kxEPBERv58qXWnlZ9trJieeMwAAAAAAAAAAAAAAAAAAAAAAAAAAHWmaRAoAAACMtYjCX5LfdO7lf3Pq+cne3wcuJ/9uPxL4ckS89ZM3fnR3odncmm2Vv79f3vxxVv7iKH7BAAAAAHp1z9Pb83+NujYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjJsPHry92J0GePnVYcX925ciYjovfjEm2vOJKEXEtX8kUTy0XhIRl4YQf+9eRHw8L37SqtZ+yLz4w3gTTogf09m7kBf/+hDiw0V2v7X/eS2v/xXi2fY8v/8VI/4v/7D67/9if/93qU//vzFgjKfe/WWlb/x7EU8V8/c/3fhJn/jPDRj/W9/Y3e23LP1pxM3u9097j3c4wkGq0lzfrDR2dm+vri+sVFeqG3Nzsy/PvzL/0vxMZXm1Vs3+5sb4/tO/+vC49l/L/f5Lstr0b//zOdvL+07677t3H3y0m9k7Gv/Wcznxf/uz7BVH4xeyOJ/J0kn2XrXTe53387BnfvG7Z45r/9JB+0un+f/f6rfRXkc6ytODfnQAgDPQ2NldW6jVqltjm2idpT8C1bjoiW++/wh+2L471A2maZq2+lTOovsRMch2khhySwv59TlI9P2njHrPBAAADNvBQf+oawIAAAAAAAAAAAAAAAAAAAAX13ncZa035sEtkJNh3EIbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAo/hcAAP//A/7SsQ==")
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r6}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)

116.912459ms ago: executing program 0 (id=4682):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', 0xffffffffffffffff, 0x0, 0xf}, 0x18)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={0xffffffffffffffff, &(0x7f00000006c0), 0x0, 0x2}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='mm_compaction_try_to_compact_pages\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000500)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
iopl(0x2)

95.746061ms ago: executing program 0 (id=4683):
syz_emit_ethernet(0xfdef, &(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES32=0x41424344], 0x0)

32.375047ms ago: executing program 0 (id=4684):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000002240)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000000700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x80)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000015c0)=ANY=[@ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="05"], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r2}, 0x0, &(0x7f0000000700)=r1}, 0x20)
sendmsg$inet(r0, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1}, 0x3)

0s ago: executing program 6 (id=4685):
syz_mount_image$iso9660(&(0x7f00000003c0), &(0x7f0000000000)='./file0\x00', 0x810000, &(0x7f0000000500)=ANY=[@ANYBLOB='map=off-uid=', @ANYRESHEX=0x0, @ANYBLOB=',mode=0x0000000000000009,sbsector=0x0000000000000003,cruft,unhide,block=0x0000000000000200,\x00'], 0x5, 0x56c, &(0x7f0000001300)="$eJzs3V9v09YbwPHH/fNrFX5j04YQqgocyiYVqQQngaCIK885SQ2OHdkOaq9QRVNUkcJEmbT2atygTdpeBHfTbne/l7B3gvYSmGwnbdrmD4Wm6dj3U8E5sY/PeY4b+ZGb2BYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACCGXTb/EBHX8Rorqj+7HPi1Aes7/d04UAwYV8SI/8nsrFxKF126sL/6Yvzfgsynr+ZlNi5mZffcxS/ufTU10dl+QECnYntn9+laq9V8cZyNJkcXz2mras8JfadmVbVyQl+VikXz1nIlVBXH1eFqGOmasgNtRX6gFu0bKlcqFZTOrvoNr1q2XN1ZePdm3jSL6n62rq0g9L1b97Ohvey4ruNVkzbx6rjN3fiN+MCJVKStmlIbm61mQSl1blCQcaPcsJnEjfLDGuXNfD6Xy+dzxTulO3dNc+rIAvMQabd4Z6TvZHNq/G9ajNdJHr6BjzJhl00zZ4i44ognDVkR1fPHlrIE4kutz/q2Tv7/5pbeG+N/Pcbtzv+dLH9pf/WcJPn/SvrqSr/83yeW0/vZlh3ZlaeyJi1pSVNefEgvM+OexeCfC2vpb6HXuqpo8cSRUHxxpCZWskS1lygpSVGKYsojWZaKhKKkIo64oiWUVQklEp28o2wJRIslkfgSiJJFseWGKMlJSUpSECVasrIqvjTEk6qUxUp62ZDNZL8Xeka3J22UGzDJvZ7yAxq9V/6P36qmac4kxdFNyP//dSd5+AY+yrtO/u82PeAVAAAAAAD41zGSv74byWn+5aRWcVxtjjssAAAAAABwgpJP/ufjIvmY/7IYnP8DAAAAAPCpMZJr7AwRycjVtNa5Eoo/AgAAAAAA8IlIPv+/EheZuHZVDM7/AQAAAAD41Pw09B77YX3G+PNvCYJp41V95Wtjy4rbWVuT6XaTh3uMKnPG+XYnSVGcar+y9bzRvvvl3k0w37aLjX5x/D9ZahjGCQQgv8i1tM219bRc76xJZ5v5zXF11vbdezmxrPMTkV6Jvn+2+YMk0//Zq503ZGOz1cw+ft5aT2J5Fffyaqt9A0XjGLG8TO63kFxz0XPPTycXYqTjGj+m45rd859IN584xpivZSFts5BJy8zB+c/GY+ay/WafSaPIHZr5kVkPjeJ62ub64vW06BFFvm8U8XCbrWa+O4oP2hc9opg8FEVh2L4odKKY3h/+OFEAwLhsDMlCxtHE/wFHub7ZvTPKiWT317KYtlmcSw6sU3M98oo57IhufmRe/3368DOQ+uXYeNxfD2XVN/EGb/qOG7p5I96Fky+3vpOL2zu7Nze31p40nzSf5fOFonnbNO/kZTqZRrsg9wAAehj+jJ2hLYzbQ86qv9z7SkFWHstzacm6LCVXGyTfOOjutfp5u9dM19cQloacte63zcnSkHPLTNeDXt6/beEUfhMAAJyehd55+Fj5f2nIeffBXD747Lg7lwMAgNHQwdt77Wr9Ua5UylnRslaBbz9QgVOuauV4kQ7sZcuralUP/Mi3fTeuPHTKOlRho173g0hV/EDV/dBZSZ78rtqPfg91zfIixw7rrrZCrWzfiyw7UmUntFW98a3rhMs6iDfuPGPQtiLH91ToNwJbZ5UKte5q6JS1FzkVJ656qh44NStYVQ99t1HTqqxDO3DqkZ90uDeW41X8oGZFzmeSHeN+BgDgLNne2X261mo1X4ywMu45AgCAg8jSAAAAAAAAAAAAAAAAAAAAAACcfadx/d/4K3+lTxGQkQwxIyLjnuDoK7NnI4xjViZE5EQ6nDgT0+lRMUbV87iPTABG7Z8AAAD//91NRuI=")
r0 = socket$inet6(0xa, 0x1, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000004c0)={'ip6tnl0\x00', &(0x7f0000000740)={'syztnl1\x00', 0x0, 0x29, 0x0, 0x4, 0x0, 0x4b, @ipv4={'\x00', '\xff\xff', @multicast2}, @local, 0x10, 0x7, 0x40000004, 0x4}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_FLOW_DEFAULT_RATE={0x8}]}}]}, 0x38}}, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000dd0000000000003b810000850000006d000000a50000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', r3, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000680)={'syztnl1\x00', 0x0})
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0)
syz_mount_image$iso9660(&(0x7f00000003c0), &(0x7f0000000000)='./file0\x00', 0x810000, &(0x7f0000000500)=ANY=[@ANYBLOB='map=off-uid=', @ANYRESHEX=0x0, @ANYBLOB=',mode=0x0000000000000009,sbsector=0x0000000000000003,cruft,unhide,block=0x0000000000000200,\x00'], 0x5, 0x56c, &(0x7f0000001300)="$eJzs3V9v09YbwPHH/fNrFX5j04YQqgocyiYVqQQngaCIK885SQ2OHdkOaq9QRVNUkcJEmbT2atygTdpeBHfTbne/l7B3gvYSmGwnbdrmD4Wm6dj3U8E5sY/PeY4b+ZGb2BYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACCGXTb/EBHX8Rorqj+7HPi1Aes7/d04UAwYV8SI/8nsrFxKF126sL/6Yvzfgsynr+ZlNi5mZffcxS/ufTU10dl+QECnYntn9+laq9V8cZyNJkcXz2mras8JfadmVbVyQl+VikXz1nIlVBXH1eFqGOmasgNtRX6gFu0bKlcqFZTOrvoNr1q2XN1ZePdm3jSL6n62rq0g9L1b97Ohvey4ruNVkzbx6rjN3fiN+MCJVKStmlIbm61mQSl1blCQcaPcsJnEjfLDGuXNfD6Xy+dzxTulO3dNc+rIAvMQabd4Z6TvZHNq/G9ajNdJHr6BjzJhl00zZ4i44ognDVkR1fPHlrIE4kutz/q2Tv7/5pbeG+N/Pcbtzv+dLH9pf/WcJPn/SvrqSr/83yeW0/vZlh3ZlaeyJi1pSVNefEgvM+OexeCfC2vpb6HXuqpo8cSRUHxxpCZWskS1lygpSVGKYsojWZaKhKKkIo64oiWUVQklEp28o2wJRIslkfgSiJJFseWGKMlJSUpSECVasrIqvjTEk6qUxUp62ZDNZL8Xeka3J22UGzDJvZ7yAxq9V/6P36qmac4kxdFNyP//dSd5+AY+yrtO/u82PeAVAAAAAAD41zGSv74byWn+5aRWcVxtjjssAAAAAABwgpJP/ufjIvmY/7IYnP8DAAAAAPCpMZJr7AwRycjVtNa5Eoo/AgAAAAAA8IlIPv+/EheZuHZVDM7/AQAAAAD41Pw09B77YX3G+PNvCYJp41V95Wtjy4rbWVuT6XaTh3uMKnPG+XYnSVGcar+y9bzRvvvl3k0w37aLjX5x/D9ZahjGCQQgv8i1tM219bRc76xJZ5v5zXF11vbdezmxrPMTkV6Jvn+2+YMk0//Zq503ZGOz1cw+ft5aT2J5Fffyaqt9A0XjGLG8TO63kFxz0XPPTycXYqTjGj+m45rd859IN584xpivZSFts5BJy8zB+c/GY+ay/WafSaPIHZr5kVkPjeJ62ub64vW06BFFvm8U8XCbrWa+O4oP2hc9opg8FEVh2L4odKKY3h/+OFEAwLhsDMlCxtHE/wFHub7ZvTPKiWT317KYtlmcSw6sU3M98oo57IhufmRe/3368DOQ+uXYeNxfD2XVN/EGb/qOG7p5I96Fky+3vpOL2zu7Nze31p40nzSf5fOFonnbNO/kZTqZRrsg9wAAehj+jJ2hLYzbQ86qv9z7SkFWHstzacm6LCVXGyTfOOjutfp5u9dM19cQloacte63zcnSkHPLTNeDXt6/beEUfhMAAJyehd55+Fj5f2nIeffBXD747Lg7lwMAgNHQwdt77Wr9Ua5UylnRslaBbz9QgVOuauV4kQ7sZcuralUP/Mi3fTeuPHTKOlRho173g0hV/EDV/dBZSZ78rtqPfg91zfIixw7rrrZCrWzfiyw7UmUntFW98a3rhMs6iDfuPGPQtiLH91ToNwJbZ5UKte5q6JS1FzkVJ656qh44NStYVQ99t1HTqqxDO3DqkZ90uDeW41X8oGZFzmeSHeN+BgDgLNne2X261mo1X4ywMu45AgCAg8jSAAAAAAAAAAAAAAAAAAAAAACcfadx/d/4K3+lTxGQkQwxIyLjnuDoK7NnI4xjViZE5EQ6nDgT0+lRMUbV87iPTABG7Z8AAAD//91NRuI=") (async)
socket$inet6(0xa, 0x1, 0x0) (async)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000004c0)={'ip6tnl0\x00', &(0x7f0000000740)={'syztnl1\x00', 0x0, 0x29, 0x0, 0x4, 0x0, 0x4b, @ipv4={'\x00', '\xff\xff', @multicast2}, @local, 0x10, 0x7, 0x40000004, 0x4}}) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$inet6_udp(0xa, 0x2, 0x0) (async)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'lo\x00'}) (async)
sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_FLOW_DEFAULT_RATE={0x8}]}}]}, 0x38}}, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000dd0000000000003b810000850000006d000000a50000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', r3, 0x2}, 0x94) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r4}, 0x10) (async)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000680)={'syztnl1\x00', 0x0}) (async)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) (async)

kernel console output (not intermixed with test programs):

11989] 8021q: adding VLAN 0 to HW filter on device bond0
[  257.384149][T11989] bond0: entered allmulticast mode
[  257.594746][ T3574] Bluetooth: hci0: command 0x1003 tx timeout
[  257.600865][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  257.627102][T12005] netlink: 'syz.4.3042': attribute type 4 has an invalid length.
[  257.691241][T12011] FAULT_INJECTION: forcing a failure.
[  257.691241][T12011] name failslab, interval 1, probability 0, space 0, times 0
[  257.704104][T12011] CPU: 0 UID: 0 PID: 12011 Comm: syz.4.3045 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  257.704135][T12011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  257.704148][T12011] Call Trace:
[  257.704154][T12011]  <TASK>
[  257.704231][T12011]  __dump_stack+0x1d/0x30
[  257.704261][T12011]  dump_stack_lvl+0xe8/0x140
[  257.704356][T12011]  dump_stack+0x15/0x1b
[  257.704381][T12011]  should_fail_ex+0x265/0x280
[  257.704407][T12011]  ? __pfx_sock_alloc_inode+0x10/0x10
[  257.704459][T12011]  should_failslab+0x8c/0xb0
[  257.704561][T12011]  kmem_cache_alloc_lru_noprof+0x55/0x490
[  257.704601][T12011]  ? sock_alloc_inode+0x34/0xa0
[  257.704631][T12011]  ? __pfx_sock_alloc_inode+0x10/0x10
[  257.704655][T12011]  sock_alloc_inode+0x34/0xa0
[  257.704712][T12011]  alloc_inode+0x40/0x170
[  257.704746][T12011]  __sock_create+0x122/0x5b0
[  257.704816][T12011]  ? path_openat+0x1bf8/0x2170
[  257.704840][T12011]  sock_create_kern+0x38/0x50
[  257.704869][T12011]  mptcp_subflow_create_socket+0x84/0x500
[  257.704984][T12011]  __mptcp_nmpc_sk+0xb5/0x3d0
[  257.705045][T12011]  mptcp_connect+0x58/0x890
[  257.705080][T12011]  __inet_stream_connect+0x169/0x7d0
[  257.705109][T12011]  ? _raw_spin_unlock_bh+0x36/0x40
[  257.705196][T12011]  ? release_sock+0x116/0x150
[  257.705235][T12011]  ? _raw_spin_unlock_bh+0x36/0x40
[  257.705339][T12011]  ? lock_sock_nested+0x112/0x140
[  257.705436][T12011]  ? selinux_netlbl_socket_connect+0x115/0x130
[  257.705485][T12011]  inet_stream_connect+0x44/0x70
[  257.705516][T12011]  ? __pfx_inet_stream_connect+0x10/0x10
[  257.705546][T12011]  __sys_connect+0x1f2/0x2b0
[  257.705647][T12011]  __x64_sys_connect+0x3f/0x50
[  257.705688][T12011]  x64_sys_call+0x2c0c/0x3000
[  257.705717][T12011]  do_syscall_64+0xd2/0x200
[  257.705741][T12011]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  257.705793][T12011]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  257.705872][T12011] RIP: 0033:0x7fa7005af6c9
[  257.705891][T12011] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  257.705971][T12011] RSP: 002b:00007fa6ff00f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  257.705992][T12011] RAX: ffffffffffffffda RBX: 00007fa700805fa0 RCX: 00007fa7005af6c9
[  257.706005][T12011] RDX: 0000000000000010 RSI: 0000200000000000 RDI: 0000000000000008
[  257.706026][T12011] RBP: 00007fa6ff00f090 R08: 0000000000000000 R09: 0000000000000000
[  257.706038][T12011] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  257.706053][T12011] R13: 00007fa700806038 R14: 00007fa700805fa0 R15: 00007ffc3bbc0e28
[  257.706080][T12011]  </TASK>
[  257.706107][T12011] net_ratelimit: 10 callbacks suppressed
[  257.706174][T12011] socket: no more sockets
[  257.836130][T12018] serio: Serial port ttyS3
[  258.186953][T12030] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3053'.
[  258.196970][T12030] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3053'.
[  258.293368][T12038] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3057'.
[  258.304175][T12038] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3057'.
[  258.660266][T12057] x_tables: duplicate underflow at hook 1
[  258.947176][T12065] IPv6: NLM_F_CREATE should be specified when creating new route
[  258.948617][T12068] netlink: 'syz.6.3069': attribute type 4 has an invalid length.
[  259.004478][T12072] 9pnet: Could not find request transport: 0xffffffffffffffff
[  259.210051][T12089] macvlan1: entered promiscuous mode
[  259.217255][T12089] ipvlan0: entered promiscuous mode
[  259.224064][T12089] ipvlan0: left promiscuous mode
[  259.231435][T12089] macvlan1: left promiscuous mode
[  259.303813][T12096] netlink: 'syz.4.3081': attribute type 4 has an invalid length.
[  259.329953][T12099] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3082'.
[  259.379096][T12103] netlink: 72 bytes leftover after parsing attributes in process `syz.4.3085'.
[  259.395932][T12105] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  259.673055][T12119] Driver unsupported XDP return value 0 on prog  (id 1990) dev N/A, expect packet loss!
[  260.231372][T12142] 9pnet_fd: Insufficient options for proto=fd
[  260.316060][T12143] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3097'.
[  260.596081][T12146] netlink: 'syz.6.3098': attribute type 4 has an invalid length.
[  260.714451][T12161] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3103'.
[  260.974880][T12181] FAULT_INJECTION: forcing a failure.
[  260.974880][T12181] name failslab, interval 1, probability 0, space 0, times 0
[  260.987674][T12181] CPU: 0 UID: 0 PID: 12181 Comm: syz.6.3109 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  260.987707][T12181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  260.987722][T12181] Call Trace:
[  260.987798][T12181]  <TASK>
[  260.987807][T12181]  __dump_stack+0x1d/0x30
[  260.987837][T12181]  dump_stack_lvl+0xe8/0x140
[  260.987866][T12181]  dump_stack+0x15/0x1b
[  260.987889][T12181]  should_fail_ex+0x265/0x280
[  260.987968][T12181]  should_failslab+0x8c/0xb0
[  260.988008][T12181]  kmem_cache_alloc_lru_noprof+0x55/0x490
[  260.988072][T12181]  ? __d_alloc+0x3d/0x340
[  260.988140][T12181]  __d_alloc+0x3d/0x340
[  260.988181][T12181]  ? xa_load+0xb1/0xe0
[  260.988209][T12181]  d_alloc_parallel+0x58/0xc70
[  260.988237][T12181]  ? __rcu_read_unlock+0x4f/0x70
[  260.988327][T12181]  ? __d_lookup+0x316/0x340
[  260.988349][T12181]  ? default_pointer+0xf2/0x5e0
[  260.988393][T12181]  __lookup_slow+0x8c/0x250
[  260.988415][T12181]  lookup_noperm+0xc9/0x180
[  260.988505][T12181]  simple_start_creating+0x97/0x120
[  260.988540][T12181]  debugfs_start_creating+0xe9/0x160
[  260.988565][T12181]  __debugfs_create_file+0x6b/0x330
[  260.988599][T12181]  debugfs_create_file_full+0x3f/0x60
[  260.988673][T12181]  ? __pfx_vlan_setup+0x10/0x10
[  260.988740][T12181]  ref_tracker_dir_debugfs+0x100/0x1e0
[  260.988882][T12181]  alloc_netdev_mqs+0x1a7/0xa50
[  260.988911][T12181]  register_vlan_device+0x26c/0x3d0
[  260.988945][T12181]  vlan_ioctl_handler+0x1b8/0x4f0
[  260.989030][T12181]  ? __pfx_vlan_ioctl_handler+0x10/0x10
[  260.989090][T12181]  sock_ioctl+0x4a7/0x610
[  260.989122][T12181]  ? __pfx_sock_ioctl+0x10/0x10
[  260.989205][T12181]  __se_sys_ioctl+0xce/0x140
[  260.989227][T12181]  __x64_sys_ioctl+0x43/0x50
[  260.989294][T12181]  x64_sys_call+0x1816/0x3000
[  260.989390][T12181]  do_syscall_64+0xd2/0x200
[  260.989412][T12181]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  260.989497][T12181]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  260.989542][T12181]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  260.989650][T12181] RIP: 0033:0x7f4d06f6f6c9
[  260.989670][T12181] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  260.989748][T12181] RSP: 002b:00007f4d059cf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  260.989828][T12181] RAX: ffffffffffffffda RBX: 00007f4d071c5fa0 RCX: 00007f4d06f6f6c9
[  260.989844][T12181] RDX: 00002000000018c0 RSI: 0000000000008982 RDI: 0000000000000003
[  260.989856][T12181] RBP: 00007f4d059cf090 R08: 0000000000000000 R09: 0000000000000000
[  260.989867][T12181] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  260.989922][T12181] R13: 00007f4d071c6038 R14: 00007f4d071c5fa0 R15: 00007ffc6a4232d8
[  260.989949][T12181]  </TASK>
[  261.131641][ T3395] kernel write not supported for file bpf-prog (pid: 3395 comm: kworker/1:3)
[  261.254891][T12186] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  261.286218][T12186] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  261.294211][T12186] vhci_hcd vhci_hcd.0: Device attached
[  261.301638][T12193] netlink: 20 bytes leftover after parsing attributes in process `syz.6.3113'.
[  261.538664][ T3407] usb 7-1: new low-speed USB device number 4 using vhci_hcd
[  261.705718][T12219] 9pnet_fd: Insufficient options for proto=fd
[  261.824848][T12194] vhci_hcd: connection reset by peer
[  261.848053][   T52] vhci_hcd: stop threads
[  261.852429][   T52] vhci_hcd: release socket
[  261.856881][   T52] vhci_hcd: disconnect device
[  262.246071][T12215] SET target dimension over the limit!
[  262.310378][   T29] kauditd_printk_skb: 371 callbacks suppressed
[  262.310399][   T29] audit: type=1326 audit(1762868551.156:31100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12214 comm="syz.6.3122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d06f6f6c9 code=0x7ffc0000
[  262.341987][   T29] audit: type=1326 audit(1762868551.156:31101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12214 comm="syz.6.3122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d06f6f6c9 code=0x7ffc0000
[  262.365573][   T29] audit: type=1326 audit(1762868551.156:31102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12214 comm="syz.6.3122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=84 compat=0 ip=0x7f4d06f6f6c9 code=0x7ffc0000
[  262.390513][   T29] audit: type=1326 audit(1762868551.156:31103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12214 comm="syz.6.3122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d06f6f6c9 code=0x7ffc0000
[  262.414323][   T29] audit: type=1326 audit(1762868551.156:31104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12214 comm="syz.6.3122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d06f6f6c9 code=0x7ffc0000
[  262.439362][   T29] audit: type=1326 audit(1762868551.156:31105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12214 comm="syz.6.3122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f4d06f6f6c9 code=0x7ffc0000
[  262.464411][   T29] audit: type=1326 audit(1762868551.156:31106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12214 comm="syz.6.3122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d06f6f6c9 code=0x7ffc0000
[  262.488409][   T29] audit: type=1326 audit(1762868551.156:31107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12214 comm="syz.6.3122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d06f6f6c9 code=0x7ffc0000
[  262.513668][   T29] audit: type=1326 audit(1762868551.167:31108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12214 comm="syz.6.3122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4d06f6f6c9 code=0x7ffc0000
[  262.537542][   T29] audit: type=1326 audit(1762868551.167:31109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12214 comm="syz.6.3122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d06f6f6c9 code=0x7ffc0000
[  262.585036][T12230] devpts: Unknown parameter '0x0000000000000000'
[  262.672324][T12235] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3125'.
[  262.692652][T12238] IPv6: NLM_F_CREATE should be specified when creating new route
[  262.789150][   T52] Bluetooth: hci0: Frame reassembly failed (-84)
[  263.117274][T12257] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3133'.
[  263.194001][T12261] netlink: 'syz.0.3135': attribute type 4 has an invalid length.
[  263.233742][T12267] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3137'.
[  263.248790][T12267] veth1_macvtap: left promiscuous mode
[  263.254989][T12264] netlink: 'syz.2.3136': attribute type 4 has an invalid length.
[  263.289605][T12271] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3139'.
[  263.327418][T12274] FAULT_INJECTION: forcing a failure.
[  263.327418][T12274] name failslab, interval 1, probability 0, space 0, times 0
[  263.341654][T12274] CPU: 1 UID: 0 PID: 12274 Comm: syz.2.3140 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  263.341782][T12274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  263.341796][T12274] Call Trace:
[  263.341802][T12274]  <TASK>
[  263.341812][T12274]  __dump_stack+0x1d/0x30
[  263.341843][T12274]  dump_stack_lvl+0xe8/0x140
[  263.341871][T12274]  dump_stack+0x15/0x1b
[  263.341894][T12274]  should_fail_ex+0x265/0x280
[  263.341945][T12274]  should_failslab+0x8c/0xb0
[  263.342056][T12274]  kmem_cache_alloc_noprof+0x50/0x480
[  263.342099][T12274]  ? skb_clone+0x151/0x1f0
[  263.342127][T12274]  skb_clone+0x151/0x1f0
[  263.342151][T12274]  nfnetlink_rcv+0x2fc/0x16c0
[  263.342185][T12274]  ? obj_cgroup_charge_account+0xba/0x1a0
[  263.342215][T12274]  ? should_fail_ex+0x30/0x280
[  263.342239][T12274]  ? xas_load+0x413/0x430
[  263.342308][T12274]  ? xas_load+0x413/0x430
[  263.342326][T12274]  ? __rcu_read_unlock+0x4f/0x70
[  263.342352][T12274]  ? xa_load+0xb1/0xe0
[  263.342379][T12274]  ? __account_obj_stock+0x211/0x350
[  263.342419][T12274]  ? obj_cgroup_charge_account+0x122/0x1a0
[  263.342528][T12274]  ? should_fail_ex+0x30/0x280
[  263.342550][T12274]  ? __rcu_read_unlock+0x4f/0x70
[  263.342582][T12274]  ? should_fail_ex+0xdb/0x280
[  263.342614][T12274]  netlink_unicast+0x5c0/0x690
[  263.342680][T12274]  netlink_sendmsg+0x58b/0x6b0
[  263.342788][T12274]  ? __pfx_netlink_sendmsg+0x10/0x10
[  263.342814][T12274]  __sock_sendmsg+0x145/0x180
[  263.342841][T12274]  ____sys_sendmsg+0x31e/0x4e0
[  263.342881][T12274]  ___sys_sendmsg+0x17b/0x1d0
[  263.343045][T12274]  __x64_sys_sendmsg+0xd4/0x160
[  263.343071][T12274]  x64_sys_call+0x191e/0x3000
[  263.343101][T12274]  do_syscall_64+0xd2/0x200
[  263.343121][T12274]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  263.343163][T12274]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  263.343243][T12274]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  263.343265][T12274] RIP: 0033:0x7f897e87f6c9
[  263.343281][T12274] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  263.343299][T12274] RSP: 002b:00007f897d2df038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  263.343318][T12274] RAX: ffffffffffffffda RBX: 00007f897ead5fa0 RCX: 00007f897e87f6c9
[  263.343335][T12274] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  263.343384][T12274] RBP: 00007f897d2df090 R08: 0000000000000000 R09: 0000000000000000
[  263.343399][T12274] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  263.343415][T12274] R13: 00007f897ead6038 R14: 00007f897ead5fa0 R15: 00007ffeb2300308
[  263.343442][T12274]  </TASK>
[  263.794606][T12288] 9pnet_fd: Insufficient options for proto=fd
[  263.882261][T12304] netlink: 'syz.0.3149': attribute type 3 has an invalid length.
[  263.903646][T12304] vlan2: entered allmulticast mode
[  264.140102][T12308] FAULT_INJECTION: forcing a failure.
[  264.140102][T12308] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  264.153251][T12308] CPU: 0 UID: 0 PID: 12308 Comm: syz.0.3151 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  264.153326][T12308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  264.153343][T12308] Call Trace:
[  264.153352][T12308]  <TASK>
[  264.153362][T12308]  __dump_stack+0x1d/0x30
[  264.153390][T12308]  dump_stack_lvl+0xe8/0x140
[  264.153417][T12308]  dump_stack+0x15/0x1b
[  264.153441][T12308]  should_fail_ex+0x265/0x280
[  264.153499][T12308]  should_fail+0xb/0x20
[  264.153520][T12308]  should_fail_usercopy+0x1a/0x20
[  264.153555][T12308]  strncpy_from_user+0x25/0x230
[  264.153597][T12308]  strncpy_from_user_nofault+0x68/0xf0
[  264.153667][T12308]  bpf_probe_read_compat_str+0xb4/0x130
[  264.153697][T12308]  bpf_prog_8d8929f39ab9475d+0x40/0x6c
[  264.153720][T12308]  bpf_trace_run2+0x107/0x1c0
[  264.153819][T12308]  ? fpu__clear_user_states+0x63/0x270
[  264.153863][T12308]  __bpf_trace_sys_enter+0x10/0x30
[  264.153895][T12308]  trace_sys_enter+0x86/0xf0
[  264.153932][T12308]  syscall_trace_enter+0x13e/0x1e0
[  264.153992][T12308]  do_syscall_64+0xac/0x200
[  264.154021][T12308]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  264.154053][T12308]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  264.154133][T12308]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.154158][T12308] RIP: 0033:0x7fa7e4ecb779
[  264.154204][T12308] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[  264.154283][T12308] RSP: 002b:00007fa7e3996a80 EFLAGS: 00000202 ORIG_RAX: 000000000000000f
[  264.154309][T12308] RAX: ffffffffffffffda RBX: 00007fa7e5185fa0 RCX: 00007fa7e4ecb779
[  264.154327][T12308] RDX: 00007fa7e3996a80 RSI: 00007fa7e3996bb0 RDI: 0000000000000021
[  264.154344][T12308] RBP: 00007fa7e3997090 R08: 0000000000000000 R09: 0000000000000000
[  264.154360][T12308] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[  264.154376][T12308] R13: 00007fa7e5186038 R14: 00007fa7e5185fa0 R15: 00007ffd25720668
[  264.154459][T12308]  </TASK>
[  264.569535][T12315] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[  264.576165][T12315] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  264.585226][T12315] vhci_hcd vhci_hcd.0: Device attached
[  264.595307][T12315] netlink: 'syz.2.3152': attribute type 12 has an invalid length.
[  264.757938][ T3377] vhci_hcd: vhci_device speed not set
[  264.758473][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  264.763599][ T3574] Bluetooth: hci0: command 0x1003 tx timeout
[  264.810798][T12318] Cannot find add_set index 0 as target
[  264.815134][ T3377] usb 5-1: new full-speed USB device number 7 using vhci_hcd
[  264.828001][T12316] vhci_hcd: connection reset by peer
[  264.844774][   T52] vhci_hcd: stop threads
[  264.849079][   T52] vhci_hcd: release socket
[  264.853612][   T52] vhci_hcd: disconnect device
[  265.214405][T12334] IPv6: NLM_F_CREATE should be specified when creating new route
[  265.293335][T12345] netlink: 96 bytes leftover after parsing attributes in process `syz.0.3162'.
[  265.501164][T12359] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3169'.
[  265.512273][T12359] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3169'.
[  265.552237][T12364] random: crng reseeded on system resumption
[  265.589183][T12366] futex_wake_op: syz.3.3171 tries to shift op by -1; fix this program
[  265.645101][T12372] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3173'.
[  266.200779][T12388] IPv6: NLM_F_CREATE should be specified when creating new route
[  266.276039][T12391] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3178'.
[  266.325769][T12397] IPVS: Error connecting to the multicast addr
[  266.358461][ T3407] usb 7-1: enqueue for inactive port 0
[  266.377297][ T3407] usb 7-1: enqueue for inactive port 0
[  266.408632][T12401] IPVS: Error connecting to the multicast addr
[  266.444284][ T3407] vhci_hcd: vhci_device speed not set
[  266.620817][T12413] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3185'.
[  266.788378][T12412] futex_wake_op: syz.4.3184 tries to shift op by -1; fix this program
[  267.674924][   T29] kauditd_printk_skb: 190 callbacks suppressed
[  267.674943][   T29] audit: type=1326 audit(1762868556.773:31300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12428 comm="syz.2.3190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f897e87f6c9 code=0x7ffc0000
[  267.706296][   T29] audit: type=1326 audit(1762868556.773:31301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12428 comm="syz.2.3190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f897e87f6c9 code=0x7ffc0000
[  267.732219][   T29] audit: type=1326 audit(1762868556.783:31302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12428 comm="syz.2.3190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=443 compat=0 ip=0x7f897e87f6c9 code=0x7ffc0000
[  267.756079][   T29] audit: type=1326 audit(1762868556.783:31303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12428 comm="syz.2.3190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f897e87f6c9 code=0x7ffc0000
[  267.781142][   T29] audit: type=1326 audit(1762868556.783:31304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12428 comm="syz.2.3190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f897e87f6c9 code=0x7ffc0000
[  267.804750][   T29] audit: type=1326 audit(1762868556.783:31305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12428 comm="syz.2.3190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f897e87f6c9 code=0x7ffc0000
[  267.829816][   T29] audit: type=1326 audit(1762868556.794:31306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12428 comm="syz.2.3190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f897e87f6c9 code=0x7ffc0000
[  267.855140][   T29] audit: type=1326 audit(1762868556.794:31307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12428 comm="syz.2.3190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f897e87f6c9 code=0x7ffc0000
[  267.879090][   T29] audit: type=1326 audit(1762868556.804:31308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12428 comm="syz.2.3190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f897e87f6c9 code=0x7ffc0000
[  267.904533][   T29] audit: type=1326 audit(1762868556.804:31309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12428 comm="syz.2.3190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f897e87f6c9 code=0x7ffc0000
[  267.979470][T12438] batadv_slave_1: entered promiscuous mode
[  267.990684][T12438] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  268.014956][T12438] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  268.022459][T12438] batadv0: mtu less than device minimum
[  268.029984][T12438] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  268.040658][T12438] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  268.051403][T12438] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  268.062111][T12438] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  268.072823][T12438] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  268.083611][T12438] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  268.094541][T12438] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  268.105488][T12438] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  268.115221][T12441] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3195'.
[  268.116197][T12438] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  268.126082][T12441] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3195'.
[  268.157754][T12438] batadv_slave_1 (unregistering): left promiscuous mode
[  268.166626][T12438] batman_adv: batadv0: Removing interface: batadv_slave_1
[  268.229795][T12447] netlink: 'syz.2.3197': attribute type 10 has an invalid length.
[  268.278174][T12452] IPv6: NLM_F_CREATE should be specified when creating new route
[  268.384364][T12460] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3202'.
[  268.396325][T12460] veth1_macvtap: left promiscuous mode
[  269.451164][ T3395] kernel write not supported for file bpf-prog (pid: 3395 comm: kworker/1:3)
[  269.461039][T12519] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  269.467681][T12519] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  269.476649][T12519] vhci_hcd vhci_hcd.0: Device attached
[  269.617219][T12527] futex_wake_op: syz.4.3221 tries to shift op by -1; fix this program
[  269.721172][T12535] IPv6: NLM_F_CREATE should be specified when creating new route
[  270.188365][T12521] vhci_hcd: connection reset by peer
[  270.196217][   T12] vhci_hcd: stop threads
[  270.200605][   T12] vhci_hcd: release socket
[  270.205056][   T12] vhci_hcd: disconnect device
[  270.747259][T12559] Cannot find add_set index 0 as target
[  271.261918][T12596] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3245'.
[  271.960083][T12618] FAULT_INJECTION: forcing a failure.
[  271.960083][T12618] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  271.973397][T12618] CPU: 0 UID: 0 PID: 12618 Comm: syz.2.3253 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  271.973451][T12618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  271.973467][T12618] Call Trace:
[  271.973475][T12618]  <TASK>
[  271.973489][T12618]  __dump_stack+0x1d/0x30
[  271.973557][T12618]  dump_stack_lvl+0xe8/0x140
[  271.973582][T12618]  dump_stack+0x15/0x1b
[  271.973601][T12618]  should_fail_ex+0x265/0x280
[  271.973626][T12618]  should_fail_alloc_page+0xf2/0x100
[  271.973667][T12618]  __alloc_frozen_pages_noprof+0xff/0x360
[  271.973746][T12618]  alloc_pages_mpol+0xb3/0x260
[  271.973775][T12618]  vma_alloc_folio_noprof+0x1aa/0x300
[  271.973801][T12618]  handle_mm_fault+0xec2/0x2be0
[  271.973828][T12618]  ? vma_start_read+0x141/0x1f0
[  271.973912][T12618]  do_user_addr_fault+0x630/0x1080
[  271.973944][T12618]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  271.973973][T12618]  exc_page_fault+0x62/0xa0
[  271.974005][T12618]  asm_exc_page_fault+0x26/0x30
[  271.974030][T12618] RIP: 0033:0x7f897e82cbab
[  271.974093][T12618] Code: c0 8b 87 c0 00 00 00 66 0f 6c c0 85 c0 0f 85 44 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 21 00 00 48 8d 7c 24 20 <0f> 29 44 24 40 49 89 e4 48 89 44 24 50 8b 43 74 48 89 9c 24 00 01
[  271.974115][T12618] RSP: 002b:00007f897d2dce10 EFLAGS: 00010246
[  271.974130][T12618] RAX: 00007f897d2def30 RBX: 00007f897eaa7640 RCX: 0000000000000000
[  271.974143][T12618] RDX: 00007f897d2def78 RSI: 00007f897e8dedf8 RDI: 00007f897d2dce30
[  271.974156][T12618] RBP: 0000000000000009 R08: 0000000000000000 R09: 0000000000000000
[  271.974171][T12618] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  271.974259][T12618] R13: 00007f897ead6038 R14: 00007f897ead5fa0 R15: 00007ffeb2300308
[  271.974279][T12618]  </TASK>
[  271.974300][T12618] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  272.154991][T12622] netlink: 20 bytes leftover after parsing attributes in process `syz.6.3256'.
[  272.232477][T12633] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3258'.
[  272.245282][T12633] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3258'.
[  272.333790][T12642] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3262'.
[  272.693821][   T29] kauditd_printk_skb: 494 callbacks suppressed
[  272.693842][   T29] audit: type=1326 audit(1762868562.137:31804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12646 comm="syz.4.3264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7005af6c9 code=0x7ffc0000
[  272.725079][   T29] audit: type=1326 audit(1762868562.137:31805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12646 comm="syz.4.3264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7005af6c9 code=0x7ffc0000
[  272.748817][   T29] audit: type=1326 audit(1762868562.137:31806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12646 comm="syz.4.3264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=443 compat=0 ip=0x7fa7005af6c9 code=0x7ffc0000
[  272.772470][   T29] audit: type=1326 audit(1762868562.137:31807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12646 comm="syz.4.3264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7005af6c9 code=0x7ffc0000
[  272.796352][   T29] audit: type=1326 audit(1762868562.137:31808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12646 comm="syz.4.3264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa7005af6c9 code=0x7ffc0000
[  272.820286][   T29] audit: type=1326 audit(1762868562.137:31809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12646 comm="syz.4.3264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7005af6c9 code=0x7ffc0000
[  272.844167][   T29] audit: type=1326 audit(1762868562.137:31810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12646 comm="syz.4.3264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa7005af6c9 code=0x7ffc0000
[  272.868060][   T29] audit: type=1326 audit(1762868562.169:31811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12646 comm="syz.4.3264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7005af6c9 code=0x7ffc0000
[  272.891776][   T29] audit: type=1326 audit(1762868562.169:31812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12646 comm="syz.4.3264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7005af6c9 code=0x7ffc0000
[  272.922059][   T29] audit: type=1326 audit(1762868562.169:31813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12646 comm="syz.4.3264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7fa7005af6c9 code=0x7ffc0000
[  272.970829][T12651] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3266'.
[  273.042493][T12662] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3270'.
[  273.117079][T12667] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3272'.
[  273.149730][T12677] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3273'.
[  273.200543][T12667] veth1_macvtap: left promiscuous mode
[  273.305506][T12691] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3280'.
[  273.338429][T12693] netlink: 'syz.6.3281': attribute type 10 has an invalid length.
[  273.339135][T12696] netlink: 'syz.4.3282': attribute type 10 has an invalid length.
[  273.350452][T12693] team0: Port device dummy0 added
[  273.364839][T12696] team0: Port device dummy0 added
[  273.370300][T12697] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3283'.
[  273.381165][T12693] netlink: 'syz.6.3281': attribute type 10 has an invalid length.
[  273.389316][T12693] ipvlan0: entered allmulticast mode
[  273.394730][T12693] veth0_vlan: entered allmulticast mode
[  273.402342][T12693] team0: Device ipvlan0 failed to register rx_handler
[  273.416396][T12697] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3283'.
[  273.418824][T12693] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  273.458684][T12696] FAULT_INJECTION: forcing a failure.
[  273.458684][T12696] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  273.471976][T12696] CPU: 0 UID: 0 PID: 12696 Comm: syz.4.3282 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  273.472024][T12696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  273.472040][T12696] Call Trace:
[  273.472050][T12696]  <TASK>
[  273.472060][T12696]  __dump_stack+0x1d/0x30
[  273.472089][T12696]  dump_stack_lvl+0xe8/0x140
[  273.472116][T12696]  dump_stack+0x15/0x1b
[  273.472141][T12696]  should_fail_ex+0x265/0x280
[  273.472217][T12696]  should_fail+0xb/0x20
[  273.472238][T12696]  should_fail_usercopy+0x1a/0x20
[  273.472266][T12696]  _copy_to_user+0x20/0xa0
[  273.472322][T12696]  simple_read_from_buffer+0xb5/0x130
[  273.472363][T12696]  proc_fail_nth_read+0x10e/0x150
[  273.472607][T12696]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  273.472647][T12696]  vfs_read+0x1a8/0x770
[  273.472678][T12696]  ? __rcu_read_unlock+0x4f/0x70
[  273.472712][T12696]  ? __fget_files+0x184/0x1c0
[  273.472788][T12696]  ksys_read+0xda/0x1a0
[  273.472897][T12696]  __x64_sys_read+0x40/0x50
[  273.472929][T12696]  x64_sys_call+0x27c0/0x3000
[  273.472958][T12696]  do_syscall_64+0xd2/0x200
[  273.472986][T12696]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  273.473022][T12696]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  273.473105][T12696]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  273.473132][T12696] RIP: 0033:0x7fa7005ae0dc
[  273.473152][T12696] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  273.473177][T12696] RSP: 002b:00007fa6ff00f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  273.473334][T12696] RAX: ffffffffffffffda RBX: 00007fa700805fa0 RCX: 00007fa7005ae0dc
[  273.473368][T12696] RDX: 000000000000000f RSI: 00007fa6ff00f0a0 RDI: 000000000000000d
[  273.473384][T12696] RBP: 00007fa6ff00f090 R08: 0000000000000000 R09: 0000000000000000
[  273.473399][T12696] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  273.473414][T12696] R13: 00007fa700806038 R14: 00007fa700805fa0 R15: 00007ffc3bbc0e28
[  273.473440][T12696]  </TASK>
[  274.196492][T12731] siw: device registration error -23
[  274.852072][T12754] chnl_net:caif_netlink_parms(): no params data found
[  274.894293][T12754] bridge0: port 1(bridge_slave_0) entered blocking state
[  274.901608][T12754] bridge0: port 1(bridge_slave_0) entered disabled state
[  274.910914][T12754] bridge_slave_0: entered allmulticast mode
[  274.919870][T12754] bridge_slave_0: entered promiscuous mode
[  274.928809][T12754] bridge0: port 2(bridge_slave_1) entered blocking state
[  274.935965][T12754] bridge0: port 2(bridge_slave_1) entered disabled state
[  274.958280][T12754] bridge_slave_1: entered allmulticast mode
[  274.971262][T12754] bridge_slave_1: entered promiscuous mode
[  275.052110][ T3377] usb 5-1: enqueue for inactive port 0
[  275.061153][T12754] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  275.080266][T12754] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  275.113801][T12754] team0: Port device team_slave_0 added
[  275.121799][ T3377] vhci_hcd: vhci_device speed not set
[  275.129029][T12754] team0: Port device team_slave_1 added
[  275.157368][T12754] batman_adv: batadv0: Adding interface: batadv_slave_0
[  275.164489][T12754] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  275.190606][T12754] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  275.206416][T12754] batman_adv: batadv0: Adding interface: batadv_slave_1
[  275.213495][T12754] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  275.241024][T12754] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  275.291103][T12754] hsr_slave_0: entered promiscuous mode
[  275.299168][T12754] hsr_slave_1: entered promiscuous mode
[  275.307085][T12754] debugfs: 'hsr0' already exists in 'hsr'
[  275.312895][T12754] Cannot create hsr debugfs directory
[  275.614813][T12754] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  275.626112][T12754] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  275.641729][T12754] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  275.651624][T12754] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  275.710042][T12754] 8021q: adding VLAN 0 to HW filter on device bond0
[  275.727598][T12754] 8021q: adding VLAN 0 to HW filter on device team0
[  275.745945][  T266] bridge0: port 1(bridge_slave_0) entered blocking state
[  275.753067][  T266] bridge0: port 1(bridge_slave_0) entered forwarding state
[  275.771980][  T266] bridge0: port 2(bridge_slave_1) entered blocking state
[  275.779180][  T266] bridge0: port 2(bridge_slave_1) entered forwarding state
[  275.873369][T12754] 8021q: adding VLAN 0 to HW filter on device batadv0
[  275.986744][T12830] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3322'.
[  276.002790][T12754] veth0_vlan: entered promiscuous mode
[  276.019866][T12754] veth1_vlan: entered promiscuous mode
[  276.045430][T12754] veth0_macvtap: entered promiscuous mode
[  276.054122][T12754] veth1_macvtap: entered promiscuous mode
[  276.108611][T12754] batman_adv: batadv0: Interface activated: batadv_slave_0
[  276.131118][T12754] batman_adv: batadv0: Interface activated: batadv_slave_1
[  276.148180][  T266] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  276.158111][  T266] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  276.192432][  T266] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  276.208519][   T12] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  276.373215][T12857] 9pnet_fd: Insufficient options for proto=fd
[  276.433176][T12861] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3332'.
[  276.465256][T12861] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3332'.
[  276.547254][T12823] SET target dimension over the limit!
[  276.616679][T12877] FAULT_INJECTION: forcing a failure.
[  276.616679][T12877] name failslab, interval 1, probability 0, space 0, times 0
[  276.629422][T12877] CPU: 0 UID: 0 PID: 12877 Comm: syz.4.3337 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  276.629459][T12877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  276.629476][T12877] Call Trace:
[  276.629486][T12877]  <TASK>
[  276.629497][T12877]  __dump_stack+0x1d/0x30
[  276.629531][T12877]  dump_stack_lvl+0xe8/0x140
[  276.629569][T12877]  dump_stack+0x15/0x1b
[  276.629594][T12877]  should_fail_ex+0x265/0x280
[  276.629622][T12877]  should_failslab+0x8c/0xb0
[  276.629695][T12877]  kmem_cache_alloc_noprof+0x50/0x480
[  276.629737][T12877]  ? getname_flags+0x80/0x3b0
[  276.629773][T12877]  getname_flags+0x80/0x3b0
[  276.629888][T12877]  __se_sys_newstat+0x4b/0x280
[  276.629947][T12877]  ? fput+0x8f/0xc0
[  276.629968][T12877]  ? ksys_write+0x192/0x1a0
[  276.630014][T12877]  __x64_sys_newstat+0x31/0x40
[  276.630134][T12877]  x64_sys_call+0x73e/0x3000
[  276.630162][T12877]  do_syscall_64+0xd2/0x200
[  276.630184][T12877]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  276.630233][T12877]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  276.630280][T12877]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.630309][T12877] RIP: 0033:0x7fa7005af6c9
[  276.630330][T12877] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  276.630351][T12877] RSP: 002b:00007fa6ff00f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000004
[  276.630379][T12877] RAX: ffffffffffffffda RBX: 00007fa700805fa0 RCX: 00007fa7005af6c9
[  276.630394][T12877] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000380
[  276.630411][T12877] RBP: 00007fa6ff00f090 R08: 0000000000000000 R09: 0000000000000000
[  276.630428][T12877] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  276.630443][T12877] R13: 00007fa700806038 R14: 00007fa700805fa0 R15: 00007ffc3bbc0e28
[  276.630467][T12877]  </TASK>
[  277.228109][T12874] Cannot find add_set index 0 as target
[  277.391370][T12904] FAULT_INJECTION: forcing a failure.
[  277.391370][T12904] name failslab, interval 1, probability 0, space 0, times 0
[  277.405557][T12904] CPU: 1 UID: 0 PID: 12904 Comm: syz.3.3347 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  277.405588][T12904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  277.405601][T12904] Call Trace:
[  277.405665][T12904]  <TASK>
[  277.405675][T12904]  __dump_stack+0x1d/0x30
[  277.405706][T12904]  dump_stack_lvl+0xe8/0x140
[  277.405800][T12904]  dump_stack+0x15/0x1b
[  277.405824][T12904]  should_fail_ex+0x265/0x280
[  277.405855][T12904]  should_failslab+0x8c/0xb0
[  277.405895][T12904]  kmem_cache_alloc_noprof+0x50/0x480
[  277.405978][T12904]  ? prepare_creds+0x37/0x4c0
[  277.406009][T12904]  prepare_creds+0x37/0x4c0
[  277.406041][T12904]  selinux_lsm_setattr+0x1a4/0x660
[  277.406151][T12904]  selinux_setprocattr+0x4f/0x70
[  277.406173][T12904]  security_setprocattr+0x1a7/0x1d0
[  277.406237][T12904]  proc_pid_attr_write+0x1eb/0x220
[  277.406269][T12904]  ? __pfx_proc_pid_attr_write+0x10/0x10
[  277.406363][T12904]  vfs_write+0x269/0x960
[  277.406463][T12904]  ? __rcu_read_unlock+0x4f/0x70
[  277.406572][T12904]  ? __fget_files+0x184/0x1c0
[  277.406605][T12904]  ksys_write+0xda/0x1a0
[  277.406682][T12904]  __x64_sys_write+0x40/0x50
[  277.406718][T12904]  x64_sys_call+0x2802/0x3000
[  277.406747][T12904]  do_syscall_64+0xd2/0x200
[  277.406848][T12904]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  277.406930][T12904]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  277.407101][T12904]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  277.407154][T12904] RIP: 0033:0x7f3f59aaf6c9
[  277.407175][T12904] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  277.407199][T12904] RSP: 002b:00007f3f5850f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  277.407334][T12904] RAX: ffffffffffffffda RBX: 00007f3f59d05fa0 RCX: 00007f3f59aaf6c9
[  277.407351][T12904] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  277.407377][T12904] RBP: 00007f3f5850f090 R08: 0000000000000000 R09: 0000000000000000
[  277.407394][T12904] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  277.407411][T12904] R13: 00007f3f59d06038 R14: 00007f3f59d05fa0 R15: 00007ffc1cdb60c8
[  277.407442][T12904]  </TASK>
[  277.767854][   T29] kauditd_printk_skb: 504 callbacks suppressed
[  277.767873][   T29] audit: type=1400 audit(1762868567.449:32318): avc:  denied  { ioctl } for  pid=12912 comm="syz.2.3351" path="socket:[42715]" dev="sockfs" ino=42715 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  277.779582][T12913] __nla_validate_parse: 3 callbacks suppressed
[  277.779607][T12913] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3351'.
[  277.868143][T12913] team0: Port device team_slave_1 removed
[  277.968229][   T29] audit: type=1326 audit(1762868567.638:32319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12921 comm="syz.6.3354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d06f6f6c9 code=0x7ffc0000
[  277.993393][   T29] audit: type=1326 audit(1762868567.638:32320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12921 comm="syz.6.3354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d06f6f6c9 code=0x7ffc0000
[  278.017213][   T29] audit: type=1326 audit(1762868567.638:32321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12921 comm="syz.6.3354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=443 compat=0 ip=0x7f4d06f6f6c9 code=0x7ffc0000
[  278.025029][T12920] Cannot find add_set index 0 as target
[  278.042400][   T29] audit: type=1326 audit(1762868567.638:32322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12921 comm="syz.6.3354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d06f6f6c9 code=0x7ffc0000
[  278.071506][   T29] audit: type=1326 audit(1762868567.638:32323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12921 comm="syz.6.3354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d06f6f6c9 code=0x7ffc0000
[  278.096771][   T29] audit: type=1326 audit(1762868567.638:32324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12921 comm="syz.6.3354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4d06f6f6c9 code=0x7ffc0000
[  278.120404][   T29] audit: type=1326 audit(1762868567.649:32325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12921 comm="syz.6.3354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d06f6f6c9 code=0x7ffc0000
[  278.145529][   T29] audit: type=1326 audit(1762868567.649:32326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12921 comm="syz.6.3354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4d06f6f6c9 code=0x7ffc0000
[  278.169139][   T29] audit: type=1326 audit(1762868567.649:32327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12921 comm="syz.6.3354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d06f6f6c9 code=0x7ffc0000
[  278.437260][T12940] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3360'.
[  278.455459][T12909] Cannot find add_set index 0 as target
[  278.595351][T12944] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3362'.
[  278.615233][T12944] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3362'.
[  278.715844][T12957] IPv6: NLM_F_CREATE should be specified when creating new route
[  278.895040][T12967] atomic_op ffff8881132c9128 conn xmit_atomic 0000000000000000
[  279.136237][T12968] Cannot find add_set index 0 as target
[  279.394875][T12987] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3378'.
[  279.405102][T12987] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3378'.
[  279.622195][T12994] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3381'.
[  280.188175][T13012] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3386'.
[  280.281604][T13017] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3389'.
[  280.302255][T13017] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3389'.
[  280.657786][T13027] 9pnet_fd: Insufficient options for proto=fd
[  281.658359][T13072] netlink: 'syz.2.3407': attribute type 4 has an invalid length.
[  281.922010][T13089] 9pnet_fd: Insufficient options for proto=fd
[  282.690063][T13119] IPv6: NLM_F_CREATE should be specified when creating new route
[  282.738070][T13121] netlink: 'syz.2.3425': attribute type 4 has an invalid length.
[  282.771634][   T29] kauditd_printk_skb: 213 callbacks suppressed
[  282.771715][   T29] audit: type=1326 audit(1762868572.709:32541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13123 comm="syz.0.3426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  282.796034][T13129] __nla_validate_parse: 3 callbacks suppressed
[  282.796056][T13129] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3427'.
[  282.808481][   T29] audit: type=1326 audit(1762868572.740:32542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13123 comm="syz.0.3426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  282.820521][T13129] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3427'.
[  282.845124][   T29] audit: type=1326 audit(1762868572.782:32543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13123 comm="syz.0.3426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  282.875539][   T29] audit: type=1326 audit(1762868572.803:32544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13123 comm="syz.0.3426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  282.900534][   T29] audit: type=1326 audit(1762868572.803:32545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13123 comm="syz.0.3426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa7e4f2df10 code=0x7ffc0000
[  282.925870][   T29] audit: type=1326 audit(1762868572.814:32546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13123 comm="syz.0.3426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  282.949658][   T29] audit: type=1326 audit(1762868572.814:32547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13123 comm="syz.0.3426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  282.976542][   T29] audit: type=1326 audit(1762868572.824:32548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13123 comm="syz.0.3426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  283.001443][   T29] audit: type=1326 audit(1762868572.845:32549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13123 comm="syz.0.3426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  283.025117][   T29] audit: type=1326 audit(1762868572.845:32550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13123 comm="syz.0.3426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  283.242424][T13140] 9pnet_fd: Insufficient options for proto=fd
[  283.299341][T13141] 9pnet_fd: Insufficient options for proto=fd
[  283.565724][T13144] netlink: 20 bytes leftover after parsing attributes in process `syz.6.3432'.
[  283.757035][T13150] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  283.784993][T13150] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  283.848038][T13152] tipc: Started in network mode
[  283.852977][T13152] tipc: Node identity ee819b2d0a07, cluster identity 4711
[  283.860287][T13152] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  283.869294][T13151] tipc: Resetting bearer <eth:syzkaller0>
[  283.897894][T13151] tipc: Disabling bearer <eth:syzkaller0>
[  284.042461][T13163] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3438'.
[  284.176832][T13177] netlink: 'syz.4.3437': attribute type 10 has an invalid length.
[  284.188658][T13177] team0: Port device dummy0 removed
[  284.197277][T13177] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  284.291449][T13179] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3444'.
[  284.739915][T13190] syz!: rxe_newlink: already configured on team_slave_0
[  284.820379][T13199] 9pnet_fd: Insufficient options for proto=fd
[  285.920198][T13233] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3462'.
[  286.031360][T13245] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3466'.
[  286.711803][T13264] 8021q: adding VLAN 0 to HW filter on device .`
[  286.737070][T13264] net_ratelimit: 10 callbacks suppressed
[  286.737118][T13264] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  286.808196][T13264] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3473'.
[  286.818672][T13264] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3473'.
[  286.878107][T13273] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3476'.
[  287.057101][T13290] netlink: 'syz.4.3481': attribute type 4 has an invalid length.
[  287.118333][T13301] bond1: (slave macvlan0): Enslaving as an active interface with an up link
[  287.475164][T13332] 0ªX¹¦À: renamed from caif0
[  287.481701][T13332] 0ªX¹¦À: entered allmulticast mode
[  287.481719][T13332] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  287.513873][T13328] futex_wake_op: syz.3.3497 tries to shift op by -1; fix this program
[  287.578639][T13340] __nla_validate_parse: 5 callbacks suppressed
[  287.578656][T13340] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3503'.
[  287.657232][T13349] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3507'.
[  287.671020][T13345] netlink: 'syz.4.3505': attribute type 4 has an invalid length.
[  287.833561][T13367] FAULT_INJECTION: forcing a failure.
[  287.833561][T13367] name failslab, interval 1, probability 0, space 0, times 0
[  287.846330][T13367] CPU: 1 UID: 0 PID: 13367 Comm: +}[@ Not tainted syzkaller #0 PREEMPT(voluntary) 
[  287.846433][T13367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  287.846449][T13367] Call Trace:
[  287.846458][T13367]  <TASK>
[  287.846469][T13367]  __dump_stack+0x1d/0x30
[  287.846499][T13367]  dump_stack_lvl+0xe8/0x140
[  287.846523][T13367]  dump_stack+0x15/0x1b
[  287.846541][T13367]  should_fail_ex+0x265/0x280
[  287.846635][T13367]  ? netdevice_event+0x2ae/0x610
[  287.846661][T13367]  should_failslab+0x8c/0xb0
[  287.846778][T13367]  __kmalloc_cache_noprof+0x4c/0x4a0
[  287.846889][T13367]  ? __pfx_netdevice_event+0x10/0x10
[  287.846915][T13367]  netdevice_event+0x2ae/0x610
[  287.847013][T13367]  ? __pfx_add_netdev_ips+0x10/0x10
[  287.847037][T13367]  ? __pfx_is_eth_port_of_netdev_filter+0x10/0x10
[  287.847099][T13367]  ? __pfx_del_netdev_upper_ips+0x10/0x10
[  287.847176][T13367]  ? __pfx_upper_device_filter+0x10/0x10
[  287.847202][T13367]  ? __pfx_netdevice_event+0x10/0x10
[  287.847228][T13367]  raw_notifier_call_chain+0x6f/0x1b0
[  287.847267][T13367]  ? call_netdevice_notifiers_info+0x9c/0x100
[  287.847304][T13367]  call_netdevice_notifiers_info+0xae/0x100
[  287.847400][T13367]  __netdev_upper_dev_unlink+0x17f/0x760
[  287.847442][T13367]  ? cred_has_capability+0x210/0x280
[  287.847517][T13367]  netdev_upper_dev_unlink+0x1d/0x30
[  287.847544][T13367]  unregister_vlan_dev+0x1f4/0x2b0
[  287.847576][T13367]  vlan_ioctl_handler+0x226/0x4f0
[  287.847611][T13367]  ? __pfx_vlan_ioctl_handler+0x10/0x10
[  287.847678][T13367]  sock_ioctl+0x4a7/0x610
[  287.847710][T13367]  ? __pfx_sock_ioctl+0x10/0x10
[  287.847739][T13367]  __se_sys_ioctl+0xce/0x140
[  287.847768][T13367]  __x64_sys_ioctl+0x43/0x50
[  287.847795][T13367]  x64_sys_call+0x1816/0x3000
[  287.847868][T13367]  do_syscall_64+0xd2/0x200
[  287.847889][T13367]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  287.847930][T13367]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  287.847971][T13367]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  287.848004][T13367] RIP: 0033:0x7f4d06f6f6c9
[  287.848024][T13367] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  287.848089][T13367] RSP: 002b:00007f4d059cf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  287.848108][T13367] RAX: ffffffffffffffda RBX: 00007f4d071c5fa0 RCX: 00007f4d06f6f6c9
[  287.848130][T13367] RDX: 0000200000000000 RSI: 0000000000008983 RDI: 0000000000000007
[  287.848147][T13367] RBP: 00007f4d059cf090 R08: 0000000000000000 R09: 0000000000000000
[  287.848163][T13367] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  287.848179][T13367] R13: 00007f4d071c6038 R14: 00007f4d071c5fa0 R15: 00007ffc6a4232d8
[  287.848233][T13367]  </TASK>
[  288.164064][   T29] kauditd_printk_skb: 334 callbacks suppressed
[  288.164126][   T29] audit: type=1326 audit(1762868578.378:32885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13370 comm="syz.2.3514" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb11255f6c9 code=0x0
[  288.169908][T13371] xt_TPROXY: Can be used only with -p tcp or -p udp
[  288.757530][T13387] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3518'.
[  288.797004][T13391] netlink: 'syz.6.3519': attribute type 4 has an invalid length.
[  288.890127][   T29] audit: type=1326 audit(1762868579.134:32886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13397 comm="syz.6.3522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d06f6f6c9 code=0x7ffc0000
[  288.913840][   T29] audit: type=1326 audit(1762868579.134:32887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13397 comm="syz.6.3522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4d06f6f6c9 code=0x7ffc0000
[  288.937717][   T29] audit: type=1326 audit(1762868579.134:32888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13397 comm="syz.6.3522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d06f6f6c9 code=0x7ffc0000
[  288.961458][   T29] audit: type=1326 audit(1762868579.134:32889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13397 comm="syz.6.3522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4d06f6df10 code=0x7ffc0000
[  288.985227][   T29] audit: type=1326 audit(1762868579.165:32890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13397 comm="syz.6.3522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d06f6f6c9 code=0x7ffc0000
[  289.008865][   T29] audit: type=1326 audit(1762868579.165:32891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13397 comm="syz.6.3522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f4d06f6f6c9 code=0x7ffc0000
[  289.032569][   T29] audit: type=1326 audit(1762868579.186:32892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13397 comm="syz.6.3522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d06f6f6c9 code=0x7ffc0000
[  289.032652][   T29] audit: type=1326 audit(1762868579.186:32893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13397 comm="syz.6.3522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d06f6f6c9 code=0x7ffc0000
[  289.043828][   T29] audit: type=1326 audit(1762868579.186:32894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13397 comm="syz.6.3522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4d06f6f6c9 code=0x7ffc0000
[  289.152443][T13410] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3526'.
[  289.167005][T13410] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3526'.
[  289.338149][T13427] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3532'.
[  289.396681][T13430] netlink: 'syz.2.3533': attribute type 4 has an invalid length.
[  289.737027][T13447] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3539'.
[  289.748357][T13447] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3539'.
[  289.964623][T13459] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3543'.
[  289.965679][ T3395] kernel write not supported for file bpf-prog (pid: 3395 comm: kworker/1:3)
[  289.986438][T13460] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8)
[  289.992986][T13460] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  290.000569][T13460] vhci_hcd vhci_hcd.0: Device attached
[  290.240375][ T3395] usb 1-1: new low-speed USB device number 4 using vhci_hcd
[  290.544665][T13485] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3554'.
[  290.755034][T13461] vhci_hcd: connection reset by peer
[  290.772838][   T52] vhci_hcd: stop threads
[  290.777152][   T52] vhci_hcd: release socket
[  290.781612][   T52] vhci_hcd: disconnect device
[  290.915981][T13498] Cannot find add_set index 0 as target
[  291.120254][T13518] netlink: 'syz.6.3567': attribute type 1 has an invalid length.
[  291.168630][T13518] 8021q: adding VLAN 0 to HW filter on device bond1
[  291.247583][T13518] bond1: (slave gretap2): making interface the new active one
[  291.271296][T13518] bond1: (slave gretap2): Enslaving as an active interface with an up link
[  291.616431][T13552] FAULT_INJECTION: forcing a failure.
[  291.616431][T13552] name failslab, interval 1, probability 0, space 0, times 0
[  291.629228][T13552] CPU: 1 UID: 0 PID: 13552 Comm: syz.0.3577 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  291.629262][T13552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  291.629312][T13552] Call Trace:
[  291.629321][T13552]  <TASK>
[  291.629330][T13552]  __dump_stack+0x1d/0x30
[  291.629360][T13552]  dump_stack_lvl+0xe8/0x140
[  291.629413][T13552]  dump_stack+0x15/0x1b
[  291.629436][T13552]  should_fail_ex+0x265/0x280
[  291.629457][T13552]  should_failslab+0x8c/0xb0
[  291.629495][T13552]  __kmalloc_noprof+0xa5/0x570
[  291.629619][T13552]  ? kobject_get_path+0x92/0x1c0
[  291.629656][T13552]  kobject_get_path+0x92/0x1c0
[  291.629693][T13552]  kobject_uevent_env+0x1da/0x570
[  291.629736][T13552]  kobject_uevent+0x1d/0x30
[  291.629786][T13552]  device_del+0x710/0x790
[  291.629813][T13552]  ? __try_to_del_timer_sync+0x152/0x170
[  291.629870][T13552]  ? __pfx_ep_eventpoll_release+0x10/0x10
[  291.629937][T13552]  device_unregister+0x15/0x40
[  291.629986][T13552]  wakeup_source_sysfs_remove+0x25/0x30
[  291.630017][T13552]  wakeup_source_unregister+0xf0/0x330
[  291.630075][T13552]  ? __pfx_ep_eventpoll_release+0x10/0x10
[  291.630101][T13552]  ep_clear_and_put+0x2d5/0x320
[  291.630140][T13552]  ? __pfx_ep_eventpoll_release+0x10/0x10
[  291.630230][T13552]  ep_eventpoll_release+0x2c/0x40
[  291.630248][T13552]  __fput+0x29b/0x650
[  291.630273][T13552]  ____fput+0x1c/0x30
[  291.630296][T13552]  task_work_run+0x131/0x1a0
[  291.630362][T13552]  exit_to_user_mode_loop+0xed/0x110
[  291.630398][T13552]  do_syscall_64+0x1d6/0x200
[  291.630426][T13552]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  291.630540][T13552]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  291.630584][T13552]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  291.630613][T13552] RIP: 0033:0x7fa7e4f2f6c9
[  291.630632][T13552] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  291.630655][T13552] RSP: 002b:00007fa7e3976038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  291.630806][T13552] RAX: 0000000000000000 RBX: 00007fa7e5186090 RCX: 00007fa7e4f2f6c9
[  291.630824][T13552] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000003
[  291.630838][T13552] RBP: 00007fa7e3976090 R08: 0000000000000000 R09: 0000000000000000
[  291.630855][T13552] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  291.630872][T13552] R13: 00007fa7e5186128 R14: 00007fa7e5186090 R15: 00007ffd25720668
[  291.630897][T13552]  </TASK>
[  292.547821][T13583] futex_wake_op: syz.3.3591 tries to shift op by -1; fix this program
[  293.067573][T13600] __nla_validate_parse: 6 callbacks suppressed
[  293.067595][T13600] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3598'.
[  293.068572][T13600] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3598'.
[  293.348694][   T29] kauditd_printk_skb: 318 callbacks suppressed
[  293.348711][   T29] audit: type=1326 audit(1762868583.816:33213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13615 comm="syz.0.3604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  293.422618][   T29] audit: type=1326 audit(1762868583.847:33214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13615 comm="syz.0.3604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  293.447759][   T29] audit: type=1326 audit(1762868583.847:33215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13615 comm="syz.0.3604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  293.472868][   T29] audit: type=1326 audit(1762868583.847:33216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13615 comm="syz.0.3604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa7e4f2df10 code=0x7ffc0000
[  293.497097][   T29] audit: type=1326 audit(1762868583.847:33217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13615 comm="syz.0.3604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  293.522165][   T29] audit: type=1326 audit(1762868583.847:33218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13615 comm="syz.0.3604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  293.547316][   T29] audit: type=1326 audit(1762868583.847:33219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13615 comm="syz.0.3604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  293.571115][   T29] audit: type=1326 audit(1762868583.858:33220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13615 comm="syz.0.3604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  293.594495][T13639] FAULT_INJECTION: forcing a failure.
[  293.594495][T13639] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  293.596583][   T29] audit: type=1326 audit(1762868583.858:33221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13615 comm="syz.0.3604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  293.607970][T13639] CPU: 0 UID: 0 PID: 13639 Comm: syz.3.3610 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  293.608049][T13639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  293.608066][T13639] Call Trace:
[  293.608074][T13639]  <TASK>
[  293.608085][T13639]  __dump_stack+0x1d/0x30
[  293.608113][T13639]  dump_stack_lvl+0xe8/0x140
[  293.608143][T13639]  dump_stack+0x15/0x1b
[  293.608168][T13639]  should_fail_ex+0x265/0x280
[  293.608267][T13639]  should_fail+0xb/0x20
[  293.608284][T13639]  should_fail_usercopy+0x1a/0x20
[  293.608307][T13639]  _copy_from_user+0x1c/0xb0
[  293.608334][T13639]  kstrtouint_from_user+0x69/0xf0
[  293.608359][T13639]  ? 0xffffffff81000000
[  293.608413][T13639]  ? selinux_file_permission+0x1e4/0x320
[  293.608518][T13639]  proc_fail_nth_write+0x50/0x160
[  293.608613][T13639]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  293.608659][T13639]  vfs_write+0x269/0x960
[  293.608713][T13639]  ? vfs_read+0x4e6/0x770
[  293.608747][T13639]  ? __rcu_read_unlock+0x4f/0x70
[  293.608785][T13639]  ? __fget_files+0x184/0x1c0
[  293.608839][T13639]  ksys_write+0xda/0x1a0
[  293.608878][T13639]  __x64_sys_write+0x40/0x50
[  293.608979][T13639]  x64_sys_call+0x2802/0x3000
[  293.609051][T13639]  do_syscall_64+0xd2/0x200
[  293.609082][T13639]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  293.609123][T13639]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  293.609173][T13639]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  293.609215][T13639] RIP: 0033:0x7f3f59aae17f
[  293.609237][T13639] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  293.609261][T13639] RSP: 002b:00007f3f584cd030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  293.609289][T13639] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3f59aae17f
[  293.609308][T13639] RDX: 0000000000000001 RSI: 00007f3f584cd0a0 RDI: 0000000000000007
[  293.609325][T13639] RBP: 00007f3f584cd090 R08: 0000000000000000 R09: 0000000000000000
[  293.609359][T13639] R10: 0000000040000001 R11: 0000000000000293 R12: 0000000000000001
[  293.609377][T13639] R13: 00007f3f59d06218 R14: 00007f3f59d06180 R15: 00007ffc1cdb60c8
[  293.609405][T13639]  </TASK>
[  293.857337][   T29] audit: type=1326 audit(1762868583.858:33222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13615 comm="syz.0.3604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  293.920423][T13642] futex_wake_op: syz.3.3612 tries to shift op by -1; fix this program
[  294.421909][T13668] netlink: 'syz.6.3619': attribute type 4 has an invalid length.
[  294.588919][T13681] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3622'.
[  295.011298][ T3395] usb 1-1: enqueue for inactive port 0
[  295.016888][ T3395] usb 1-1: enqueue for inactive port 0
[  295.087700][ T3395] vhci_hcd: vhci_device speed not set
[  295.490662][T13709] futex_wake_op: syz.6.3631 tries to shift op by -1; fix this program
[  295.491607][T13710] futex_wake_op: syz.3.3633 tries to shift op by -1; fix this program
[  295.832738][T13723] netlink: 'syz.2.3638': attribute type 4 has an invalid length.
[  295.865690][T13726] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3639'.
[  295.876908][T13726] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3639'.
[  296.656780][T13772] ip6t_REJECT: ECHOREPLY is not supported
[  296.869116][T13783] futex_wake_op: syz.6.3658 tries to shift op by -1; fix this program
[  297.077885][T13791] netlink: 'syz.0.3664': attribute type 4 has an invalid length.
[  297.112441][T13798] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3667'.
[  297.143152][T13800] FAULT_INJECTION: forcing a failure.
[  297.143152][T13800] name failslab, interval 1, probability 0, space 0, times 0
[  297.143188][T13800] CPU: 0 UID: 0 PID: 13800 Comm: syz.3.3668 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  297.143247][T13800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  297.143264][T13800] Call Trace:
[  297.143271][T13800]  <TASK>
[  297.143279][T13800]  __dump_stack+0x1d/0x30
[  297.143308][T13800]  dump_stack_lvl+0xe8/0x140
[  297.143504][T13800]  dump_stack+0x15/0x1b
[  297.143521][T13800]  should_fail_ex+0x265/0x280
[  297.143547][T13800]  should_failslab+0x8c/0xb0
[  297.143666][T13800]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  297.143700][T13800]  ? __alloc_skb+0x101/0x320
[  297.143733][T13800]  __alloc_skb+0x101/0x320
[  297.143770][T13800]  ? audit_log_start+0x342/0x720
[  297.143862][T13800]  audit_log_start+0x3a0/0x720
[  297.143898][T13800]  ? kstrtouint+0x76/0xc0
[  297.143941][T13800]  audit_seccomp+0x48/0x100
[  297.144016][T13800]  ? __seccomp_filter+0x82d/0x1250
[  297.144060][T13800]  __seccomp_filter+0x83e/0x1250
[  297.144113][T13800]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  297.144160][T13800]  ? vfs_write+0x7e8/0x960
[  297.144195][T13800]  ? __rcu_read_unlock+0x4f/0x70
[  297.144258][T13800]  ? __fget_files+0x184/0x1c0
[  297.144303][T13800]  __secure_computing+0x82/0x150
[  297.144343][T13800]  syscall_trace_enter+0xcf/0x1e0
[  297.144386][T13800]  do_syscall_64+0xac/0x200
[  297.144487][T13800]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  297.144528][T13800]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  297.144612][T13800]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.144645][T13800] RIP: 0033:0x7f3f59aaf6c9
[  297.144683][T13800] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  297.144710][T13800] RSP: 002b:00007f3f5850f038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[  297.144736][T13800] RAX: ffffffffffffffda RBX: 00007f3f59d05fa0 RCX: 00007f3f59aaf6c9
[  297.144755][T13800] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  297.144837][T13800] RBP: 00007f3f5850f090 R08: 0000000000000000 R09: 0000000000000000
[  297.144854][T13800] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  297.144933][T13800] R13: 00007f3f59d06038 R14: 00007f3f59d05fa0 R15: 00007ffc1cdb60c8
[  297.144961][T13800]  </TASK>
[  297.227111][T13805] FAULT_INJECTION: forcing a failure.
[  297.227111][T13805] name failslab, interval 1, probability 0, space 0, times 0
[  297.227151][T13805] CPU: 1 UID: 0 PID: 13805 Comm: syz.0.3669 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  297.227177][T13805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  297.227212][T13805] Call Trace:
[  297.227219][T13805]  <TASK>
[  297.227228][T13805]  __dump_stack+0x1d/0x30
[  297.227258][T13805]  dump_stack_lvl+0xe8/0x140
[  297.227286][T13805]  dump_stack+0x15/0x1b
[  297.227381][T13805]  should_fail_ex+0x265/0x280
[  297.227404][T13805]  should_failslab+0x8c/0xb0
[  297.227444][T13805]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  297.227487][T13805]  ? __alloc_skb+0x101/0x320
[  297.227560][T13805]  __alloc_skb+0x101/0x320
[  297.227602][T13805]  netlink_alloc_large_skb+0xbf/0xf0
[  297.227741][T13805]  netlink_sendmsg+0x3cf/0x6b0
[  297.227770][T13805]  ? __pfx_netlink_sendmsg+0x10/0x10
[  297.227863][T13805]  __sock_sendmsg+0x145/0x180
[  297.227896][T13805]  ____sys_sendmsg+0x31e/0x4e0
[  297.227946][T13805]  ___sys_sendmsg+0x17b/0x1d0
[  297.227991][T13805]  __x64_sys_sendmsg+0xd4/0x160
[  297.228062][T13805]  x64_sys_call+0x191e/0x3000
[  297.228123][T13805]  do_syscall_64+0xd2/0x200
[  297.228208][T13805]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  297.228248][T13805]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  297.228294][T13805]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.228348][T13805] RIP: 0033:0x7fa7e4f2f6c9
[  297.228367][T13805] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  297.228393][T13805] RSP: 002b:00007fa7e3997038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  297.228498][T13805] RAX: ffffffffffffffda RBX: 00007fa7e5185fa0 RCX: 00007fa7e4f2f6c9
[  297.228516][T13805] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000003
[  297.228539][T13805] RBP: 00007fa7e3997090 R08: 0000000000000000 R09: 0000000000000000
[  297.228555][T13805] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  297.228572][T13805] R13: 00007fa7e5186038 R14: 00007fa7e5185fa0 R15: 00007ffd25720668
[  297.228599][T13805]  </TASK>
[  297.248763][T13809] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3671'.
[  297.248783][T13809] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3671'.
[  297.253912][T13809] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3671'.
[  297.468388][T13824] netlink: 'syz.4.3678': attribute type 4 has an invalid length.
[  297.601599][T13828] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3677'.
[  297.787069][T13832] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.825842][T13832] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.841656][T13841] __nla_validate_parse: 2 callbacks suppressed
[  297.841730][T13841] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3684'.
[  297.856883][T13841] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3684'.
[  297.894914][T13849] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3684'.
[  297.911347][T13832] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.953855][T13851] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3687'.
[  297.962885][T13851] netlink: 348 bytes leftover after parsing attributes in process `syz.0.3687'.
[  297.972121][T13851] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3687'.
[  297.982628][T13851] netlink: 348 bytes leftover after parsing attributes in process `syz.0.3687'.
[  297.995304][T13851] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3687'.
[  298.010586][T13832] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  298.033411][T13851] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3687'.
[  298.042395][T13851] netlink: 348 bytes leftover after parsing attributes in process `syz.0.3687'.
[  298.123591][  T266] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  298.127608][   T29] kauditd_printk_skb: 453 callbacks suppressed
[  298.127630][   T29] audit: type=1326 audit(1762868588.834:33674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13850 comm="syz.0.3687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  298.165751][  T266] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  298.174716][   T29] audit: type=1326 audit(1762868588.834:33675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13850 comm="syz.0.3687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  298.199950][   T29] audit: type=1326 audit(1762868588.834:33676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13850 comm="syz.0.3687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  298.215623][  T266] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  298.225175][   T29] audit: type=1326 audit(1762868588.865:33677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13850 comm="syz.0.3687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  298.257063][   T29] audit: type=1326 audit(1762868588.865:33678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13850 comm="syz.0.3687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  298.267331][  T266] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  298.282823][   T29] audit: type=1326 audit(1762868588.865:33679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13850 comm="syz.0.3687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  298.314334][   T29] audit: type=1326 audit(1762868588.865:33680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13850 comm="syz.0.3687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=235 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  298.339492][   T29] audit: type=1326 audit(1762868588.886:33681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13850 comm="syz.0.3687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  298.363121][   T29] audit: type=1326 audit(1762868588.886:33682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13850 comm="syz.0.3687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  298.491049][   T29] audit: type=1326 audit(1762868589.212:33683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13882 comm="syz.3.3698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f59aaf6c9 code=0x7ffc0000
[  298.530700][T13881] FAULT_INJECTION: forcing a failure.
[  298.530700][T13881] name failslab, interval 1, probability 0, space 0, times 0
[  298.543485][T13881] CPU: 1 UID: 0 PID: 13881 Comm: syz.0.3697 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  298.543523][T13881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  298.543540][T13881] Call Trace:
[  298.543547][T13881]  <TASK>
[  298.543555][T13881]  __dump_stack+0x1d/0x30
[  298.543655][T13881]  dump_stack_lvl+0xe8/0x140
[  298.543684][T13881]  dump_stack+0x15/0x1b
[  298.543708][T13881]  should_fail_ex+0x265/0x280
[  298.543735][T13881]  should_failslab+0x8c/0xb0
[  298.543770][T13881]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  298.543876][T13881]  ? __alloc_skb+0x101/0x320
[  298.543918][T13881]  __alloc_skb+0x101/0x320
[  298.544023][T13881]  ? audit_log_start+0x342/0x720
[  298.544056][T13881]  audit_log_start+0x3a0/0x720
[  298.544081][T13881]  ? kstrtouint+0x76/0xc0
[  298.544166][T13881]  audit_seccomp+0x48/0x100
[  298.544209][T13881]  ? __seccomp_filter+0x82d/0x1250
[  298.544245][T13881]  __seccomp_filter+0x83e/0x1250
[  298.544279][T13881]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  298.544364][T13881]  ? vfs_write+0x7e8/0x960
[  298.544398][T13881]  __secure_computing+0x82/0x150
[  298.544442][T13881]  syscall_trace_enter+0xcf/0x1e0
[  298.544475][T13881]  do_syscall_64+0xac/0x200
[  298.544503][T13881]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  298.544531][T13881]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  298.544573][T13881]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.544602][T13881] RIP: 0033:0x7fa7e4f2f6c9
[  298.544622][T13881] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  298.544658][T13881] RSP: 002b:00007fa7e3997038 EFLAGS: 00000246 ORIG_RAX: 00000000000000eb
[  298.544683][T13881] RAX: ffffffffffffffda RBX: 00007fa7e5185fa0 RCX: 00007fa7e4f2f6c9
[  298.544700][T13881] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000380
[  298.544714][T13881] RBP: 00007fa7e3997090 R08: 0000000000000000 R09: 0000000000000000
[  298.544729][T13881] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  298.544745][T13881] R13: 00007fa7e5186038 R14: 00007fa7e5185fa0 R15: 00007ffd25720668
[  298.544821][T13881]  </TASK>
[  298.860890][T13898] 9pnet_fd: Insufficient options for proto=fd
[  299.291456][T13914] netlink: 'syz.6.3711': attribute type 7 has an invalid length.
[  299.299291][T13914] netlink: 'syz.6.3711': attribute type 8 has an invalid length.
[  299.452127][T13921] netlink: 'syz.3.3714': attribute type 4 has an invalid length.
[  299.957397][T13966] 9pnet_fd: Insufficient options for proto=fd
[  300.808799][T14013] netlink: 'syz.3.3747': attribute type 1 has an invalid length.
[  301.152062][T14026] veth1_macvtap: left promiscuous mode
[  301.372941][T14044] netlink: 'syz.6.3756': attribute type 4 has an invalid length.
[  301.559516][T14058] netlink: 'syz.4.3761': attribute type 1 has an invalid length.
[  301.995885][T14089] netlink: 'syz.4.3770': attribute type 4 has an invalid length.
[  302.360350][T14115] netlink: 'syz.0.3781': attribute type 1 has an invalid length.
[  302.384430][T14114] netlink: 'syz.3.3782': attribute type 4 has an invalid length.
[  302.854492][T14145] __nla_validate_parse: 24 callbacks suppressed
[  302.854511][T14145] netlink: 20 bytes leftover after parsing attributes in process `syz.6.3790'.
[  303.225085][T14157] netlink: 'syz.3.3795': attribute type 4 has an invalid length.
[  303.303944][   T29] kauditd_printk_skb: 407 callbacks suppressed
[  303.303991][   T29] audit: type=1326 audit(1762868594.261:34089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14166 comm="syz.4.3799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7005af6c9 code=0x7ffc0000
[  303.343088][   T29] audit: type=1326 audit(1762868594.272:34090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14166 comm="syz.4.3799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa7005af6c9 code=0x7ffc0000
[  303.368245][   T29] audit: type=1326 audit(1762868594.272:34091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14166 comm="syz.4.3799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7005af6c9 code=0x7ffc0000
[  303.392152][   T29] audit: type=1326 audit(1762868594.272:34092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14166 comm="syz.4.3799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7005af6c9 code=0x7ffc0000
[  303.416023][   T29] audit: type=1326 audit(1762868594.272:34093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14166 comm="syz.4.3799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa7005af6c9 code=0x7ffc0000
[  303.441181][   T29] audit: type=1326 audit(1762868594.272:34094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14166 comm="syz.4.3799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7005af6c9 code=0x7ffc0000
[  303.466550][   T29] audit: type=1326 audit(1762868594.272:34095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14166 comm="syz.4.3799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=75 compat=0 ip=0x7fa7005af6c9 code=0x7ffc0000
[  303.491612][   T29] audit: type=1326 audit(1762868594.272:34096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14166 comm="syz.4.3799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7005af6c9 code=0x7ffc0000
[  303.492554][T14177] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3801'.
[  303.767959][   T29] audit: type=1326 audit(1762868594.755:34097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14173 comm="syz.4.3803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7005af6c9 code=0x7ffc0000
[  303.770319][T14176] Cannot find add_set index 0 as target
[  303.822265][   T29] audit: type=1326 audit(1762868594.755:34098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14173 comm="syz.4.3803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7005af6c9 code=0x7ffc0000
[  304.084061][T14188] netlink: 'syz.6.3807': attribute type 1 has an invalid length.
[  304.091929][T14188] netlink: 224 bytes leftover after parsing attributes in process `syz.6.3807'.
[  304.142562][T14194] netlink: 'syz.6.3809': attribute type 4 has an invalid length.
[  304.385711][T14220] netlink: 3 bytes leftover after parsing attributes in process `syz.3.3819'.
[  304.394927][T14220] 0ªX¹¦À: renamed from caif0
[  304.401924][T14220] 0ªX¹¦À: entered allmulticast mode
[  304.407233][T14220] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  304.654531][T14213] Cannot find add_set index 0 as target
[  304.981988][T14259] netlink: 'syz.4.3832': attribute type 1 has an invalid length.
[  304.989961][T14259] netlink: 224 bytes leftover after parsing attributes in process `syz.4.3832'.
[  305.040637][T14263] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3833'.
[  305.124101][T14274] netlink: 'syz.0.3837': attribute type 4 has an invalid length.
[  305.361508][T14295] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3847'.
[  305.616697][T14318] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3857'.
[  305.772724][T14325] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3860'.
[  305.865803][T14336] 9pnet_fd: Insufficient options for proto=fd
[  306.633526][T14351] netlink: 20 bytes leftover after parsing attributes in process `syz.6.3867'.
[  306.702988][T14345] futex_wake_op: syz.4.3864 tries to shift op by -1; fix this program
[  306.856560][T14344] Cannot find add_set index 0 as target
[  307.744074][T14401] futex_wake_op: syz.2.3884 tries to shift op by -1; fix this program
[  308.047790][T14403] Cannot find add_set index 0 as target
[  308.137441][   T29] kauditd_printk_skb: 285 callbacks suppressed
[  308.137462][   T29] audit: type=1326 audit(1762868599.332:34384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14402 comm="syz.3.3886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f59aaf6c9 code=0x7ffc0000
[  308.139776][   T29] audit: type=1326 audit(1762868599.342:34385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14402 comm="syz.3.3886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f59aaf6c9 code=0x7ffc0000
[  308.193868][   T29] audit: type=1326 audit(1762868599.395:34386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14402 comm="syz.3.3886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3f59aaf6c9 code=0x7ffc0000
[  308.193923][   T29] audit: type=1326 audit(1762868599.395:34387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14402 comm="syz.3.3886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f59aaf6c9 code=0x7ffc0000
[  308.193973][   T29] audit: type=1326 audit(1762868599.395:34388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14402 comm="syz.3.3886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f59aaf6c9 code=0x7ffc0000
[  308.231763][   T29] audit: type=1326 audit(1762868599.437:34389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14402 comm="syz.3.3886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f3f59aaf6c9 code=0x7ffc0000
[  308.231839][   T29] audit: type=1326 audit(1762868599.437:34390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14402 comm="syz.3.3886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f59aaf6c9 code=0x7ffc0000
[  308.231880][   T29] audit: type=1326 audit(1762868599.437:34391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14402 comm="syz.3.3886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f59aaf6c9 code=0x7ffc0000
[  308.245146][   T29] audit: type=1326 audit(1762868599.447:34392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14402 comm="syz.3.3886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3f59aaf6c9 code=0x7ffc0000
[  308.245188][   T29] audit: type=1326 audit(1762868599.447:34393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14402 comm="syz.3.3886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3f59aaf6c9 code=0x7ffc0000
[  308.333790][T14439] __nla_validate_parse: 2 callbacks suppressed
[  308.333806][T14439] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3894'.
[  309.105223][T14470] netlink: 20 bytes leftover after parsing attributes in process `syz.6.3907'.
[  309.347975][T14505] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3921'.
[  309.621727][T14535] netlink: 96 bytes leftover after parsing attributes in process `syz.4.3930'.
[  309.725898][T14539] netlink: 'syz.2.3933': attribute type 4 has an invalid length.
[  309.774529][T14521] chnl_net:caif_netlink_parms(): no params data found
[  309.851780][T14521] bridge0: port 1(bridge_slave_0) entered blocking state
[  309.858940][T14521] bridge0: port 1(bridge_slave_0) entered disabled state
[  309.867674][T14521] bridge_slave_0: entered allmulticast mode
[  309.874449][T14521] bridge_slave_0: entered promiscuous mode
[  309.881975][T14521] bridge0: port 2(bridge_slave_1) entered blocking state
[  309.889092][T14521] bridge0: port 2(bridge_slave_1) entered disabled state
[  309.896423][T14521] bridge_slave_1: entered allmulticast mode
[  309.903284][T14521] bridge_slave_1: entered promiscuous mode
[  309.924088][T14521] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  309.934884][T14521] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  309.967157][T14521] team0: Port device team_slave_0 added
[  309.974033][T14521] team0: Port device team_slave_1 added
[  309.994984][T14521] batman_adv: batadv0: Adding interface: batadv_slave_0
[  310.002422][T14521] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  310.030302][T14521] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  310.041674][T14521] batman_adv: batadv0: Adding interface: batadv_slave_1
[  310.048678][T14521] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  310.048718][T14521] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  310.099713][T14521] hsr_slave_0: entered promiscuous mode
[  310.106569][T14521] hsr_slave_1: entered promiscuous mode
[  310.114107][T14521] debugfs: 'hsr0' already exists in 'hsr'
[  310.119869][T14521] Cannot create hsr debugfs directory
[  310.410639][T14521] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  310.420880][T14521] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  310.438168][T14521] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  310.454424][T14521] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  310.533446][T14521] bridge0: port 2(bridge_slave_1) entered blocking state
[  310.540580][T14521] bridge0: port 2(bridge_slave_1) entered forwarding state
[  310.548092][T14521] bridge0: port 1(bridge_slave_0) entered blocking state
[  310.555573][T14521] bridge0: port 1(bridge_slave_0) entered forwarding state
[  310.666633][T14521] 8021q: adding VLAN 0 to HW filter on device bond0
[  310.697043][ T1088] bridge0: port 1(bridge_slave_0) entered disabled state
[  310.708743][ T1088] bridge0: port 2(bridge_slave_1) entered disabled state
[  310.726548][T14521] 8021q: adding VLAN 0 to HW filter on device team0
[  310.740803][ T1088] bridge0: port 1(bridge_slave_0) entered blocking state
[  310.747983][ T1088] bridge0: port 1(bridge_slave_0) entered forwarding state
[  310.763089][T12221] bridge0: port 2(bridge_slave_1) entered blocking state
[  310.770286][T12221] bridge0: port 2(bridge_slave_1) entered forwarding state
[  310.926260][T14521] 8021q: adding VLAN 0 to HW filter on device batadv0
[  311.056352][T14521] veth0_vlan: entered promiscuous mode
[  311.069132][T14521] veth1_vlan: entered promiscuous mode
[  311.089837][T14521] veth0_macvtap: entered promiscuous mode
[  311.099772][T14521] veth1_macvtap: entered promiscuous mode
[  311.113778][T14521] batman_adv: batadv0: Interface activated: batadv_slave_0
[  311.127329][T14521] batman_adv: batadv0: Interface activated: batadv_slave_1
[  311.140402][   T52] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  311.150670][   T52] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  311.159937][   T52] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  311.168801][   T52] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  311.418789][T14665] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3966'.
[  311.587180][T14687] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3974'.
[  311.599047][ T3402] kernel write not supported for file bpf-prog (pid: 3402 comm: kworker/1:4)
[  311.609489][T14687] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  311.616051][T14687] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  311.625073][T14687] vhci_hcd vhci_hcd.0: Device attached
[  311.690339][T14686] futex_wake_op: syz.0.3971 tries to shift op by -1; fix this program
[  311.698953][T14692] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3976'.
[  311.863807][ T3402] usb 7-1: new low-speed USB device number 5 using vhci_hcd
[  312.327156][T14689] vhci_hcd: connection reset by peer
[  312.327436][ T1088] vhci_hcd: stop threads
[  312.327448][ T1088] vhci_hcd: release socket
[  312.327463][ T1088] vhci_hcd: disconnect device
[  312.657155][T14740] futex_wake_op: syz.2.3992 tries to shift op by -1; fix this program
[  313.181517][T14742] Cannot find add_set index 0 as target
[  313.343646][T14755] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3999'.
[  313.372146][T14755] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3999'.
[  313.435261][T14763] netlink: 68 bytes leftover after parsing attributes in process `syz.2.4003'.
[  313.491428][   T29] kauditd_printk_skb: 378 callbacks suppressed
[  313.491448][   T29] audit: type=1326 audit(1762868604.948:34772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14766 comm="syz.2.4004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb11255f6c9 code=0x7ffc0000
[  313.521528][   T29] audit: type=1326 audit(1762868604.948:34773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14766 comm="syz.2.4004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb11255f6c9 code=0x7ffc0000
[  313.545281][   T29] audit: type=1326 audit(1762868604.948:34774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14766 comm="syz.2.4004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb11255f6c9 code=0x7ffc0000
[  313.568905][   T29] audit: type=1326 audit(1762868604.948:34775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14766 comm="syz.2.4004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb11255f6c9 code=0x7ffc0000
[  313.592699][   T29] audit: type=1326 audit(1762868604.948:34776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14766 comm="syz.2.4004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb11255f6c9 code=0x7ffc0000
[  313.618160][T14771] IPv6: NLM_F_CREATE should be specified when creating new route
[  313.636975][   T29] audit: type=1326 audit(1762868605.095:34777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14766 comm="syz.2.4004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb11255f6c9 code=0x7ffc0000
[  313.660675][   T29] audit: type=1326 audit(1762868605.095:34778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14766 comm="syz.2.4004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb11255f6c9 code=0x7ffc0000
[  313.684594][   T29] audit: type=1326 audit(1762868605.106:34779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14766 comm="syz.2.4004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb11255f6c9 code=0x7ffc0000
[  313.708507][   T29] audit: type=1326 audit(1762868605.106:34780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14766 comm="syz.2.4004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb11255f6c9 code=0x7ffc0000
[  313.732257][   T29] audit: type=1326 audit(1762868605.106:34781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14766 comm="syz.2.4004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb11255f6c9 code=0x7ffc0000
[  313.868273][T14788] netlink: 'syz.2.4010': attribute type 1 has an invalid length.
[  313.876285][T14788] netlink: 224 bytes leftover after parsing attributes in process `syz.2.4010'.
[  314.113657][T14799] futex_wake_op: syz.6.4011 tries to shift op by -1; fix this program
[  314.210386][T14803] netlink: 68 bytes leftover after parsing attributes in process `syz.4.4014'.
[  314.214717][T14801] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4015'.
[  314.235242][T14801] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4015'.
[  314.364350][T14811] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4018'.
[  314.418755][T14786] Cannot find add_set index 0 as target
[  314.565673][T14820] netlink: 96 bytes leftover after parsing attributes in process `syz.3.4020'.
[  314.932895][T14852] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4030'.
[  314.950301][T14852] veth1_macvtap: left promiscuous mode
[  315.289458][T14891] netlink: 'syz.0.4048': attribute type 1 has an invalid length.
[  315.411162][T14910] netlink: 'syz.3.4054': attribute type 1 has an invalid length.
[  316.060970][T14956] Cannot find add_set index 0 as target
[  316.321359][T14998] netlink: 'syz.3.4087': attribute type 1 has an invalid length.
[  316.509970][T15012] futex_wake_op: syz.3.4089 tries to shift op by -1; fix this program
[  316.654683][ T3402] usb 7-1: enqueue for inactive port 0
[  316.654708][ T3402] usb 7-1: enqueue for inactive port 0
[  316.729750][ T3402] vhci_hcd: vhci_device speed not set
[  317.639016][T15102] futex_wake_op: syz.2.4124 tries to shift op by -1; fix this program
[  317.852903][T15101] SET target dimension over the limit!
[  318.127827][T15121] __nla_validate_parse: 31 callbacks suppressed
[  318.127844][T15121] netlink: 96 bytes leftover after parsing attributes in process `syz.4.4133'.
[  318.379293][T15137] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4140'.
[  318.414762][T15133] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4138'.
[  318.425784][T15133] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4138'.
[  318.454873][   T29] kauditd_printk_skb: 495 callbacks suppressed
[  318.455005][   T29] audit: type=1326 audit(1762868610.176:35277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15139 comm="syz.0.4141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  318.494295][   T29] audit: type=1326 audit(1762868610.176:35278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15139 comm="syz.0.4141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  318.519423][   T29] audit: type=1326 audit(1762868610.176:35279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15139 comm="syz.0.4141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  318.543177][   T29] audit: type=1326 audit(1762868610.176:35280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15139 comm="syz.0.4141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  318.568522][   T29] audit: type=1326 audit(1762868610.176:35281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15139 comm="syz.0.4141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa7e4f2df10 code=0x7ffc0000
[  318.593628][   T29] audit: type=1326 audit(1762868610.208:35282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15139 comm="syz.0.4141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  318.618803][   T29] audit: type=1326 audit(1762868610.208:35283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15139 comm="syz.0.4141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  318.642384][   T29] audit: type=1326 audit(1762868610.208:35284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15139 comm="syz.0.4141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  318.668010][   T29] audit: type=1326 audit(1762868610.208:35285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15139 comm="syz.0.4141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  318.691636][   T29] audit: type=1326 audit(1762868610.208:35286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15139 comm="syz.0.4141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  318.733432][T15152] netlink: 68 bytes leftover after parsing attributes in process `syz.2.4145'.
[  318.977421][T15173] futex_wake_op: syz.0.4149 tries to shift op by -1; fix this program
[  319.835734][T15216] netlink: 'syz.6.4169': attribute type 4 has an invalid length.
[  320.591304][T15256] netlink: 'syz.0.4180': attribute type 1 has an invalid length.
[  320.599113][T15256] netlink: 224 bytes leftover after parsing attributes in process `syz.0.4180'.
[  321.166260][T15304] netlink: 'syz.2.4197': attribute type 1 has an invalid length.
[  321.174110][T15304] netlink: 224 bytes leftover after parsing attributes in process `syz.2.4197'.
[  321.481321][T15322] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4201'.
[  322.321500][T15368] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4220'.
[  322.335239][T15368] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4220'.
[  322.348696][T15345] SET target dimension over the limit!
[  322.688530][T15415] SELinux:  Context system_u:object_r:removable_device_t:s0 is not valid (left unmapped).
[  322.975859][T15452] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4254'.
[  322.994215][T15452] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4254'.
[  323.076738][T15462] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4258'.
[  323.089154][T15462] IPVS: dh: FWM 3 0x00000003 - no destination available
[  323.104898][ T1037] IPVS: starting estimator thread 0...
[  323.228193][T15465] IPVS: using max 2208 ests per chain, 110400 per kthread
[  323.439268][   T29] kauditd_printk_skb: 682 callbacks suppressed
[  323.439286][   T29] audit: type=1326 audit(1762868615.404:35969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15487 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  323.470241][   T29] audit: type=1326 audit(1762868615.404:35970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15487 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  323.494809][   T29] audit: type=1326 audit(1762868615.404:35971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15487 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  323.519756][   T29] audit: type=1326 audit(1762868615.404:35972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15487 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  323.542979][   T29] audit: type=1326 audit(1762868615.404:35973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15487 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  323.568289][   T29] audit: type=1326 audit(1762868615.404:35974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15487 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  323.592896][   T29] audit: type=1326 audit(1762868615.404:35975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15487 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  323.616388][   T29] audit: type=1326 audit(1762868615.404:35976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15487 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  323.640991][   T29] audit: type=1326 audit(1762868615.404:35977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15487 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  323.664179][   T29] audit: type=1326 audit(1762868615.404:35978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15487 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa7e4f2f6c9 code=0x7ffc0000
[  323.880794][T15514] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4279'.
[  324.070378][T15526] netlink: 'syz.4.4282': attribute type 1 has an invalid length.
[  324.078197][T15526] netlink: 224 bytes leftover after parsing attributes in process `syz.4.4282'.
[  324.243431][T15534] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4285'.
[  324.467527][T15556] futex_wake_op: syz.0.4286 tries to shift op by -1; fix this program
[  324.491406][T15575] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4299'.
[  324.573755][T15584] FAULT_INJECTION: forcing a failure.
[  324.573755][T15584] name failslab, interval 1, probability 0, space 0, times 0
[  324.587813][T15584] CPU: 1 UID: 0 PID: 15584 Comm: syz.6.4302 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  324.587847][T15584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  324.587865][T15584] Call Trace:
[  324.587886][T15584]  <TASK>
[  324.587896][T15584]  __dump_stack+0x1d/0x30
[  324.587930][T15584]  dump_stack_lvl+0xe8/0x140
[  324.587981][T15584]  dump_stack+0x15/0x1b
[  324.588005][T15584]  should_fail_ex+0x265/0x280
[  324.588032][T15584]  should_failslab+0x8c/0xb0
[  324.588098][T15584]  __kmalloc_noprof+0xa5/0x570
[  324.588131][T15584]  ? copy_splice_read+0xc2/0x660
[  324.588155][T15584]  copy_splice_read+0xc2/0x660
[  324.588185][T15584]  ? __pfx_shmem_file_splice_read+0x10/0x10
[  324.588288][T15584]  splice_direct_to_actor+0x290/0x680
[  324.588371][T15584]  ? __pfx_direct_splice_actor+0x10/0x10
[  324.588405][T15584]  do_splice_direct+0xda/0x150
[  324.588456][T15584]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  324.588495][T15584]  do_sendfile+0x380/0x650
[  324.588585][T15584]  __x64_sys_sendfile64+0x105/0x150
[  324.588624][T15584]  x64_sys_call+0x2bb4/0x3000
[  324.588655][T15584]  do_syscall_64+0xd2/0x200
[  324.588749][T15584]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  324.588787][T15584]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  324.588865][T15584]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  324.588886][T15584] RIP: 0033:0x7f73a3daf6c9
[  324.588904][T15584] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  324.588981][T15584] RSP: 002b:00007f73a280f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  324.589076][T15584] RAX: ffffffffffffffda RBX: 00007f73a4005fa0 RCX: 00007f73a3daf6c9
[  324.589147][T15584] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000008
[  324.589165][T15584] RBP: 00007f73a280f090 R08: 0000000000000000 R09: 0000000000000000
[  324.589183][T15584] R10: 0000000100000002 R11: 0000000000000246 R12: 0000000000000001
[  324.589202][T15584] R13: 00007f73a4006038 R14: 00007f73a4005fa0 R15: 00007ffe24c15c78
[  324.589229][T15584]  </TASK>
[  324.679365][ T3407] kernel write not supported for file bpf-prog (pid: 3407 comm: kworker/0:3)
[  324.693532][T15586] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  324.693557][T15586] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  324.693588][T15586] vhci_hcd vhci_hcd.0: Device attached
[  324.922811][ T3407] usb 5-1: new low-speed USB device number 8 using vhci_hcd
[  324.984156][T15587] SET target dimension over the limit!
[  325.109522][T15608] netlink: 'syz.4.4311': attribute type 4 has an invalid length.
[  325.187004][T15625] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4318'.
[  325.200378][T15625] IPVS: dh: FWM 3 0x00000003 - no destination available
[  325.215092][ T3408] IPVS: starting estimator thread 0...
[  325.304250][T15626] IPVS: using max 2256 ests per chain, 112800 per kthread
[  325.363060][T15588] vhci_hcd: connection reset by peer
[  325.369633][ T1088] vhci_hcd: stop threads
[  325.373926][ T1088] vhci_hcd: release socket
[  325.378394][ T1088] vhci_hcd: disconnect device
[  325.490430][T15655] netlink: 'syz.4.4328': attribute type 4 has an invalid length.
[  325.606121][T15646] SET target dimension over the limit!
[  325.671403][T15664] netlink: 'syz.3.4331': attribute type 1 has an invalid length.
[  325.680772][T15664] netlink: 224 bytes leftover after parsing attributes in process `syz.3.4331'.
[  325.692715][T15666] netlink: 'syz.0.4332': attribute type 1 has an invalid length.
[  325.700613][T15666] netlink: 224 bytes leftover after parsing attributes in process `syz.0.4332'.
[  326.009390][T15705] netlink: 'syz.2.4344': attribute type 1 has an invalid length.
[  326.102208][T15724] netlink: 'syz.3.4349': attribute type 4 has an invalid length.
[  326.495277][T15754] futex_wake_op: syz.6.4356 tries to shift op by -1; fix this program
[  326.920276][T15760] Cannot find add_set index 0 as target
[  327.314944][T15815] netlink: 'syz.3.4385': attribute type 4 has an invalid length.
[  327.627553][T15839] futex_wake_op: syz.2.4389 tries to shift op by -1; fix this program
[  328.211910][T15905] __nla_validate_parse: 6 callbacks suppressed
[  328.211930][T15905] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4415'.
[  328.353999][   T29] kauditd_printk_skb: 716 callbacks suppressed
[  328.354012][   T29] audit: type=1326 audit(1762868620.559:36695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15929 comm="syz.6.4424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73a3daf6c9 code=0x7ffc0000
[  328.387887][T15928] netlink: 'syz.2.4423': attribute type 4 has an invalid length.
[  328.399019][   T29] audit: type=1326 audit(1762868620.601:36696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15929 comm="syz.6.4424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73a3daf6c9 code=0x7ffc0000
[  328.422816][   T29] audit: type=1326 audit(1762868620.601:36697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15929 comm="syz.6.4424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f73a3daf6c9 code=0x7ffc0000
[  328.446648][   T29] audit: type=1326 audit(1762868620.601:36698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15929 comm="syz.6.4424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73a3daf6c9 code=0x7ffc0000
[  328.470373][   T29] audit: type=1326 audit(1762868620.601:36699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15929 comm="syz.6.4424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73a3daf6c9 code=0x7ffc0000
[  328.494009][   T29] audit: type=1326 audit(1762868620.601:36700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15929 comm="syz.6.4424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f73a3daf6c9 code=0x7ffc0000
[  328.517775][   T29] audit: type=1326 audit(1762868620.601:36701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15929 comm="syz.6.4424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73a3daf6c9 code=0x7ffc0000
[  328.541402][   T29] audit: type=1326 audit(1762868620.601:36702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15929 comm="syz.6.4424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73a3daf6c9 code=0x7ffc0000
[  328.565214][   T29] audit: type=1326 audit(1762868620.601:36703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15929 comm="syz.6.4424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f73a3daf6c9 code=0x7ffc0000
[  328.588885][   T29] audit: type=1326 audit(1762868620.601:36704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15929 comm="syz.6.4424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73a3daf6c9 code=0x7ffc0000
[  328.615107][T15937] netlink: 96 bytes leftover after parsing attributes in process `syz.2.4426'.
[  328.738257][T15932] SET target dimension over the limit!
[  328.791160][T15953] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4430'.
[  328.929122][T15971] netlink: 'syz.0.4437': attribute type 12 has an invalid length.
[  328.940835][T15967] netlink: 'syz.6.4438': attribute type 1 has an invalid length.
[  328.943229][T15968] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4435'.
[  328.948685][T15967] netlink: 224 bytes leftover after parsing attributes in process `syz.6.4438'.
[  328.973428][T15968] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4435'.
[  329.003771][T15979] sd 0:0:1:0: device reset
[  329.204824][T15995] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4447'.
[  329.355356][T15990] SET target dimension over the limit!
[  329.387627][T16003] netlink: 'syz.3.4449': attribute type 4 has an invalid length.
[  329.461892][T16007] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4450'.
[  329.483113][T16013] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4453'.
[  329.492193][T16013] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4453'.
[  329.760993][ T3407] usb 5-1: enqueue for inactive port 0
[  329.766927][ T3407] usb 5-1: enqueue for inactive port 0
[  329.777683][T16046] ip6gretap0: entered promiscuous mode
[  329.799392][T16046] macsec0: entered promiscuous mode
[  329.814149][T16046] ip6gretap0: left promiscuous mode
[  329.856065][ T3407] vhci_hcd: vhci_device speed not set
[  330.083378][T16046] 9p: Unknown access argument 00000000000000000000	: -22
[  330.245675][T16048] SET target dimension over the limit!
[  330.608322][   T12] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  330.617486][   T12] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  330.627075][   T12] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  330.635964][   T12] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  331.062078][T16113] SET target dimension over the limit!
[  331.483851][ T3395] kernel write not supported for file bpf-prog (pid: 3395 comm: kworker/1:3)
[  331.495229][T16163] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(8)
[  331.501787][T16163] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  331.509375][T16163] vhci_hcd vhci_hcd.0: Device attached
[  331.743854][ T3407] usb 13-1: new low-speed USB device number 3 using vhci_hcd
[  331.988741][T16192] IPv6: NLM_F_CREATE should be specified when creating new route
[  332.003606][T16192] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  332.010980][T16192] IPv6: NLM_F_CREATE should be set when creating new route
[  332.221055][T16164] vhci_hcd: connection reset by peer
[  332.233443][ T1088] vhci_hcd: stop threads
[  332.237791][ T1088] vhci_hcd: release socket
[  332.242236][ T1088] vhci_hcd: disconnect device
[  332.644638][T16232] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0
[  332.654131][T16232] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0
[  333.081807][T16275] __nla_validate_parse: 29 callbacks suppressed
[  333.081823][T16275] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4551'.
[  333.100479][T16275] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4551'.
[  333.138629][T16280] netlink: 68 bytes leftover after parsing attributes in process `syz.0.4553'.
[  333.159334][T16277] validate_nla: 4 callbacks suppressed
[  333.159349][T16277] netlink: 'syz.4.4552': attribute type 4 has an invalid length.
[  333.200825][   T29] kauditd_printk_skb: 441 callbacks suppressed
[  333.200842][   T29] audit: type=1326 audit(1762868625.650:37146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16283 comm="syz.2.4555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb11255f6c9 code=0x7ffc0000
[  333.247120][   T29] audit: type=1326 audit(1762868625.682:37147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16283 comm="syz.2.4555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb11255f6c9 code=0x7ffc0000
[  333.271023][   T29] audit: type=1326 audit(1762868625.682:37148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16283 comm="syz.2.4555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb11255f6c9 code=0x7ffc0000
[  333.294714][   T29] audit: type=1326 audit(1762868625.682:37149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16283 comm="syz.2.4555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb11255df10 code=0x7ffc0000
[  333.318415][   T29] audit: type=1326 audit(1762868625.682:37150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16283 comm="syz.2.4555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb11255f6c9 code=0x7ffc0000
[  333.342129][   T29] audit: type=1326 audit(1762868625.682:37151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16283 comm="syz.2.4555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb11255f6c9 code=0x7ffc0000
[  333.365890][   T29] audit: type=1326 audit(1762868625.682:37152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16283 comm="syz.2.4555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb11255f6c9 code=0x7ffc0000
[  333.389614][   T29] audit: type=1326 audit(1762868625.682:37153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16283 comm="syz.2.4555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb11255f6c9 code=0x7ffc0000
[  333.413329][   T29] audit: type=1326 audit(1762868625.682:37154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16283 comm="syz.2.4555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb11255f6c9 code=0x7ffc0000
[  333.436985][   T29] audit: type=1326 audit(1762868625.682:37155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16283 comm="syz.2.4555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb11255f6c9 code=0x7ffc0000
[  333.525922][T16305] netlink: 68 bytes leftover after parsing attributes in process `syz.6.4564'.
[  333.575640][T16310] netlink: 96 bytes leftover after parsing attributes in process `syz.2.4565'.
[  333.613338][T16308] netlink: 'syz.6.4566': attribute type 4 has an invalid length.
[  333.832817][T16347] netlink: 96 bytes leftover after parsing attributes in process `syz.2.4581'.
[  333.886944][T16353] netlink: 'syz.0.4583': attribute type 4 has an invalid length.
[  334.201873][T16387] netlink: 'syz.2.4598': attribute type 4 has an invalid length.
[  334.219453][T16399] netlink: 'syz.3.4602': attribute type 1 has an invalid length.
[  334.227325][T16399] netlink: 224 bytes leftover after parsing attributes in process `syz.3.4602'.
[  334.508338][T16401] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  334.515916][T16401] batman_adv: batadv0: Removing interface: batadv_slave_0
[  334.544433][T16401] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  334.551973][T16401] batman_adv: batadv0: Removing interface: batadv_slave_1
[  334.595464][T16438] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4618'.
[  334.605893][T16438] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4618'.
[  334.616879][T16433] netlink: 'syz.4.4616': attribute type 4 has an invalid length.
[  334.756964][T16459] netlink: 'syz.6.4627': attribute type 1 has an invalid length.
[  334.764853][T16459] netlink: 224 bytes leftover after parsing attributes in process `syz.6.4627'.
[  334.867114][T16469] FAULT_INJECTION: forcing a failure.
[  334.867114][T16469] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  334.881985][T16469] CPU: 1 UID: 0 PID: 16469 Comm: syz.6.4630 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  334.882018][T16469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  334.882045][T16469] Call Trace:
[  334.882130][T16469]  <TASK>
[  334.882141][T16469]  __dump_stack+0x1d/0x30
[  334.882170][T16469]  dump_stack_lvl+0xe8/0x140
[  334.882198][T16469]  dump_stack+0x15/0x1b
[  334.882272][T16469]  should_fail_ex+0x265/0x280
[  334.882296][T16469]  should_fail+0xb/0x20
[  334.882318][T16469]  should_fail_usercopy+0x1a/0x20
[  334.882390][T16469]  _copy_to_user+0x20/0xa0
[  334.882426][T16469]  simple_read_from_buffer+0xb5/0x130
[  334.882496][T16469]  proc_fail_nth_read+0x10e/0x150
[  334.882540][T16469]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  334.882593][T16469]  vfs_read+0x1a8/0x770
[  334.882621][T16469]  ? __rcu_read_unlock+0x4f/0x70
[  334.882657][T16469]  ? __fget_files+0x184/0x1c0
[  334.882777][T16469]  ksys_read+0xda/0x1a0
[  334.882812][T16469]  __x64_sys_read+0x40/0x50
[  334.882867][T16469]  x64_sys_call+0x27c0/0x3000
[  334.882899][T16469]  do_syscall_64+0xd2/0x200
[  334.882984][T16469]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  334.883012][T16469]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  334.883060][T16469]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  334.883156][T16469] RIP: 0033:0x7f73a3dae0dc
[  334.883180][T16469] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  334.883207][T16469] RSP: 002b:00007f73a280f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  334.883318][T16469] RAX: ffffffffffffffda RBX: 00007f73a4005fa0 RCX: 00007f73a3dae0dc
[  334.883336][T16469] RDX: 000000000000000f RSI: 00007f73a280f0a0 RDI: 0000000000000005
[  334.883354][T16469] RBP: 00007f73a280f090 R08: 0000000000000000 R09: 0000000000000000
[  334.883370][T16469] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  334.883388][T16469] R13: 00007f73a4006038 R14: 00007f73a4005fa0 R15: 00007ffe24c15c78
[  334.883415][T16469]  </TASK>
[  334.934067][T16478] futex_wake_op: syz.3.4626 tries to shift op by -1; fix this program
[  336.344433][T16558] netlink: 'syz.4.4661': attribute type 1 has an invalid length.
[  336.543227][ T3407] usb 13-1: enqueue for inactive port 0
[  336.549497][ T3407] usb 13-1: enqueue for inactive port 0
[  336.576935][T16599] netlink: 'syz.0.4674': attribute type 1 has an invalid length.
[  336.610606][T16603] netlink: 'syz.0.4675': attribute type 1 has an invalid length.
[  336.629011][ T3407] vhci_hcd: vhci_device speed not set
[  336.897464][T16629] sch_fq: defrate 0 ignored.
[  336.925404][T16629] ==================================================================
[  336.933553][T16629] BUG: KCSAN: data-race in mas_state_walk / mas_wr_store_entry
[  336.941116][T16629] 
[  336.943450][T16629] write to 0xffff888108dcea08 of 8 bytes by task 16628 on cpu 1:
[  336.951168][T16629]  mas_wr_store_entry+0x1192/0x26e0
[  336.956373][T16629]  mas_store_prealloc+0x74d/0xa80
[  336.961409][T16629]  commit_merge+0x6a5/0x730
[  336.965925][T16629]  vma_expand+0x220/0x320
[  336.970262][T16629]  vma_merge_new_range+0x296/0x310
[  336.975383][T16629]  mmap_region+0xa50/0x1620
[  336.979908][T16629]  do_mmap+0x9b3/0xbe0
[  336.983987][T16629]  vm_mmap_pgoff+0x17a/0x2e0
[  336.988601][T16629]  ksys_mmap_pgoff+0xc2/0x310
[  336.993286][T16629]  x64_sys_call+0x14a3/0x3000
[  336.997983][T16629]  do_syscall_64+0xd2/0x200
[  337.002594][T16629]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.008501][T16629] 
[  337.010843][T16629] read to 0xffff888108dcea08 of 8 bytes by task 16629 on cpu 0:
[  337.018477][T16629]  mas_state_walk+0x28f/0x650
[  337.023185][T16629]  mas_walk+0x60/0x150
[  337.027281][T16629]  lock_vma_under_rcu+0x95/0x170
[  337.032243][T16629]  do_user_addr_fault+0x233/0x1080
[  337.037365][T16629]  exc_page_fault+0x62/0xa0
[  337.041973][T16629]  asm_exc_page_fault+0x26/0x30
[  337.046833][T16629] 
[  337.049162][T16629] value changed: 0x00007f739a3acfff -> 0x00007f739a38bfff
[  337.056272][T16629] 
[  337.058686][T16629] Reported by Kernel Concurrency Sanitizer on:
[  337.064839][T16629] CPU: 0 UID: 0 PID: 16629 Comm: syz.6.4685 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  337.074663][T16629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  337.084727][T16629] ==================================================================