last executing test programs:

7.860482341s ago: executing program 0 (id=2881):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1e, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x1, &(0x7f00000003c0)=[{0xff3e, 0x65, 0x1, 0x40000}]})

3.822751318s ago: executing program 4 (id=2932):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x14, 0x4, 0x4, 0xbf23, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5}, 0x48)
socket(0x10, 0x4, 0x9)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0xd, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000097640000000000030000007110ffff000000009500000000000000"], &(0x7f00000001c0)='GPL\x00', 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x90)
r1 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
timerfd_create(0x0, 0x0)
r2 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x3f, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x5, 0x0, 0x2, 0x3, 0x0, 0x2000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
io_uring_setup(0xdd4, &(0x7f0000000100))
readv(r1, &(0x7f0000000240)=[{&(0x7f0000000080)=""/147, 0x93}, {0x0}], 0x2)
r3 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYRES16=0x0, @ANYRES32=r4, @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r5)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r6, 0x6, 0x21, &(0x7f0000000080)="094c6b3b9fc068be82a405f112c0b1cc", 0x10)
syz_read_part_table(0x5be, &(0x7f00000005c0)="$eJzs2z9I3GcYB/DnTI5AMmTJlC5NhgwlSyRjbmjCeUmIrVzqElpIaEIIuekCgQs9COigNyjeII4uItzin8nzBidFwVnEwSI4uLQoBcHFK+LbXesfCHw+8PLwvu/37vk9w2/8Bd+0jvi73W5nIqJ97fS/7m3ku5593/Nj8ZeITPwWEb93fvfP0U0mJf7717tpv5n2E+PXW4N7T7ONjZf7914v1jrS/de0bkw2e888HBduKrd0s6+/XBiq5D6sF6rbA2ur3dO7+WLzRa0+8zz75G3KLad6NdVPUYkv8THeRClK8S7K59R/rLH14PB2oTH3/tFBV2t4oTPles4450n7f74z8qpefXx/9tbow8r8SnHnynGu9D/eLgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALt9UbulmX3+5MFTJfVgvVLcH1la7p3fzxeaLWn3mefbJ25RbTvVqqp+iEl/iY7yJUpTiXZTPqf9YY+vB4e1CY+79o4Ou1vBCZ8r1nHHOk/b/fGfkVb36+P7srdGHlfmV4s6V41zp2gU9AAAAAAAAAAAAAAAAAAAAAETEs8JPPxfz3fmITPwaET/89UfH0Xk7fe+eSbm7qW6m84nx663BvafZxsbL/XuvF2t/pvOvad2YbPZe+jCc2r8BAAD//1Z7laY=")
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
creat(&(0x7f0000000040)='./file0/file1\x00', 0x0)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000080), &(0x7f0000000040)=0x8)
socket$nl_route(0x10, 0x3, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000002f40)={0x0, @dev, @broadcast}, &(0x7f0000002f80)=0xc)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0, 0x2012, r8, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="9feb01001800000000000000240000002400000002000000000000000000000a020000000000000001000005000000000000000001"], &(0x7f0000001f40)=""/4089, 0x3e, 0xff9, 0xa}, 0x20)
r9 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000400), 0xffffffffffffffff)
recvmmsg(r7, &(0x7f0000008f80)=[{{0x0, 0x0, &(0x7f0000000c40)}}], 0x1, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_STRSET_GET(r7, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000080)=ANY=[@ANYBLOB="18000000", @ANYRES16=r9, @ANYBLOB="030704707900000000000100040004000180"], 0x18}}, 0x0)

3.426771428s ago: executing program 0 (id=2882):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x5, 0x40, 0x6, 0x8}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xc, 0x4, 0x4, 0x1, 0x0, r3}, 0x48)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000580)=@bpf_lsm={0x5, 0x5, &(0x7f00000000c0)=@framed={{0x2d, 0xa, 0xa, 0x0, 0x0, 0x79, 0x10, 0xa8}, [@map_fd={0x18, 0x0, 0x1, 0x0, r4}]}, &(0x7f0000000000)='GPL\x00'}, 0x80)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa}, 0x48)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r5 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000400000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80)
r6 = socket(0x10, 0x3, 0x0)
r7 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=@newqdisc={0x44, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x14, 0x8002, [@TCA_FQ_PIE_ALPHA={0x8}, @TCA_FQ_PIE_BETA={0x8}]}}]}, 0x44}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r5, 0x3, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r9 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r9, 0x400, 0x0)
r10 = socket$kcm(0xa, 0x2, 0x0)
sendmsg$kcm(r10, &(0x7f0000000080)={&(0x7f0000000000)=@in6={0xa, 0x4e27, 0x0, @mcast1}, 0x80, 0x0, 0x0, &(0x7f00000000c0)=[{0x5c8, 0x29, 0x3, "43b6a6b2aa6470440cf5fbb80cf0ed8b009f0ee0d2f9bcbd77341a94eb9b137867dc3118c2beb60753ecbadb15787b9dd2231417c3c69737aa81d63253a0c33dc0766143b9fc47150f7d3a4d06ef892c1ee3f5fa7950fe76848b97eda3a7ffabb77742d15d76eb3ebdc71d453765271c713a8cd60467930969dd45ec07fcbe0094ed6e2345bf991ccb50168d088cda1216c05fdaec64f788e6722e66e05f3256460763696ac643da6b889503566ca73b719a1045fccd8c03cc206b36137dce4e9ba7f3a5e05a2e8ce050366357e710a6b6055475dd82b2bd74c403e4de4155ba454253a4adf5559ab468e2edbea964ec4669fb486d8c5b18472fa072dea946009053b1e15140e82cc5948cf930014a87c4db296dbe76bcf37ce44cb546aad0d7653720f98f3e5a0d06081b728f62ea070b8441f86ad2c45e085e0f1f24121c1784d222f9fd41ec92e3d5a7a7e881212cfca3236b2e31855c96cf07b0b51afe3bfa61e7fae1cc7d16d15ecdc0cc80ab9442dd8e7c2ac8e74cd7045899e58f9cdd16ece2469bb37ef8ddc79a766611d067cdfb50cdc6672d707160cde9a1bc20b9c4839c2efc93c289cf58b66c7e45d66ffdab0ad89abfbd5d3781b39fd306a2d1158475aae10156688f0b41e966822dc028afd2d0f3016f967046d1077ac43e5165da2a3454a2a2e67c58f0d2c68e696c81050b7c75418527e64530e4c27ad335fc3c12701f35ae234304813649c986f11839962bbbdce29fb79fe7bce6463a28bf29d32d6db48ef4bfff8effce17d83c1bf31f7a36a1c7ea344fcf2deec357be1dc5a297e99ff0997c313b67b968fe7ecf971a109fb6e7c662ddcce04e98aa65e3a256cdd09e769251928813a1a3a6fedb0841baf49e89f44becf2b85bdff9127174f6503be0cf3b3892df6e12612c6f002b04a60c33eb297ab3f9ee16294e90dd2f3e09ca0d7d3cedabaed4d82be93f9cba7e157ffb0a4715664659147df18de6407c684e85fe7b2454c6ea05fa23140ba15a7a11750bbf45d5f848e62582c2ad96d218908d1e3ae686d3d99355d65411c4b516984b2b8859aabed132f8e5b074e46e7543b81cf1af7b48865169b644cf0c810f3eac387b43ae3b94b3171722980cdf7685e969c3f0ed033fa4f7edf12e149fb0b0207203b8c2e46d4023d21e7e6e98cc6f8c3b7b53163d8ed652b09d27180d0f2444b738c81da4191000698fd280786c5188e3ac5aefd7fce299206e410d1015448c92f3769d48cebe717a0b36fb01d1f94fac90fd665e821b45e70497b36d6123003fd89948b204802e78b141232402e7f9c5cefe215ae26f38564b34009b6d3a5069130cf45c63efd666e3a184b560e2fc12dca5e22612dabf12336b75bda73035d2d67f7deeab7aa1d73901eee8f62e906de887e04b5e59b68c50bdfe64987fbdfd8f9ab4707596b40e9bd8adf3b2aa5bd5fae10f173c160868e35c7ebc083501155372631b1c8df43accc945b663109414c8878498a216e1d840d26bddd278f47fd909c1f57e03e24852cc5849f3535206ee5ba895aafcaa90532389eb0d0ef5b321c183fbff08aa87acda39892d44d267fa3c4a53ede397f182c868ac334833279b4c42acbd431dc2df97143a7dc9d28151f2059d16e697ae95ff55753873c039e0e0cc944c46720404c9394b56001499bb09d4b06b6d7ead47485c34c4b9cfbf28accb02a97a199e39ee8bce6b0bb1e2bba69508fe0795d541ece33ea9ff6cf15ec9979b82f2d3d284a761c6f88800710b685feb000ca711d8650695f42919bae79b81ce6288a847697ffc072ea6fdfaea3b488849a080f3ab5657c372aeb5a2ea6127692bba08964f23d9e70a8e337c3aa7384e2016b008466e24c0c8d81b535a9e7fcd7ec799a486d6a4836d60972f6660dc9b88d3da365917826fe13f7fdb60991a79c7a2e25b043792ff2ec62ae6639d0a0a4d68bfee56b85b49c8d97d4daaa978de0705fbba8a8fa8df311db2f718894f8150b5300ef0f437c5eb9e3bd53a13d672dd3ab8b52c039722e5c5ae3c8cf71e5a6b9ef6102b1d"}], 0x5c8}, 0x0)
r11 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81000)
renameat2(r11, &(0x7f0000000140)='./file1\x00', r11, &(0x7f0000000980)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r2, 0x0, 0x3, &(0x7f0000000040)=0x8, 0x4)

3.358166302s ago: executing program 0 (id=2937):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
io_getevents(0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$tipc(&(0x7f0000000240), r2)
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
seccomp$SECCOMP_GET_ACTION_AVAIL(0x2, 0x0, &(0x7f0000000580)=0x7ffc0000)
r4 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_NEXT_CMD_LEN(r4, 0x2283, &(0x7f0000000000)=0xde)
r5 = fcntl$dupfd(r4, 0x0, r4)
write$sndseq(r5, &(0x7f0000000200)=[{}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @result}], 0x38)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r3, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
close(r6)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x20, 0x0, 0x0, 0xfffff034}, {0x6}]}, 0x10)
sendmsg$SOCK_DESTROY(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000004f00)=ANY=[], 0x3ec4}}, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=@newtaction={0xeb8, 0x30, 0x1, 0x0, 0x0, {}, [{0xea4, 0x1, [@m_mpls={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{0x0, 0x0, 0x0, 0x0, 0x1}, 0x4}}]}, {0x4}, {0xc}, {0xc}}}, @m_pedit={0xe54, 0x2, 0x0, 0x0, {{0xa}, {0xe28, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x4}, @TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x3f}, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x1}, {}, {0x60d}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x9}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0xe}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x800}, {}, {}, {}, {}, {}, {}, {}, {}, {0x8}, {}, {}, {}, {}, {}, {0x100000, 0xfffffff1}, {}, {}, {}, {}, {}, {}, {}, {}, {0xfffffffe}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0xeb8}}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x3)
tkill(0x0, 0x34)

3.069337724s ago: executing program 0 (id=2944):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1845000000000000001100"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000009c0)='kfree\x00', r0}, 0x10)
open(&(0x7f0000000140)='./file0\x00', 0xa63c0, 0x0)
pipe2$9p(&(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000020000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
r5 = dup(r2)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="17c137c3733d66642c7266646e6e3d", @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r5, @ANYBLOB=',k'])
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000418110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001}, 0x90)
r7 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="14010000250001000000000000000000030100800c000000000000000000000014000100fe80000000000000000000000000000050bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43db0200115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd3f8c00"], 0x114}], 0x1}, 0x0)

2.902016746s ago: executing program 4 (id=2948):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
listen(r0, 0x2)
ioctl$sock_inet_tcp_SIOCINQ(r0, 0x541b, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100000620702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$inet6(0xa, 0x806, 0x0)
socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
sendmsg$inet(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
r2 = perf_event_open(&(0x7f00000003c0)={0x2, 0xd5, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x58000, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0x66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0xffe}, 0x0, 0x1000000, r2, 0x10)
readv(r3, &(0x7f0000000140)=[{&(0x7f00000002c0)=""/134, 0x86}], 0x1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r4=>0xffffffffffffffff})
sendmsg$NL80211_CMD_AUTHENTICATE(0xffffffffffffffff, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000f80)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='kfree\x00', r6}, 0x10)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x12c}}, 0x0)
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r8, &(0x7f0000000000)="e7", 0x1, 0x0, 0x0, 0x0)
r9 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_buf(r9, 0x0, 0x29, &(0x7f0000000000)=""/145, &(0x7f0000695ffc)=0x91)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x2, 0xc, 0x1400}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r10 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'})
sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000300)={0x44, 0x0, 0x1, 0x505, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x30, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @mcast2}}}]}]}, 0x44}}, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)

2.895837867s ago: executing program 0 (id=2949):
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50)
syz_io_uring_setup(0x2c0c, &(0x7f0000000400)={0x0, 0x0, 0x4002}, 0x0, 0x0)

2.809617723s ago: executing program 0 (id=2951):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r2}, 0x10)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @broadcast})
close(r3)

2.013368991s ago: executing program 4 (id=2968):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = syz_clone(0x1000, &(0x7f0000000200)="5e48428dd03df184143f4778d178e873c3992bc7143ae0865a93afd177e8d49942cdbff9637a3f3e6a89043563b8c3d8235f0b07e839ec270023438949212793188ae6920dbaee2f2f24392b12133ba71322e113af152e45e4ef059eb4597192ca0089e22646dbff2c26738e80c94c27d19e79cc0a58aac61ce5845008799d96d8cdea0f91f90d3832b8d12cb8c90a1e8e86cfc905368fcaa19a4f5d185f43cfb9bcc6384bc93202031a4493157401da86575f565fc9cc6e5386b31e2fffa25091c08344fddceb2a69870906", 0xcc, &(0x7f0000000080), &(0x7f0000000300), &(0x7f0000000340)="065aedeea0193c27c7a10fd9ae8115dc0b36e386fb877484599615df63bff167a115e03df5aff967ba6a16cc2f7ae873d1375ed0c819653a2924b324ea71fac971991dbbdc6bcc85fc160f709b8879fb489ea179b8034d4600e3fa2fea11728b384901f800ff05aeb1fc83d1b4b3a345ac6c940cd893bcd160ba4f32f53249a3b35ae2fab001442b6ed8bfc1a0ca6710db1e7841c9ce394d2eb2d3c35438f0540b98d9db098a5ec8d9964cbfb169f0d551318755995cb6dd73c1300d")
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$tipc(&(0x7f0000000240), r3)
getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
seccomp$SECCOMP_GET_ACTION_AVAIL(0x2, 0x0, &(0x7f0000000580)=0x7ffc0000)
r5 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_NEXT_CMD_LEN(r5, 0x2283, &(0x7f0000000000)=0xde)
r6 = fcntl$dupfd(r5, 0x0, r5)
write$sndseq(r6, &(0x7f0000000200)=[{}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @result}], 0x38)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
close(r7)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r8, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x20, 0x0, 0x0, 0xfffff034}, {0x6}]}, 0x10)
sendmsg$SOCK_DESTROY(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000004f00)=ANY=[], 0x3ec4}}, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=@newtaction={0xeb8, 0x30, 0x1, 0x0, 0x0, {}, [{0xea4, 0x1, [@m_mpls={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{0x0, 0x0, 0x0, 0x0, 0x1}, 0x4}}]}, {0x4}, {0xc}, {0xc}}}, @m_pedit={0xe54, 0x2, 0x0, 0x0, {{0xa}, {0xe28, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x4}, @TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x3f}, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x1}, {}, {0x60d}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x9}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0xe}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x800}, {}, {}, {}, {}, {}, {}, {}, {}, {0x8}, {}, {}, {}, {}, {}, {0x100000, 0xfffffff1}, {}, {}, {}, {}, {}, {}, {}, {}, {0xfffffffe}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0xeb8}}, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f00000001c0)=0x3)
tkill(r1, 0x34)

1.808182057s ago: executing program 4 (id=2977):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB], 0x0}, 0x90)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r0)
sendmsg$NL80211_CMD_GET_MPP(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000540)={0x20, r2, 0xe1527b0cf4b1ab9f, 0x0, 0x0, {{}, {@void, @val={0x9}}}}, 0x20}}, 0x0)
io_submit(0x0, 0x1, &(0x7f0000000a40)=[&(0x7f0000000840)={0x0, 0x0, 0x0, 0x3, 0x0, 0xffffffffffffffff, 0x0}])
getpgrp(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r6}, 0x10)
r7 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r7, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r8, 0x8946, &(0x7f0000000900)={'veth1_virt_wifi\x00', @random='\x00\x00\x00 \x00'})

1.652485168s ago: executing program 2 (id=2980):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r0}, 0x10)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="14010000250001000000000000000000030100800c000000000000000000000014000100fe80000000000000000000000000000050bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43db0200115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd3f8c00"], 0x114}], 0x1}, 0x0)

1.447536623s ago: executing program 3 (id=2982):
r0 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket(0x10, 0x3, 0x9)
connect$netlink(r1, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x25dfdbfc}, 0xc)
sendmsg$TIPC_CMD_GET_MAX_PORTS(r1, &(0x7f00000006c0)={&(0x7f0000000a00), 0xc, &(0x7f0000000100)={&(0x7f0000000400)={0x1c, 0x0, 0x4}, 0x1c}}, 0x0)
r2 = open(&(0x7f00000005c0)='./bus\x00', 0x145842, 0x0)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0), r2)
sendmsg$IPVS_CMD_DEL_SERVICE(r2, &(0x7f0000000340)={&(0x7f0000000080), 0xc, &(0x7f0000000300)={&(0x7f0000000100)={0xc4, r3, 0x2, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0x14, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x7}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0x2}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x9}, @IPVS_CMD_ATTR_DAEMON={0x68, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'pimreg0\x00'}, @IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast2}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @loopback}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x5}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x8}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x3ff}]}, @IPVS_CMD_ATTR_SERVICE={0x2c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x36}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x3c}]}]}, 0xc4}, 0x1, 0x0, 0x0, 0x4048051}, 0x85)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r4, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r4, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newlink={0x20, 0x10, 0x581}, 0x20}}, 0x0)
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r7=>0x0}, &(0x7f0000000200)=0x8)
setsockopt$inet_sctp6_SCTP_MAX_BURST(r5, 0x84, 0x14, &(0x7f0000000100)=@assoc_value={r7, 0x2}, 0x8)
connect$inet(0xffffffffffffffff, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(0xffffffffffffffff, 0x8)
r8 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r8, 0x84, 0x14, &(0x7f0000000100)=@assoc_value, &(0x7f0000000040)=0x8)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r9}, 0x10)
r10 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)="5c00000013006bcd9e3fe3dc6e48aa310b6b87033a0000001f030000ef000000040014000d000a000d0000009ee517d34460bc24eab556a705251e6182949a3651f60a84c9f5d1938037e786a6d0bdd7fc", 0x51}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
sendmsg$IPVS_CMD_GET_DAEMON(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0x68, r3, 0xa4c8f77cb70e32a, 0x70bd29, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DEST={0x24, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x6}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0xf7b4}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x7}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x80000001}]}, @IPVS_CMD_ATTR_DAEMON={0x30, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @multicast2}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'wg2\x00'}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @private=0xa010102}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x408d1}, 0x40040)
r11 = socket$inet6_tcp(0xa, 0x1, 0x0)
r12 = dup(r11)
fcntl$dupfd(r12, 0x0, r12)
setsockopt$inet6_tcp_TLS_TX(r12, 0x6, 0x1, &(0x7f0000000240)=@ccm_128={{0x303}, "394a0cc6b906c279", "64bc46a8d7fdf999728a44e91c06a1e8", "7a2bee35", "fad0fde2de835a1c"}, 0x28)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r0, 0x4008240b, &(0x7f0000000140)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x5}})

1.420023375s ago: executing program 1 (id=2983):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
io_getevents(0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_clone(0x1000, &(0x7f0000000200)="5e48428dd03df184143f4778d178e873c3992bc7143ae0865a93afd177e8d49942cdbff9637a3f3e6a89043563b8c3d8235f0b07e839ec270023438949212793188ae6920dbaee2f2f24392b12133ba71322e113af152e45e4ef059eb4597192ca0089e22646dbff2c26738e80c94c27d19e79cc0a58aac61ce5845008799d96d8cdea0f91f90d3832b8d12cb8c90a1e8e86cfc905368fcaa19a4f5d185f43cfb9bcc6384bc93202031a4493157401da86575f565fc9cc6e5386b31e2fffa25091c08344fddceb2a69870906", 0xcc, &(0x7f0000000080), &(0x7f0000000300), &(0x7f0000000340)="065aedeea0193c27c7a10fd9ae8115dc0b36e386fb877484599615df63bff167a115e03df5aff967ba6a16cc2f7ae873d1375ed0c819653a2924b324ea71fac971991dbbdc6bcc85fc160f709b8879fb489ea179b8034d4600e3fa2fea11728b384901f800ff05aeb1fc83d1b4b3a345ac6c940cd893bcd160ba4f32f53249a3b35ae2fab001442b6ed8bfc1a0ca6710db1e7841c9ce394d2eb2d3c35438f0540b98d9db098a5ec8d9964cbfb169f0d551318755995cb6dd73c1300d")
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$tipc(&(0x7f0000000240), r3)
getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
seccomp$SECCOMP_GET_ACTION_AVAIL(0x2, 0x0, &(0x7f0000000580)=0x7ffc0000)
r5 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_NEXT_CMD_LEN(r5, 0x2283, &(0x7f0000000000)=0xde)
fcntl$dupfd(r5, 0x0, r5)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
close(r6)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x20, 0x0, 0x0, 0xfffff034}, {0x6}]}, 0x10)
sendmsg$SOCK_DESTROY(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000004f00)=ANY=[], 0x3ec4}}, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=@newtaction={0xeb8, 0x30, 0x1, 0x0, 0x0, {}, [{0xea4, 0x1, [@m_mpls={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{0x0, 0x0, 0x0, 0x0, 0x1}, 0x4}}]}, {0x4}, {0xc}, {0xc}}}, @m_pedit={0xe54, 0x2, 0x0, 0x0, {{0xa}, {0xe28, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x4}, @TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x3f}, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x1}, {}, {0x60d}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x9}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0xe}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x800}, {}, {}, {}, {}, {}, {}, {}, {}, {0x8}, {}, {}, {}, {}, {}, {0x100000, 0xfffffff1}, {}, {}, {}, {}, {}, {}, {}, {}, {0xfffffffe}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0xeb8}}, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f00000001c0)=0x3)
tkill(r1, 0x34)

1.155297165s ago: executing program 3 (id=2984):
r0 = syz_io_uring_setup(0xe42, &(0x7f0000000140)={0x0, 0x2119}, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000080000000000000000000001811", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x18})
io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0)

1.126864797s ago: executing program 2 (id=2985):
r0 = syz_io_uring_setup(0xe42, &(0x7f0000000140)={0x0, 0x2119}, 0x0, &(0x7f0000000280)=<r1=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r2, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
syz_io_uring_submit(0x0, r1, &(0x7f00000002c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x18})
io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0)

984.145717ms ago: executing program 3 (id=2986):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
fsopen(&(0x7f0000000000)='bpf\x00', 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000680), 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r0, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="180a1100000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000020b705000a0800000085000000a500000000"], &(0x7f0000000300)='GPL\x00', 0x4, 0x14, &(0x7f0000001e00)=""/4088}, 0x90)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
ptrace(0x8, r2)
r3 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@bloom_filter={0x1e, 0x4c, 0x0, 0x800, 0x1280, 0xffffffffffffffff, 0x10, '\x00', 0x0, r0, 0x0, 0x1, 0x5, 0x8}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r5)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0x30)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r6)
r7 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r7, &(0x7f0000000300)=""/104, 0x68)
getdents(r7, &(0x7f0000001fc0)=""/184, 0xb8)
socket$tipc(0x1e, 0x0, 0x0)
r8 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r8, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
mmap$binder(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1, 0x11, r8, 0x8000)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000040)={@private1={0xfc, 0x1, '\x00', 0x1}, 0x5, 0x1, 0x3, 0x5, 0x0, 0x1}, 0xffffffffffffff10)
ioprio_set$pid(0x2, 0x0, 0x0)

885.925455ms ago: executing program 2 (id=2988):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = syz_clone(0x1000, &(0x7f0000000200)="5e48428dd03df184143f4778d178e873c3992bc7143ae0865a93afd177e8d49942cdbff9637a3f3e6a89043563b8c3d8235f0b07e839ec270023438949212793188ae6920dbaee2f2f24392b12133ba71322e113af152e45e4ef059eb4597192ca0089e22646dbff2c26738e80c94c27d19e79cc0a58aac61ce5845008799d96d8cdea0f91f90d3832b8d12cb8c90a1e8e86cfc905368fcaa19a4f5d185f43cfb9bcc6384bc93202031a4493157401da86575f565fc9cc6e5386b31e2fffa25091c08344fddceb2a69870906", 0xcc, &(0x7f0000000080), &(0x7f0000000300), &(0x7f0000000340)="065aedeea0193c27c7a10fd9ae8115dc0b36e386fb877484599615df63bff167a115e03df5aff967ba6a16cc2f7ae873d1375ed0c819653a2924b324ea71fac971991dbbdc6bcc85fc160f709b8879fb489ea179b8034d4600e3fa2fea11728b384901f800ff05aeb1fc83d1b4b3a345ac6c940cd893bcd160ba4f32f53249a3b35ae2fab001442b6ed8bfc1a0ca6710db1e7841c9ce394d2eb2d3c35438f0540b98d9db098a5ec8d9964cbfb169f0d551318755995cb6dd73c1300d")
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$tipc(&(0x7f0000000240), r3)
getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
seccomp$SECCOMP_GET_ACTION_AVAIL(0x2, 0x0, &(0x7f0000000580)=0x7ffc0000)
r5 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_NEXT_CMD_LEN(r5, 0x2283, &(0x7f0000000000)=0xde)
r6 = fcntl$dupfd(r5, 0x0, r5)
write$sndseq(r6, &(0x7f0000000200)=[{}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @result}], 0x38)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
close(r7)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r8, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x20, 0x0, 0x0, 0xfffff034}, {0x6}]}, 0x10)
sendmsg$SOCK_DESTROY(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000004f00)=ANY=[], 0x3ec4}}, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=@newtaction={0xeb8, 0x30, 0x1, 0x0, 0x0, {}, [{0xea4, 0x1, [@m_mpls={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{0x0, 0x0, 0x0, 0x0, 0x1}, 0x4}}]}, {0x4}, {0xc}, {0xc}}}, @m_pedit={0xe54, 0x2, 0x0, 0x0, {{0xa}, {0xe28, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x4}, @TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x3f}, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x1}, {}, {0x60d}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x9}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0xe}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x800}, {}, {}, {}, {}, {}, {}, {}, {}, {0x8}, {}, {}, {}, {}, {}, {0x100000, 0xfffffff1}, {}, {}, {}, {}, {}, {}, {}, {}, {0xfffffffe}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0xeb8}}, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f00000001c0)=0x3)
tkill(r1, 0x34)

885.344445ms ago: executing program 4 (id=2989):
unshare(0x20020000)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000008c0)=[{0x16}]})
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x1ffffffffffffeba, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYRESDEC], 0x0}, 0x90)
getsockopt$inet6_tcp_int(r0, 0x6, 0x19, &(0x7f0000000180), &(0x7f00000001c0)=0x4)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a54000000060a09040000000000000000020000000900020073797a32000000000900010073797a300000000028000480240081800b0001007470726f787900001400028008000240000000050800014000000002140000001100010000000000000000000000000a"], 0x7c}}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')

796.531961ms ago: executing program 3 (id=2990):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x4)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000440), 0xffffffffffffffff)
r4 = gettid()
sendmsg$DEVLINK_CMD_RELOAD(r2, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000b80)={0x3c, r3, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r4}}]}, 0x3c}}, 0x0)

761.089853ms ago: executing program 2 (id=2991):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
bind$unix(r0, &(0x7f0000000280)=@file={0x1, './file0\x00'}, 0x6e)
r1 = syz_io_uring_setup(0xe42, 0x0, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f00000004c0), &(0x7f0000000500)='./file0\x00', 0x18})
io_uring_enter(r1, 0x47f6, 0x0, 0x0, 0x0, 0x0)

675.27049ms ago: executing program 2 (id=2992):
pipe(0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="9feb010018"], 0x0, 0x5a}, 0x20)
r0 = socket(0x29, 0x803, 0x800)
r1 = socket(0x1, 0x803, 0x0)
syz_emit_ethernet(0x5e, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet(0x2, 0x3, 0x6)
ioctl$sock_inet_SIOCSARP(r5, 0x8955, &(0x7f0000000000)={{0x2, 0x0, @remote}, {0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xee1dab1405b353e2}}, 0x0, {0x2, 0x0, @remote}})
ioctl$sock_inet_SIOCSARP(r5, 0x8953, &(0x7f0000000000)={{0x2, 0x0, @dev}, {0x0, @local}, 0x4a, {0x2, 0x0, @broadcast}, 'syz_tun\x00'})
r6 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCL_GETMOUSEREPORTING(0xffffffffffffffff, 0x5412, &(0x7f00000000c0)=0x13)
sendmsg$MPTCP_PM_CMD_SUBFLOW_DESTROY(r0, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, 0x0, 0x800, 0x70bd2d, 0x25dfdbff, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_LOC_ID={0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x41}, 0x4040)
ioctl$TIOCL_GETMOUSEREPORTING(r6, 0x5412, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x9, 0x4, &(0x7f0000001880)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4d, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
r7 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r7, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
socket$packet(0x11, 0x3, 0x300)
r8 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r8, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)

664.718421ms ago: executing program 1 (id=2993):
r0 = socket(0x26, 0x1, 0xe989)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x0, @rand_addr=0x64010102}]}, &(0x7f0000000100)=0x10)

320.497326ms ago: executing program 1 (id=2994):
r0 = syz_io_uring_setup(0xe42, &(0x7f0000000140)={0x0, 0x2119}, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r3, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
syz_io_uring_submit(r1, r2, 0x0)
io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0)

287.829369ms ago: executing program 2 (id=2995):
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
socket$inet6_udplite(0xa, 0x2, 0x88)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x911}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{0x6}]})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

263.24815ms ago: executing program 1 (id=2996):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1845000000000000001100"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000009c0)='kfree\x00', r0}, 0x10)
open(&(0x7f0000000140)='./file0\x00', 0xa63c0, 0x0)
pipe2$9p(&(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000020000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
r5 = dup(r2)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="17c137c3733d66642c7266646e6e3d", @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r5, @ANYBLOB=',k'])
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000418110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="14010000250001000000000000000000030100800c000000000000000000000014000100fe80000000000000000000000000000050bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43db0200115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd3f8c00"], 0x114}], 0x1}, 0x0)

107.257622ms ago: executing program 1 (id=2997):
r0 = syz_io_uring_setup(0xe42, &(0x7f0000000140)={0x0, 0x2119}, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000008000000000000000000000181100", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x18})
io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0)

89.435063ms ago: executing program 3 (id=2998):
r0 = syz_io_uring_setup(0xe42, &(0x7f0000000140)={0x0, 0x2119}, 0x0, &(0x7f0000000280)=<r1=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r2, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
syz_io_uring_submit(0x0, r1, &(0x7f00000002c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x18})
io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0)

8.594569ms ago: executing program 3 (id=2999):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
bind$unix(r0, 0x0, 0x0)
r1 = syz_io_uring_setup(0xe42, &(0x7f0000000140), &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f00000004c0), &(0x7f0000000500)='./file0\x00', 0x18})
io_uring_enter(r1, 0x47f6, 0x0, 0x0, 0x0, 0x0)

7.885079ms ago: executing program 1 (id=3009):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r2}, 0x10)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @broadcast})
close(r3)

0s ago: executing program 4 (id=3000):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000850000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000400)='netfs_rreq_ref\x00', r0}, 0x3)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
r1 = socket(0x1e, 0x1, 0x0)
connect$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
recvmmsg(r1, &(0x7f0000001ec0)=[{{0x0, 0xa00, &(0x7f00000004c0)=[{&(0x7f00000001c0)=""/64, 0x40}], 0x1, &(0x7f0000000540)=""/27, 0x1b}}], 0x1, 0x0, 0x0)
write$binfmt_misc(r1, &(0x7f0000000080)=ANY=[], 0x2000011a)

kernel console output (not intermixed with test programs):

16][T10047] RDX: 00007f07b9116ef0 RSI: 0000000000000000 RDI: 00007f07ba508131
[  170.529116][T10047] RBP: 0000000020000cc0 R08: 00007f07b9116bb7 R09: 00007f07b9116e40
[  170.537206][T10047] R10: 000000000000000a R11: 0000000000000202 R12: 0000000020000740
[  170.545232][T10047] R13: 00007f07b9116ef0 R14: 00007f07b9116eb0 R15: 0000000020000080
[  170.553311][T10047]  </TASK>
[  170.642492][   T29] audit: type=1400 audit(1725278023.614:6841): avc:  denied  { module_load } for  pid=10052 comm="syz.3.2307" path="/90/bus" dev="tmpfs" ino=499 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=system permissive=1
[  170.643505][T10053] Invalid ELF header magic: != ELF
[  170.676667][T10055] netlink: 'syz.2.2308': attribute type 10 has an invalid length.
[  170.684596][T10055] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2308'.
[  170.699891][T10057] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10057 comm=syz.3.2309
[  170.700671][T10055] bridge0: port 3(ipvlan0) entered blocking state
[  170.719040][T10055] bridge0: port 3(ipvlan0) entered disabled state
[  170.726067][T10055] ipvlan0: entered allmulticast mode
[  170.731418][T10055] veth0_vlan: entered allmulticast mode
[  170.734345][T10060] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10060 comm=syz.2.2308
[  170.737592][T10055] ipvlan0: left allmulticast mode
[  170.754768][T10055] veth0_vlan: left allmulticast mode
[  170.760721][T10055] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check.
[  170.779226][T10061] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10061 comm=syz.3.2309
[  170.779727][T10057] netlink: 'syz.3.2309': attribute type 10 has an invalid length.
[  170.799676][T10057] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2309'.
[  170.812349][T10057] bridge0: port 3(ipvlan0) entered blocking state
[  170.818856][T10057] bridge0: port 3(ipvlan0) entered disabled state
[  170.826425][T10057] ipvlan0: entered allmulticast mode
[  170.828379][T10064] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2311'.
[  170.832422][T10057] veth0_vlan: entered allmulticast mode
[  170.849048][T10057] ipvlan0: left allmulticast mode
[  170.854330][T10057] veth0_vlan: left allmulticast mode
[  170.862155][T10057] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check.
[  170.885813][T10059] pim6reg1: entered promiscuous mode
[  170.891324][T10059] pim6reg1: entered allmulticast mode
[  170.928276][T10071] netlink: 'syz.2.2314': attribute type 1 has an invalid length.
[  170.936190][T10071] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2314'.
[  170.977117][T10075] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[  170.989052][   T29] audit: type=1326 audit(1725278023.954:6842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10074 comm="syz.2.2315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000
[  171.025859][   T29] audit: type=1326 audit(1725278023.954:6843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10074 comm="syz.2.2315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000
[  171.044195][T10069] pim6reg: entered allmulticast mode
[  171.049427][   T29] audit: type=1326 audit(1725278023.954:6844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10074 comm="syz.2.2315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000
[  171.078325][   T29] audit: type=1326 audit(1725278023.954:6845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10074 comm="syz.2.2315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000
[  171.101993][   T29] audit: type=1326 audit(1725278023.954:6846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10074 comm="syz.2.2315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000
[  171.125515][   T29] audit: type=1326 audit(1725278023.954:6847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10074 comm="syz.2.2315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000
[  171.149252][   T29] audit: type=1326 audit(1725278023.984:6848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10074 comm="syz.2.2315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000
[  171.172842][   T29] audit: type=1326 audit(1725278023.984:6849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10074 comm="syz.2.2315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000
[  171.227303][T10078] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2316'.
[  171.247839][T10085] Invalid ELF header magic: != ELF
[  171.332838][T10092] netlink: 'syz.1.2322': attribute type 10 has an invalid length.
[  171.340842][T10092] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2322'.
[  171.369927][T10092] bridge0: port 4(ipvlan0) entered blocking state
[  171.376732][T10092] bridge0: port 4(ipvlan0) entered disabled state
[  171.383413][T10095] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10095 comm=syz.1.2322
[  171.386089][T10096] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10096 comm=syz.2.2323
[  171.408859][T10092] ipvlan0: entered allmulticast mode
[  171.414298][T10092] veth0_vlan: entered allmulticast mode
[  171.422500][T10092] ipvlan0: left allmulticast mode
[  171.427733][T10092] veth0_vlan: left allmulticast mode
[  171.438853][T10092] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check.
[  171.457584][T10096] netlink: 'syz.2.2323': attribute type 10 has an invalid length.
[  171.465663][T10096] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2323'.
[  171.479511][T10096] bridge0: port 3(ipvlan0) entered blocking state
[  171.486143][T10096] bridge0: port 3(ipvlan0) entered disabled state
[  171.500061][T10098] netlink: 'syz.3.2324': attribute type 20 has an invalid length.
[  171.508334][T10099] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10099 comm=syz.2.2323
[  171.521855][T10096] ipvlan0: entered allmulticast mode
[  171.527283][T10096] veth0_vlan: entered allmulticast mode
[  171.546219][T10096] ipvlan0: left allmulticast mode
[  171.551386][T10096] veth0_vlan: left allmulticast mode
[  171.559567][T10096] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check.
[  171.590087][T10103] loop3: detected capacity change from 0 to 512
[  171.600249][T10103] EXT4-fs: Invalid want_extra_isize 1
[  171.606942][T10105] netlink: 'syz.1.2327': attribute type 1 has an invalid length.
[  171.621292][T10103] loop3: detected capacity change from 0 to 512
[  171.659646][T10103] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.2326: casefold flag without casefold feature
[  171.682582][T10103] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.2326: couldn't read orphan inode 15 (err -117)
[  171.707942][T10103] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  171.733348][T10103] EXT4-fs error (device loop3): ext4_add_entry:2435: inode #2: comm syz.3.2326: Directory hole found for htree leaf block 0
[  171.763494][T10103] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[  171.790656][T10124] __nla_validate_parse: 1 callbacks suppressed
[  171.790672][T10124] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2334'.
[  171.794093][T10127] FAULT_INJECTION: forcing a failure.
[  171.794093][T10127] name failslab, interval 1, probability 0, space 0, times 0
[  171.818652][T10127] CPU: 0 UID: 0 PID: 10127 Comm: syz.2.2335 Not tainted 6.11.0-rc6-syzkaller-00017-gc9f016e72b5c #0
[  171.829694][T10127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  171.839778][T10127] Call Trace:
[  171.843075][T10127]  <TASK>
[  171.846151][T10127]  dump_stack_lvl+0xf2/0x150
[  171.850761][T10127]  dump_stack+0x15/0x20
[  171.855001][T10127]  should_fail_ex+0x229/0x230
[  171.859741][T10127]  ? build_skb+0x33/0x210
[  171.864161][T10127]  should_failslab+0x8f/0xb0
[  171.868794][T10127]  kmem_cache_alloc_noprof+0x4c/0x290
[  171.874261][T10127]  ? alloc_pages_mpol_noprof+0xd5/0x1e0
[  171.879921][T10127]  build_skb+0x33/0x210
[  171.884127][T10127]  __tun_build_skb+0x2b/0x1b0
[  171.888908][T10127]  ? tun_get_user+0x1474/0x24b0
[  171.893800][T10127]  tun_get_user+0x1494/0x24b0
[  171.898624][T10127]  ? kstrtoull+0x110/0x140
[  171.903117][T10127]  ? ref_tracker_alloc+0x1f5/0x2f0
[  171.908357][T10127]  tun_chr_write_iter+0x18e/0x240
[  171.913419][T10127]  vfs_write+0x78f/0x900
[  171.917678][T10127]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  171.923373][T10127]  ksys_write+0xeb/0x1b0
[  171.927658][T10127]  __x64_sys_write+0x42/0x50
[  171.932317][T10127]  x64_sys_call+0x27dd/0x2d60
[  171.937061][T10127]  do_syscall_64+0xc9/0x1c0
[  171.941691][T10127]  ? clear_bhb_loop+0x55/0xb0
[  171.946406][T10127]  ? clear_bhb_loop+0x55/0xb0
[  171.951177][T10127]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.957187][T10127] RIP: 0033:0x7f644fb2899f
[  171.961696][T10127] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[  171.981748][T10127] RSP: 002b:00007f644e7a7000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  171.990188][T10127] RAX: ffffffffffffffda RBX: 00007f644fcc5f80 RCX: 00007f644fb2899f
[  171.998258][T10127] RDX: 0000000000000066 RSI: 0000000020000780 RDI: 00000000000000c8
[  172.006260][T10127] RBP: 00007f644e7a7090 R08: 0000000000000000 R09: 0000000000000000
[  172.014236][T10127] R10: 0000000000000066 R11: 0000000000000293 R12: 0000000000000001
[  172.022279][T10127] R13: 0000000000000000 R14: 00007f644fcc5f80 R15: 00007ffe7db1ba18
[  172.030298][T10127]  </TASK>
[  172.045109][ T9125] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.085975][T10133] netlink: 'syz.2.2337': attribute type 20 has an invalid length.
[  172.095138][T10131] netlink: 'syz.3.2336': attribute type 10 has an invalid length.
[  172.103047][T10131] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2336'.
[  172.130891][T10131] bridge0: port 3(ipvlan0) entered blocking state
[  172.137473][T10131] bridge0: port 3(ipvlan0) entered disabled state
[  172.146288][T10136] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10136 comm=syz.3.2336
[  172.152310][T10131] ipvlan0: entered allmulticast mode
[  172.164137][T10131] veth0_vlan: entered allmulticast mode
[  172.193743][T10131] ipvlan0: left allmulticast mode
[  172.198886][T10131] veth0_vlan: left allmulticast mode
[  172.220609][T10131] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check.
[  172.280826][T10140] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10140 comm=syz.3.2340
[  172.307073][T10140] netlink: 'syz.3.2340': attribute type 10 has an invalid length.
[  172.315069][T10140] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2340'.
[  172.347572][T10140] bridge0: port 3(ipvlan0) entered blocking state
[  172.354133][T10140] bridge0: port 3(ipvlan0) entered disabled state
[  172.358450][T10146] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10146 comm=syz.3.2340
[  172.378285][T10140] ipvlan0: entered allmulticast mode
[  172.383650][T10140] veth0_vlan: entered allmulticast mode
[  172.394352][T10140] ipvlan0: left allmulticast mode
[  172.399516][T10140] veth0_vlan: left allmulticast mode
[  172.405772][T10140] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check.
[  172.690830][T10160] vxcan1: tx drop: invalid da for name 0x0000000000000003
[  172.701840][T10161] vxcan1: tx drop: invalid da for name 0x0000000000000003
[  172.877050][T10165] loop3: detected capacity change from 0 to 164
[  172.884307][T10165] rock: corrupted directory entry. extent=28, offset=0, size=16777216
[  172.920369][T10168] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2351'.
[  172.929481][T10168] bridge0: port 3(ipvlan0) entered blocking state
[  172.936065][T10168] bridge0: port 3(ipvlan0) entered disabled state
[  172.942901][T10168] ipvlan0: entered allmulticast mode
[  172.948193][T10168] veth0_vlan: entered allmulticast mode
[  172.954649][T10168] ipvlan0: left allmulticast mode
[  172.959821][T10168] veth0_vlan: left allmulticast mode
[  172.965986][T10168] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check.
[  172.982283][T10169] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10169 comm=syz.3.2351
[  173.031259][T10176] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10176 comm=syz.3.2354
[  173.045851][T10176] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2354'.
[  173.055295][T10176] bridge0: port 3(ipvlan0) entered blocking state
[  173.061867][T10176] bridge0: port 3(ipvlan0) entered disabled state
[  173.069503][T10176] ipvlan0: entered allmulticast mode
[  173.075052][T10176] veth0_vlan: entered allmulticast mode
[  173.082195][T10176] ipvlan0: left allmulticast mode
[  173.087253][T10176] veth0_vlan: left allmulticast mode
[  173.093474][T10176] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check.
[  173.110061][T10185] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10185 comm=syz.3.2354
[  173.148103][T10189] loop3: detected capacity change from 0 to 512
[  173.155408][T10189] EXT4-fs: Invalid want_extra_isize 1
[  173.166222][T10189] loop3: detected capacity change from 0 to 512
[  173.183294][T10189] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.2359: casefold flag without casefold feature
[  173.202488][T10189] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.2359: couldn't read orphan inode 15 (err -117)
[  173.285341][T10188] pim6reg: entered allmulticast mode
[  173.316297][T10189] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  173.329526][T10189] EXT4-fs error (device loop3): ext4_add_entry:2435: inode #2: comm syz.3.2359: Directory hole found for htree leaf block 0
[  173.346881][T10189] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[  173.479611][ T9125] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.305121][T10203] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2364'.
[  174.314462][T10203] bridge0: port 3(ipvlan0) entered blocking state
[  174.321060][T10203] bridge0: port 3(ipvlan0) entered disabled state
[  174.328879][T10203] ipvlan0: entered allmulticast mode
[  174.334263][T10203] veth0_vlan: entered allmulticast mode
[  174.340756][T10203] ipvlan0: left allmulticast mode
[  174.345816][T10203] veth0_vlan: left allmulticast mode
[  174.351938][T10203] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check.
[  174.372901][T10208] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10208 comm=syz.3.2364
[  174.478379][T10215] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2369'.
[  174.515412][T10219] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=40291 sclass=netlink_route_socket pid=10219 comm=syz.2.2370
[  174.583315][T10226] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[  174.592429][T10228] loop3: detected capacity change from 0 to 512
[  174.621027][T10228] /dev/loop3: Can't open blockdev
[  174.665683][T10233] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2376'.
[  174.730860][T10228] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  174.750208][T10239] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10239 comm=syz.2.2377
[  174.779627][T10239] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2377'.
[  174.791161][T10239] bridge0: port 3(ipvlan0) entered blocking state
[  174.797642][T10239] bridge0: port 3(ipvlan0) entered disabled state
[  174.804677][T10239] ipvlan0: entered allmulticast mode
[  174.810144][T10239] veth0_vlan: entered allmulticast mode
[  174.817526][T10239] ipvlan0: left allmulticast mode
[  174.822617][T10239] veth0_vlan: left allmulticast mode
[  174.832800][T10244] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10244 comm=syz.2.2377
[  175.068697][ T9917] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  175.132918][T10242] pim6reg1: entered promiscuous mode
[  175.138296][T10242] pim6reg1: entered allmulticast mode
[  175.200401][ T9917] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  175.213186][T10257] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2381'.
[  175.239152][ T9917] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  175.267201][ T9917] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  175.332544][   T29] kauditd_printk_skb: 248 callbacks suppressed
[  175.332597][   T29] audit: type=1326 audit(1725278028.304:7098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10262 comm="syz.2.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000
[  175.370537][   T29] audit: type=1326 audit(1725278028.304:7099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10262 comm="syz.2.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000
[  175.394142][   T29] audit: type=1326 audit(1725278028.304:7100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10262 comm="syz.2.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000
[  175.418081][   T29] audit: type=1326 audit(1725278028.304:7101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10262 comm="syz.2.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000
[  175.441861][   T29] audit: type=1326 audit(1725278028.304:7102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10262 comm="syz.2.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000
[  175.469819][   T29] audit: type=1326 audit(1725278028.394:7103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10262 comm="syz.2.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000
[  175.493504][   T29] audit: type=1326 audit(1725278028.394:7104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10262 comm="syz.2.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000
[  175.517097][   T29] audit: type=1326 audit(1725278028.394:7105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10262 comm="syz.2.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000
[  175.540840][   T29] audit: type=1326 audit(1725278028.394:7106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10262 comm="syz.2.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000
[  175.564466][   T29] audit: type=1326 audit(1725278028.394:7107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10262 comm="syz.2.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000
[  175.681138][T10277] loop7: detected capacity change from 0 to 16384
[  175.695257][T10274] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  175.698616][T10281] vxcan1: tx drop: invalid da for name 0x0000000000000003
[  175.719422][T10282] vxcan1: tx drop: invalid da for name 0x0000000000000003
[  175.750266][T10277] Invalid logical block size (65532)
[  175.819654][   T46] blk_print_req_error: 6 callbacks suppressed
[  175.819675][   T46] I/O error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 0 prio class 0
[  175.871033][T10291] tipc: Started in network mode
[  175.876054][T10291] tipc: Node identity aaaaaaaaaa32, cluster identity 4711
[  175.883688][T10291] tipc: Enabled bearer <eth:vlan0>, priority 10
[  175.901331][T10297] validate_nla: 7 callbacks suppressed
[  175.901349][T10297] netlink: 'syz.2.2395': attribute type 1 has an invalid length.
[  175.908338][T10291] tipc: Resetting bearer <eth:vlan0>
[  175.970570][T10291] tipc: Disabling bearer <eth:vlan0>
[  176.133088][T10321] vxcan1: tx drop: invalid da for name 0x0000000000000003
[  176.148294][T10324] vxcan1: tx drop: invalid da for name 0x0000000000000003
[  176.155166][T10323] loop3: detected capacity change from 0 to 1024
[  176.212899][T10323] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  176.349413][T10329] pim6reg: entered allmulticast mode
[  176.642163][T10358] syzkaller0: tun_chr_ioctl cmd 1074812117
[  176.784455][T10367] pim6reg1: entered promiscuous mode
[  176.789915][T10367] pim6reg1: entered allmulticast mode
[  177.237421][T10394] vxcan1: tx drop: invalid da for name 0x0000000000000003
[  177.281201][T10402] vxcan1: tx drop: invalid da for name 0x0000000000000003
[  177.315009][T10394] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1106 sclass=netlink_route_socket pid=10394 comm=syz.0.2433
[  177.456603][ T9125] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.572965][T10420] tipc: Started in network mode
[  177.577926][T10420] tipc: Node identity aaaaaaaaaa32, cluster identity 4711
[  177.585236][T10420] tipc: Enabled bearer <eth:vlan0>, priority 10
[  177.629282][T10420] tipc: Resetting bearer <eth:vlan0>
[  177.666330][T10420] tipc: Disabling bearer <eth:vlan0>
[  177.703892][T10431] netlink: 'syz.4.2448': attribute type 10 has an invalid length.
[  177.711879][T10431] __nla_validate_parse: 4 callbacks suppressed
[  177.711898][T10431] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2448'.
[  177.766997][T10431] bridge0: port 3(ipvlan0) entered blocking state
[  177.767474][T10434] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10434 comm=syz.4.2448
[  177.773732][T10431] bridge0: port 3(ipvlan0) entered disabled state
[  177.827320][T10435] netlink: 'syz.2.2450': attribute type 1 has an invalid length.
[  177.835270][T10435] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2450'.
[  177.845582][T10431] ipvlan0: entered allmulticast mode
[  177.851250][T10431] veth0_vlan: entered allmulticast mode
[  177.860666][T10431] ipvlan0: left allmulticast mode
[  177.865829][T10431] veth0_vlan: left allmulticast mode
[  177.882311][T10431] net_ratelimit: 2 callbacks suppressed
[  177.882395][T10431] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check.
[  178.369972][T10465] FAULT_INJECTION: forcing a failure.
[  178.369972][T10465] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  178.383137][T10465] CPU: 1 UID: 0 PID: 10465 Comm: syz.1.2462 Not tainted 6.11.0-rc6-syzkaller-00017-gc9f016e72b5c #0
[  178.393932][T10465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  178.404063][T10465] Call Trace:
[  178.407370][T10465]  <TASK>
[  178.410414][T10465]  dump_stack_lvl+0xf2/0x150
[  178.415167][T10465]  dump_stack+0x15/0x20
[  178.419358][T10465]  should_fail_ex+0x229/0x230
[  178.424054][T10465]  should_fail+0xb/0x10
[  178.428220][T10465]  should_fail_usercopy+0x1a/0x20
[  178.433372][T10465]  _copy_from_iter+0xd3/0xb00
[  178.438342][T10465]  ? kmalloc_reserve+0x16e/0x190
[  178.443351][T10465]  ? __build_skb_around+0x196/0x1f0
[  178.448589][T10465]  ? __alloc_skb+0x21f/0x310
[  178.453186][T10465]  ? __virt_addr_valid+0x1ed/0x250
[  178.458349][T10465]  ? __check_object_size+0x35b/0x510
[  178.463753][T10465]  netlink_sendmsg+0x460/0x6e0
[  178.468567][T10465]  ? __pfx_netlink_sendmsg+0x10/0x10
[  178.473879][T10465]  __sock_sendmsg+0x140/0x180
[  178.478781][T10465]  ____sys_sendmsg+0x312/0x410
[  178.483605][T10465]  __sys_sendmsg+0x1e9/0x280
[  178.488281][T10465]  __x64_sys_sendmsg+0x46/0x50
[  178.493121][T10465]  x64_sys_call+0x2689/0x2d60
[  178.498113][T10465]  do_syscall_64+0xc9/0x1c0
[  178.502629][T10465]  ? clear_bhb_loop+0x55/0xb0
[  178.507342][T10465]  ? clear_bhb_loop+0x55/0xb0
[  178.512243][T10465]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  178.518303][T10465] RIP: 0033:0x7f093d7e9eb9
[  178.522921][T10465] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  178.542713][T10465] RSP: 002b:00007f093c467038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  178.551142][T10465] RAX: ffffffffffffffda RBX: 00007f093d985f80 RCX: 00007f093d7e9eb9
[  178.559268][T10465] RDX: 0000000044000000 RSI: 0000000020000240 RDI: 0000000000000005
[  178.567251][T10465] RBP: 00007f093c467090 R08: 0000000000000000 R09: 0000000000000000
[  178.575224][T10465] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  178.583211][T10465] R13: 0000000000000000 R14: 00007f093d985f80 R15: 00007ffe23d20a68
[  178.591285][T10465]  </TASK>
[  178.653365][T10469] loop3: detected capacity change from 0 to 512
[  178.658227][T10472] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10472 comm=syz.1.2465
[  178.686652][T10469] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  178.702634][T10472] netlink: 'syz.1.2465': attribute type 10 has an invalid length.
[  178.710515][T10472] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2465'.
[  178.729504][T10472] bridge0: port 4(ipvlan0) entered blocking state
[  178.736136][T10472] bridge0: port 4(ipvlan0) entered disabled state
[  178.750053][T10469] ext4 filesystem being mounted at /129/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  178.790358][T10475] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10475 comm=syz.1.2465
[  178.842748][T10472] ipvlan0: entered allmulticast mode
[  178.848174][T10472] veth0_vlan: entered allmulticast mode
[  178.879590][T10469] EXT4-fs error (device loop3): ext4_add_entry:2435: inode #2: comm syz.3.2464: Directory hole found for htree leaf block 0
[  178.893111][T10472] ipvlan0: left allmulticast mode
[  178.898148][T10472] veth0_vlan: left allmulticast mode
[  178.928534][T10472] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check.
[  179.016090][ T9125] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.026933][T10490] syz.2.2472[10490] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  179.027027][T10490] syz.2.2472[10490] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  179.064964][T10492] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10492 comm=syz.4.2473
[  179.092210][T10490] netlink: 220 bytes leftover after parsing attributes in process `syz.2.2472'.
[  179.140689][T10495] pim6reg1: entered promiscuous mode
[  179.146032][T10495] pim6reg1: entered allmulticast mode
[  179.212035][T10499] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10499 comm=syz.4.2473
[  179.248126][T10492] netlink: 'syz.4.2473': attribute type 10 has an invalid length.
[  179.256058][T10492] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2473'.
[  179.281783][T10492] bridge0: port 3(ipvlan0) entered blocking state
[  179.288376][T10492] bridge0: port 3(ipvlan0) entered disabled state
[  179.311928][T10492] ipvlan0: entered allmulticast mode
[  179.317310][T10492] veth0_vlan: entered allmulticast mode
[  179.353800][T10492] ipvlan0: left allmulticast mode
[  179.358897][T10492] veth0_vlan: left allmulticast mode
[  179.384743][T10492] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check.
[  179.417430][T10514] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10514 comm=syz.1.2482
[  179.455151][T10514] netlink: 'syz.1.2482': attribute type 10 has an invalid length.
[  179.463786][T10514] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2482'.
[  179.489819][T10514] bridge0: port 4(ipvlan0) entered blocking state
[  179.496509][T10514] bridge0: port 4(ipvlan0) entered disabled state
[  179.511036][T10525] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10525 comm=syz.1.2482
[  179.513713][T10514] ipvlan0: entered allmulticast mode
[  179.528981][T10514] veth0_vlan: entered allmulticast mode
[  179.576658][T10514] ipvlan0: left allmulticast mode
[  179.581870][T10514] veth0_vlan: left allmulticast mode
[  179.599304][T10514] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check.
[  179.649153][T10528] pim6reg1: entered promiscuous mode
[  179.654633][T10528] pim6reg1: entered allmulticast mode
[  179.946698][T10556] netlink: 'syz.4.2501': attribute type 10 has an invalid length.
[  179.954697][T10556] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2501'.
[  179.974465][T10558] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10558 comm=syz.1.2502
[  180.000422][T10556] bridge0: port 3(ipvlan0) entered blocking state
[  180.007038][T10556] bridge0: port 3(ipvlan0) entered disabled state
[  180.017101][T10559] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10559 comm=syz.4.2501
[  180.030548][T10556] ipvlan0: entered allmulticast mode
[  180.035887][T10556] veth0_vlan: entered allmulticast mode
[  180.067660][T10556] ipvlan0: left allmulticast mode
[  180.072944][T10556] veth0_vlan: left allmulticast mode
[  180.079005][T10556] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check.
[  180.097732][T10563] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10563 comm=syz.1.2502
[  180.143759][T10558] netlink: 'syz.1.2502': attribute type 10 has an invalid length.
[  180.151652][T10558] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2502'.
[  180.160928][T10558] bridge0: port 4(ipvlan0) entered blocking state
[  180.167510][T10558] bridge0: port 4(ipvlan0) entered disabled state
[  180.174588][T10558] ipvlan0: entered allmulticast mode
[  180.180047][T10558] veth0_vlan: entered allmulticast mode
[  180.186368][T10558] ipvlan0: left allmulticast mode
[  180.191495][T10558] veth0_vlan: left allmulticast mode
[  180.197905][T10558] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check.
[  180.525170][T10584] vxcan1: tx drop: invalid da for name 0x0000000000000003
[  180.590716][T10587] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1106 sclass=netlink_route_socket pid=10587 comm=syz.4.2512
[  180.645858][T10590] vxcan1: tx drop: invalid da for name 0x0000000000000003
[  180.675432][T10593] netlink: 'syz.1.2515': attribute type 10 has an invalid length.
[  180.683455][T10593] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2515'.
[  180.693409][T10593] bridge0: port 4(ipvlan0) entered blocking state
[  180.699931][T10593] bridge0: port 4(ipvlan0) entered disabled state
[  180.706887][T10593] ipvlan0: entered allmulticast mode
[  180.712464][T10593] veth0_vlan: entered allmulticast mode
[  180.718780][T10593] ipvlan0: left allmulticast mode
[  180.723943][T10593] veth0_vlan: left allmulticast mode
[  180.730755][T10593] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check.
[  180.748149][T10599] netdevsim netdevsim4: Direct firmware load for ./file0 failed with error -2
[  180.768084][T10599] netlink: zone id is out of range
[  180.773276][T10599] netlink: zone id is out of range
[  180.778500][T10599] netlink: zone id is out of range
[  180.789298][   T29] kauditd_printk_skb: 343 callbacks suppressed
[  180.789315][   T29] audit: type=1400 audit(1725278033.754:7451): avc:  denied  { mounton } for  pid=10598 comm="syz.4.2518" path="/proc/95/cgroup" dev="proc" ino=32690 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1
[  180.875277][T10616] netlink: 'syz.2.2525': attribute type 1 has an invalid length.
[  180.883252][T10616] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2525'.
[  181.024846][T10630] FAULT_INJECTION: forcing a failure.
[  181.024846][T10630] name failslab, interval 1, probability 0, space 0, times 0
[  181.037848][T10630] CPU: 0 UID: 0 PID: 10630 Comm: syz.3.2531 Not tainted 6.11.0-rc6-syzkaller-00017-gc9f016e72b5c #0
[  181.048689][T10630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  181.058773][T10630] Call Trace:
[  181.062058][T10630]  <TASK>
[  181.064994][T10630]  dump_stack_lvl+0xf2/0x150
[  181.069827][T10630]  dump_stack+0x15/0x20
[  181.074009][T10630]  should_fail_ex+0x229/0x230
[  181.078763][T10630]  ? __alloc_skb+0x10b/0x310
[  181.083389][T10630]  should_failslab+0x8f/0xb0
[  181.088009][T10630]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[  181.093834][T10630]  __alloc_skb+0x10b/0x310
[  181.098376][T10630]  netlink_alloc_large_skb+0xad/0xe0
[  181.103783][T10630]  netlink_sendmsg+0x3b4/0x6e0
[  181.108729][T10630]  ? __pfx_netlink_sendmsg+0x10/0x10
[  181.114053][T10630]  __sock_sendmsg+0x140/0x180
[  181.118905][T10630]  ____sys_sendmsg+0x312/0x410
[  181.123728][T10630]  __sys_sendmsg+0x1e9/0x280
[  181.128526][T10630]  __x64_sys_sendmsg+0x46/0x50
[  181.133313][T10630]  x64_sys_call+0x2689/0x2d60
[  181.138011][T10630]  do_syscall_64+0xc9/0x1c0
[  181.142535][T10630]  ? clear_bhb_loop+0x55/0xb0
[  181.147274][T10630]  ? clear_bhb_loop+0x55/0xb0
[  181.151975][T10630]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  181.157898][T10630] RIP: 0033:0x7f83f9619eb9
[  181.162359][T10630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  181.182064][T10630] RSP: 002b:00007f83f8297038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  181.190534][T10630] RAX: ffffffffffffffda RBX: 00007f83f97b5f80 RCX: 00007f83f9619eb9
[  181.198513][T10630] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003
[  181.206626][T10630] RBP: 00007f83f8297090 R08: 0000000000000000 R09: 0000000000000000
[  181.214604][T10630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  181.222580][T10630] R13: 0000000000000000 R14: 00007f83f97b5f80 R15: 00007ffeabb10558
[  181.230652][T10630]  </TASK>
[  181.240295][T10625] pim6reg1: entered promiscuous mode
[  181.245776][T10625] pim6reg1: entered allmulticast mode
[  181.273038][T10638] syz.4.2534[10638] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  181.273127][T10638] syz.4.2534[10638] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  181.289901][T10638] FAULT_INJECTION: forcing a failure.
[  181.289901][T10638] name failslab, interval 1, probability 0, space 0, times 0
[  181.314338][T10638] CPU: 0 UID: 0 PID: 10638 Comm: syz.4.2534 Not tainted 6.11.0-rc6-syzkaller-00017-gc9f016e72b5c #0
[  181.325278][T10638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  181.335412][T10638] Call Trace:
[  181.338701][T10638]  <TASK>
[  181.341638][T10638]  dump_stack_lvl+0xf2/0x150
[  181.346396][T10638]  dump_stack+0x15/0x20
[  181.350641][T10638]  should_fail_ex+0x229/0x230
[  181.355599][T10638]  ? wpan_phy_new+0x2a/0x190
[  181.360202][T10638]  should_failslab+0x8f/0xb0
[  181.364874][T10638]  __kmalloc_noprof+0xa5/0x370
[  181.369712][T10638]  wpan_phy_new+0x2a/0x190
[  181.374260][T10638]  ieee802154_alloc_hw+0xbd/0x5b0
[  181.379566][T10638]  hwsim_add_one+0x48/0xa80
[  181.384079][T10638]  ? genl_family_rcv_msg_attrs_parse+0x148/0x1a0
[  181.390493][T10638]  ? genl_family_rcv_msg_attrs_parse+0x182/0x1a0
[  181.396960][T10638]  hwsim_new_radio_nl+0x2e/0x40
[  181.401817][T10638]  genl_rcv_msg+0x61b/0x6c0
[  181.406425][T10638]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  181.412044][T10638]  ? __rcu_read_unlock+0x4e/0x70
[  181.417002][T10638]  netlink_rcv_skb+0x12c/0x230
[  181.422242][T10638]  ? __pfx_genl_rcv_msg+0x10/0x10
[  181.427343][T10638]  genl_rcv+0x28/0x40
[  181.431446][T10638]  netlink_unicast+0x599/0x670
[  181.436257][T10638]  netlink_sendmsg+0x5cc/0x6e0
[  181.441216][T10638]  ? __pfx_netlink_sendmsg+0x10/0x10
[  181.446520][T10638]  __sock_sendmsg+0x140/0x180
[  181.451486][T10638]  ____sys_sendmsg+0x312/0x410
[  181.456356][T10638]  __sys_sendmsg+0x1e9/0x280
[  181.460991][T10638]  __x64_sys_sendmsg+0x46/0x50
[  181.466037][T10638]  x64_sys_call+0x2689/0x2d60
[  181.470751][T10638]  do_syscall_64+0xc9/0x1c0
[  181.475275][T10638]  ? clear_bhb_loop+0x55/0xb0
[  181.480043][T10638]  ? clear_bhb_loop+0x55/0xb0
[  181.485098][T10638]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  181.491089][T10638] RIP: 0033:0x7f07ba499eb9
[  181.495548][T10638] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  181.515384][T10638] RSP: 002b:00007f07b9117038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  181.523883][T10638] RAX: ffffffffffffffda RBX: 00007f07ba635f80 RCX: 00007f07ba499eb9
[  181.531999][T10638] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000006
[  181.540025][T10638] RBP: 00007f07b9117090 R08: 0000000000000000 R09: 0000000000000000
[  181.548090][T10638] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  181.556093][T10638] R13: 0000000000000000 R14: 00007f07ba635f80 R15: 00007fff887615e8
[  181.564369][T10638]  </TASK>
[  181.567724][T10638] failure to allocate master IEEE802.15.4 device
[  181.662081][   T29] audit: type=1326 audit(1725278034.604:7452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10646 comm="syz.2.2539" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f644fb29eb9 code=0x0
[  181.685911][   T29] audit: type=1326 audit(1725278034.614:7453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10645 comm="syz.4.2540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07ba499eb9 code=0x7ffc0000
[  181.709477][   T29] audit: type=1326 audit(1725278034.614:7454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10645 comm="syz.4.2540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=6 compat=0 ip=0x7f07ba499eb9 code=0x7ffc0000
[  181.733733][   T29] audit: type=1326 audit(1725278034.614:7455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10645 comm="syz.4.2540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07ba499eb9 code=0x7ffc0000
[  181.757601][   T29] audit: type=1326 audit(1725278034.614:7456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10645 comm="syz.4.2540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f07ba499eb9 code=0x7ffc0000
[  181.781675][   T29] audit: type=1326 audit(1725278034.614:7457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10645 comm="syz.4.2540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f07ba499ef3 code=0x7ffc0000
[  181.805298][   T29] audit: type=1326 audit(1725278034.614:7458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10645 comm="syz.4.2540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f07ba499ef3 code=0x7ffc0000
[  181.828890][   T29] audit: type=1326 audit(1725278034.614:7459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10645 comm="syz.4.2540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07ba499eb9 code=0x7ffc0000
[  181.852635][   T29] audit: type=1326 audit(1725278034.614:7460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10645 comm="syz.4.2540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07ba499eb9 code=0x7ffc0000
[  181.884714][T10650] netlink: 'syz.1.2541': attribute type 1 has an invalid length.
[  182.535698][T10673] pim6reg: entered allmulticast mode
[  182.571409][T10677] pim6reg1: entered promiscuous mode
[  182.576763][T10677] pim6reg1: entered allmulticast mode
[  182.577437][T10681] vxcan1: tx drop: invalid da for name 0x0000000000000003
[  182.623484][T10684] vxcan1: tx drop: invalid da for name 0x0000000000000003
[  182.652775][T10686] netlink: 'syz.2.2554': attribute type 1 has an invalid length.
[  182.699076][T10691] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[  182.809166][T10701] __nla_validate_parse: 4 callbacks suppressed
[  182.809220][T10701] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2560'.
[  182.892236][T10699] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2559'.
[  182.926737][T10716] loop3: detected capacity change from 0 to 1024
[  182.975174][T10716] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  183.157054][T10725] vxcan1: tx drop: invalid da for name 0x0000000000000003
[  183.170950][T10727] vxcan1: tx drop: invalid da for name 0x0000000000000003
[  183.227770][ T9125] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.309867][T10726] pim6reg1: entered promiscuous mode
[  183.315392][T10726] pim6reg1: entered allmulticast mode
[  183.391329][T10738] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[  183.402617][T10743] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2575'.
[  183.496392][T10749] 9pnet_fd: Insufficient options for proto=fd
[  183.652074][T10757] 9pnet_fd: Insufficient options for proto=fd
[  183.690866][T10751] FAULT_INJECTION: forcing a failure.
[  183.690866][T10751] name failslab, interval 1, probability 0, space 0, times 0
[  183.703609][T10751] CPU: 0 UID: 0 PID: 10751 Comm: syz.1.2580 Not tainted 6.11.0-rc6-syzkaller-00017-gc9f016e72b5c #0
[  183.714455][T10751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  183.724805][T10751] Call Trace:
[  183.728151][T10751]  <TASK>
[  183.731143][T10751]  dump_stack_lvl+0xf2/0x150
[  183.735840][T10751]  dump_stack+0x15/0x20
[  183.740019][T10751]  should_fail_ex+0x229/0x230
[  183.744741][T10751]  ? __d_alloc+0x3d/0x340
[  183.749095][T10751]  should_failslab+0x8f/0xb0
[  183.753735][T10751]  kmem_cache_alloc_lru_noprof+0x51/0x2a0
[  183.759628][T10751]  __d_alloc+0x3d/0x340
[  183.764074][T10751]  d_alloc_pseudo+0x1e/0x80
[  183.768720][T10751]  alloc_file_pseudo+0x70/0x140
[  183.773770][T10751]  __shmem_file_setup+0x1bb/0x1f0
[  183.778855][T10751]  shmem_file_setup+0x3b/0x50
[  183.783585][T10751]  __se_sys_memfd_create+0x31d/0x600
[  183.788909][T10751]  __x64_sys_memfd_create+0x31/0x40
[  183.794149][T10751]  x64_sys_call+0x2891/0x2d60
[  183.798878][T10751]  do_syscall_64+0xc9/0x1c0
[  183.803699][T10751]  ? clear_bhb_loop+0x55/0xb0
[  183.808476][T10751]  ? clear_bhb_loop+0x55/0xb0
[  183.813179][T10751]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.819216][T10751] RIP: 0033:0x7f093d7e9eb9
[  183.823751][T10751] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  183.843414][T10751] RSP: 002b:00007f093c466e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  183.852039][T10751] RAX: ffffffffffffffda RBX: 000000000000060e RCX: 00007f093d7e9eb9
[  183.860108][T10751] RDX: 00007f093c466ef0 RSI: 0000000000000000 RDI: 00007f093d858131
[  183.868159][T10751] RBP: 0000000020001080 R08: 00007f093c466bb7 R09: 00007f093c466e40
[  183.876591][T10751] R10: 000000000000000a R11: 0000000000000202 R12: 0000000020000000
[  183.884594][T10751] R13: 00007f093c466ef0 R14: 00007f093c466eb0 R15: 0000000020000680
[  183.892792][T10751]  </TASK>
[  183.928482][T10761] xt_l2tp: v2 sid > 0xffff: 16777216
[  183.986127][T10765] selinux_netlink_send: 3 callbacks suppressed
[  183.986145][T10765] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10765 comm=syz.4.2586
[  184.020274][T10767] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2588'.
[  184.029878][T10769] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[  184.042980][T10765] netlink: 'syz.4.2586': attribute type 10 has an invalid length.
[  184.051022][T10765] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2586'.
[  184.066048][T10765] bridge0: port 3(ipvlan0) entered blocking state
[  184.072642][T10765] bridge0: port 3(ipvlan0) entered disabled state
[  184.092059][T10765] ipvlan0: entered allmulticast mode
[  184.097462][T10765] veth0_vlan: entered allmulticast mode
[  184.106001][T10771] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10771 comm=syz.4.2586
[  184.119763][T10765] ipvlan0: left allmulticast mode
[  184.124984][T10765] veth0_vlan: left allmulticast mode
[  184.134688][T10765] net_ratelimit: 8 callbacks suppressed
[  184.134708][T10765] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check.
[  184.174197][T10774] loop3: detected capacity change from 0 to 256
[  184.202158][T10774] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  184.245549][T10783] netlink: 'syz.4.2594': attribute type 10 has an invalid length.
[  184.253628][T10783] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2594'.
[  184.272924][T10783] bridge0: port 3(ipvlan0) entered blocking state
[  184.279439][T10783] bridge0: port 3(ipvlan0) entered disabled state
[  184.291186][T10783] ipvlan0: entered allmulticast mode
[  184.296532][T10783] veth0_vlan: entered allmulticast mode
[  184.310882][T10787] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10787 comm=syz.4.2594
[  184.331939][T10783] ipvlan0: left allmulticast mode
[  184.337112][T10783] veth0_vlan: left allmulticast mode
[  184.357613][T10783] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check.
[  184.423460][T10795] netlink: 'syz.3.2599': attribute type 1 has an invalid length.
[  184.431426][T10795] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2599'.
[  184.472475][T10799] netlink: 'syz.4.2600': attribute type 1 has an invalid length.
[  184.480371][T10799] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2600'.
[  184.510409][T10808] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10808 comm=syz.3.2604
[  184.564826][T10808] netlink: 'syz.3.2604': attribute type 10 has an invalid length.
[  184.572853][T10808] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2604'.
[  184.583987][T10808] bridge0: port 3(ipvlan0) entered blocking state
[  184.590669][T10808] bridge0: port 3(ipvlan0) entered disabled state
[  184.597516][T10808] ipvlan0: entered allmulticast mode
[  184.602967][T10808] veth0_vlan: entered allmulticast mode
[  184.610412][T10823] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10823 comm=syz.3.2604
[  184.647581][T10808] ipvlan0: left allmulticast mode
[  184.652723][T10808] veth0_vlan: left allmulticast mode
[  184.662416][T10808] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check.
[  184.684052][T10824] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2607'.
[  184.755418][T10832] netlink: 'syz.3.2611': attribute type 10 has an invalid length.
[  184.775509][T10832] bridge0: port 3(ipvlan0) entered blocking state
[  184.782188][T10832] bridge0: port 3(ipvlan0) entered disabled state
[  184.799883][T10832] ipvlan0: entered allmulticast mode
[  184.805303][T10832] veth0_vlan: entered allmulticast mode
[  184.842739][T10839] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10839 comm=syz.3.2611
[  184.870583][T10832] ipvlan0: left allmulticast mode
[  184.876076][T10832] veth0_vlan: left allmulticast mode
[  184.886486][T10842] netlink: 'syz.4.2615': attribute type 1 has an invalid length.
[  184.901436][T10832] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check.
[  184.999312][T10850] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[  185.103496][T10858] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=4 sclass=netlink_route_socket pid=10858 comm=syz.4.2621
[  185.128992][T10860] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10860 comm=syz.1.2622
[  185.186311][T10860] netlink: 'syz.1.2622': attribute type 10 has an invalid length.
[  185.218205][T10860] bridge0: port 4(ipvlan0) entered blocking state
[  185.224770][T10860] bridge0: port 4(ipvlan0) entered disabled state
[  185.236217][T10860] ipvlan0: entered allmulticast mode
[  185.241691][T10860] veth0_vlan: entered allmulticast mode
[  185.247836][T10865] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10865 comm=syz.1.2622
[  185.266141][T10860] ipvlan0: left allmulticast mode
[  185.271348][T10860] veth0_vlan: left allmulticast mode
[  185.290323][T10860] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check.
[  185.366669][T10871] 9pnet_fd: Insufficient options for proto=fd
[  185.580518][T10875] veth7: entered promiscuous mode
[  185.585629][T10875] veth7: entered allmulticast mode
[  185.775438][T10791] syz.2.2596 (10791) used greatest stack depth: 6288 bytes left
[  185.918067][T10906] FAULT_INJECTION: forcing a failure.
[  185.918067][T10906] name failslab, interval 1, probability 0, space 0, times 0
[  185.931259][T10906] CPU: 1 UID: 0 PID: 10906 Comm: syz.0.2641 Not tainted 6.11.0-rc6-syzkaller-00017-gc9f016e72b5c #0
[  185.942072][T10906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  185.952250][T10906] Call Trace:
[  185.955551][T10906]  <TASK>
[  185.958597][T10906]  dump_stack_lvl+0xf2/0x150
[  185.963744][T10906]  dump_stack+0x15/0x20
[  185.968009][T10906]  should_fail_ex+0x229/0x230
[  185.972811][T10906]  ? __alloc_skb+0x10b/0x310
[  185.977453][T10906]  should_failslab+0x8f/0xb0
[  185.982133][T10906]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[  185.988150][T10906]  __alloc_skb+0x10b/0x310
[  185.992601][T10906]  netlink_alloc_large_skb+0xad/0xe0
[  185.998015][T10906]  netlink_sendmsg+0x3b4/0x6e0
[  186.002828][T10906]  ? __pfx_netlink_sendmsg+0x10/0x10
[  186.008184][T10906]  __sock_sendmsg+0x140/0x180
[  186.012578][   T29] kauditd_printk_skb: 515 callbacks suppressed
[  186.012596][   T29] audit: type=1326 audit(1725278038.954:7976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10905 comm="syz.1.2640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f093d7e9eb9 code=0x7ffc0000
[  186.012892][T10906]  ____sys_sendmsg+0x312/0x410
[  186.019070][   T29] audit: type=1326 audit(1725278038.954:7977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10905 comm="syz.1.2640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f093d7e9eb9 code=0x7ffc0000
[  186.042785][T10906]  __sys_sendmmsg+0x269/0x500
[  186.042919][T10906]  __x64_sys_sendmmsg+0x57/0x70
[  186.047676][   T29] audit: type=1326 audit(1725278038.954:7978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10905 comm="syz.1.2640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=208 compat=0 ip=0x7f093d7e9eb9 code=0x7ffc0000
[  186.071281][T10906]  x64_sys_call+0xa49/0x2d60
[  186.071320][T10906]  do_syscall_64+0xc9/0x1c0
[  186.071346][T10906]  ? clear_bhb_loop+0x55/0xb0
[  186.076039][   T29] audit: type=1326 audit(1725278038.954:7979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10905 comm="syz.1.2640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f093d7e9eb9 code=0x7ffc0000
[  186.080875][T10906]  ? clear_bhb_loop+0x55/0xb0
[  186.080903][T10906]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.104466][   T29] audit: type=1326 audit(1725278038.954:7980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10905 comm="syz.1.2640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f093d7e9eb9 code=0x7ffc0000
[  186.109070][T10906] RIP: 0033:0x7f4a20579eb9
[  186.113703][   T29] audit: type=1326 audit(1725278038.964:7981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10905 comm="syz.1.2640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f093d7e9eb9 code=0x7ffc0000
[  186.118316][T10906] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  186.224193][T10906] RSP: 002b:00007f4a1f1f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  186.232620][T10906] RAX: ffffffffffffffda RBX: 00007f4a20715f80 RCX: 00007f4a20579eb9
[  186.240650][T10906] RDX: 04000000000001f2 RSI: 0000000020000000 RDI: 0000000000000006
[  186.248629][T10906] RBP: 00007f4a1f1f7090 R08: 0000000000000000 R09: 0000000000000000
[  186.256636][T10906] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  186.264750][T10906] R13: 0000000000000000 R14: 00007f4a20715f80 R15: 00007fff0d189bb8
[  186.272788][T10906]  </TASK>
[  186.309996][   T29] audit: type=1326 audit(1725278039.114:7982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10905 comm="syz.1.2640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f093d7e9eb9 code=0x7ffc0000
[  186.333535][   T29] audit: type=1326 audit(1725278039.114:7983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10905 comm="syz.1.2640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f093d7e9eb9 code=0x7ffc0000
[  186.357204][   T29] audit: type=1326 audit(1725278039.114:7984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10905 comm="syz.1.2640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f093d7e9eb9 code=0x7ffc0000
[  186.380880][   T29] audit: type=1326 audit(1725278039.114:7985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10905 comm="syz.1.2640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f093d7e9eb9 code=0x7ffc0000
[  186.586393][T10936] loop3: detected capacity change from 0 to 512
[  186.628633][T10944] 9pnet_fd: Insufficient options for proto=fd
[  186.644517][T10944] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2050 sclass=netlink_route_socket pid=10944 comm=syz.0.2654
[  186.663921][T10936] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  186.680999][T10951] vxcan1: tx drop: invalid da for name 0x0000000000000003
[  186.691775][T10952] vxcan1: tx drop: invalid da for name 0x0000000000000003
[  186.709198][T10936] ext4 filesystem being mounted at /154/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  186.732389][T10936] EXT4-fs error (device loop3): ext4_add_entry:2435: inode #2: comm syz.3.2650: Directory hole found for htree leaf block 0
[  186.752884][T10956] pim6reg1: entered promiscuous mode
[  186.758400][T10956] pim6reg1: entered allmulticast mode
[  186.775921][ T9125] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.873450][T10963] pim6reg1: entered promiscuous mode
[  186.878899][T10963] pim6reg1: entered allmulticast mode
[  186.942362][T10969] loop3: detected capacity change from 0 to 512
[  186.950881][T10967] pim6reg1: entered promiscuous mode
[  186.956217][T10967] pim6reg1: entered allmulticast mode
[  186.971083][T10969] EXT4-fs: Invalid want_extra_isize 1
[  186.983281][T10969] loop3: detected capacity change from 0 to 512
[  187.006293][T10969] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.2663: casefold flag without casefold feature
[  187.068667][T10969] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.2663: couldn't read orphan inode 15 (err -117)
[  187.093745][T10976] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[  187.109739][T10977] FAULT_INJECTION: forcing a failure.
[  187.109739][T10977] name failslab, interval 1, probability 0, space 0, times 0
[  187.122564][T10977] CPU: 1 UID: 0 PID: 10977 Comm: syz.1.2666 Not tainted 6.11.0-rc6-syzkaller-00017-gc9f016e72b5c #0
[  187.133614][T10977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  187.138456][T10969] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  187.143687][T10977] Call Trace:
[  187.143699][T10977]  <TASK>
[  187.143709][T10977]  dump_stack_lvl+0xf2/0x150
[  187.143744][T10977]  dump_stack+0x15/0x20
[  187.171133][T10977]  should_fail_ex+0x229/0x230
[  187.174098][T10969] EXT4-fs error (device loop3): ext4_add_entry:2435: inode #2: comm syz.3.2663: Directory hole found for htree leaf block 0
[  187.176015][T10977]  ? __alloc_skb+0x10b/0x310
[  187.193462][T10977]  should_failslab+0x8f/0xb0
[  187.198171][T10977]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[  187.203254][T10969] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[  187.204040][T10977]  __alloc_skb+0x10b/0x310
[  187.216849][T10977]  audit_log_start+0x368/0x6b0
[  187.221661][T10977]  audit_seccomp+0x4b/0x130
[  187.226298][T10977]  __seccomp_filter+0x6fa/0x1180
[  187.231358][T10977]  ? proc_fail_nth_write+0x130/0x160
[  187.236758][T10977]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  187.242456][T10977]  ? vfs_write+0x5a5/0x900
[  187.246907][T10977]  ? __fget_files+0x1da/0x210
[  187.251662][T10977]  __secure_computing+0x9f/0x1c0
[  187.256650][T10977]  syscall_trace_enter+0xd1/0x1f0
[  187.261726][T10977]  ? fpregs_assert_state_consistent+0x83/0xa0
[  187.268002][T10977]  do_syscall_64+0xaa/0x1c0
[  187.272624][T10977]  ? clear_bhb_loop+0x55/0xb0
[  187.277372][T10977]  ? clear_bhb_loop+0x55/0xb0
[  187.282170][T10977]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.288204][T10977] RIP: 0033:0x7f093d7e9eb9
[  187.292640][T10977] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  187.312517][T10977] RSP: 002b:00007f093c467038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6
[  187.321115][T10977] RAX: ffffffffffffffda RBX: 00007f093d985f80 RCX: 00007f093d7e9eb9
[  187.329347][T10977] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  187.337555][T10977] RBP: 00007f093c467090 R08: 0000000000000000 R09: 0000000000000000
[  187.345633][T10977] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  187.353660][T10977] R13: 0000000000000000 R14: 00007f093d985f80 R15: 00007ffe23d20a68
[  187.361760][T10977]  </TASK>
[  187.396234][T10979] validate_nla: 2 callbacks suppressed
[  187.396253][T10979] netlink: 'syz.0.2668': attribute type 10 has an invalid length.
[  187.413694][ T9125] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  187.415605][T10979] bridge0: port 3(ipvlan0) entered blocking state
[  187.429412][T10979] bridge0: port 3(ipvlan0) entered disabled state
[  187.436610][T10979] ipvlan0: entered allmulticast mode
[  187.441974][T10979] veth0_vlan: entered allmulticast mode
[  187.448611][T10979] ipvlan0: left allmulticast mode
[  187.453982][T10979] veth0_vlan: left allmulticast mode
[  187.460626][T10979] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check.
[  187.536210][T10988] vxcan1: tx drop: invalid da for name 0x0000000000000003
[  187.544541][T10992] 9pnet_fd: Insufficient options for proto=fd
[  187.623629][T11003] loop3: detected capacity change from 0 to 512
[  187.660305][T11003] EXT4-fs: Invalid want_extra_isize 1
[  187.670760][T11008] netlink: 'syz.0.2680': attribute type 5 has an invalid length.
[  187.690512][T11003] loop3: detected capacity change from 0 to 512
[  187.713558][T11003] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.2677: casefold flag without casefold feature
[  187.740320][T11003] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.2677: couldn't read orphan inode 15 (err -117)
[  187.807941][T11003] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  187.873372][T11003] EXT4-fs error (device loop3): ext4_add_entry:2435: inode #2: comm syz.3.2677: Directory hole found for htree leaf block 0
[  187.884452][T11012] __nla_validate_parse: 14 callbacks suppressed
[  187.884487][T11012] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2681'.
[  187.917861][T11003] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[  187.971677][ T9125] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.052272][T11026] syz.3.2685[11026] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  188.052343][T11026] syz.3.2685[11026] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  188.057769][T11025] netlink: 'syz.2.2687': attribute type 10 has an invalid length.
[  188.083308][T11025] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2687'.
[  188.190062][T11025] bridge0: port 3(ipvlan0) entered blocking state
[  188.196649][T11025] bridge0: port 3(ipvlan0) entered disabled state
[  188.231051][T11025] ipvlan0: entered allmulticast mode
[  188.236498][T11025] veth0_vlan: entered allmulticast mode
[  188.242663][T11025] ipvlan0: left allmulticast mode
[  188.247704][T11025] veth0_vlan: left allmulticast mode
[  188.253766][T11025] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check.
[  188.326373][T11033] netlink: 'syz.2.2688': attribute type 10 has an invalid length.
[  188.334295][T11033] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2688'.
[  188.369406][T11033] bridge0: port 3(ipvlan0) entered blocking state
[  188.376032][T11033] bridge0: port 3(ipvlan0) entered disabled state
[  188.390413][T11033] ipvlan0: entered allmulticast mode
[  188.395900][T11033] veth0_vlan: entered allmulticast mode
[  188.410683][T11033] ipvlan0: left allmulticast mode
[  188.415845][T11033] veth0_vlan: left allmulticast mode
[  188.430669][T11033] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check.
[  188.588818][T11052] netlink: 'syz.2.2696': attribute type 1 has an invalid length.
[  188.596654][T11052] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2696'.
[  188.615609][T11051] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[  188.636004][T11046] FAULT_INJECTION: forcing a failure.
[  188.636004][T11046] name failslab, interval 1, probability 0, space 0, times 0
[  188.652968][T11046] CPU: 1 UID: 0 PID: 11046 Comm: syz.4.2692 Not tainted 6.11.0-rc6-syzkaller-00017-gc9f016e72b5c #0
[  188.663852][T11046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  188.673958][T11046] Call Trace:
[  188.677242][T11046]  <TASK>
[  188.680220][T11046]  dump_stack_lvl+0xf2/0x150
[  188.684993][T11046]  dump_stack+0x15/0x20
[  188.689187][T11046]  should_fail_ex+0x229/0x230
[  188.693966][T11046]  ? __alloc_skb+0x10b/0x310
[  188.698604][T11046]  should_failslab+0x8f/0xb0
[  188.703221][T11046]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[  188.709162][T11046]  __alloc_skb+0x10b/0x310
[  188.713669][T11046]  netlink_alloc_large_skb+0xad/0xe0
[  188.718966][T11046]  netlink_sendmsg+0x3b4/0x6e0
[  188.723752][T11046]  ? __pfx_netlink_sendmsg+0x10/0x10
[  188.729059][T11046]  __sock_sendmsg+0x140/0x180
[  188.733819][T11046]  ____sys_sendmsg+0x312/0x410
[  188.738687][T11046]  __sys_sendmsg+0x1e9/0x280
[  188.743312][T11046]  __x64_sys_sendmsg+0x46/0x50
[  188.748150][T11046]  x64_sys_call+0x2689/0x2d60
[  188.752956][T11046]  do_syscall_64+0xc9/0x1c0
[  188.757547][T11046]  ? clear_bhb_loop+0x55/0xb0
[  188.762248][T11046]  ? clear_bhb_loop+0x55/0xb0
[  188.766937][T11046]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.772905][T11046] RIP: 0033:0x7f07ba499eb9
[  188.777369][T11046] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  188.797075][T11046] RSP: 002b:00007f07b9117038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  188.805513][T11046] RAX: ffffffffffffffda RBX: 00007f07ba635f80 RCX: 00007f07ba499eb9
[  188.813583][T11046] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004
[  188.821653][T11046] RBP: 00007f07b9117090 R08: 0000000000000000 R09: 0000000000000000
[  188.829779][T11046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  188.837931][T11046] R13: 0000000000000000 R14: 00007f07ba635f80 R15: 00007fff887615e8
[  188.846067][T11046]  </TASK>
[  188.900691][T11062] FAULT_INJECTION: forcing a failure.
[  188.900691][T11062] name failslab, interval 1, probability 0, space 0, times 0
[  188.914025][T11062] CPU: 1 UID: 0 PID: 11062 Comm: syz.2.2699 Not tainted 6.11.0-rc6-syzkaller-00017-gc9f016e72b5c #0
[  188.925079][T11062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  188.935228][T11062] Call Trace:
[  188.938624][T11062]  <TASK>
[  188.941807][T11062]  dump_stack_lvl+0xf2/0x150
[  188.946449][T11062]  dump_stack+0x15/0x20
[  188.950645][T11062]  should_fail_ex+0x229/0x230
[  188.955445][T11062]  ? copy_mm+0xe0/0x10e0
[  188.959975][T11062]  should_failslab+0x8f/0xb0
[  188.964644][T11062]  kmem_cache_alloc_noprof+0x4c/0x290
[  188.970147][T11062]  copy_mm+0xe0/0x10e0
[  188.974262][T11062]  ? kmem_cache_alloc_noprof+0x1a6/0x290
[  188.979985][T11062]  ? hrtimer_init+0x104/0x1f0
[  188.984842][T11062]  ? __init_rwsem+0x5d/0x70
[  188.989482][T11062]  ? copy_signal+0x339/0x370
[  188.994109][T11062]  copy_process+0xee1/0x1f90
[  188.998837][T11062]  kernel_clone+0x167/0x5e0
[  189.003409][T11062]  ? vfs_write+0x5a5/0x900
[  189.007953][T11062]  __x64_sys_clone+0xe8/0x120
[  189.012723][T11062]  x64_sys_call+0x2d23/0x2d60
[  189.017463][T11062]  do_syscall_64+0xc9/0x1c0
[  189.022128][T11062]  ? clear_bhb_loop+0x55/0xb0
[  189.026836][T11062]  ? clear_bhb_loop+0x55/0xb0
[  189.031540][T11062]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.037615][T11062] RIP: 0033:0x7f644fb29eb9
[  189.042047][T11062] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  189.061946][T11062] RSP: 002b:00007f644e7a6fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  189.070818][T11062] RAX: ffffffffffffffda RBX: 00007f644fcc5f80 RCX: 00007f644fb29eb9
[  189.078806][T11062] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  189.086828][T11062] RBP: 00007f644e7a7090 R08: 0000000000000000 R09: 0000000000000000
[  189.094897][T11062] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  189.102894][T11062] R13: 0000000000000000 R14: 00007f644fcc5f80 R15: 00007ffe7db1ba18
[  189.110983][T11062]  </TASK>
[  189.180787][T11067] selinux_netlink_send: 6 callbacks suppressed
[  189.180805][T11067] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11067 comm=syz.3.2701
[  189.206352][T11067] netlink: 'syz.3.2701': attribute type 10 has an invalid length.
[  189.214370][T11067] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2701'.
[  189.224644][T11067] bridge0: port 3(ipvlan0) entered blocking state
[  189.231175][T11067] bridge0: port 3(ipvlan0) entered disabled state
[  189.237901][T11067] ipvlan0: entered allmulticast mode
[  189.243549][T11067] veth0_vlan: entered allmulticast mode
[  189.250273][T11067] ipvlan0: left allmulticast mode
[  189.255333][T11067] veth0_vlan: left allmulticast mode
[  189.261827][T11070] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11070 comm=syz.3.2701
[  189.264729][T11046] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11046 comm=syz.4.2692
[  189.285385][T11067] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check.
[  189.372944][T11079] FAULT_INJECTION: forcing a failure.
[  189.372944][T11079] name failslab, interval 1, probability 0, space 0, times 0
[  189.385710][T11079] CPU: 0 UID: 0 PID: 11079 Comm: syz.3.2706 Not tainted 6.11.0-rc6-syzkaller-00017-gc9f016e72b5c #0
[  189.396610][T11079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  189.407036][T11079] Call Trace:
[  189.408246][T11081] vxcan1: tx drop: invalid da for name 0x0000000000000003
[  189.410408][T11079]  <TASK>
[  189.410419][T11079]  dump_stack_lvl+0xf2/0x150
[  189.410459][T11079]  dump_stack+0x15/0x20
[  189.421017][T11082] vxcan1: tx drop: invalid da for name 0x0000000000000003
[  189.425114][T11079]  should_fail_ex+0x229/0x230
[  189.431104][T11081] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1106 sclass=netlink_route_socket pid=11081 comm=syz.0.2707
[  189.436438][T11079]  ? sg_read+0x5d4/0xc70
[  189.458078][T11079]  should_failslab+0x8f/0xb0
[  189.458835][T11084] netlink: 'syz.0.2708': attribute type 1 has an invalid length.
[  189.462743][T11079]  __kmalloc_cache_noprof+0x4b/0x2a0
[  189.462786][T11079]  sg_read+0x5d4/0xc70
[  189.470603][T11084] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2708'.
[  189.475864][T11079]  ? __pfx_sg_read+0x10/0x10
[  189.493608][T11079]  vfs_read+0x1a2/0x6e0
[  189.497858][T11079]  ? __rcu_read_unlock+0x4e/0x70
[  189.502830][T11079]  ? __fget_files+0x1da/0x210
[  189.507640][T11079]  ksys_read+0xeb/0x1b0
[  189.512161][T11079]  __x64_sys_read+0x42/0x50
[  189.516668][T11079]  x64_sys_call+0x27d3/0x2d60
[  189.521366][T11079]  do_syscall_64+0xc9/0x1c0
[  189.525953][T11079]  ? clear_bhb_loop+0x55/0xb0
[  189.530841][T11079]  ? clear_bhb_loop+0x55/0xb0
[  189.535526][T11079]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.541666][T11079] RIP: 0033:0x7f83f9619eb9
[  189.546120][T11079] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  189.565758][T11079] RSP: 002b:00007f83f8297038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  189.574179][T11079] RAX: ffffffffffffffda RBX: 00007f83f97b5f80 RCX: 00007f83f9619eb9
[  189.582200][T11079] RDX: 00000000ffffffbf RSI: 0000000000000000 RDI: 0000000000000004
[  189.590711][T11079] RBP: 00007f83f8297090 R08: 0000000000000000 R09: 0000000000000000
[  189.598692][T11079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  189.606779][T11079] R13: 0000000000000000 R14: 00007f83f97b5f80 R15: 00007ffeabb10558
[  189.615072][T11079]  </TASK>
[  189.650448][T11090] netlink: 'syz.3.2710': attribute type 1 has an invalid length.
[  189.658227][T11090] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2710'.
[  189.695017][T11094] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.759898][T11094] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.824395][T11103] loop3: detected capacity change from 0 to 8192
[  189.857864][T11094] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.908316][T11094] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.950992][T11110] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.978341][T11094] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  189.992664][T11094] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  190.003274][T11110] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.017879][T11094] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  190.030615][T11094] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  190.042272][T11110] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.092911][T11110] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.113728][T11112] FAULT_INJECTION: forcing a failure.
[  190.113728][T11112] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  190.127024][T11112] CPU: 0 UID: 0 PID: 11112 Comm: syz.2.2718 Not tainted 6.11.0-rc6-syzkaller-00017-gc9f016e72b5c #0
[  190.137906][T11112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  190.148010][T11112] Call Trace:
[  190.151303][T11112]  <TASK>
[  190.154300][T11112]  dump_stack_lvl+0xf2/0x150
[  190.158904][T11112]  dump_stack+0x15/0x20
[  190.163154][T11112]  should_fail_ex+0x229/0x230
[  190.167983][T11112]  should_fail+0xb/0x10
[  190.172321][T11112]  should_fail_usercopy+0x1a/0x20
[  190.177540][T11112]  _copy_to_user+0x1e/0xa0
[  190.182010][T11112]  simple_read_from_buffer+0xa0/0x110
[  190.187467][T11112]  proc_fail_nth_read+0xff/0x140
[  190.192502][T11112]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  190.198071][T11112]  vfs_read+0x1a2/0x6e0
[  190.202251][T11112]  ? __rcu_read_unlock+0x4e/0x70
[  190.207212][T11112]  ? __fget_files+0x1da/0x210
[  190.211901][T11112]  ksys_read+0xeb/0x1b0
[  190.216074][T11112]  __x64_sys_read+0x42/0x50
[  190.221013][T11112]  x64_sys_call+0x27d3/0x2d60
[  190.225889][T11112]  do_syscall_64+0xc9/0x1c0
[  190.230497][T11112]  ? clear_bhb_loop+0x55/0xb0
[  190.235297][T11112]  ? clear_bhb_loop+0x55/0xb0
[  190.240768][T11112]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.246862][T11112] RIP: 0033:0x7f644fb288fc
[  190.251332][T11112] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  190.271040][T11112] RSP: 002b:00007f644e7a7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  190.279572][T11112] RAX: ffffffffffffffda RBX: 00007f644fcc5f80 RCX: 00007f644fb288fc
[  190.287698][T11112] RDX: 000000000000000f RSI: 00007f644e7a70a0 RDI: 0000000000000004
[  190.295758][T11112] RBP: 00007f644e7a7090 R08: 0000000000000000 R09: 0000000000000000
[  190.303907][T11112] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  190.311891][T11112] R13: 0000000000000000 R14: 00007f644fcc5f80 R15: 00007ffe7db1ba18
[  190.319945][T11112]  </TASK>
[  190.338168][T11110] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  190.349892][T11110] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  190.361867][T11110] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  190.373566][T11110] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  190.427898][T11123] 9pnet_fd: Insufficient options for proto=fd
[  190.558312][T11135] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2728'.
[  190.792764][T11148] 9pnet_fd: Insufficient options for proto=fd
[  190.856309][T11152] netlink: 'syz.1.2736': attribute type 1 has an invalid length.
[  190.864232][T11152] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2736'.
[  190.911098][T11156] loop3: detected capacity change from 0 to 512
[  190.958312][T11156] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  190.965148][T11160] can: request_module (can-proto-5) failed.
[  190.988423][T11156] ext4 filesystem being mounted at /169/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  191.022966][T11156] EXT4-fs error (device loop3): ext4_add_entry:2435: inode #2: comm syz.3.2731: Directory hole found for htree leaf block 0
[  191.294032][ T9125] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.354044][T11171] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  191.503936][   T29] kauditd_printk_skb: 278 callbacks suppressed
[  191.503951][   T29] audit: type=1400 audit(1725278044.474:8262): avc:  granted  { setsecparam } for  pid=11180 comm="syz.2.2745" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  191.639244][   T29] audit: type=1326 audit(1725278044.564:8263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11175 comm="syz.3.2743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83f9619eb9 code=0x7ffc0000
[  191.663040][   T29] audit: type=1326 audit(1725278044.564:8264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11175 comm="syz.3.2743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83f9619eb9 code=0x7ffc0000
[  191.839825][T11189] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2748'.
[  191.993765][   T29] audit: type=1326 audit(1725278044.964:8265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11193 comm="syz.2.2750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000
[  192.020044][   T29] audit: type=1326 audit(1725278044.964:8266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11193 comm="syz.2.2750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000
[  192.043717][   T29] audit: type=1326 audit(1725278044.964:8267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11193 comm="syz.2.2750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000
[  192.067629][   T29] audit: type=1326 audit(1725278044.964:8268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11193 comm="syz.2.2750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000
[  192.091564][   T29] audit: type=1326 audit(1725278044.964:8269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11193 comm="syz.2.2750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000
[  192.115291][    C0] vcan0: j1939_tp_rxtimer: 0xffff888116000000: rx timeout, send abort
[  192.115343][    C0] vcan0: j1939_tp_rxtimer: 0xffff888116000600: rx timeout, send abort
[  192.123841][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888116000000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  192.123938][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888116000600: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  192.160943][   T29] audit: type=1326 audit(1725278044.964:8270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11193 comm="syz.2.2750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000
[  192.184771][   T29] audit: type=1326 audit(1725278045.044:8271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11193 comm="syz.2.2750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000
[  192.286403][T11204] netlink: 'syz.4.2753': attribute type 1 has an invalid length.
[  192.302372][T11203] veth0_vlan: entered allmulticast mode
[  192.364539][T11209] 9pnet_fd: Insufficient options for proto=fd
[  192.393475][T11207] veth0_vlan: left promiscuous mode
[  192.443051][T11207] veth0_vlan: entered promiscuous mode
[  192.492360][T11211] veth0_vlan: entered allmulticast mode
[  192.600456][T11211] FAULT_INJECTION: forcing a failure.
[  192.600456][T11211] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  192.613674][T11211] CPU: 0 UID: 0 PID: 11211 Comm: syz.0.2756 Not tainted 6.11.0-rc6-syzkaller-00017-gc9f016e72b5c #0
[  192.624644][T11211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  192.634788][T11211] Call Trace:
[  192.638150][T11211]  <TASK>
[  192.641160][T11211]  dump_stack_lvl+0xf2/0x150
[  192.645969][T11211]  dump_stack+0x15/0x20
[  192.650170][T11211]  should_fail_ex+0x229/0x230
[  192.655023][T11211]  should_fail+0xb/0x10
[  192.659207][T11211]  should_fail_usercopy+0x1a/0x20
[  192.664470][T11211]  _copy_to_user+0x1e/0xa0
[  192.668908][T11211]  simple_read_from_buffer+0xa0/0x110
[  192.674363][T11211]  proc_fail_nth_read+0xff/0x140
[  192.679309][T11211]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  192.684979][T11211]  vfs_read+0x1a2/0x6e0
[  192.689223][T11211]  ? __rcu_read_unlock+0x4e/0x70
[  192.694302][T11211]  ? __fget_files+0x1da/0x210
[  192.699091][T11211]  ksys_read+0xeb/0x1b0
[  192.703291][T11211]  __x64_sys_read+0x42/0x50
[  192.707908][T11211]  x64_sys_call+0x27d3/0x2d60
[  192.712611][T11211]  do_syscall_64+0xc9/0x1c0
[  192.717183][T11211]  ? clear_bhb_loop+0x55/0xb0
[  192.721878][T11211]  ? clear_bhb_loop+0x55/0xb0
[  192.726588][T11211]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.732616][T11211] RIP: 0033:0x7f4a205788fc
[  192.737038][T11211] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  192.756773][T11211] RSP: 002b:00007f4a1f1f7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  192.765555][T11211] RAX: ffffffffffffffda RBX: 00007f4a20715f80 RCX: 00007f4a205788fc
[  192.773532][T11211] RDX: 000000000000000f RSI: 00007f4a1f1f70a0 RDI: 000000000000000c
[  192.781603][T11211] RBP: 00007f4a1f1f7090 R08: 0000000000000000 R09: 0000000000000000
[  192.789643][T11211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  192.797641][T11211] R13: 0000000000000000 R14: 00007f4a20715f80 R15: 00007fff0d189bb8
[  192.805643][T11211]  </TASK>
[  192.834571][T11216] veth0_vlan: left promiscuous mode
[  192.858963][T11216] veth0_vlan: entered promiscuous mode
[  193.068095][T11231] __nla_validate_parse: 1 callbacks suppressed
[  193.068115][T11231] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2764'.
[  193.108451][T11243] netlink: 'syz.3.2766': attribute type 1 has an invalid length.
[  193.116377][T11243] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2766'.
[  193.250204][T11252] 9pnet_fd: Insufficient options for proto=fd
[  193.575986][T11259] loop3: detected capacity change from 0 to 512
[  193.600255][T11259] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  193.619317][T11259] ext4 filesystem being mounted at /177/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  193.635023][T11259] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #2: comm syz.3.2772: corrupted inode contents
[  193.650143][T11259] EXT4-fs error (device loop3): ext4_dirty_inode:6014: inode #2: comm syz.3.2772: mark_inode_dirty error
[  193.680097][T11259] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #2: comm syz.3.2772: corrupted inode contents
[  193.739917][T11276] rdma_op ffff8881160fb580 conn xmit_rdma 0000000000000000
[  193.795356][T11283] 9pnet_fd: Insufficient options for proto=fd
[  193.829274][T11286] SELinux:  Context system_u:object_r:wtmp_t:s0 is not valid (left unmapped).
[  193.860331][T11290] netlink: 'syz.4.2783': attribute type 1 has an invalid length.
[  193.868237][T11290] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2783'.
[  193.885692][ T9125] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.918051][T11296] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11296 comm=syz.3.2785
[  193.972923][T11296] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11296 comm=syz.3.2785
[  193.986393][T11301] pim6reg1: entered promiscuous mode
[  193.991855][T11301] pim6reg1: entered allmulticast mode
[  194.059106][T11309] loop3: detected capacity change from 0 to 512
[  194.067663][T11309] EXT4-fs: Invalid want_extra_isize 1
[  194.088375][T11309] loop3: detected capacity change from 0 to 512
[  194.098599][T11315] 9pnet_fd: Insufficient options for proto=fd
[  194.099410][T11309] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.2790: casefold flag without casefold feature
[  194.121488][T11309] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.2790: couldn't read orphan inode 15 (err -117)
[  194.135513][T11309] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  194.152314][T11309] EXT4-fs error (device loop3): ext4_add_entry:2435: inode #2: comm syz.3.2790: Directory hole found for htree leaf block 0
[  194.188836][ T9125] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.444448][T11327] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2797'.
[  194.745072][T11334] netlink: 'syz.4.2798': attribute type 1 has an invalid length.
[  194.753127][T11334] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2798'.
[  194.898822][T11342] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11342 comm=syz.4.2800
[  194.928646][T11344] vxcan1: tx drop: invalid da for name 0x0000000000000003
[  194.960765][T11342] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11342 comm=syz.4.2800
[  194.962063][T11347] vxcan1: tx drop: invalid da for name 0x0000000000000003
[  194.996483][T11344] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1106 sclass=netlink_route_socket pid=11344 comm=syz.2.2802
[  195.020990][T11351] pim6reg1: entered promiscuous mode
[  195.026370][T11351] pim6reg1: entered allmulticast mode
[  195.141906][T11358] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=11358 comm=syz.0.2806
[  195.224153][T11360] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2809'.
[  195.292167][T11366] vxcan1: tx drop: invalid da for name 0x0000000000000003
[  195.322212][T11367] vxcan1: tx drop: invalid da for name 0x0000000000000003
[  195.325257][T11366] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1106 sclass=netlink_route_socket pid=11366 comm=syz.3.2811
[  195.517048][T11374] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2814'.
[  195.569836][T11377] pim6reg: entered allmulticast mode
[  195.703718][T11386] pim6reg1: entered promiscuous mode
[  195.709184][T11386] pim6reg1: entered allmulticast mode
[  195.920943][T11394] loop3: detected capacity change from 0 to 1024
[  195.941209][T11394] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  195.979180][T11400] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2826'.
[  196.063839][T11410] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11410 comm=syz.1.2831
[  196.094376][T11410] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11410 comm=syz.1.2831
[  196.145595][T11413] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=11413 comm=syz.2.2832
[  196.354209][T11422] FAULT_INJECTION: forcing a failure.
[  196.354209][T11422] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  196.369508][T11422] CPU: 0 UID: 0 PID: 11422 Comm: syz.4.2835 Not tainted 6.11.0-rc6-syzkaller-00017-gc9f016e72b5c #0
[  196.375271][T11426] vxcan1: tx drop: invalid da for name 0x0000000000000003
[  196.380825][T11422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  196.380845][T11422] Call Trace:
[  196.380855][T11422]  <TASK>
[  196.380871][T11422]  dump_stack_lvl+0xf2/0x150
[  196.380924][T11422]  dump_stack+0x15/0x20
[  196.380945][T11422]  should_fail_ex+0x229/0x230
[  196.408938][T11427] vxcan1: tx drop: invalid da for name 0x0000000000000003
[  196.409246][T11422]  should_fail+0xb/0x10
[  196.418617][T11426] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1106 sclass=netlink_route_socket pid=11426 comm=syz.1.2837
[  196.425413][T11422]  should_fail_usercopy+0x1a/0x20
[  196.425456][T11422]  _copy_to_user+0x1e/0xa0
[  196.425498][T11422]  simple_read_from_buffer+0xa0/0x110
[  196.425527][T11422]  proc_fail_nth_read+0xff/0x140
[  196.425554][T11422]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  196.425578][T11422]  vfs_read+0x1a2/0x6e0
[  196.425637][T11422]  ? __rcu_read_unlock+0x4e/0x70
[  196.425663][T11422]  ? __fget_files+0x1da/0x210
[  196.483285][T11422]  ksys_read+0xeb/0x1b0
[  196.487695][T11422]  __x64_sys_read+0x42/0x50
[  196.492240][T11422]  x64_sys_call+0x27d3/0x2d60
[  196.496956][T11422]  do_syscall_64+0xc9/0x1c0
[  196.501617][T11422]  ? clear_bhb_loop+0x55/0xb0
[  196.506359][T11422]  ? clear_bhb_loop+0x55/0xb0
[  196.511068][T11422]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.517058][T11422] RIP: 0033:0x7f07ba4988fc
[  196.521638][T11422] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  196.541410][T11422] RSP: 002b:00007f07b9117030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  196.550000][T11422] RAX: ffffffffffffffda RBX: 00007f07ba635f80 RCX: 00007f07ba4988fc
[  196.558086][T11422] RDX: 000000000000000f RSI: 00007f07b91170a0 RDI: 0000000000000005
[  196.566206][T11422] RBP: 00007f07b9117090 R08: 0000000000000000 R09: 0000000000000000
[  196.574204][T11422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  196.582265][T11422] R13: 0000000000000000 R14: 00007f07ba635f80 R15: 00007fff887615e8
[  196.590362][T11422]  </TASK>
[  196.609103][   T29] kauditd_printk_skb: 446 callbacks suppressed
[  196.609130][   T29] audit: type=1400 audit(1725278049.574:8718): avc:  denied  { mount } for  pid=11430 comm="syz.0.2839" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  196.637659][   T29] audit: type=1400 audit(1725278049.574:8719): avc:  denied  { mounton } for  pid=11430 comm="syz.0.2839" path="/102/file0" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=dir permissive=1
[  196.660317][   T29] audit: type=1400 audit(1725278049.574:8720): avc:  denied  { shutdown } for  pid=11430 comm="syz.0.2839" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  196.724157][T11433] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2841'.
[  196.733274][   T29] audit: type=1400 audit(1725278049.654:8721): avc:  denied  { unmount } for  pid=9595 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  196.753812][   T29] audit: type=1400 audit(1725278049.694:8722): avc:  denied  { read } for  pid=11428 comm="syz.1.2838" path="socket:[35384]" dev="sockfs" ino=35384 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  196.796001][T11429] tunl0: entered promiscuous mode
[  196.855711][T11429] netlink: 'syz.1.2838': attribute type 1 has an invalid length.
[  196.863785][T11429] netlink: 9 bytes leftover after parsing attributes in process `syz.1.2838'.
[  196.901993][T11448] loop3: detected capacity change from 0 to 1024
[  196.921722][T11448] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  197.045041][   T29] audit: type=1400 audit(1725278050.014:8723): avc:  denied  { bind } for  pid=11452 comm="syz.4.2848" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  197.064820][   T29] audit: type=1400 audit(1725278050.014:8724): avc:  denied  { connect } for  pid=11452 comm="syz.4.2848" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  197.206220][T11467] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11467 comm=syz.1.2850
[  197.312460][   T29] audit: type=1326 audit(1725278050.284:8725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11459 comm="syz.2.2852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000
[  197.336282][   T29] audit: type=1326 audit(1725278050.284:8726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11459 comm="syz.2.2852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000
[  197.464592][T11475] netlink: 'syz.1.2856': attribute type 1 has an invalid length.
[  197.645522][   T29] audit: type=1326 audit(1725278050.614:8727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11480 comm="syz.4.2859" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07ba499eb9 code=0x7ffc0000
[  197.707536][T11491] No source specified
[  197.793681][ T9125] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.892165][T11487] syzkaller0: entered promiscuous mode
[  197.897837][T11487] syzkaller0: entered allmulticast mode
[  197.927920][T11504] loop3: detected capacity change from 0 to 512
[  197.942629][T11504] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  198.024039][T11504] ext4 filesystem being mounted at /195/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  198.057478][T11504] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.116614][T11513] netlink: 'syz.2.2871': attribute type 1 has an invalid length.
[  198.124851][T11513] __nla_validate_parse: 3 callbacks suppressed
[  198.124864][T11513] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2871'.
[  198.192256][T11519] netlink: 'syz.1.2873': attribute type 1 has an invalid length.
[  198.200087][T11519] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2873'.
[  198.232736][T11521] FAULT_INJECTION: forcing a failure.
[  198.232736][T11521] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  198.246364][T11521] CPU: 1 UID: 0 PID: 11521 Comm: syz.1.2874 Not tainted 6.11.0-rc6-syzkaller-00017-gc9f016e72b5c #0
[  198.257172][T11521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  198.267307][T11521] Call Trace:
[  198.270689][T11521]  <TASK>
[  198.273663][T11521]  dump_stack_lvl+0xf2/0x150
[  198.278334][T11521]  dump_stack+0x15/0x20
[  198.282527][T11521]  should_fail_ex+0x229/0x230
[  198.287345][T11521]  should_fail+0xb/0x10
[  198.291575][T11521]  should_fail_usercopy+0x1a/0x20
[  198.296703][T11521]  _copy_from_user+0x1e/0xd0
[  198.301426][T11521]  copy_msghdr_from_user+0x54/0x2a0
[  198.306765][T11521]  __sys_sendmsg+0x17d/0x280
[  198.311515][T11521]  __x64_sys_sendmsg+0x46/0x50
[  198.316412][T11521]  x64_sys_call+0x2689/0x2d60
[  198.321211][T11521]  do_syscall_64+0xc9/0x1c0
[  198.325752][T11521]  ? clear_bhb_loop+0x55/0xb0
[  198.330466][T11521]  ? clear_bhb_loop+0x55/0xb0
[  198.335324][T11521]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.341368][T11521] RIP: 0033:0x7f093d7e9eb9
[  198.346075][T11521] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  198.366519][T11521] RSP: 002b:00007f093c467038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  198.375062][T11521] RAX: ffffffffffffffda RBX: 00007f093d985f80 RCX: 00007f093d7e9eb9
[  198.383061][T11521] RDX: 0000000000000000 RSI: 0000000020000400 RDI: 0000000000000003
[  198.391148][T11521] RBP: 00007f093c467090 R08: 0000000000000000 R09: 0000000000000000
[  198.399146][T11521] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  198.407175][T11521] R13: 0000000000000000 R14: 00007f093d985f80 R15: 00007ffe23d20a68
[  198.415431][T11521]  </TASK>
[  198.483968][T11527] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.583263][T11527] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.671678][T11527] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.767427][T11527] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.844891][ T4389] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.984447][ T4389] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  199.125207][ T4389] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  199.253251][T11546] netlink: 'syz.2.2883': attribute type 1 has an invalid length.
[  199.261247][T11546] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2883'.
[  199.354077][T11527] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  199.398149][ T4389] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  199.432474][T11527] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  199.462903][T11527] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  199.505869][T11527] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  199.543405][T11557] batadv0: entered promiscuous mode
[  199.622222][ T4389] bridge_slave_1: left allmulticast mode
[  199.628083][ T4389] bridge_slave_1: left promiscuous mode
[  199.634017][ T4389] bridge0: port 2(bridge_slave_1) entered disabled state
[  199.654995][ T4389] bridge_slave_0: left allmulticast mode
[  199.660738][ T4389] bridge_slave_0: left promiscuous mode
[  199.666615][ T4389] bridge0: port 1(bridge_slave_0) entered disabled state
[  199.797672][ T4389] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  199.812767][ T4389] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  199.831316][ T4389] bond0 (unregistering): Released all slaves
[  199.892717][ T4389] tipc: Left network mode
[  199.944917][T11540] chnl_net:caif_netlink_parms(): no params data found
[  200.018892][ T4389] hsr_slave_0: left promiscuous mode
[  200.052986][ T4389] hsr_slave_1: left promiscuous mode
[  200.074286][ T4389] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  200.081816][ T4389] batman_adv: batadv0: Removing interface: batadv_slave_0
[  200.124505][ T4389] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  200.132134][ T4389] batman_adv: batadv0: Removing interface: batadv_slave_1
[  200.146765][T11592] vxcan1: tx drop: invalid da for name 0x0000000000000003
[  200.158573][ T4389] veth1_macvtap: left promiscuous mode
[  200.164256][ T4389] veth0_macvtap: left promiscuous mode
[  200.170033][ T4389] veth1_vlan: left promiscuous mode
[  200.175254][ T4389] veth0_vlan: left promiscuous mode
[  200.187532][T11595] vxcan1: tx drop: invalid da for name 0x0000000000000003
[  200.207420][T11592] selinux_netlink_send: 5 callbacks suppressed
[  200.207442][T11592] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1106 sclass=netlink_route_socket pid=11592 comm=syz.1.2897
[  200.297603][ T4389] pim6reg (unregistering): left allmulticast mode
[  200.399461][ T4389] team0 (unregistering): Port device team_slave_1 removed
[  200.414486][ T4389] team0 (unregistering): Port device team_slave_0 removed
[  200.708466][T11540] bridge0: port 1(bridge_slave_0) entered blocking state
[  200.715745][T11540] bridge0: port 1(bridge_slave_0) entered disabled state
[  200.742326][T11606] syz.1.2901[11606] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  200.742412][T11606] syz.1.2901[11606] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  200.746088][T11540] bridge_slave_0: entered allmulticast mode
[  200.790656][T11540] bridge_slave_0: entered promiscuous mode
[  200.804766][T11540] bridge0: port 2(bridge_slave_1) entered blocking state
[  200.806884][T11606] netlink: 220 bytes leftover after parsing attributes in process `syz.1.2901'.
[  200.811994][T11540] bridge0: port 2(bridge_slave_1) entered disabled state
[  200.844060][T11540] bridge_slave_1: entered allmulticast mode
[  200.851027][T11540] bridge_slave_1: entered promiscuous mode
[  200.888967][T11540] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  200.901932][T11540] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  200.902613][T11617] netlink: 'syz.4.2905': attribute type 1 has an invalid length.
[  200.918788][T11617] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2905'.
[  200.946451][T11540] team0: Port device team_slave_0 added
[  200.954919][T11540] team0: Port device team_slave_1 added
[  201.003437][T11629] vxcan1: tx drop: invalid da for name 0x0000000000000003
[  201.014440][T11629] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1106 sclass=netlink_route_socket pid=11629 comm=syz.2.2911
[  201.030179][T11630] vxcan1: tx drop: invalid da for name 0x0000000000000003
[  201.043291][T11540] batman_adv: batadv0: Adding interface: batadv_slave_0
[  201.050341][T11540] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  201.076819][T11540] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  201.104159][T11540] batman_adv: batadv0: Adding interface: batadv_slave_1
[  201.111206][T11540] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  201.137560][T11540] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  201.176087][T11639] netlink: 830 bytes leftover after parsing attributes in process `syz.1.2913'.
[  201.224581][T11642] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2915'.
[  201.290711][T11540] hsr_slave_0: entered promiscuous mode
[  201.293856][T11540] hsr_slave_1: entered promiscuous mode
[  201.301092][T11540] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  201.301111][T11540] Cannot create hsr debugfs directory
[  201.397911][T11656] netlink: 'syz.1.2929': attribute type 10 has an invalid length.
[  201.405983][T11656] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2929'.
[  201.406127][T11656] bridge0: port 4(ipvlan0) entered blocking state
[  201.406171][T11656] bridge0: port 4(ipvlan0) entered disabled state
[  201.406402][T11656] ipvlan0: entered allmulticast mode
[  201.406417][T11656] veth0_vlan: entered allmulticast mode
[  201.407007][T11656] ipvlan0: left allmulticast mode
[  201.407021][T11656] veth0_vlan: left allmulticast mode
[  201.407622][T11656] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check.
[  201.409283][T11656] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11656 comm=syz.1.2929
[  201.466869][T11661] netlink: 68 bytes leftover after parsing attributes in process `syz.3.2917'.
[  201.612817][T11668] netlink: 'syz.1.2924': attribute type 1 has an invalid length.
[  201.620749][T11668] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2924'.
[  201.631113][   T29] kauditd_printk_skb: 270 callbacks suppressed
[  201.631128][   T29] audit: type=1400 audit(1725278054.604:8998): avc:  denied  { read } for  pid=11657 comm="syz.2.2921" name="ppp" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  201.643274][T11540] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  201.667656][   T29] audit: type=1400 audit(1725278054.634:8999): avc:  denied  { open } for  pid=11657 comm="syz.2.2921" path="/dev/ppp" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  201.682571][T11673] vxcan1: tx drop: invalid da for name 0x0000000000000003
[  201.691144][   T29] audit: type=1400 audit(1725278054.634:9000): avc:  denied  { ioctl } for  pid=11657 comm="syz.2.2921" path="/dev/ppp" dev="devtmpfs" ino=116 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  201.697403][T11540] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  201.704061][T11674] vxcan1: tx drop: invalid da for name 0x0000000000000003
[  201.724021][T11671] netlink: 'syz.2.2921': attribute type 2 has an invalid length.
[  201.745280][T11673] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1106 sclass=netlink_route_socket pid=11673 comm=syz.1.2925
[  201.764004][T11540] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  201.776357][T11540] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  201.779715][T11676] netlink: 'syz.1.2926': attribute type 1 has an invalid length.
[  201.866329][T11540] 8021q: adding VLAN 0 to HW filter on device bond0
[  201.889485][T11540] 8021q: adding VLAN 0 to HW filter on device team0
[  201.905904][ T4400] bridge0: port 1(bridge_slave_0) entered blocking state
[  201.913275][ T4400] bridge0: port 1(bridge_slave_0) entered forwarding state
[  201.931151][ T4400] bridge0: port 2(bridge_slave_1) entered blocking state
[  201.938514][ T4400] bridge0: port 2(bridge_slave_1) entered forwarding state
[  202.050323][T11688] FAULT_INJECTION: forcing a failure.
[  202.050323][T11688] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  202.063568][T11688] CPU: 1 UID: 0 PID: 11688 Comm: syz.1.2928 Not tainted 6.11.0-rc6-syzkaller-00017-gc9f016e72b5c #0
[  202.074619][T11688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  202.086609][T11688] Call Trace:
[  202.090438][T11688]  <TASK>
[  202.093408][T11688]  dump_stack_lvl+0xf2/0x150
[  202.098173][T11688]  dump_stack+0x15/0x20
[  202.102349][T11688]  should_fail_ex+0x229/0x230
[  202.107183][T11688]  should_fail+0xb/0x10
[  202.111547][T11688]  should_fail_usercopy+0x1a/0x20
[  202.116766][T11688]  _copy_from_user+0x1e/0xd0
[  202.121511][T11688]  arp_ioctl+0xad/0x2b0
[  202.125716][T11688]  inet_ioctl+0x1f0/0x3a0
[  202.130177][T11688]  sock_do_ioctl+0x81/0x260
[  202.134781][T11688]  sock_ioctl+0x470/0x640
[  202.139144][T11688]  ? __pfx_sock_ioctl+0x10/0x10
[  202.144023][T11688]  __se_sys_ioctl+0xd3/0x150
[  202.148707][T11688]  __x64_sys_ioctl+0x43/0x50
[  202.153508][T11688]  x64_sys_call+0x15cc/0x2d60
[  202.158252][T11688]  do_syscall_64+0xc9/0x1c0
[  202.162929][T11688]  ? clear_bhb_loop+0x55/0xb0
[  202.167759][T11688]  ? clear_bhb_loop+0x55/0xb0
[  202.172462][T11688]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.178436][T11688] RIP: 0033:0x7f093d7e9eb9
[  202.182879][T11688] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  202.202514][T11688] RSP: 002b:00007f093c425038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  202.211087][T11688] RAX: ffffffffffffffda RBX: 00007f093d986130 RCX: 00007f093d7e9eb9
[  202.219101][T11688] RDX: 0000000020000000 RSI: 0000000000008953 RDI: 0000000000000007
[  202.227169][T11688] RBP: 00007f093c425090 R08: 0000000000000000 R09: 0000000000000000
[  202.235168][T11688] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  202.243157][T11688] R13: 0000000000000000 R14: 00007f093d986130 R15: 00007ffe23d20a68
[  202.251177][T11688]  </TASK>
[  202.316631][   T29] audit: type=1326 audit(1725278055.284:9001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11657 comm="syz.2.2921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000
[  202.358269][T11540] 8021q: adding VLAN 0 to HW filter on device batadv0
[  202.373990][   T29] audit: type=1326 audit(1725278055.314:9002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11657 comm="syz.2.2921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f644fb29eb9 code=0x7ffc0000
[  202.554731][T11540] veth0_vlan: entered promiscuous mode
[  202.568527][T11540] veth1_vlan: entered promiscuous mode
[  202.602885][T11540] veth0_macvtap: entered promiscuous mode
[  202.616986][T11540] veth1_macvtap: entered promiscuous mode
[  202.636928][T11540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  202.647417][T11540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.657449][T11540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  202.667900][T11540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.677763][T11540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  202.688298][T11540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.698134][T11540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  202.708786][T11540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.718692][T11540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  202.729504][T11540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.739334][T11540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  202.749944][T11540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.759759][T11540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  202.770656][T11540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.780626][T11540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  202.791260][T11540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.801202][T11540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  202.811802][T11540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.825445][T11540] batman_adv: batadv0: Interface activated: batadv_slave_0
[  202.848439][T11540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  202.859214][T11540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.869108][T11540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  202.879693][T11540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.889682][T11540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  202.900330][T11540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.910354][T11540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  202.919704][T11699] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11699 comm=syz.1.2930
[  202.920959][T11540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.943555][T11540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  202.954325][T11540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.964312][T11540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  202.975857][T11540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.985799][T11540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  202.993466][T11704] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11704 comm=syz.1.2930
[  202.996270][T11540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.018807][T11540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  203.029502][T11540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.039342][T11540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  203.049990][T11540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.061620][T11540] batman_adv: batadv0: Interface activated: batadv_slave_1
[  203.072212][T11699] netlink: 'syz.1.2930': attribute type 10 has an invalid length.
[  203.080983][T11699] bridge0: port 4(ipvlan0) entered blocking state
[  203.087501][T11699] bridge0: port 4(ipvlan0) entered disabled state
[  203.094258][T11699] ipvlan0: entered allmulticast mode
[  203.099644][T11699] veth0_vlan: entered allmulticast mode
[  203.108824][T11699] ipvlan0: left allmulticast mode
[  203.113946][T11699] veth0_vlan: left allmulticast mode
[  203.120842][T11699] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check.
[  203.151928][T11540] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  203.160945][T11540] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  203.169783][T11540] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  203.178760][T11540] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  203.273525][T11713] netlink: 'syz.1.2935': attribute type 1 has an invalid length.
[  203.281596][T11713] __nla_validate_parse: 2 callbacks suppressed
[  203.281612][T11713] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2935'.
[  203.303588][T11716] pim6reg1: entered promiscuous mode
[  203.309103][T11716] pim6reg1: entered allmulticast mode
[  203.336594][   T29] audit: type=1326 audit(1725278056.304:9003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11721 comm="syz.0.2937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b2e759eb9 code=0x7ffc0000
[  203.360359][   T29] audit: type=1326 audit(1725278056.304:9004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11721 comm="syz.0.2937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b2e759eb9 code=0x7ffc0000
[  203.427750][T11722] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2937'.
[  203.480057][   T29] audit: type=1326 audit(1725278056.304:9005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11721 comm="syz.0.2937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3b2e759eb9 code=0x7ffc0000
[  203.503865][   T29] audit: type=1326 audit(1725278056.314:9006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11721 comm="syz.0.2937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b2e759eb9 code=0x7ffc0000
[  203.527723][   T29] audit: type=1326 audit(1725278056.314:9007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11721 comm="syz.0.2937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b2e759eb9 code=0x7ffc0000
[  203.576230][T11734] syz.3.2942[11734] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  203.576422][T11734] syz.3.2942[11734] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  203.607382][T11736] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11736 comm=syz.3.2943
[  203.634081][T11736] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11736 comm=syz.3.2943
[  203.725962][T11739] netlink: 'syz.0.2944': attribute type 1 has an invalid length.
[  203.733863][T11739] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2944'.
[  203.955288][T11757] pim6reg1: entered promiscuous mode
[  203.960707][T11757] pim6reg1: entered allmulticast mode
[  204.111228][T11763] vxcan1: tx drop: invalid da for name 0x0000000000000003
[  204.129417][T11764] vxcan1: tx drop: invalid da for name 0x0000000000000003
[  204.140864][T11763] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1106 sclass=netlink_route_socket pid=11763 comm=syz.3.2953
[  204.216332][T11766] FAULT_INJECTION: forcing a failure.
[  204.216332][T11766] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  204.229666][T11766] CPU: 0 UID: 0 PID: 11766 Comm: syz.3.2954 Not tainted 6.11.0-rc6-syzkaller-00017-gc9f016e72b5c #0
[  204.240555][T11766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  204.250822][T11766] Call Trace:
[  204.254199][T11766]  <TASK>
[  204.257138][T11766]  dump_stack_lvl+0xf2/0x150
[  204.261762][T11766]  dump_stack+0x15/0x20
[  204.265929][T11766]  should_fail_ex+0x229/0x230
[  204.270631][T11766]  should_fail+0xb/0x10
[  204.274875][T11766]  should_fail_usercopy+0x1a/0x20
[  204.279918][T11766]  _copy_from_user+0x1e/0xd0
[  204.284596][T11766]  __sys_bpf+0x14e/0x7a0
[  204.288917][T11766]  __x64_sys_bpf+0x43/0x50
[  204.293428][T11766]  x64_sys_call+0x2625/0x2d60
[  204.298144][T11766]  do_syscall_64+0xc9/0x1c0
[  204.302694][T11766]  ? clear_bhb_loop+0x55/0xb0
[  204.307437][T11766]  ? clear_bhb_loop+0x55/0xb0
[  204.312231][T11766]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  204.318495][T11766] RIP: 0033:0x7f83f9619eb9
[  204.323055][T11766] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  204.342847][T11766] RSP: 002b:00007f83f8297038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  204.351459][T11766] RAX: ffffffffffffffda RBX: 00007f83f97b5f80 RCX: 00007f83f9619eb9
[  204.360061][T11766] RDX: 0000000000000010 RSI: 00000000200006c0 RDI: 000000000000000f
[  204.368144][T11766] RBP: 00007f83f8297090 R08: 0000000000000000 R09: 0000000000000000
[  204.376177][T11766] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  204.384190][T11766] R13: 0000000000000000 R14: 00007f83f97b5f80 R15: 00007ffeabb10558
[  204.392429][T11766]  </TASK>
[  204.408040][T11769] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11769 comm=syz.2.2955
[  204.489213][T11775] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.543857][T11775] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.591335][T11790] loop3: detected capacity change from 0 to 1024
[  204.599102][T11790] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  204.612266][T11790] JBD2: no valid journal superblock found
[  204.618056][T11790] EXT4-fs (loop3): Could not load journal inode
[  204.627929][T11775] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.672225][T11775] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.673382][T11795] netlink: 'syz.3.2966': attribute type 1 has an invalid length.
[  204.690058][T11795] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2966'.
[  204.739194][T11775] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  204.754571][T11775] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  204.795268][T11802] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2968'.
[  204.854560][T11775] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  204.889227][T11775] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  205.042371][T11830] FAULT_INJECTION: forcing a failure.
[  205.042371][T11830] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  205.056746][T11830] CPU: 0 UID: 0 PID: 11830 Comm: syz.3.2979 Not tainted 6.11.0-rc6-syzkaller-00017-gc9f016e72b5c #0
[  205.067666][T11830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  205.077933][T11830] Call Trace:
[  205.081294][T11830]  <TASK>
[  205.084362][T11830]  dump_stack_lvl+0xf2/0x150
[  205.088985][T11830]  dump_stack+0x15/0x20
[  205.093282][T11830]  should_fail_ex+0x229/0x230
[  205.098060][T11830]  should_fail+0xb/0x10
[  205.102427][T11830]  should_fail_usercopy+0x1a/0x20
[  205.107493][T11830]  _copy_from_user+0x1e/0xd0
[  205.112180][T11830]  copy_msghdr_from_user+0x54/0x2a0
[  205.117475][T11830]  __sys_sendmsg+0x17d/0x280
[  205.122129][T11830]  __x64_sys_sendmsg+0x46/0x50
[  205.127094][T11830]  x64_sys_call+0x2689/0x2d60
[  205.131864][T11830]  do_syscall_64+0xc9/0x1c0
[  205.136477][T11830]  ? clear_bhb_loop+0x55/0xb0
[  205.141225][T11830]  ? clear_bhb_loop+0x55/0xb0
[  205.145953][T11830]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.151912][T11830] RIP: 0033:0x7f83f9619eb9
[  205.156353][T11830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  205.164544][T11823] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  205.176166][T11830] RSP: 002b:00007f83f8297038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  205.176196][T11830] RAX: ffffffffffffffda RBX: 00007f83f97b5f80 RCX: 00007f83f9619eb9
[  205.176212][T11830] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003
[  205.176226][T11830] RBP: 00007f83f8297090 R08: 0000000000000000 R09: 0000000000000000
[  205.176240][T11830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  205.176253][T11830] R13: 0000000000000000 R14: 00007f83f97b5f80 R15: 00007ffeabb10558
[  205.234994][T11830]  </TASK>
[  205.265409][T11833] netlink: 'syz.2.2980': attribute type 1 has an invalid length.
[  205.273414][T11833] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2980'.
[  205.304746][T11837] selinux_netlink_send: 3 callbacks suppressed
[  205.304766][T11837] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11837 comm=syz.3.2982
[  205.436101][T11837] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11837 comm=syz.3.2982
[  205.821000][T11841] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2983'.
[  205.896960][T11852] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2988'.
[  205.982341][T11857] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.081585][T11857] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.240132][T11857] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.404450][T11857] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.492510][T11872] netlink: 'syz.1.2996': attribute type 1 has an invalid length.
[  206.500385][T11872] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2996'.
[  206.537376][T11857] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  206.575349][T11857] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  206.600859][T11857] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  206.613732][T11857] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  206.793264][T11887] pim6reg1: entered promiscuous mode
[  206.798698][T11887] pim6reg1: entered allmulticast mode
[  206.806936][T11883] ==================================================================
[  206.815077][T11883] BUG: KCSAN: data-race in __dentry_kill / fast_dput
[  206.821981][T11883] 
[  206.824320][T11883] write to 0xffff888106802310 of 8 bytes by task 11888 on cpu 1:
[  206.832150][T11883]  __dentry_kill+0x13e/0x4c0
[  206.836864][T11883]  dput+0x5c/0xd0
[  206.840537][T11883]  step_into+0x21a/0x810
[  206.845111][T11883]  path_openat+0x14f7/0x1f10
[  206.849734][T11883]  do_filp_open+0xf7/0x200
[  206.854180][T11883]  io_openat2+0x280/0x3a0
[  206.858633][T11883]  io_issue_sqe+0x181/0xcc0
[  206.863163][T11883]  io_wq_submit_work+0x480/0x600
[  206.868137][T11883]  io_worker_handle_work+0x486/0x9d0
[  206.873530][T11883]  io_wq_worker+0x286/0x820
[  206.878144][T11883]  ret_from_fork+0x4b/0x60
[  206.882687][T11883]  ret_from_fork_asm+0x1a/0x30
[  206.887586][T11883] 
[  206.889933][T11883] read to 0xffff888106802310 of 8 bytes by task 11883 on cpu 0:
[  206.897601][T11883]  fast_dput+0x65/0x2c0
[  206.901792][T11883]  dput+0x24/0xd0
[  206.905460][T11883]  step_into+0x21a/0x810
[  206.909870][T11883]  path_openat+0x14f7/0x1f10
[  206.914841][T11883]  do_filp_open+0xf7/0x200
[  206.919278][T11883]  io_openat2+0x280/0x3a0
[  206.923727][T11883]  io_issue_sqe+0x181/0xcc0
[  206.928259][T11883]  io_wq_submit_work+0x480/0x600
[  206.933228][T11883]  io_worker_handle_work+0x486/0x9d0
[  206.938543][T11883]  io_wq_worker+0x286/0x820
[  206.943082][T11883]  ret_from_fork+0x4b/0x60
[  206.947521][T11883]  ret_from_fork_asm+0x1a/0x30
[  206.952384][T11883] 
[  206.954809][T11883] value changed: 0xffff8882374a2d38 -> 0x0000000000000000
[  206.962574][T11883] 
[  206.964909][T11883] Reported by Kernel Concurrency Sanitizer on:
[  206.971086][T11883] CPU: 0 UID: 0 PID: 11883 Comm: iou-wrk-11882 Not tainted 6.11.0-rc6-syzkaller-00017-gc9f016e72b5c #0
[  206.982129][T11883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  206.992431][T11883] ==================================================================