last executing test programs:

1.644899693s ago: executing program 4 (id=3875):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f0000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x38, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r1}, 0x10)
r2 = socket(0x80000000000000a, 0x1, 0x0)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x6, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)

1.626290763s ago: executing program 4 (id=3877):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x2}, 0x18)
removexattr(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)=@known='system.advise\x00')

1.603242753s ago: executing program 4 (id=3878):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="2c0000001a000100000000000000000002202000000000000000000008000200ffffffff080001"], 0x2c}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000740)={'gretap0\x00', &(0x7f00000008c0)={'erspan0\x00', <r1=>0x0, 0x8, 0x8000, 0x126000, 0x1ff, {{0x3a, 0x4, 0x0, 0x6, 0xe8, 0x67, 0x0, 0x5, 0x29, 0x0, @remote, @initdev={0xac, 0x1e, 0x1, 0x0}, {[@cipso={0x86, 0x3a, 0x3, [{0x6, 0xc, "c6177ee9b7abde74d8c0"}, {0x1, 0xe, "e884f4166a42eedf38c0a972"}, {0x196c2ad27a6d1228, 0x12, "6771ef7cf9504e49d07741c63f84f421"}, {0x2, 0x8, "268024b53dcb"}]}, @timestamp={0x44, 0x8, 0x83, 0x0, 0xc, [0x9]}, @cipso={0x86, 0x51, 0x2, [{0x1, 0x12, "91d8d7c91e1511b741a4b8ad3ba9fe4b"}, {0x7, 0xb, "a78f8b705c34523344"}, {0x1, 0x2}, {0x0, 0x10, "d53d615ed17b1093bfe4f6d38321"}, {0x0, 0x11, "3cd154dfafee6858b0eb8c86f55bdb"}, {0x5, 0x5, "f66370"}, {0x6, 0x6, "8d585b0b"}]}, @ra={0x94, 0x4, 0x1}, @timestamp_prespec={0x44, 0xc, 0x3d, 0x3, 0x9, [{@multicast1}]}, @generic={0x83, 0x7, "b5f7f34e9d"}, @end, @timestamp={0x44, 0x10, 0x91, 0x0, 0x3, [0x8001, 0x20000000, 0x3]}, @timestamp={0x44, 0x18, 0x32, 0x0, 0x1, [0x6d6, 0x3, 0xd, 0x0, 0x0]}, @end]}}}}})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x1, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$kcm(0x2, 0x1, 0x84)
setsockopt$sock_attach_bpf(r2, 0x84, 0x7b, &(0x7f0000000000), 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3, 0x0, 0x2}, 0x18)
sendmsg$inet(r2, &(0x7f0000000380)={&(0x7f0000000100)={0x2, 0x0, @dev}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000240)="b2", 0x34000}], 0x1}, 0x80)

1.502361545s ago: executing program 0 (id=3881):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="2c0000001a000100000000000000000002202000000000000000000008000200ffffffff080001"], 0x2c}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000740)={'gretap0\x00', &(0x7f00000008c0)={'erspan0\x00', <r1=>0x0, 0x8, 0x8000, 0x126000, 0x1ff, {{0x3a, 0x4, 0x0, 0x6, 0xe8, 0x67, 0x0, 0x5, 0x29, 0x0, @remote, @initdev={0xac, 0x1e, 0x1, 0x0}, {[@cipso={0x86, 0x3a, 0x3, [{0x6, 0xc, "c6177ee9b7abde74d8c0"}, {0x1, 0xe, "e884f4166a42eedf38c0a972"}, {0x196c2ad27a6d1228, 0x12, "6771ef7cf9504e49d07741c63f84f421"}, {0x2, 0x8, "268024b53dcb"}]}, @timestamp={0x44, 0x8, 0x83, 0x0, 0xc, [0x9]}, @cipso={0x86, 0x51, 0x2, [{0x1, 0x12, "91d8d7c91e1511b741a4b8ad3ba9fe4b"}, {0x7, 0xb, "a78f8b705c34523344"}, {0x1, 0x2}, {0x0, 0x10, "d53d615ed17b1093bfe4f6d38321"}, {0x0, 0x11, "3cd154dfafee6858b0eb8c86f55bdb"}, {0x5, 0x5, "f66370"}, {0x6, 0x6, "8d585b0b"}]}, @ra={0x94, 0x4, 0x1}, @timestamp_prespec={0x44, 0xc, 0x3d, 0x3, 0x9, [{@multicast1}]}, @generic={0x83, 0x7, "b5f7f34e9d"}, @end, @timestamp={0x44, 0x10, 0x91, 0x0, 0x3, [0x8001, 0x20000000, 0x3]}, @timestamp={0x44, 0x18, 0x32, 0x0, 0x1, [0x6d6, 0x3, 0xd, 0x0, 0x0]}, @end]}}}}})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x1, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$kcm(0x2, 0x1, 0x84)
setsockopt$sock_attach_bpf(r2, 0x84, 0x7b, &(0x7f0000000000), 0x8)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r3}, 0x38)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x2}, 0x18)
sendmsg$inet(r2, &(0x7f0000000380)={&(0x7f0000000100)={0x2, 0x0, @dev}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000240)="b2", 0x34000}], 0x1}, 0x80)

1.479071215s ago: executing program 4 (id=3883):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff00000000000000", @ANYRES32=0x1, @ANYBLOB="000000000000000000000000b5b1df1900000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000180)="2e00000011008b88040f80ec59acbc0413a1f8480f0000005e2900421803001825000a001400000002800000121f", 0x2e}], 0x1}, 0x800)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000140))
r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000240)='kfree\x00', 0xffffffffffffffff, 0x0, 0x9}, 0x18)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001a40)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f6873720000000058000000160a0101000b000000000000010000000900020073797a32000000000900010073797a30000000002c000380180003801400010076657468305f746f5f687372000000000800024000440000080001"], 0xf8}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1802000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r4}, &(0x7f0000000180), &(0x7f00000001c0)=r3}, 0x20)
faccessat(0xffffffffffffff9c, &(0x7f0000000800)='./file0\x00', 0x0)

1.366682117s ago: executing program 0 (id=3884):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b70300000000000085000000040000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x2, &(0x7f0000002400)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, 0x0, 0x2}])
ioperm(0x0, 0x44, 0x7)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[], 0x39)
r2 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_opts(r2, 0x0, 0x4, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x18)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r3, &(0x7f00000002c0)="1441c05465f0006fc8afa8e488", 0xd, 0x4000000, &(0x7f00000000c0)={0x11, 0xf6, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)
pipe2(&(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x4000)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
write$P9_RGETLOCK(r5, &(0x7f00000000c0)=ANY=[], 0xffffff6a)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x84000)
tee(r4, r7, 0xfffffffffffffc01, 0x0)
tee(r4, r7, 0x60000000000, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r8 = syz_io_uring_setup(0xb8c, &(0x7f0000000680)={0x0, 0x20054bb, 0x1000, 0x0, 0x3da}, &(0x7f00000001c0)=<r9=>0x0, &(0x7f00000003c0)=<r10=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r9, 0x4, &(0x7f0000000340)=0x7, 0x0, 0x4)
syz_io_uring_submit(r9, r10, &(0x7f0000000180)=@IORING_OP_UNLINKAT={0x24, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r8, 0x1d6b, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

1.165309861s ago: executing program 3 (id=3890):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0x0, 0x300, 0x0, 0x8, 0x300}})

1.106180141s ago: executing program 3 (id=3891):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
capset(&(0x7f0000000180)={0x20080522, r1}, &(0x7f00000001c0)={0xdf, 0x2, 0x1, 0xb518, 0x7, 0x8595})
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_opts(r2, 0x0, 0x19, &(0x7f0000000580)="1f", 0x1)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0))
ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000200)=0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r3}, 0x38)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r4}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
clock_getres(0x2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='pids.current\x00', 0x275a, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pwritev(r0, &(0x7f0000000140)=[{&(0x7f0000000040)='\x00!G', 0x3}], 0x1, 0x7, 0x0)

1.023202523s ago: executing program 3 (id=3892):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000ab4000000060a01040000000000000000020000280900010073797a30000000000900020073797a320000000088000480100001800c000100636f756e7465720014000180090001006d6173710000000004000280600001800a0001006c696d6974000000500002800c000140000000000000000808000440000000010c00014000000000000080010c00024000000000000000090800034000000fba0c00024000000000000000000c000140000000"], 0xdc}}, 0x44008004)
sendmsg$NFT_MSG_GETRULE(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)

1.000867573s ago: executing program 1 (id=3893):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
syz_genetlink_get_family_id$l2tp(0x0, 0xffffffffffffffff)
unshare(0x68040200)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000d00000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0xfffffe00}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffe}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r3}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@newlink={0x34, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x93254, 0x11b22}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x600}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000440)=@ipv4_delrule={0x1c, 0x21, 0x1}, 0x1c}}, 0x44044)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r0}, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=@newtaction={0x50, 0x30, 0x1, 0x0, 0x0, {}, [{0x3c, 0x1, [@m_mpls={0x38, 0x1, 0x0, 0x0, {{0x9}, {0xc, 0x2, 0x0, 0x1, [@TCA_MPLS_LABEL={0x8, 0x5, 0xfffffffe}]}, {0x4, 0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x50}}, 0x80)

973.959794ms ago: executing program 3 (id=3894):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="2c0000001a000100000000000000000002202000000000000000000008000200ffffffff080001"], 0x2c}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000740)={'gretap0\x00', &(0x7f00000008c0)={'erspan0\x00', <r1=>0x0, 0x8, 0x8000, 0x126000, 0x1ff, {{0x3a, 0x4, 0x0, 0x6, 0xe8, 0x67, 0x0, 0x5, 0x29, 0x0, @remote, @initdev={0xac, 0x1e, 0x1, 0x0}, {[@cipso={0x86, 0x3a, 0x3, [{0x6, 0xc, "c6177ee9b7abde74d8c0"}, {0x1, 0xe, "e884f4166a42eedf38c0a972"}, {0x196c2ad27a6d1228, 0x12, "6771ef7cf9504e49d07741c63f84f421"}, {0x2, 0x8, "268024b53dcb"}]}, @timestamp={0x44, 0x8, 0x83, 0x0, 0xc, [0x9]}, @cipso={0x86, 0x51, 0x2, [{0x1, 0x12, "91d8d7c91e1511b741a4b8ad3ba9fe4b"}, {0x7, 0xb, "a78f8b705c34523344"}, {0x1, 0x2}, {0x0, 0x10, "d53d615ed17b1093bfe4f6d38321"}, {0x0, 0x11, "3cd154dfafee6858b0eb8c86f55bdb"}, {0x5, 0x5, "f66370"}, {0x6, 0x6, "8d585b0b"}]}, @ra={0x94, 0x4, 0x1}, @timestamp_prespec={0x44, 0xc, 0x3d, 0x3, 0x9, [{@multicast1}]}, @generic={0x83, 0x7, "b5f7f34e9d"}, @end, @timestamp={0x44, 0x10, 0x91, 0x0, 0x3, [0x8001, 0x20000000, 0x3]}, @timestamp={0x44, 0x18, 0x32, 0x0, 0x1, [0x6d6, 0x3, 0xd, 0x0, 0x0]}, @end]}}}}})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x1, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$kcm(0x2, 0x1, 0x84)
setsockopt$sock_attach_bpf(r2, 0x84, 0x7b, &(0x7f0000000000), 0x8)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4, 0x0, 0x2}, 0x18)
sendmsg$inet(r2, &(0x7f0000000380)={&(0x7f0000000100)={0x2, 0x0, @dev}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000240)="b2", 0x34000}], 0x1}, 0x80)

972.738094ms ago: executing program 3 (id=3895):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=@newtfilter={0x24, 0x11, 0x1, 0x691522eb, 0x0, {0x0, 0x0, 0x74, r3, {0x10, 0x4}, {}, {0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x1e, 0xd, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES8=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008541d03d9b028fe31a00882dd7198b013497a096c8a1329cc99b03216a8244d195f403adf2016c754484009dca1f75499ab5dc7ffcf25c0bc3c3a37dc5334dcbdbdc1d5f6e8e040631dbc577366f356fbfa93a05b5008efa40ea78d13452f7ec4c4d8709f9529228e07b8a97afe690c720e3b51963ac3864fb89d0245a222719b0f5a3fc00fd61be6a2637dedbfc2de0961f47392fb0febab20a3f8e4073b014b63ae5f54b264daf17e21c41dd"], 0x0, 0x3, 0x0, 0x0, 0x41100, 0x28, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x400000, @void, @value}, 0x94)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r5, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r6, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
r7 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000440), 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="01002cbd7000040000000500b600080009000200000008000c00a60a0000060001000500004008000b"], 0x40}, 0x1, 0x0, 0x0, 0xc100}, 0x4040)
r9 = syz_genetlink_get_family_id$l2tp(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$L2TP_CMD_SESSION_GET(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="0100000000000000000006000000140008"], 0x28}}, 0x4048890)
syz_io_uring_complete(0x0)
r10 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000804322178b3a9fdd5ee49230ad000100", @ANYRES8=r1, @ANYRESDEC=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r3, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400, @void, @value}, 0xffffffffffffff2f)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0900000004000000563c000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000009df7000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000f8ff005f0a908fd460f394bdd2b522ce6818fe000000bfa200000000270eae1a45a090002007000000f8ffffffb7de000008000000b7040000000000008500000003000000950000e40000000044199340f21c63794d11f5000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
r13 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r13, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001540)={&(0x7f0000000680)=@delsa={0x34, 0x11, 0x1, 0x70bd28, 0x25dfdbfb, {@in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x4d4, 0x2, 0xff}, [@mark={0xc, 0x15, {0x35075a, 0x80}}]}, 0x34}}, 0x0)
sendmsg$DEVLINK_CMD_RATE_DEL(r12, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="00000000f5cd93acd152217ba6dfb3bae0ef6b64e7", @ANYRES16, @ANYBLOB="010000000000fddbdf2554000000"], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x8000)
r14 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x5, 0xc, &(0x7f00000002c0)=ANY=[@ANYRESOCT=r10, @ANYRES64, @ANYRESOCT=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x2, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000180)='kfree\x00', r14, 0x0, 0xa26}, 0x18)
r15 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000000)={0x1, &(0x7f0000000200)=[{0x6, 0x2, 0x0, 0x7}]})
creat(0x0, 0x0)
close_range(r15, 0xffffffffffffffff, 0x0)

854.219886ms ago: executing program 1 (id=3896):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0x1f, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x10000000, 0x0, 0x0, 0x41100, 0x10, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r2, 0x0, 0x8}, 0x18)
r3 = socket$unix(0x1, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'ipvlan0\x00', <r4=>0x0})
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b0001006d616373656300000400038008000500", @ANYRES32=r4], 0x3c}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r6}, 0x10)
r7 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r9}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000280)='+}[@\x00')
sendmsg$NFT_BATCH(r8, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40080}, 0x8000)
sendmsg$NFT_BATCH(r8, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a09000000000002000000020000000900020073797a310000000008000440000000000900010073797a30000000000800034000000007"], 0x64}}, 0x0)
fsconfig$FSCONFIG_SET_BINARY(r7, 0x6, 0x0, 0x0, 0x0)
r10 = fsmount(r7, 0x0, 0x0)
r11 = openat$cgroup_subtree(r10, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r11, &(0x7f0000000680)=ANY=[@ANYBLOB="2b72646d6120bba99ff9c53ea765f88285fee8dbb367307d098a2c0afec57333903cd5db707e2497efadd7f7379438afae56b1658a8221afd2e0753c9b3b8c2f0a53858222e288f185c11ffc6db201fe91205649eed570e86263fcc97e9ea7d6293d4d6da4081ea0df9d38c680b2267502627977afb00234022078f0e4939fad097eeb8e906f1bdab17cb5db"], 0x6)
r12 = dup(r0)
write$UHID_INPUT(r12, &(0x7f00000029c0)={0xc, {"a2e3ad214fc752f91b25470987f70e06d038e7ff7fc6e5539b3264078b089b3b08336c060890e0878f0e1ac6e70a9b3368959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31350d095d0636cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4040d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f11c5ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a4d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca07000000f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
r13 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000006000000b703000000000083850000007d00000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={0x0, r13}, 0x18)

824.696136ms ago: executing program 1 (id=3897):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c000000100001040000020000000000000000", @ANYRES32=0x0, @ANYBLOB="03800000000000001c0012800b0001006970766c616e00000c000280060001000200000008000500", @ANYRES32=r1], 0x4c}, 0x1, 0x0, 0x0, 0x20004885}, 0x4054)

810.679656ms ago: executing program 1 (id=3898):
socket(0x10, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1b0000000000000000000000008000"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000fcffffff18110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000100850000008600000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x10)
mmap(&(0x7f000000b000/0x4000)=nil, 0x4000, 0x1000005, 0x8012, 0xffffffffffffffff, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(r2, &(0x7f0000003240)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, &(0x7f00000016c0)=[{&(0x7f0000001540)}], 0x1}}], 0x1, 0x4000800)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="190000000400000008000000"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, 0x0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
sendto$inet6(r3, 0x0, 0x0, 0x20000046, &(0x7f0000000200)={0xa, 0x4e20, 0x6, @loopback, 0x401}, 0x1c) (fail_nth: 3)

497.190631ms ago: executing program 1 (id=3900):
syz_pidfd_open(0x0, 0x0)
shmat(0x0, &(0x7f0000ffa000/0x3000)=nil, 0x4000)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x38, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r0}, 0x10)
r2 = socket(0x80000000000000a, 0x1, 0x0)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x6, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)

496.391591ms ago: executing program 1 (id=3901):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x15, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
syz_mount_image$iso9660(&(0x7f00000004c0), &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB='4'], 0x1, 0x48d, &(0x7f0000000580)="$eJzs3V9v01YbAPAnCKQq782rbUII8ccUbRTUBScdRRFXUeoWszSZklaiVxMaICEiTYIr+HD7apvsJFBGG0eMJV31+1lwTuynJyet5UfH8bEDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIhadydNm7Xo5f3Dp8npujvDwf6c7bP2/vikmPO+EbXiX6ytxZXJqivffdx8ufhvPa5NXl2LtaJYi/f/u/z/R99evDD7+TkdWoq3796/fjYev3iz6o6syF7Wz0eDfL+zlyX5aJC0t7fT+493R8lu3stGR6ODbD/pDrPOwWCYbHTvJs12eyvJGkeDw/7eTqeXzVY+/LGVptvJk8YvWWc4GvTvP2mMuo/zXi/v75UxxeYi5mGxI/6cHyQHWWc/SV6+Gr/YqupkEdRcJKhVFdRKW61ms9Vqbj9oP3iYphc/W5H+TXwWsfqdltX6ykdw+HIXpvk/epFHPw7jaSQnLt3YiWEMYv+U7VOz/P/9/Wzu+x7P/7Msf+Xj5qtR5v8bk1c3Tsv/p/RlecvbeBfv43U8i3GM40W8WXmPlrvsRRb9yGMUg8hjPzrlmmS6Jol2bMd2pPFrPI7dGEUSu5FHL7IYxVGM4iCyco/qxjCy6MRBDGIYSWxEN+5GEs1oRzu2IoksGnEUgziMfuzFTnTKVl7Gq/L3vjWnjx+CmosEteYEyf/8c1//IA5f6M9Z/gcAAADOrVp59r0Y/1+K62VtN+9l6aq7BQAAAHxF5Tf/14riUlG7HjXjfwAAADhvauUcu1pE1OPmpDabCeUkAAAAAJwT5ff/N4qiXtRuRs34HwAAAM6b6nvsV0bUNme3/02eT8rn04jpfX7ru3kva3QHvUfN+KG8y0A50+DE1i6V0w/uxa1J1K36pKx/2uJaEdVsPGrGvViffpCN20Vxe+OEyNbCkVtFJACcd+sV+XiR/H8v7kwi7lwtkmlcvHpCZk1lVgA4K6qfsVMZUfupYvz/zYdLChrxW/we43gem+Vsg/KKgxNbrR+7DGGz4mxA/dgTXjYrRvn1Yw96WTx2awl/CQBYnvWKPLxI/t+sGP/XXVIIAGfKhyfY/4uVVX9GAOBTsjQAAAAAAAAAAAAAAJx9y5j/p6Ki8l+rrPrIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACf+ysAAP//rkaCrA==")
write$binfmt_aout(r1, &(0x7f0000000340)=ANY=[], 0xff2e)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000090000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f0000000540)=@raw={'raw\x00', 0x8, 0x3, 0x4d8, 0x0, 0x11, 0x148, 0x0, 0x0, 0x440, 0x2a8, 0x2a8, 0x440, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip_vti0\x00', {0x0, 0x0, 0x3f, 0x0, 0x88000000, 0x3, 0x7}}}, @common=@unspec=@bpf1={{0x230}, @pinned={0x1, 0x0, 0x0, './file0\x00'}}]}, @unspec=@CT0={0x48}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'vlan0\x00', 'netdevsim0\x00'}, 0x0, 0xd0, 0x100, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@quota={{0x38}, {0x0, 0x0, 0x81}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x538)

425.637503ms ago: executing program 0 (id=3904):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="2c0000001a000100000000000000000002202000000000000000000008000200ffffffff080001"], 0x2c}}, 0x0)
r1 = socket$kcm(0x2, 0x1, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r2}, 0x38)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3, 0x0, 0x2}, 0x18)
sendmsg$inet(r1, &(0x7f0000000380)={&(0x7f0000000100)={0x2, 0x0, @dev}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000240)="b2", 0x34000}], 0x1}, 0x80)

423.928223ms ago: executing program 0 (id=3905):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="2c0000001a000100000000000000000002202000000000000000000008000200ffffffff080001"], 0x2c}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000740)={'gretap0\x00', &(0x7f00000008c0)={'erspan0\x00', <r1=>0x0, 0x8, 0x8000, 0x126000, 0x1ff, {{0x3a, 0x4, 0x0, 0x6, 0xe8, 0x67, 0x0, 0x5, 0x29, 0x0, @remote, @initdev={0xac, 0x1e, 0x1, 0x0}, {[@cipso={0x86, 0x3a, 0x3, [{0x6, 0xc, "c6177ee9b7abde74d8c0"}, {0x1, 0xe, "e884f4166a42eedf38c0a972"}, {0x196c2ad27a6d1228, 0x12, "6771ef7cf9504e49d07741c63f84f421"}, {0x2, 0x8, "268024b53dcb"}]}, @timestamp={0x44, 0x8, 0x83, 0x0, 0xc, [0x9]}, @cipso={0x86, 0x51, 0x2, [{0x1, 0x12, "91d8d7c91e1511b741a4b8ad3ba9fe4b"}, {0x7, 0xb, "a78f8b705c34523344"}, {0x1, 0x2}, {0x0, 0x10, "d53d615ed17b1093bfe4f6d38321"}, {0x0, 0x11, "3cd154dfafee6858b0eb8c86f55bdb"}, {0x5, 0x5, "f66370"}, {0x6, 0x6, "8d585b0b"}]}, @ra={0x94, 0x4, 0x1}, @timestamp_prespec={0x44, 0xc, 0x3d, 0x3, 0x9, [{@multicast1}]}, @generic={0x83, 0x7, "b5f7f34e9d"}, @end, @timestamp={0x44, 0x10, 0x91, 0x0, 0x3, [0x8001, 0x20000000, 0x3]}, @timestamp={0x44, 0x18, 0x32, 0x0, 0x1, [0x6d6, 0x3, 0xd, 0x0, 0x0]}, @end]}}}}})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x1, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$kcm(0x2, 0x1, 0x84)
setsockopt$sock_attach_bpf(r2, 0x84, 0x7b, &(0x7f0000000000), 0x8)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4, 0x0, 0x2}, 0x18)
sendmsg$inet(r2, &(0x7f0000000380)={&(0x7f0000000100)={0x2, 0x0, @dev}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000240)="b2", 0x34000}], 0x1}, 0x80)

406.929323ms ago: executing program 0 (id=3906):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x1, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x2}, 0x18)
removexattr(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)=@known='system.advise\x00')

394.110823ms ago: executing program 0 (id=3907):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a000020095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000000c0)={0x0, &(0x7f0000000280)})
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='host1x_wait_cdma\x00', r0, 0x0, 0x10000000000}, 0x18)
bpf$BPF_LINK_CREATE(0xa, 0x0, 0x0)
bind$tipc(0xffffffffffffffff, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
listen(0xffffffffffffffff, 0x0)
r1 = socket$tipc(0x1e, 0x5, 0x0)
r2 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r2, r2)
waitid(0x2, r2, 0x0, 0x8, 0x0)
sendmsg$tipc(r1, &(0x7f00000002c0)={&(0x7f0000000080)=@nameseq={0x1e, 0x2, 0x0, {0x41}}, 0x10, 0x0}, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x400000000000000)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f0000000500))
newfstatat(0xffffffffffffff9c, &(0x7f00000004c0)='./bus\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}, 0x4000)
mount$9p_unix(&(0x7f00000001c0)='./file1\x00', &(0x7f00000002c0)='./file0\x00', &(0x7f0000000340), 0x8, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=unix,access=client,cache=loose,debug=0x000000000000096a,access=any,dfltgid=', @ANYRESHEX=0x0, @ANYBLOB="2c6e6f657874656e642c752e61bfecce91c1396411fce816b2d5bb124478653d73656375726974792e0000000062696c697479"])
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000085072b41110000", @ANYRES32=r5, @ANYRESDEC=r3], &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x18)
creat(&(0x7f0000000980)='./bus\x00', 0x19)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')
ioctl$VT_SETMODE(r4, 0x5602, &(0x7f0000000080)={0xb, 0x9, 0x7, 0x0, 0x9})
write$binfmt_aout(r4, &(0x7f0000000340)=ANY=[], 0xff2e)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d", @ANYRES32=r7, @ANYRESHEX=r0], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
gettid()

355.520634ms ago: executing program 2 (id=3908):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c000000100001040000020000000000000000", @ANYRES32=0x0, @ANYBLOB="03800000000000001c0012800b0001006970766c616e00000c000280060001000200000008000500", @ANYRES32=r1], 0x4c}, 0x1, 0x0, 0x0, 0x20004885}, 0x4054)

341.240724ms ago: executing program 2 (id=3909):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_wakeup_irq', 0x0, 0xb)
r1 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x2a82)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000000140)={r0, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x20, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "2809e8dbe108598927875397bab22d0000b420a9c81f40f05f819e01177d3d458dac00000000000000000000003b00000000000000000200", "90be8b1c5512406c7f00", [0x4, 0x40000000000000]}})

263.466676ms ago: executing program 2 (id=3910):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
capset(&(0x7f0000000180)={0x20080522, r1}, &(0x7f00000001c0)={0xdf, 0x2, 0x1, 0xb518, 0x7, 0x8595})
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_opts(r2, 0x0, 0x19, &(0x7f0000000580)="1f", 0x1)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0))
ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000200)=0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r3}, 0x38)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r4}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
clock_getres(0x2, 0x0)
pwritev(r0, &(0x7f0000000140)=[{&(0x7f0000000040)='\x00!G', 0x3}], 0x1, 0x7, 0x0)

203.688357ms ago: executing program 2 (id=3911):
syz_pidfd_open(0x0, 0x0)
shmat(0x0, &(0x7f0000ffa000/0x3000)=nil, 0x4000)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x38, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r0}, 0x10)
r2 = socket(0x80000000000000a, 0x1, 0x0)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x6, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)

191.511977ms ago: executing program 2 (id=3912):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000100001ff00000000000000000000000a2c000000050a01020000000000000000020000000900030073797a32000000000900010073797a300000000014000000020a031747d214"], 0x68}, 0x1, 0x0, 0x0, 0x4006000}, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000700), &(0x7f0000000240), 0xff, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x3, 0x0, 0x0, 0x40f00, 0x42, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0x200000}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000100001000b000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f08000340000000045c0000000c0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00008028000180230001"], 0xe8}}, 0x0)

168.496227ms ago: executing program 2 (id=3913):
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f00000000c0)={'tunl0\x00', &(0x7f0000000580)={'syztnl1\x00', 0x0, 0x40, 0x8, 0x90e9, 0x2, {{0x36, 0x4, 0x3, 0x39, 0xd8, 0x67, 0x0, 0x1f, 0x2f, 0x0, @private=0xa010100, @multicast2, {[@noop, @cipso={0x86, 0x52, 0x3, [{0x0, 0x8, "a7e3852f6f64"}, {0x0, 0xa, "59996331fa1f766a"}, {0x7, 0x8, "e1cfd40570de"}, {0x7, 0xe, "be9e2760b6e2414fc5aee042"}, {0x0, 0x4, "0cf9"}, {0x7, 0x5, "802a14"}, {0x2, 0x4, "b628"}, {0x6, 0x10, "c8a6be8045f56813343d415e2fd8"}, {0x2, 0x7, "dc50751578"}]}, @ra={0x94, 0x4}, @timestamp_addr={0x44, 0x24, 0xe5, 0x1, 0xf, [{@remote, 0x6}, {@empty, 0x5}, {@broadcast, 0x8}, {@broadcast}]}, @rr={0x7, 0x7, 0x44, [@empty]}, @timestamp={0x44, 0x18, 0x27, 0x0, 0x4, [0x6, 0x3, 0x80000001, 0xf, 0x4]}, @timestamp_prespec={0x44, 0x14, 0xf8, 0x3, 0x0, [{@private=0xa010102, 0xd}, {@multicast2, 0x9}]}, @rr={0x7, 0x13, 0x61, [@loopback, @rand_addr=0x64010102, @multicast2, @empty]}]}}}}})
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
unshare(0x6a040000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
mlockall(0x1)

118.611288ms ago: executing program 3 (id=3914):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x80801c, &(0x7f0000000580), 0x1, 0x503, &(0x7f0000000880)="$eJzs3c9vI1cdAPDvOL+cNG3S0gMgoEspLGi1TuJto6oHWE4IoUqIHkHahsQbRbHjKHZKE/aQ/g9IVOIER/4Azj1x54LgxmU5IPEjAm1W4mA040nWm7U3ZpPYUfz5SKN5b2bs73trzXv21xu/AEbWjYg4iIjJiPgwIuby40m+xd32ll736PDB6tHhg9UkWq0P/plk59Nj0fGY1Ev5cxYj4kffi/hp8mzcxt7+5kq1WtlpV6cXmrXthcbe/u2N2sp6Zb2yVS4vLy0vvnvnnfKF9fWN2mRe+vLDPxx86+dps2bzI539uEjtrk+cxEmNR8QPLiPYEIzl/ZkcdkN4IYWIeC0i3szu/7kYy15NAOA6a7XmojXXWQcArrtClgNLCqU8FzAbhUKp1M7hvR4zhWq90bx1v767tdbOlc3HROH+RrWymOcK52MiSetLWflJvXyqficiXo2IX0xNZ/XSar26Nsw3PgAwwl46Nf//Z6o9/wMA11xx2A0AAAbO/A8Ao8f8DwCjx/wPAKPnyfx/d6jtAAAGx+d/ABg95n8AGCk/fP/9dGsd5b9/vfbR3u5m/aPba5XGZqm2u1pare9sl9br9fXsN3tqZz1ftV7fXno7dj+e//Z2o7nQ2Nu/V6vvbjXvZb/rfa8yMZBeAQDP8+obn/05iYiD96azLTrWcjBXw/VWGHYDgKEZG3YDgKGx2heMrnN8xpcegGuiyxK9TylGxPTpg61Wq3V5TQIu2c0vyP/DqOrI//tfwDBi5P9hdMn/w+hqtZJ+1/yPfi8EAK42OX6gx/f/r+X73+ZfDvxk7fQVn15mqwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBqO17/t5SvBT4bhUKpFPFyRMzHRHJ/o1pZjIhXIuJPUxNTaX1pyG0GAM6r8LckX//r5txbs6fPTiaPp7J9RPzsVx/88uOVZnPnj+nxf50cb36aHy8Po/0AwFmO5+ls3/FB/tHhg9XjbZDt+ft3I6LYjn90OBlHJ/HHYzzbF2MiImb+neT1tqQjd3EeB59ExOe79T+J2SwH0l759HT8NPbLA41feCp+ITvX3qf/Fp+7gLbAqPksHX/udrv/CnEj23e//4vZCHV++fiXPtXqUTYGPol/PP6N9Rj/bvQb4+3ff79dmn723CcRXxyPOI591DH+HMdPesR/q8/4f/nSV97sda7164ib0T1+Z6yFZm17obG3f3ujtrJeWa9slcvLS8uL7955p7yQ5agXes8G/3jv1itZocslaf9nesQvntH/r/fZ/9/898Mff7XHuTT+N7/WLX4hXn9O/HRO/Eaf8VdmflfsdS6Nv9aj/2e9/rf6jP/wr/vPLBsOAAxPY29/c6VarewMsnD8RmKgQRX6K0zlL85Vac9ThSvbsM2V6ncGFWsy/q9HtVovFKvXiHERWTfgKji56SPi8bAbAwAAAAAAAAAAAAAAdHWpf6iUtAvD7iMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADX1/8CAAD//8jOyzo=")
r0 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0xa)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000007040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a6c000000060a0b04000000000000000002000000400004803c0001800b00010065787468647200002c0002800800034000000000080007401000000d0500020007000000080006400000000108000440000000170900010073797a30000000000900020073797a32"], 0x94}}, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2401, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0900000004000000563c000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf79d}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4, 0x0, 0x1000000100}, 0x18)
pipe(&(0x7f0000005880)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
fsetxattr$security_selinux(r5, &(0x7f00000000c0), &(0x7f0000000040)='system_u:object_r:dhcp_state_t:s0\x00', 0x1e, 0x0)
write$binfmt_script(r2, &(0x7f00000004c0), 0x208e24b)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x80801c, &(0x7f0000000580), 0x1, 0x503, &(0x7f0000000880)="$eJzs3c9vI1cdAPDvOL+cNG3S0gMgoEspLGi1TuJto6oHWE4IoUqIHkHahsQbRbHjKHZKE/aQ/g9IVOIER/4Azj1x54LgxmU5IPEjAm1W4mA040nWm7U3ZpPYUfz5SKN5b2bs73trzXv21xu/AEbWjYg4iIjJiPgwIuby40m+xd32ll736PDB6tHhg9UkWq0P/plk59Nj0fGY1Ev5cxYj4kffi/hp8mzcxt7+5kq1WtlpV6cXmrXthcbe/u2N2sp6Zb2yVS4vLy0vvnvnnfKF9fWN2mRe+vLDPxx86+dps2bzI539uEjtrk+cxEmNR8QPLiPYEIzl/ZkcdkN4IYWIeC0i3szu/7kYy15NAOA6a7XmojXXWQcArrtClgNLCqU8FzAbhUKp1M7hvR4zhWq90bx1v767tdbOlc3HROH+RrWymOcK52MiSetLWflJvXyqficiXo2IX0xNZ/XSar26Nsw3PgAwwl46Nf//Z6o9/wMA11xx2A0AAAbO/A8Ao8f8DwCjx/wPAKPnyfx/d6jtAAAGx+d/ABg95n8AGCk/fP/9dGsd5b9/vfbR3u5m/aPba5XGZqm2u1pare9sl9br9fXsN3tqZz1ftV7fXno7dj+e//Z2o7nQ2Nu/V6vvbjXvZb/rfa8yMZBeAQDP8+obn/05iYiD96azLTrWcjBXw/VWGHYDgKEZG3YDgKGx2heMrnN8xpcegGuiyxK9TylGxPTpg61Wq3V5TQIu2c0vyP/DqOrI//tfwDBi5P9hdMn/w+hqtZJ+1/yPfi8EAK42OX6gx/f/r+X73+ZfDvxk7fQVn15mqwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBqO17/t5SvBT4bhUKpFPFyRMzHRHJ/o1pZjIhXIuJPUxNTaX1pyG0GAM6r8LckX//r5txbs6fPTiaPp7J9RPzsVx/88uOVZnPnj+nxf50cb36aHy8Po/0AwFmO5+ls3/FB/tHhg9XjbZDt+ft3I6LYjn90OBlHJ/HHYzzbF2MiImb+neT1tqQjd3EeB59ExOe79T+J2SwH0l759HT8NPbLA41feCp+ITvX3qf/Fp+7gLbAqPksHX/udrv/CnEj23e//4vZCHV++fiXPtXqUTYGPol/PP6N9Rj/bvQb4+3ff79dmn723CcRXxyPOI591DH+HMdPesR/q8/4f/nSV97sda7164ib0T1+Z6yFZm17obG3f3ujtrJeWa9slcvLS8uL7955p7yQ5agXes8G/3jv1itZocslaf9nesQvntH/r/fZ/9/898Mff7XHuTT+N7/WLX4hXn9O/HRO/Eaf8VdmflfsdS6Nv9aj/2e9/rf6jP/wr/vPLBsOAAxPY29/c6VarewMsnD8RmKgQRX6K0zlL85Vac9ThSvbsM2V6ncGFWsy/q9HtVovFKvXiHERWTfgKji56SPi8bAbAwAAAAAAAAAAAAAAdHWpf6iUtAvD7iMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADX1/8CAAD//8jOyzo=") (async)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0xa) (async)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000007040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a6c000000060a0b04000000000000000002000000400004803c0001800b00010065787468647200002c0002800800034000000000080007401000000d0500020007000000080006400000000108000440000000170900010073797a30000000000900020073797a32"], 0x94}}, 0x0) (async)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2401, 0x0) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0900000004000000563c000001"], 0x50) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf79d}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4, 0x0, 0x1000000100}, 0x18) (async)
pipe(&(0x7f0000005880)) (async)
fsetxattr$security_selinux(r5, &(0x7f00000000c0), &(0x7f0000000040)='system_u:object_r:dhcp_state_t:s0\x00', 0x1e, 0x0) (async)
write$binfmt_script(r2, &(0x7f00000004c0), 0x208e24b) (async)

45.037239ms ago: executing program 4 (id=3915):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000ab4000000060a01040000000000000000020000280900010073797a30000000000900020073797a320000000088000480100001800c000100636f756e7465720014000180090001006d6173710000000004000280600001800a0001006c696d6974000000500002800c000140000000000000000808000440000000010c00014000000000000080010c00024000000000000000090800034000000fba0c00024000000000000000000c000140000000"], 0xdc}}, 0x0)
sendmsg$NFT_MSG_GETRULE(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)

0s ago: executing program 4 (id=3916):
r0 = syz_open_dev$evdev(&(0x7f0000000180), 0x1, 0xa0502)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x0, 0x400}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000000000)=0xe)
syz_usb_disconnect(r0)
syz_usb_connect$uac1(0x0, 0xe3, &(0x7f0000000000)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0x20, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xd1, 0x3, 0x1, 0x8, 0x10, 0x40, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x6}, [@input_terminal={0xc, 0x24, 0x2, 0x5, 0x205, 0x5, 0x6b, 0x2, 0x81, 0x3}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_discrete={0xb, 0x24, 0x2, 0x1, 0x2, 0x4, 0x1, 0x3, "f2b35b"}, @as_header={0x7, 0x24, 0x1, 0xa, 0x80}, @as_header={0x7, 0x24, 0x1, 0xdd, 0x2, 0x1}]}, {{0x9, 0x5, 0x1, 0x9, 0x200, 0x80, 0x81, 0x0, {0x7, 0x25, 0x1, 0x83, 0x3d, 0x9}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_ii_discrete={0xf, 0x24, 0x2, 0x2, 0x0, 0xee4, 0xb3, "cbf43a3ad856"}, @format_type_ii_discrete={0x10, 0x24, 0x2, 0x2, 0x2, 0x3, 0x8, "5e98194ceae6f3"}, @format_type_i_discrete={0xb, 0x24, 0x2, 0x1, 0x5, 0x1, 0x0, 0x81, "3a8851"}, @as_header={0x7, 0x24, 0x1, 0x7, 0x70, 0x1001}, @format_type_i_discrete={0xf, 0x24, 0x2, 0x1, 0x3, 0x2, 0xf, 0x61, "21f379307f2bd2"}, @format_type_i_continuous={0xd, 0x24, 0x2, 0x1, 0x2, 0x3, 0x0, 0x80, "70bcd1", "1664"}]}, {{0x9, 0x5, 0x82, 0x9, 0x3ff, 0x7, 0x0, 0x6c, {0x7, 0x25, 0x1, 0x2, 0x8, 0x7f}}}}}}}]}}, &(0x7f0000000740)={0xa, &(0x7f0000000100)={0xa, 0x6, 0x200, 0x25, 0xb, 0xa, 0x8, 0xc}, 0x30, &(0x7f00000001c0)={0x5, 0xf, 0x30, 0x3, [@ssp_cap={0x18, 0x10, 0xa, 0x44, 0x3, 0x43, 0xff00, 0x0, [0x0, 0xff81ff, 0x30]}, @ext_cap={0x7, 0x10, 0x2, 0x10, 0x1, 0x2, 0x222}, @generic={0xc, 0x10, 0x2, "33c87096aaffb465e2"}]}, 0xa, [{0x4, &(0x7f0000000140)=@lang_id={0x4, 0x3, 0x420}}, {0x36, &(0x7f0000000300)=@string={0x36, 0x3, "72cca3921339d3418e78adc775c4c02c91be7cb2b929bc49839b5e63bd72bb44e415d686df6ece90fa1bc003c53b4b5d85596a47"}}, {0xe9, &(0x7f0000000340)=@string={0xe9, 0x3, "b911ef3d9ce39bcc1042e230022bd04d79cfe72f7b640b60d413f5b743d44b8e95afecabbc214d567035b9bd780607fa7ec47f30006b3ef5300e0ffab67f35295053b81d25939c25fa4b040820e4b6b0ef9e176524d6db3b20c264807b43be65fa5191d436bc9e0225211325b915e9008424029b058704497568a1bfee20159a5924a028c28fee166f743115913765ad4647b72db6902ae939a49cff743ed27227f3f718e32dc6ec72a30233fd963e3cf467c08581228997339689da13a9375161f5df4a9b76511a2930941351f17750c833e7d58a04f46136386597ec44ceb86d06a7f6b05937"}}, {0x36, &(0x7f00000024c0)=@string={0x36, 0x3, "0865e051eec833589deeaa5d6ec59d49efc068c17ce7b2d2fe1bfe782ecf06cca5ea52d322c7e1a485540cf46b05ad8a010afd3e"}}, {0x4, &(0x7f0000000480)=@lang_id={0x4, 0x3, 0x240a}}, {0x3e, &(0x7f0000000540)=@string={0x3e, 0x3, "8761a065b1535bc184ffb0b4633a9ff739782c17ff0a797081304e4413900f143506e574550247d6fbaed7fd89bd7b5b273c6da44def4cf9a29bfe2b"}}, {0x17, &(0x7f0000000580)=@string={0x17, 0x3, "c04fabaca958d554ba9d45c71e1f3ecf5e1a589f3a"}}, {0xab, &(0x7f00000005c0)=@string={0xab, 0x3, "31321391b18663fed9825a142e7aa01cea7095948437998edf36f97e5b5277cebe6a1ff5c69578cca4b05a225e6855a74986ee6ccc254f9cb34d1b2448236a8431a66315d1a4df19da79074d539c695cdd09a5caa8f8c881061dea91905b216ee280017730468a5e66fee03812e2a1e40ac6bfa5397de988efe79e1eb502676c197b309ce7a75a064492d17b778776afe976828243d2faacef71e14caedd00a4aac3232ed54c2988b9"}}, {0x4, &(0x7f0000000680)=@lang_id={0x4, 0x3, 0x1409}}, {0x0, 0x0}]})
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f0000000080), &(0x7f0000000040)=0x1)
symlink(&(0x7f0000000080)='.\x00', &(0x7f0000000240)='./file0\x00')
r3 = open(&(0x7f0000000000)='./bus\x00', 0x1050c1, 0x170)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001380)={&(0x7f0000001440)=ANY=[@ANYBLOB="9feb010018000000000000004b0000004b00000006000000020000000200000f020000002200000001000000030000000000000000000000000000004494000000000000000200005543072400090000000f01000000000000000000000000000000840000002e5f2e00"], &(0x7f00000014c0)=""/2, 0x6a, 0x2, 0x1, 0x0, 0x0, @void, @value}, 0x28)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4d, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af80b0e176c00bfa200000000000007020000f8ffffffb703000008000000b70400000000000085003300c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x18)
fgetxattr(r3, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x10)
chmod(&(0x7f0000000180)='./file0\x00', 0x23f)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000008c0)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
io_uring_setup(0xf08, &(0x7f000000c480)={0x0, 0xeb9e, 0x400, 0x20001, 0x3})
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r7}, 0x10)
r8 = dup(0xffffffffffffffff)
setsockopt$IPT_SO_SET_REPLACE(r8, 0x0, 0x40, &(0x7f00000002c0)=@raw={'raw\x00', 0xe501, 0x3, 0x228, 0x0, 0xa, 0x1000000, 0xb8, 0x0, 0x190, 0x230, 0x230, 0x190, 0x223, 0x3, 0x0, {[{{@uncond, 0x0, 0x70, 0xb8}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x3b9, 'syz1\x00'}}}, {{@ip={@local, @loopback, 0x0, 0x0, 'netdevsim0\x00', 'pimreg\x00', {}, {}, 0x4}, 0x0, 0x90, 0xd8, 0x0, {}, [@common=@socket0={{0x20}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x3c0, 'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x288)
r9 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r9, 0x8910, &(0x7f0000000000)={'ip6gretap0\x00', @ifru_mtu=0x6})
ioctl$sock_netdev_private(r9, 0x8914, &(0x7f0000000000))
preadv(r0, &(0x7f00000022c0)=[{&(0x7f0000000200)=""/65, 0x41}, {&(0x7f0000000280)=""/6, 0x6}, {&(0x7f0000000ec0)=""/187, 0xbb}, {&(0x7f0000000f80)=""/128, 0x80}, {&(0x7f0000001000)=""/230, 0xe6}, {&(0x7f0000001100)=""/172, 0xac}, {&(0x7f00000011c0)=""/4096, 0x1000}, {&(0x7f00000021c0)=""/126, 0x7e}, {&(0x7f0000002240)=""/122, 0x7a}], 0x9, 0xd24, 0x9)

kernel console output (not intermixed with test programs):


[  511.865816][T15200]  <TASK>
[  511.865821][T15200]  __dump_stack+0x1d/0x30
[  511.865907][T15200]  dump_stack_lvl+0xe8/0x140
[  511.865917][T15200]  dump_stack+0x15/0x1b
[  511.865926][T15200]  should_fail_ex+0x265/0x280
[  511.865990][T15200]  should_fail+0xb/0x20
[  511.866041][T15200]  should_fail_usercopy+0x1a/0x20
[  511.866052][T15200]  _copy_from_user+0x1c/0xb0
[  511.866107][T15200]  tls_setsockopt+0x3ec/0xce0
[  511.866186][T15200]  sock_common_setsockopt+0x69/0x80
[  511.866201][T15200]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  511.866217][T15200]  __sys_setsockopt+0x184/0x200
[  511.866228][T15200]  __x64_sys_setsockopt+0x64/0x80
[  511.866244][T15200]  x64_sys_call+0x2bd5/0x2fb0
[  511.866255][T15200]  do_syscall_64+0xd2/0x200
[  511.866268][T15200]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  511.866309][T15200]  ? clear_bhb_loop+0x40/0x90
[  511.866320][T15200]  ? clear_bhb_loop+0x40/0x90
[  511.866452][T15200]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  511.866464][T15200] RIP: 0033:0x7f793c5ee929
[  511.866473][T15200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  511.866550][T15200] RSP: 002b:00007f793ac57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  511.866561][T15200] RAX: ffffffffffffffda RBX: 00007f793c815fa0 RCX: 00007f793c5ee929
[  511.866568][T15200] RDX: 0000000000000001 RSI: 000000000000011a RDI: 0000000000000005
[  511.866574][T15200] RBP: 00007f793ac57090 R08: 0000000000000028 R09: 0000000000000000
[  511.866581][T15200] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000001
[  511.866644][T15200] R13: 0000000000000000 R14: 00007f793c815fa0 R15: 00007fff34932ab8
[  511.866654][T15200]  </TASK>
[  512.074015][T15216] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3398'.
[  512.101886][T15220] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3399'.
[  512.132122][T15222] FAULT_INJECTION: forcing a failure.
[  512.132122][T15222] name failslab, interval 1, probability 0, space 0, times 0
[  512.144925][T15222] CPU: 0 UID: 0 PID: 15222 Comm: syz.0.3401 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(voluntary) 
[  512.144958][T15222] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  512.144975][T15222] Call Trace:
[  512.144981][T15222]  <TASK>
[  512.144990][T15222]  __dump_stack+0x1d/0x30
[  512.145015][T15222]  dump_stack_lvl+0xe8/0x140
[  512.145103][T15222]  dump_stack+0x15/0x1b
[  512.145124][T15222]  should_fail_ex+0x265/0x280
[  512.145164][T15222]  should_failslab+0x8c/0xb0
[  512.145189][T15222]  kmem_cache_alloc_noprof+0x50/0x310
[  512.145301][T15222]  ? audit_log_start+0x365/0x6c0
[  512.145332][T15222]  audit_log_start+0x365/0x6c0
[  512.145365][T15222]  audit_seccomp+0x48/0x100
[  512.145405][T15222]  ? __seccomp_filter+0x68c/0x10d0
[  512.145429][T15222]  __seccomp_filter+0x69d/0x10d0
[  512.145517][T15222]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  512.145617][T15222]  ? vfs_write+0x75e/0x8e0
[  512.145639][T15222]  __secure_computing+0x82/0x150
[  512.145667][T15222]  syscall_trace_enter+0xcf/0x1e0
[  512.145695][T15222]  do_syscall_64+0xac/0x200
[  512.145789][T15222]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  512.145816][T15222]  ? clear_bhb_loop+0x40/0x90
[  512.145850][T15222]  ? clear_bhb_loop+0x40/0x90
[  512.145881][T15222]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  512.145907][T15222] RIP: 0033:0x7f6d2cc8e929
[  512.145925][T15222] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  512.145942][T15222] RSP: 002b:00007f6d2b2f7038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[  512.145962][T15222] RAX: ffffffffffffffda RBX: 00007f6d2ceb5fa0 RCX: 00007f6d2cc8e929
[  512.145975][T15222] RDX: 0000000000000017 RSI: 0000000000800000 RDI: 00002000000ec000
[  512.145991][T15222] RBP: 00007f6d2b2f7090 R08: 0000000000000000 R09: 0000000000000000
[  512.146005][T15222] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  512.146017][T15222] R13: 0000000000000000 R14: 00007f6d2ceb5fa0 R15: 00007ffe72c8e1b8
[  512.146038][T15222]  </TASK>
[  512.475043][T15240] wg2: left promiscuous mode
[  512.479759][T15240] wg2: left allmulticast mode
[  512.554647][T15241] wg2: entered promiscuous mode
[  512.559640][T15241] wg2: entered allmulticast mode
[  512.562565][T15245] FAULT_INJECTION: forcing a failure.
[  512.562565][T15245] name failslab, interval 1, probability 0, space 0, times 0
[  512.577367][T15245] CPU: 0 UID: 0 PID: 15245 Comm: syz.0.3409 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(voluntary) 
[  512.577401][T15245] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  512.577413][T15245] Call Trace:
[  512.577419][T15245]  <TASK>
[  512.577429][T15245]  __dump_stack+0x1d/0x30
[  512.577513][T15245]  dump_stack_lvl+0xe8/0x140
[  512.577541][T15245]  dump_stack+0x15/0x1b
[  512.577560][T15245]  should_fail_ex+0x265/0x280
[  512.577596][T15245]  should_failslab+0x8c/0xb0
[  512.577642][T15245]  kmem_cache_alloc_noprof+0x50/0x310
[  512.577669][T15245]  ? getname_flags+0x80/0x3b0
[  512.577694][T15245]  ? get_pid_task+0x96/0xd0
[  512.577714][T15245]  getname_flags+0x80/0x3b0
[  512.577757][T15245]  do_mq_open+0xd9/0x4f0
[  512.577784][T15245]  ? __rcu_read_unlock+0x4f/0x70
[  512.577923][T15245]  ? __fget_files+0x184/0x1c0
[  512.577946][T15245]  __x64_sys_mq_open+0xcb/0x100
[  512.577973][T15245]  x64_sys_call+0x27d6/0x2fb0
[  512.578059][T15245]  do_syscall_64+0xd2/0x200
[  512.578089][T15245]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  512.578120][T15245]  ? clear_bhb_loop+0x40/0x90
[  512.578142][T15245]  ? clear_bhb_loop+0x40/0x90
[  512.578176][T15245]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  512.578199][T15245] RIP: 0033:0x7f6d2cc8e929
[  512.578217][T15245] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  512.578273][T15245] RSP: 002b:00007f6d2b2f7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f0
[  512.578318][T15245] RAX: ffffffffffffffda RBX: 00007f6d2ceb5fa0 RCX: 00007f6d2cc8e929
[  512.578333][T15245] RDX: 00000000000001e1 RSI: 0000000000000843 RDI: 0000200000000380
[  512.578347][T15245] RBP: 00007f6d2b2f7090 R08: 0000000000000000 R09: 0000000000000000
[  512.578362][T15245] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  512.578379][T15245] R13: 0000000000000001 R14: 00007f6d2ceb5fa0 R15: 00007ffe72c8e1b8
[  512.578398][T15245]  </TASK>
[  512.833041][T15247] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15247 comm=syz.2.3410
[  512.853390][T15251] loop3: detected capacity change from 0 to 1024
[  512.865894][T15249] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3410'.
[  512.946251][T15257] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3414'.
[  513.079698][T15281] FAULT_INJECTION: forcing a failure.
[  513.079698][T15281] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  513.092929][T15281] CPU: 1 UID: 0 PID: 15281 Comm: syz.2.3422 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(voluntary) 
[  513.092963][T15281] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  513.092981][T15281] Call Trace:
[  513.092988][T15281]  <TASK>
[  513.092995][T15281]  __dump_stack+0x1d/0x30
[  513.093019][T15281]  dump_stack_lvl+0xe8/0x140
[  513.093038][T15281]  dump_stack+0x15/0x1b
[  513.093062][T15281]  should_fail_ex+0x265/0x280
[  513.093147][T15281]  should_fail+0xb/0x20
[  513.093182][T15282] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3420'.
[  513.093181][T15281]  should_fail_usercopy+0x1a/0x20
[  513.093228][T15281]  strncpy_from_user+0x25/0x230
[  513.093258][T15281]  keyctl_restrict_keyring+0x80/0x1b0
[  513.093293][T15281]  __se_sys_keyctl+0x1ed/0xb80
[  513.093334][T15281]  ? __rcu_read_unlock+0x4f/0x70
[  513.093357][T15281]  ? __fget_files+0x184/0x1c0
[  513.093382][T15281]  ? fput+0x8f/0xc0
[  513.093515][T15281]  __x64_sys_keyctl+0x67/0x80
[  513.093545][T15281]  x64_sys_call+0x2e7f/0x2fb0
[  513.093568][T15281]  do_syscall_64+0xd2/0x200
[  513.093589][T15281]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  513.093617][T15281]  ? clear_bhb_loop+0x40/0x90
[  513.093685][T15281]  ? clear_bhb_loop+0x40/0x90
[  513.093707][T15281]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  513.093730][T15281] RIP: 0033:0x7fd3602ce929
[  513.093746][T15281] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  513.093766][T15281] RSP: 002b:00007fd35e937038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[  513.093791][T15281] RAX: ffffffffffffffda RBX: 00007fd3604f5fa0 RCX: 00007fd3602ce929
[  513.093805][T15281] RDX: 0000200000000200 RSI: 000000002ce02d30 RDI: 000000000000001d
[  513.093818][T15281] RBP: 00007fd35e937090 R08: 0000000000000000 R09: 0000000000000000
[  513.093840][T15281] R10: 0000200000000140 R11: 0000000000000246 R12: 0000000000000001
[  513.093927][T15281] R13: 0000000000000000 R14: 00007fd3604f5fa0 R15: 00007ffd86ec3498
[  513.093946][T15281]  </TASK>
[  513.451297][T15299] Unsupported ieee802154 address type: 0
[  513.482658][T15302] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  513.506295][   T29] kauditd_printk_skb: 812 callbacks suppressed
[  513.506311][   T29] audit: type=1400 audit(2000000000.620:20143): avc:  denied  { accept } for  pid=15295 comm="syz.4.3428" lport=49833 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  513.536268][T15302] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  513.556418][   T29] audit: type=1400 audit(2000000000.630:20144): avc:  denied  { open } for  pid=15305 comm="syz.0.3431" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  513.576364][   T29] audit: type=1400 audit(2000000000.630:20145): avc:  denied  { kernel } for  pid=15305 comm="syz.0.3431" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  513.596071][   T29] audit: type=1400 audit(2000000000.650:20146): avc:  denied  { create } for  pid=15301 comm="syz.1.3430" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  513.616123][   T29] audit: type=1400 audit(2000000000.670:20147): avc:  denied  { setopt } for  pid=15301 comm="syz.1.3430" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  513.680853][   T29] audit: type=1400 audit(2000000000.710:20148): avc:  denied  { create } for  pid=15305 comm="syz.0.3431" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  513.700636][   T29] audit: type=1400 audit(2000000000.710:20149): avc:  denied  { create } for  pid=15305 comm="syz.0.3431" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  513.737636][   T29] audit: type=1400 audit(2000000000.850:20150): avc:  denied  { write } for  pid=15305 comm="syz.0.3431" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  513.773269][   T29] audit: type=1400 audit(2000000000.880:20151): avc:  denied  { write } for  pid=15305 comm="syz.0.3431" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  513.793115][   T29] audit: type=1400 audit(2000000000.880:20152): avc:  denied  { create } for  pid=15305 comm="syz.0.3431" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  513.871442][T15306] netlink: 'syz.0.3431': attribute type 10 has an invalid length.
[  513.887684][T15306] team0: Device veth1_macvtap failed to register rx_handler
[  514.109308][T15332] tipc: Started in network mode
[  514.109390][T15320] loop3: detected capacity change from 0 to 128
[  514.114234][T15332] tipc: Node identity ac14140f, cluster identity 4711
[  514.114440][T15332] tipc: New replicast peer: 255.255.255.255
[  514.133588][T15332] tipc: Enabled bearer <udp:s>, priority 10
[  514.211051][T15334] FAULT_INJECTION: forcing a failure.
[  514.211051][T15334] name failslab, interval 1, probability 0, space 0, times 0
[  514.223837][T15334] CPU: 0 UID: 0 PID: 15334 Comm: syz.2.3442 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(voluntary) 
[  514.223872][T15334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  514.223887][T15334] Call Trace:
[  514.223894][T15334]  <TASK>
[  514.223903][T15334]  __dump_stack+0x1d/0x30
[  514.223952][T15334]  dump_stack_lvl+0xe8/0x140
[  514.224043][T15334]  dump_stack+0x15/0x1b
[  514.224060][T15334]  should_fail_ex+0x265/0x280
[  514.224099][T15334]  should_failslab+0x8c/0xb0
[  514.224193][T15334]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  514.224225][T15334]  ? sock_alloc_inode+0x34/0xa0
[  514.224259][T15334]  ? __pfx_sock_alloc_inode+0x10/0x10
[  514.224353][T15334]  sock_alloc_inode+0x34/0xa0
[  514.224384][T15334]  alloc_inode+0x40/0x170
[  514.224407][T15334]  __sock_create+0x122/0x5b0
[  514.224471][T15334]  __sys_socket+0xb0/0x180
[  514.224581][T15334]  __x64_sys_socket+0x3f/0x50
[  514.224615][T15334]  x64_sys_call+0x285a/0x2fb0
[  514.224638][T15334]  do_syscall_64+0xd2/0x200
[  514.224701][T15334]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  514.224733][T15334]  ? clear_bhb_loop+0x40/0x90
[  514.224759][T15334]  ? clear_bhb_loop+0x40/0x90
[  514.224855][T15334]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  514.224880][T15334] RIP: 0033:0x7fd3602ce929
[  514.224896][T15334] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  514.224954][T15334] RSP: 002b:00007fd35e937038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  514.224978][T15334] RAX: ffffffffffffffda RBX: 00007fd3604f5fa0 RCX: 00007fd3602ce929
[  514.224994][T15334] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 000000000000002b
[  514.225043][T15334] RBP: 00007fd35e937090 R08: 0000000000000000 R09: 0000000000000000
[  514.225056][T15334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  514.225070][T15334] R13: 0000000000000000 R14: 00007fd3604f5fa0 R15: 00007ffd86ec3498
[  514.225090][T15334]  </TASK>
[  514.225101][T15334] socket: no more sockets
[  514.596989][T15361] FAULT_INJECTION: forcing a failure.
[  514.596989][T15361] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  514.598342][T15360] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  514.610183][T15361] CPU: 1 UID: 0 PID: 15361 Comm: syz.4.3451 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(voluntary) 
[  514.610269][T15361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  514.610344][T15361] Call Trace:
[  514.610350][T15361]  <TASK>
[  514.610358][T15361]  __dump_stack+0x1d/0x30
[  514.610381][T15361]  dump_stack_lvl+0xe8/0x140
[  514.610401][T15361]  dump_stack+0x15/0x1b
[  514.610419][T15361]  should_fail_ex+0x265/0x280
[  514.610488][T15361]  should_fail+0xb/0x20
[  514.610520][T15361]  should_fail_usercopy+0x1a/0x20
[  514.610551][T15361]  _copy_to_user+0x20/0xa0
[  514.610576][T15361]  simple_read_from_buffer+0xb5/0x130
[  514.610691][T15361]  proc_fail_nth_read+0x100/0x140
[  514.610811][T15361]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  514.610833][T15361]  vfs_read+0x19d/0x6f0
[  514.610852][T15361]  ? __rcu_read_unlock+0x4f/0x70
[  514.610908][T15361]  ? __rcu_read_unlock+0x4f/0x70
[  514.610929][T15361]  ? __fget_files+0x184/0x1c0
[  514.610953][T15361]  ksys_read+0xda/0x1a0
[  514.610975][T15361]  __x64_sys_read+0x40/0x50
[  514.611066][T15361]  x64_sys_call+0x2d77/0x2fb0
[  514.611099][T15361]  do_syscall_64+0xd2/0x200
[  514.611122][T15361]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  514.611193][T15361]  ? clear_bhb_loop+0x40/0x90
[  514.611214][T15361]  ? clear_bhb_loop+0x40/0x90
[  514.611235][T15361]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  514.611256][T15361] RIP: 0033:0x7fb68894d33c
[  514.611273][T15361] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  514.611344][T15361] RSP: 002b:00007fb686fb7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  514.611365][T15361] RAX: ffffffffffffffda RBX: 00007fb688b75fa0 RCX: 00007fb68894d33c
[  514.611452][T15361] RDX: 000000000000000f RSI: 00007fb686fb70a0 RDI: 0000000000000004
[  514.611465][T15361] RBP: 00007fb686fb7090 R08: 0000000000000000 R09: 0000000000000000
[  514.611478][T15361] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  514.611492][T15361] R13: 0000000000000000 R14: 00007fb688b75fa0 R15: 00007ffe1cd3a208
[  514.611543][T15361]  </TASK>
[  514.837409][T15360] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  514.869080][T15370] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  514.885342][T15372] FAULT_INJECTION: forcing a failure.
[  514.885342][T15372] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  514.898461][T15372] CPU: 0 UID: 0 PID: 15372 Comm: syz.2.3453 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(voluntary) 
[  514.898506][T15372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  514.898518][T15372] Call Trace:
[  514.898526][T15372]  <TASK>
[  514.898534][T15372]  __dump_stack+0x1d/0x30
[  514.898559][T15372]  dump_stack_lvl+0xe8/0x140
[  514.898624][T15372]  dump_stack+0x15/0x1b
[  514.898643][T15372]  should_fail_ex+0x265/0x280
[  514.898754][T15372]  should_fail+0xb/0x20
[  514.898852][T15372]  should_fail_usercopy+0x1a/0x20
[  514.898876][T15372]  _copy_from_user+0x1c/0xb0
[  514.898902][T15372]  memdup_user+0x5e/0xd0
[  514.898981][T15372]  __snd_timer_user_ioctl+0x278/0x2470
[  514.899016][T15372]  ? do_vfs_ioctl+0x9df/0x11d0
[  514.899087][T15372]  ? selinux_file_ioctl+0x2e3/0x370
[  514.899180][T15372]  ? __fget_files+0x184/0x1c0
[  514.899205][T15372]  ? __pfx_snd_timer_user_ioctl+0x10/0x10
[  514.899240][T15372]  snd_timer_user_ioctl+0x41/0x60
[  514.899306][T15372]  __se_sys_ioctl+0xce/0x140
[  514.899339][T15372]  __x64_sys_ioctl+0x43/0x50
[  514.899369][T15372]  x64_sys_call+0x19a8/0x2fb0
[  514.899406][T15372]  do_syscall_64+0xd2/0x200
[  514.899473][T15372]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  514.899499][T15372]  ? clear_bhb_loop+0x40/0x90
[  514.899565][T15372]  ? clear_bhb_loop+0x40/0x90
[  514.899590][T15372]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  514.899613][T15372] RIP: 0033:0x7fd3602ce929
[  514.899632][T15372] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  514.899674][T15372] RSP: 002b:00007fd35e937038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  514.899697][T15372] RAX: ffffffffffffffda RBX: 00007fd3604f5fa0 RCX: 00007fd3602ce929
[  514.899712][T15372] RDX: 0000200000000040 RSI: 00000000c0f85403 RDI: 0000000000000003
[  514.899726][T15372] RBP: 00007fd35e937090 R08: 0000000000000000 R09: 0000000000000000
[  514.899740][T15372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  514.899755][T15372] R13: 0000000000000000 R14: 00007fd3604f5fa0 R15: 00007ffd86ec3498
[  514.899827][T15372]  </TASK>
[  515.134577][T15376] FAULT_INJECTION: forcing a failure.
[  515.134577][T15376] name failslab, interval 1, probability 0, space 0, times 0
[  515.147526][T15376] CPU: 0 UID: 0 PID: 15376 Comm: syz.4.3456 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(voluntary) 
[  515.147593][T15376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  515.147606][T15376] Call Trace:
[  515.147614][T15376]  <TASK>
[  515.147623][T15376]  __dump_stack+0x1d/0x30
[  515.147649][T15376]  dump_stack_lvl+0xe8/0x140
[  515.147672][T15376]  dump_stack+0x15/0x1b
[  515.147741][T15376]  should_fail_ex+0x265/0x280
[  515.147809][T15376]  ? io_ring_ctx_alloc+0x38/0x6a0
[  515.147846][T15376]  should_failslab+0x8c/0xb0
[  515.147872][T15376]  __kmalloc_cache_noprof+0x4c/0x320
[  515.147947][T15376]  ? avc_has_perm_noaudit+0x1b1/0x200
[  515.147982][T15376]  io_ring_ctx_alloc+0x38/0x6a0
[  515.148007][T15376]  ? avc_has_perm+0xd3/0x150
[  515.148051][T15376]  ? io_uring_fill_params+0x270/0x300
[  515.148094][T15376]  io_uring_create+0x10f/0x610
[  515.148169][T15376]  __se_sys_io_uring_setup+0x1f7/0x210
[  515.148209][T15376]  __x64_sys_io_uring_setup+0x31/0x40
[  515.148247][T15376]  x64_sys_call+0x184b/0x2fb0
[  515.148328][T15376]  do_syscall_64+0xd2/0x200
[  515.148353][T15376]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  515.148404][T15376]  ? clear_bhb_loop+0x40/0x90
[  515.148427][T15376]  ? clear_bhb_loop+0x40/0x90
[  515.148457][T15376]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  515.148483][T15376] RIP: 0033:0x7fb68894e929
[  515.148500][T15376] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  515.148521][T15376] RSP: 002b:00007fb686fb6fc8 EFLAGS: 00000206 ORIG_RAX: 00000000000001a9
[  515.148612][T15376] RAX: ffffffffffffffda RBX: 00007fb688b75fa0 RCX: 00007fb68894e929
[  515.148645][T15376] RDX: 00002000000000c0 RSI: 0000200000000200 RDI: 0000000000000237
[  515.148660][T15376] RBP: 0000200000000200 R08: 0000000000000000 R09: 00002000000000c0
[  515.148672][T15376] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[  515.148687][T15376] R13: 00002000000001c0 R14: 0000000000000237 R15: 00002000000000c0
[  515.148708][T15376]  </TASK>
[  515.354725][ T3396] tipc: Node number set to 2886997007
[  515.382591][T15381] FAULT_INJECTION: forcing a failure.
[  515.382591][T15381] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  515.382779][T15383] __nla_validate_parse: 2 callbacks suppressed
[  515.382829][T15383] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3459'.
[  515.395804][T15381] CPU: 1 UID: 0 PID: 15381 Comm: syz.1.3458 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(voluntary) 
[  515.395839][T15381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  515.395905][T15381] Call Trace:
[  515.395913][T15381]  <TASK>
[  515.395922][T15381]  __dump_stack+0x1d/0x30
[  515.395947][T15381]  dump_stack_lvl+0xe8/0x140
[  515.395967][T15381]  dump_stack+0x15/0x1b
[  515.396029][T15381]  should_fail_ex+0x265/0x280
[  515.396138][T15381]  should_fail+0xb/0x20
[  515.396170][T15381]  should_fail_usercopy+0x1a/0x20
[  515.396231][T15381]  strncpy_from_user+0x25/0x230
[  515.396259][T15381]  ? kmem_cache_alloc_noprof+0x186/0x310
[  515.396357][T15381]  ? getname_flags+0x80/0x3b0
[  515.396398][T15381]  getname_flags+0xae/0x3b0
[  515.396437][T15381]  __x64_sys_symlink+0x33/0x60
[  515.396468][T15381]  x64_sys_call+0x2d8d/0x2fb0
[  515.396531][T15381]  do_syscall_64+0xd2/0x200
[  515.396567][T15381]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  515.396594][T15381]  ? clear_bhb_loop+0x40/0x90
[  515.396682][T15381]  ? clear_bhb_loop+0x40/0x90
[  515.396786][T15381]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  515.396808][T15381] RIP: 0033:0x7f793c5ee929
[  515.396825][T15381] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  515.396851][T15381] RSP: 002b:00007f793ac57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058
[  515.396935][T15381] RAX: ffffffffffffffda RBX: 00007f793c815fa0 RCX: 00007f793c5ee929
[  515.396949][T15381] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  515.396962][T15381] RBP: 00007f793ac57090 R08: 0000000000000000 R09: 0000000000000000
[  515.396975][T15381] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  515.396988][T15381] R13: 0000000000000000 R14: 00007f793c815fa0 R15: 00007fff34932ab8
[  515.397007][T15381]  </TASK>
[  515.580633][T15391] loop1: detected capacity change from 0 to 512
[  515.680518][T15391] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  515.690727][T15397] FAULT_INJECTION: forcing a failure.
[  515.690727][T15397] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  515.703852][T15397] CPU: 0 UID: 0 PID: 15397 Comm: syz.3.3467 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(voluntary) 
[  515.703885][T15397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  515.703897][T15397] Call Trace:
[  515.703905][T15397]  <TASK>
[  515.703925][T15397]  __dump_stack+0x1d/0x30
[  515.703951][T15397]  dump_stack_lvl+0xe8/0x140
[  515.704040][T15397]  dump_stack+0x15/0x1b
[  515.704060][T15397]  should_fail_ex+0x265/0x280
[  515.704096][T15397]  should_fail+0xb/0x20
[  515.704126][T15397]  should_fail_usercopy+0x1a/0x20
[  515.704153][T15397]  _copy_to_user+0x20/0xa0
[  515.704176][T15397]  simple_read_from_buffer+0xb5/0x130
[  515.704217][T15397]  proc_fail_nth_read+0x100/0x140
[  515.704305][T15397]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  515.704329][T15397]  vfs_read+0x19d/0x6f0
[  515.704350][T15397]  ? __rcu_read_unlock+0x4f/0x70
[  515.704373][T15397]  ? __fget_files+0x184/0x1c0
[  515.704397][T15397]  ksys_read+0xda/0x1a0
[  515.704416][T15397]  __x64_sys_read+0x40/0x50
[  515.704498][T15397]  x64_sys_call+0x2d77/0x2fb0
[  515.704522][T15397]  do_syscall_64+0xd2/0x200
[  515.704545][T15397]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  515.704630][T15397]  ? clear_bhb_loop+0x40/0x90
[  515.704651][T15397]  ? clear_bhb_loop+0x40/0x90
[  515.704672][T15397]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  515.704695][T15397] RIP: 0033:0x7f188e9ad33c
[  515.704713][T15397] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  515.704852][T15397] RSP: 002b:00007f188d017030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  515.704874][T15397] RAX: ffffffffffffffda RBX: 00007f188ebd5fa0 RCX: 00007f188e9ad33c
[  515.704889][T15397] RDX: 000000000000000f RSI: 00007f188d0170a0 RDI: 0000000000000008
[  515.704903][T15397] RBP: 00007f188d017090 R08: 0000000000000000 R09: 0000000000000000
[  515.704917][T15397] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  515.704931][T15397] R13: 0000000000000000 R14: 00007f188ebd5fa0 R15: 00007fff142552f8
[  515.704952][T15397]  </TASK>
[  515.930655][T15402] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3468'.
[  515.944312][T15395] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  515.967554][T15395] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  516.055102][T15391] EXT4-fs (loop1): 1 orphan inode deleted
[  516.060954][T15391] EXT4-fs (loop1): 1 truncate cleaned up
[  516.075612][T15391] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  516.099644][T15391] EXT4-fs error (device loop1): ext4_lookup:1787: inode #15: comm syz.1.3463: iget: bad extra_isize 46 (inode size 256)
[  516.112629][T15391] EXT4-fs (loop1): Remounting filesystem read-only
[  516.114087][T15415] syzkaller0: entered promiscuous mode
[  516.124804][T15415] syzkaller0: entered allmulticast mode
[  516.138563][T15416] FAULT_INJECTION: forcing a failure.
[  516.138563][T15416] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  516.151683][T15416] CPU: 1 UID: 0 PID: 15416 Comm: syz.0.3472 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(voluntary) 
[  516.151714][T15416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  516.151726][T15416] Call Trace:
[  516.151733][T15416]  <TASK>
[  516.151740][T15416]  __dump_stack+0x1d/0x30
[  516.151763][T15416]  dump_stack_lvl+0xe8/0x140
[  516.151785][T15416]  dump_stack+0x15/0x1b
[  516.151878][T15416]  should_fail_ex+0x265/0x280
[  516.151947][T15416]  should_fail+0xb/0x20
[  516.151977][T15416]  should_fail_usercopy+0x1a/0x20
[  516.152000][T15416]  _copy_from_iter+0xcf/0xe40
[  516.152025][T15416]  ? __build_skb_around+0x1a0/0x200
[  516.152195][T15416]  skb_copy_datagram_from_iter+0xb1/0x490
[  516.152222][T15416]  tun_get_user+0xa0e/0x2500
[  516.152261][T15416]  ? ref_tracker_alloc+0x1f2/0x2f0
[  516.152356][T15416]  ? selinux_file_permission+0x1e4/0x320
[  516.152389][T15416]  tun_chr_write_iter+0x15e/0x210
[  516.152483][T15416]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  516.152533][T15416]  vfs_write+0x49d/0x8e0
[  516.152562][T15416]  ksys_write+0xda/0x1a0
[  516.152584][T15416]  __x64_sys_write+0x40/0x50
[  516.152605][T15416]  x64_sys_call+0x2cdd/0x2fb0
[  516.152631][T15416]  do_syscall_64+0xd2/0x200
[  516.152763][T15416]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  516.152847][T15416]  ? clear_bhb_loop+0x40/0x90
[  516.152872][T15416]  ? clear_bhb_loop+0x40/0x90
[  516.152894][T15416]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  516.152916][T15416] RIP: 0033:0x7f6d2cc8e929
[  516.152945][T15416] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  516.152968][T15416] RSP: 002b:00007f6d2b2d6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  516.152992][T15416] RAX: ffffffffffffffda RBX: 00007f6d2ceb6080 RCX: 00007f6d2cc8e929
[  516.153008][T15416] RDX: 0000000000000066 RSI: 0000200000000100 RDI: 0000000000000003
[  516.153021][T15416] RBP: 00007f6d2b2d6090 R08: 0000000000000000 R09: 0000000000000000
[  516.153033][T15416] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  516.153082][T15416] R13: 0000000000000001 R14: 00007f6d2ceb6080 R15: 00007ffe72c8e1b8
[  516.153100][T15416]  </TASK>
[  516.155651][ T3311] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  516.379549][T15412] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3470'.
[  516.412931][T15420] netlink: 14 bytes leftover after parsing attributes in process `syz.4.3474'.
[  516.428246][T15418] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3475'.
[  516.527030][T15425] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3476'.
[  516.546235][T15420] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  516.559730][T15420] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  516.584137][T15420] bond0 (unregistering): Released all slaves
[  516.600116][T15423] wireguard0: entered promiscuous mode
[  516.654249][T15437] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3480'.
[  516.684073][T15439] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3482'.
[  516.701277][T15435] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3479'.
[  516.711990][T15443] netlink: 'syz.0.3483': attribute type 1 has an invalid length.
[  516.760744][T15445] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  516.776251][T15449] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3486'.
[  516.805281][T15451] FAULT_INJECTION: forcing a failure.
[  516.805281][T15451] name failslab, interval 1, probability 0, space 0, times 0
[  516.818167][T15451] CPU: 0 UID: 0 PID: 15451 Comm: syz.1.3487 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(voluntary) 
[  516.818199][T15451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  516.818213][T15451] Call Trace:
[  516.818222][T15451]  <TASK>
[  516.818250][T15451]  __dump_stack+0x1d/0x30
[  516.818271][T15451]  dump_stack_lvl+0xe8/0x140
[  516.818290][T15451]  dump_stack+0x15/0x1b
[  516.818306][T15451]  should_fail_ex+0x265/0x280
[  516.818413][T15451]  should_failslab+0x8c/0xb0
[  516.818436][T15451]  kmem_cache_alloc_node_noprof+0x57/0x320
[  516.818466][T15451]  ? __alloc_skb+0x101/0x320
[  516.818582][T15451]  __alloc_skb+0x101/0x320
[  516.818612][T15451]  ? audit_log_start+0x365/0x6c0
[  516.818648][T15451]  audit_log_start+0x380/0x6c0
[  516.818684][T15451]  audit_seccomp+0x48/0x100
[  516.818714][T15451]  ? __seccomp_filter+0x68c/0x10d0
[  516.818739][T15451]  __seccomp_filter+0x69d/0x10d0
[  516.818766][T15451]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  516.818818][T15451]  ? vfs_write+0x75e/0x8e0
[  516.818888][T15451]  ? __rcu_read_unlock+0x4f/0x70
[  516.818981][T15451]  ? __fget_files+0x184/0x1c0
[  516.819008][T15451]  __secure_computing+0x82/0x150
[  516.819034][T15451]  syscall_trace_enter+0xcf/0x1e0
[  516.819131][T15451]  do_syscall_64+0xac/0x200
[  516.819190][T15451]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  516.819219][T15451]  ? clear_bhb_loop+0x40/0x90
[  516.819243][T15451]  ? clear_bhb_loop+0x40/0x90
[  516.819265][T15451]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  516.819364][T15451] RIP: 0033:0x7f793c5ee929
[  516.819382][T15451] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  516.819467][T15451] RSP: 002b:00007f793ac57038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f7
[  516.819489][T15451] RAX: ffffffffffffffda RBX: 00007f793c815fa0 RCX: 00007f793c5ee929
[  516.819557][T15451] RDX: 0000000000000000 RSI: 0000000000000872 RDI: 0000000000000002
[  516.819570][T15451] RBP: 00007f793ac57090 R08: 0000000000000000 R09: 0000000000000000
[  516.819583][T15451] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001
[  516.819596][T15451] R13: 0000000000000000 R14: 00007f793c815fa0 R15: 00007fff34932ab8
[  516.819616][T15451]  </TASK>
[  516.823983][T15447] xt_hashlimit: max too large, truncated to 1048576
[  516.859602][T15455] 9pnet_fd: p9_fd_create_unix (15455): problem connecting socket: ./file1: -2
[  516.867159][T15447] netlink: 'syz.2.3485': attribute type 10 has an invalid length.
[  517.082625][T15447] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  517.136768][T15470] 9pnet_fd: p9_fd_create_unix (15470): problem connecting socket: ./file1: -2
[  517.203161][T15480] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  517.245006][T15487] 9pnet_fd: p9_fd_create_unix (15487): problem connecting socket: ./file1: -2
[  517.304661][T15497] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  517.345529][T15499] 9pnet_fd: p9_fd_create_unix (15499): problem connecting socket: ./file1: -2
[  517.497446][T15514] 9pnet_fd: p9_fd_create_unix (15514): problem connecting socket: ./file1: -2
[  517.843472][T15529] 9pnet_fd: p9_fd_create_unix (15529): problem connecting socket: ./file1: -2
[  517.918005][T15531] syzkaller0: entered promiscuous mode
[  517.923730][T15531] syzkaller0: entered allmulticast mode
[  517.998409][T15534] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  518.301286][T15556] bond0: (slave bond_slave_0): Releasing backup interface
[  518.311878][T15556] bond0: (slave bond_slave_1): Releasing backup interface
[  518.325327][T15556] team0: Port device team_slave_0 removed
[  518.336865][T15556] team0: Port device team_slave_1 removed
[  518.343529][T15556] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  518.350980][T15556] batman_adv: batadv0: Removing interface: batadv_slave_1
[  518.368690][T15556] team0: Port device batadv1 removed
[  518.461030][T15567] 8021q: adding VLAN 0 to HW filter on device ipvlan6
[  518.517268][T15572] 9pnet_fd: p9_fd_create_unix (15572): problem connecting socket: ./file1: -2
[  518.578885][   T29] kauditd_printk_skb: 876 callbacks suppressed
[  518.578905][   T29] audit: type=1326 audit(2000000005.700:21027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15566 comm="syz.0.3525" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6d2cc8e929 code=0x0
[  518.616922][   T29] audit: type=1326 audit(2000000005.730:21028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15569 comm="syz.0.3525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f6d2cc8e929 code=0x7ffc0000
[  518.644055][   T29] audit: type=1326 audit(2000000005.760:21029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15566 comm="syz.0.3525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6d2cc2ab19 code=0x7ffc0000
[  518.667720][   T29] audit: type=1326 audit(2000000005.760:21030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15566 comm="syz.0.3525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d2cc8e929 code=0x7ffc0000
[  518.691666][   T29] audit: type=1326 audit(2000000005.760:21031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15566 comm="syz.0.3525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d2cc8e929 code=0x7ffc0000
[  518.717699][T15578] FAULT_INJECTION: forcing a failure.
[  518.717699][T15578] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  518.719565][   T29] audit: type=1326 audit(2000000005.830:21032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15566 comm="syz.0.3525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f6d2cc8e929 code=0x7ffc0000
[  518.730904][T15578] CPU: 0 UID: 0 PID: 15578 Comm: syz.4.3528 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(voluntary) 
[  518.730967][T15578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  518.730980][T15578] Call Trace:
[  518.730987][T15578]  <TASK>
[  518.730995][T15578]  __dump_stack+0x1d/0x30
[  518.731019][T15578]  dump_stack_lvl+0xe8/0x140
[  518.731039][T15578]  dump_stack+0x15/0x1b
[  518.731057][T15578]  should_fail_ex+0x265/0x280
[  518.731137][T15578]  should_fail+0xb/0x20
[  518.731169][T15578]  should_fail_usercopy+0x1a/0x20
[  518.731190][T15578]  _copy_from_user+0x1c/0xb0
[  518.731226][T15578]  memdup_user+0x5e/0xd0
[  518.731250][T15578]  strndup_user+0x68/0xb0
[  518.731282][T15578]  __se_sys_mount+0x4d/0x2e0
[  518.731304][T15578]  ? fput+0x8f/0xc0
[  518.731331][T15578]  ? ksys_write+0x192/0x1a0
[  518.731393][T15578]  __x64_sys_mount+0x67/0x80
[  518.731415][T15578]  x64_sys_call+0xd36/0x2fb0
[  518.731443][T15578]  do_syscall_64+0xd2/0x200
[  518.731466][T15578]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  518.731513][T15578]  ? clear_bhb_loop+0x40/0x90
[  518.731535][T15578]  ? clear_bhb_loop+0x40/0x90
[  518.731559][T15578]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  518.731581][T15578] RIP: 0033:0x7fb68894e929
[  518.731617][T15578] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  518.731637][T15578] RSP: 002b:00007fb686fb7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  518.731659][T15578] RAX: ffffffffffffffda RBX: 00007fb688b75fa0 RCX: 00007fb68894e929
[  518.731673][T15578] RDX: 0000200000000280 RSI: 0000200000000300 RDI: 0000000000000000
[  518.731687][T15578] RBP: 00007fb686fb7090 R08: 0000200000000600 R09: 0000000000000000
[  518.731701][T15578] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  518.731753][T15578] R13: 0000000000000000 R14: 00007fb688b75fa0 R15: 00007ffe1cd3a208
[  518.731773][T15578]  </TASK>
[  518.950392][   T29] audit: type=1326 audit(2000000005.830:21033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15566 comm="syz.0.3525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d2cc8e929 code=0x7ffc0000
[  518.974170][   T29] audit: type=1326 audit(2000000005.830:21034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15566 comm="syz.0.3525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d2cc8e929 code=0x7ffc0000
[  518.997916][   T29] audit: type=1326 audit(2000000005.830:21035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15566 comm="syz.0.3525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6d2cc8d290 code=0x7ffc0000
[  519.021627][   T29] audit: type=1326 audit(2000000005.830:21036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15566 comm="syz.0.3525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f6d2cc90157 code=0x7ffc0000
[  519.079778][T15590] openvswitch: netlink: Message has 6 unknown bytes.
[  519.134737][T15588] loop3: detected capacity change from 0 to 512
[  519.153302][T15588] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  519.165463][T15596] lo speed is unknown, defaulting to 1000
[  519.171791][T15596] lo speed is unknown, defaulting to 1000
[  519.178917][T15588] EXT4-fs (loop3): 1 orphan inode deleted
[  519.184749][T15588] EXT4-fs (loop3): 1 truncate cleaned up
[  519.191233][T15596] lo speed is unknown, defaulting to 1000
[  519.197317][T15588] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  519.212404][T15599] 9pnet_fd: p9_fd_create_unix (15599): problem connecting socket: ./file1: -2
[  519.231934][T15596] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  519.247887][T15596] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  519.275557][T15596] lo speed is unknown, defaulting to 1000
[  519.285152][T15588] EXT4-fs error (device loop3): ext4_lookup:1787: inode #15: comm syz.3.3531: iget: bad extra_isize 46 (inode size 256)
[  519.314643][T15596] lo speed is unknown, defaulting to 1000
[  519.325003][T15596] lo speed is unknown, defaulting to 1000
[  519.336158][T15588] EXT4-fs (loop3): Remounting filesystem read-only
[  519.352175][T15596] lo speed is unknown, defaulting to 1000
[  519.358458][T15596] lo speed is unknown, defaulting to 1000
[  519.367054][T15596] lo speed is unknown, defaulting to 1000
[  519.388538][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  519.402096][T15605] 9pnet_fd: p9_fd_create_unix (15605): problem connecting socket: ./file1: -2
[  519.477363][T15610] 8021q: adding VLAN 0 to HW filter on device ipvlan0
[  519.631237][T15615] loop3: detected capacity change from 0 to 2048
[  519.663011][T15615] Alternate GPT is invalid, using primary GPT.
[  519.669697][T15615]  loop3: p2 p3 p7
[  519.740231][T15622] tipc: Started in network mode
[  519.745187][T15622] tipc: Node identity ac14140f, cluster identity 4711
[  519.752155][T15622] tipc: New replicast peer: 255.255.255.255
[  519.758314][T15622] tipc: Enabled bearer <udp:s>, priority 10
[  520.181877][T15665] FAULT_INJECTION: forcing a failure.
[  520.181877][T15665] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  520.195110][T15665] CPU: 1 UID: 0 PID: 15665 Comm: syz.3.3560 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(voluntary) 
[  520.195205][T15665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  520.195221][T15665] Call Trace:
[  520.195230][T15665]  <TASK>
[  520.195311][T15665]  __dump_stack+0x1d/0x30
[  520.195335][T15665]  dump_stack_lvl+0xe8/0x140
[  520.195359][T15665]  dump_stack+0x15/0x1b
[  520.195380][T15665]  should_fail_ex+0x265/0x280
[  520.195418][T15665]  should_fail+0xb/0x20
[  520.195459][T15665]  should_fail_usercopy+0x1a/0x20
[  520.195485][T15665]  _copy_from_user+0x1c/0xb0
[  520.195516][T15665]  simple_transaction_get+0xe2/0x130
[  520.195550][T15665]  selinux_transaction_write+0x9d/0x110
[  520.195654][T15665]  ? __pfx_selinux_transaction_write+0x10/0x10
[  520.195684][T15665]  vfs_write+0x266/0x8e0
[  520.195756][T15665]  ? __rcu_read_unlock+0x4f/0x70
[  520.195779][T15665]  ? __fget_files+0x184/0x1c0
[  520.195810][T15665]  ksys_write+0xda/0x1a0
[  520.195833][T15665]  __x64_sys_write+0x40/0x50
[  520.195858][T15665]  x64_sys_call+0x2cdd/0x2fb0
[  520.195947][T15665]  do_syscall_64+0xd2/0x200
[  520.195973][T15665]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  520.196001][T15665]  ? clear_bhb_loop+0x40/0x90
[  520.196040][T15665]  ? clear_bhb_loop+0x40/0x90
[  520.196066][T15665]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  520.196114][T15665] RIP: 0033:0x7f188e9ae929
[  520.196205][T15665] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  520.196262][T15665] RSP: 002b:00007f188d017038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  520.196288][T15665] RAX: ffffffffffffffda RBX: 00007f188ebd5fa0 RCX: 00007f188e9ae929
[  520.196305][T15665] RDX: 0000000000000041 RSI: 0000200000000040 RDI: 0000000000000003
[  520.196320][T15665] RBP: 00007f188d017090 R08: 0000000000000000 R09: 0000000000000000
[  520.196336][T15665] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  520.196352][T15665] R13: 0000000000000000 R14: 00007f188ebd5fa0 R15: 00007fff142552f8
[  520.196415][T15665]  </TASK>
[  520.424559][T15648] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  520.427720][T15664] FAULT_INJECTION: forcing a failure.
[  520.427720][T15664] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  520.435524][T15648] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  520.446445][T15664] CPU: 0 UID: 0 PID: 15664 Comm: syz.0.3561 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(voluntary) 
[  520.446478][T15664] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  520.446492][T15664] Call Trace:
[  520.446500][T15664]  <TASK>
[  520.446508][T15664]  __dump_stack+0x1d/0x30
[  520.446607][T15664]  dump_stack_lvl+0xe8/0x140
[  520.446628][T15664]  dump_stack+0x15/0x1b
[  520.446647][T15664]  should_fail_ex+0x265/0x280
[  520.446715][T15664]  should_fail+0xb/0x20
[  520.446754][T15664]  should_fail_usercopy+0x1a/0x20
[  520.446777][T15664]  _copy_from_user+0x1c/0xb0
[  520.446825][T15664]  copy_from_sockptr_offset+0x66/0xa0
[  520.446853][T15664]  tls_setsockopt+0x635/0xce0
[  520.446882][T15664]  sock_common_setsockopt+0x69/0x80
[  520.446925][T15664]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  520.447023][T15664]  __sys_setsockopt+0x184/0x200
[  520.447045][T15664]  __x64_sys_setsockopt+0x64/0x80
[  520.447067][T15664]  x64_sys_call+0x2bd5/0x2fb0
[  520.447090][T15664]  do_syscall_64+0xd2/0x200
[  520.447113][T15664]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  520.447189][T15664]  ? clear_bhb_loop+0x40/0x90
[  520.447243][T15664]  ? clear_bhb_loop+0x40/0x90
[  520.447337][T15664]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  520.447359][T15664] RIP: 0033:0x7f6d2cc8e929
[  520.447377][T15664] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  520.447397][T15664] RSP: 002b:00007f6d2b2f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  520.447418][T15664] RAX: ffffffffffffffda RBX: 00007f6d2ceb5fa0 RCX: 00007f6d2cc8e929
[  520.447433][T15664] RDX: 0000000000000001 RSI: 000000000000011a RDI: 0000000000000005
[  520.447447][T15664] RBP: 00007f6d2b2f7090 R08: 0000000000000028 R09: 0000000000000000
[  520.447472][T15664] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000001
[  520.447485][T15664] R13: 0000000000000000 R14: 00007f6d2ceb5fa0 R15: 00007ffe72c8e1b8
[  520.447504][T15664]  </TASK>
[  520.690896][T15673] __nla_validate_parse: 11 callbacks suppressed
[  520.690914][T15673] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3564'.
[  520.751210][T15681] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3567'.
[  520.795793][T15686] tipc: Started in network mode
[  520.800832][T15686] tipc: Node identity ac14140f, cluster identity 4711
[  520.807808][T15686] tipc: New replicast peer: 255.255.255.255
[  520.813924][T15686] tipc: Enabled bearer <udp:s>, priority 10
[  520.819980][ T3372] tipc: Node number set to 2886997007
[  520.851552][T15690] xt_hashlimit: max too large, truncated to 1048576
[  520.881984][T15697] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  521.007632][T15703] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3572'.
[  521.037717][   T36] hid-generic FFFF:FFFFFFFC:21000001.00A4: unknown main item tag 0x0
[  521.046003][   T36] hid-generic FFFF:FFFFFFFC:21000001.00A4: unknown main item tag 0x0
[  521.049974][T15708] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3574'.
[  521.054154][   T36] hid-generic FFFF:FFFFFFFC:21000001.00A4: unknown main item tag 0x0
[  521.063087][T15708] tipc: Invalid UDP bearer configuration
[  521.071215][   T36] hid-generic FFFF:FFFFFFFC:21000001.00A4: unknown main item tag 0x0
[  521.071265][T15708] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  521.076892][   T36] hid-generic FFFF:FFFFFFFC:21000001.00A4: unknown main item tag 0x0
[  521.101630][   T36] hid-generic FFFF:FFFFFFFC:21000001.00A4: unknown main item tag 0x0
[  521.109770][   T36] hid-generic FFFF:FFFFFFFC:21000001.00A4: unknown main item tag 0x0
[  521.117901][   T36] hid-generic FFFF:FFFFFFFC:21000001.00A4: unknown main item tag 0x0
[  521.126155][   T36] hid-generic FFFF:FFFFFFFC:21000001.00A4: unknown main item tag 0x0
[  521.134333][   T36] hid-generic FFFF:FFFFFFFC:21000001.00A4: unknown main item tag 0x0
[  521.142494][   T36] hid-generic FFFF:FFFFFFFC:21000001.00A4: unknown main item tag 0x0
[  521.150574][   T36] hid-generic FFFF:FFFFFFFC:21000001.00A4: unknown main item tag 0x0
[  521.158677][   T36] hid-generic FFFF:FFFFFFFC:21000001.00A4: unknown main item tag 0x0
[  521.166768][   T36] hid-generic FFFF:FFFFFFFC:21000001.00A4: unknown main item tag 0x0
[  521.174871][   T36] hid-generic FFFF:FFFFFFFC:21000001.00A4: unknown main item tag 0x0
[  521.183084][   T36] hid-generic FFFF:FFFFFFFC:21000001.00A4: unknown main item tag 0x0
[  521.191166][   T36] hid-generic FFFF:FFFFFFFC:21000001.00A4: unknown main item tag 0x0
[  521.199404][   T36] hid-generic FFFF:FFFFFFFC:21000001.00A4: unknown main item tag 0x0
[  521.207504][   T36] hid-generic FFFF:FFFFFFFC:21000001.00A4: unknown main item tag 0x0
[  521.215688][   T36] hid-generic FFFF:FFFFFFFC:21000001.00A4: unknown main item tag 0x0
[  521.223834][   T36] hid-generic FFFF:FFFFFFFC:21000001.00A4: unknown main item tag 0x0
[  521.232006][   T36] hid-generic FFFF:FFFFFFFC:21000001.00A4: unknown main item tag 0x0
[  521.240237][   T36] hid-generic FFFF:FFFFFFFC:21000001.00A4: unknown main item tag 0x0
[  521.248337][   T36] hid-generic FFFF:FFFFFFFC:21000001.00A4: unknown main item tag 0x0
[  521.256423][   T36] hid-generic FFFF:FFFFFFFC:21000001.00A4: unknown main item tag 0x0
[  521.264495][   T36] hid-generic FFFF:FFFFFFFC:21000001.00A4: unknown main item tag 0x0
[  521.272594][   T36] hid-generic FFFF:FFFFFFFC:21000001.00A4: unknown main item tag 0x0
[  521.280957][   T36] hid-generic FFFF:FFFFFFFC:21000001.00A4: unknown main item tag 0x0
[  521.289331][   T36] hid-generic FFFF:FFFFFFFC:21000001.00A4: unknown main item tag 0x0
[  521.297404][   T36] hid-generic FFFF:FFFFFFFC:21000001.00A4: unknown main item tag 0x0
[  521.305680][   T36] hid-generic FFFF:FFFFFFFC:21000001.00A4: unknown main item tag 0x0
[  521.313842][   T36] hid-generic FFFF:FFFFFFFC:21000001.00A4: unknown main item tag 0x0
[  521.322034][   T36] hid-generic FFFF:FFFFFFFC:21000001.00A4: unknown main item tag 0x0
[  521.330199][   T36] hid-generic FFFF:FFFFFFFC:21000001.00A4: unknown main item tag 0x0
[  521.338297][   T36] hid-generic FFFF:FFFFFFFC:21000001.00A4: unknown main item tag 0x0
[  521.346946][   T36] hid-generic FFFF:FFFFFFFC:21000001.00A4: hidraw0: <UNKNOWN> HID va0.69 Device [syz0] on syz1
[  521.564814][T15727] loop1: detected capacity change from 0 to 760
[  521.609677][T15727] iso9660: Unknown parameter '4'
[  521.625059][T15727] xt_hashlimit: max too large, truncated to 1048576
[  521.648991][T15729] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3583'.
[  521.740294][T15738] netlink: 14 bytes leftover after parsing attributes in process `syz.1.3584'.
[  521.796381][T15742] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  521.820875][   T10] tipc: Node number set to 2886997007
[  521.842560][T15743] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  521.894099][T15747] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3588'.
[  521.947027][T15738] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  521.959852][T15738] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  521.969807][T15738] bond0 (unregistering): Released all slaves
[  522.062921][T15760] loop3: detected capacity change from 0 to 760
[  522.096353][T15760] iso9660: Unknown parameter '4'
[  522.098491][T15766] netlink: 'syz.2.3597': attribute type 1 has an invalid length.
[  522.123204][T15760] xt_hashlimit: max too large, truncated to 1048576
[  522.313607][T15789] FAULT_INJECTION: forcing a failure.
[  522.313607][T15789] name failslab, interval 1, probability 0, space 0, times 0
[  522.326435][T15789] CPU: 1 UID: 0 PID: 15789 Comm: syz.1.3605 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(voluntary) 
[  522.326557][T15789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  522.326569][T15789] Call Trace:
[  522.326577][T15789]  <TASK>
[  522.326585][T15789]  __dump_stack+0x1d/0x30
[  522.326652][T15789]  dump_stack_lvl+0xe8/0x140
[  522.326672][T15789]  dump_stack+0x15/0x1b
[  522.326691][T15789]  should_fail_ex+0x265/0x280
[  522.326751][T15789]  should_failslab+0x8c/0xb0
[  522.326789][T15789]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  522.326821][T15789]  ? sock_alloc_inode+0x34/0xa0
[  522.326855][T15789]  ? __pfx_sock_alloc_inode+0x10/0x10
[  522.326886][T15789]  sock_alloc_inode+0x34/0xa0
[  522.326964][T15789]  alloc_inode+0x40/0x170
[  522.326989][T15789]  __sock_create+0x122/0x5b0
[  522.327024][T15789]  sock_create_kern+0x38/0x50
[  522.327110][T15789]  mptcp_subflow_create_socket+0x84/0x630
[  522.327147][T15789]  ? mntput_no_expire+0x6f/0x3c0
[  522.327178][T15789]  __mptcp_nmpc_sk+0xb3/0x3b0
[  522.327198][T15789]  mptcp_sendmsg_fastopen+0x90/0x320
[  522.327240][T15789]  mptcp_sendmsg+0xe22/0xf00
[  522.327274][T15789]  ? selinux_socket_sendmsg+0x175/0x1b0
[  522.327402][T15789]  ? __pfx_mptcp_sendmsg+0x10/0x10
[  522.327429][T15789]  inet6_sendmsg+0xc2/0xd0
[  522.327531][T15789]  __sock_sendmsg+0x8b/0x180
[  522.327561][T15789]  __sys_sendto+0x268/0x330
[  522.327607][T15789]  __x64_sys_sendto+0x76/0x90
[  522.327662][T15789]  x64_sys_call+0x2eb6/0x2fb0
[  522.327686][T15789]  do_syscall_64+0xd2/0x200
[  522.327709][T15789]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  522.327796][T15789]  ? clear_bhb_loop+0x40/0x90
[  522.327900][T15789]  ? clear_bhb_loop+0x40/0x90
[  522.327933][T15789]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  522.327958][T15789] RIP: 0033:0x7f793c5ee929
[  522.328013][T15789] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  522.328034][T15789] RSP: 002b:00007f793ac57038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  522.328057][T15789] RAX: ffffffffffffffda RBX: 00007f793c815fa0 RCX: 00007f793c5ee929
[  522.328077][T15789] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000008
[  522.328092][T15789] RBP: 00007f793ac57090 R08: 0000200000000200 R09: 000000000000001c
[  522.328167][T15789] R10: 0000000020000046 R11: 0000000000000246 R12: 0000000000000001
[  522.328181][T15789] R13: 0000000000000000 R14: 00007f793c815fa0 R15: 00007fff34932ab8
[  522.328202][T15789]  </TASK>
[  522.385930][T15782] lo speed is unknown, defaulting to 1000
[  522.390537][T15789] socket: no more sockets
[  522.458119][T15801] FAULT_INJECTION: forcing a failure.
[  522.458119][T15801] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  522.599838][T15801] CPU: 1 UID: 0 PID: 15801 Comm: syz.0.3607 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(voluntary) 
[  522.599879][T15801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  522.599889][T15801] Call Trace:
[  522.599896][T15801]  <TASK>
[  522.599904][T15801]  __dump_stack+0x1d/0x30
[  522.599998][T15801]  dump_stack_lvl+0xe8/0x140
[  522.600008][T15801]  dump_stack+0x15/0x1b
[  522.600017][T15801]  should_fail_ex+0x265/0x280
[  522.600039][T15801]  should_fail+0xb/0x20
[  522.600056][T15801]  should_fail_usercopy+0x1a/0x20
[  522.600067][T15801]  _copy_to_user+0x20/0xa0
[  522.600080][T15801]  simple_read_from_buffer+0xb5/0x130
[  522.600172][T15801]  proc_fail_nth_read+0x100/0x140
[  522.600185][T15801]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  522.600211][T15801]  vfs_read+0x19d/0x6f0
[  522.600221][T15801]  ? __rcu_read_unlock+0x4f/0x70
[  522.600233][T15801]  ? __fget_files+0x184/0x1c0
[  522.600267][T15801]  ksys_read+0xda/0x1a0
[  522.600278][T15801]  __x64_sys_read+0x40/0x50
[  522.600288][T15801]  x64_sys_call+0x2d77/0x2fb0
[  522.600299][T15801]  do_syscall_64+0xd2/0x200
[  522.600312][T15801]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  522.600369][T15801]  ? clear_bhb_loop+0x40/0x90
[  522.600380][T15801]  ? clear_bhb_loop+0x40/0x90
[  522.600392][T15801]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  522.600437][T15801] RIP: 0033:0x7f6d2cc8d33c
[  522.600446][T15801] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  522.600457][T15801] RSP: 002b:00007f6d2b2d6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  522.600507][T15801] RAX: ffffffffffffffda RBX: 00007f6d2ceb6080 RCX: 00007f6d2cc8d33c
[  522.600514][T15801] RDX: 000000000000000f RSI: 00007f6d2b2d60a0 RDI: 0000000000000007
[  522.600521][T15801] RBP: 00007f6d2b2d6090 R08: 0000000000000000 R09: 0000000000000000
[  522.600527][T15801] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  522.600537][T15801] R13: 0000000000000000 R14: 00007f6d2ceb6080 R15: 00007ffe72c8e1b8
[  522.600553][T15801]  </TASK>
[  522.865406][T15810] netlink: 'syz.1.3610': attribute type 1 has an invalid length.
[  522.906056][T15814] netlink: 'syz.1.3612': attribute type 1 has an invalid length.
[  522.941928][T15782] chnl_net:caif_netlink_parms(): no params data found
[  522.967173][   T41] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  523.026859][   T41] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  523.046520][T15782] bridge0: port 1(bridge_slave_0) entered blocking state
[  523.053863][T15782] bridge0: port 1(bridge_slave_0) entered disabled state
[  523.062460][T15782] bridge_slave_0: entered allmulticast mode
[  523.069135][T15782] bridge_slave_0: entered promiscuous mode
[  523.076405][T15782] bridge0: port 2(bridge_slave_1) entered blocking state
[  523.083609][T15782] bridge0: port 2(bridge_slave_1) entered disabled state
[  523.090976][T15782] bridge_slave_1: entered allmulticast mode
[  523.097681][T15782] bridge_slave_1: entered promiscuous mode
[  523.117796][T15782] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  523.128222][T15782] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  523.143278][   T41] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  523.159448][T15782] team0: Port device team_slave_0 added
[  523.167629][T15782] team0: Port device team_slave_1 added
[  523.195670][   T41] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  523.208920][T15782] batman_adv: batadv0: Adding interface: batadv_slave_0
[  523.215901][T15782] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  523.242204][T15782] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  523.261332][T15782] batman_adv: batadv0: Adding interface: batadv_slave_1
[  523.268362][T15782] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  523.296365][T15782] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  523.340110][T15782] hsr_slave_0: entered promiscuous mode
[  523.346418][T15782] hsr_slave_1: entered promiscuous mode
[  523.353365][T15782] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  523.361762][T15782] Cannot create hsr debugfs directory
[  523.449348][   T41] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  523.463219][   T41] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  523.474549][   T41] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  523.489527][   T41] bond0 (unregistering): Released all slaves
[  523.530708][   T41] tipc: Disabling bearer <udp:s>
[  523.535708][   T41] tipc: Left network mode
[  523.547719][   T41] hsr_slave_0: left promiscuous mode
[  523.553635][   T41] hsr_slave_1: left promiscuous mode
[  523.559278][   T41] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  523.566806][   T41] batman_adv: batadv0: Removing interface: batadv_slave_1
[  523.575437][   T41] veth1_macvtap: left promiscuous mode
[  523.580958][   T41] veth0_macvtap: left promiscuous mode
[  523.586453][   T41] veth1_vlan: left promiscuous mode
[  523.591659][   T41] veth0_vlan: left promiscuous mode
[  523.644345][   T41] team0 (unregistering): Port device team_slave_1 removed
[  523.653535][   T41] team0 (unregistering): Port device team_slave_0 removed
[  523.970629][T15782] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  523.979404][T15782] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  523.987659][T15782] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  523.996140][T15782] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  524.032256][T15782] 8021q: adding VLAN 0 to HW filter on device bond0
[  524.043914][T15782] 8021q: adding VLAN 0 to HW filter on device team0
[  524.060985][ T1449] bridge0: port 1(bridge_slave_0) entered blocking state
[  524.068189][ T1449] bridge0: port 1(bridge_slave_0) entered forwarding state
[  524.076907][ T1449] bridge0: port 2(bridge_slave_1) entered blocking state
[  524.084134][ T1449] bridge0: port 2(bridge_slave_1) entered forwarding state
[  524.138773][T15782] 8021q: adding VLAN 0 to HW filter on device batadv0
[  524.192985][T15782] veth0_vlan: entered promiscuous mode
[  524.200843][T15782] veth1_vlan: entered promiscuous mode
[  524.214112][T15782] veth0_macvtap: entered promiscuous mode
[  524.221655][T15782] veth1_macvtap: entered promiscuous mode
[  524.231858][T15782] batman_adv: batadv0: Interface activated: batadv_slave_0
[  524.240602][T15782] batman_adv: batadv0: Interface activated: batadv_slave_1
[  524.251672][T15782] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  524.260464][T15782] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  524.269220][T15782] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  524.277919][T15782] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  524.297501][   T29] kauditd_printk_skb: 574 callbacks suppressed
[  524.297574][   T29] audit: type=1400 audit(2000000011.410:21611): avc:  denied  { mounton } for  pid=15782 comm="syz-executor" path="/root/syzkaller.st8bxZ/syz-tmp" dev="sda1" ino=2047 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[  524.328727][   T29] audit: type=1400 audit(2000000011.410:21612): avc:  denied  { mount } for  pid=15782 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  524.351504][   T29] audit: type=1400 audit(2000000011.420:21613): avc:  denied  { mount } for  pid=15782 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  524.373767][   T29] audit: type=1400 audit(2000000011.420:21614): avc:  denied  { mounton } for  pid=15782 comm="syz-executor" path="/root/syzkaller.st8bxZ/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  524.400833][   T29] audit: type=1400 audit(2000000011.420:21615): avc:  denied  { mounton } for  pid=15782 comm="syz-executor" path="/root/syzkaller.st8bxZ/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=57820 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  524.429166][   T29] audit: type=1400 audit(2000000011.470:21616): avc:  denied  { mounton } for  pid=15782 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=536 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  524.452689][   T29] audit: type=1400 audit(2000000011.470:21617): avc:  denied  { mount } for  pid=15782 comm="syz-executor" name="/" dev="gadgetfs" ino=3759 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  532.345546][T15855] FAULT_INJECTION: forcing a failure.
[  532.345546][T15855] name failslab, interval 1, probability 0, space 0, times 0
[  532.358275][T15855] CPU: 0 UID: 0 PID: 15855 Comm: syz.4.3621 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(voluntary) 
[  532.358310][T15855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  532.358325][T15855] Call Trace:
[  532.358332][T15855]  <TASK>
[  532.358339][T15855]  __dump_stack+0x1d/0x30
[  532.358362][T15855]  dump_stack_lvl+0xe8/0x140
[  532.358381][T15855]  dump_stack+0x15/0x1b
[  532.358414][T15855]  should_fail_ex+0x265/0x280
[  532.358455][T15855]  should_failslab+0x8c/0xb0
[  532.358532][T15855]  __kmalloc_cache_node_noprof+0x54/0x320
[  532.358570][T15855]  ? __get_vm_area_node+0x106/0x1d0
[  532.358681][T15855]  __get_vm_area_node+0x106/0x1d0
[  532.358716][T15855]  __vmalloc_node_range_noprof+0x273/0xe00
[  532.358824][T15855]  ? bpf_prog_alloc_no_stats+0x47/0x390
[  532.358939][T15855]  ? mntput_no_expire+0x6f/0x3c0
[  532.358969][T15855]  ? __rcu_read_unlock+0x4f/0x70
[  532.358994][T15855]  ? selinux_capable+0x1f9/0x270
[  532.359168][T15855]  ? bpf_prog_alloc_no_stats+0x47/0x390
[  532.359200][T15855]  __vmalloc_noprof+0x83/0xc0
[  532.359230][T15855]  ? bpf_prog_alloc_no_stats+0x47/0x390
[  532.359260][T15855]  bpf_prog_alloc_no_stats+0x47/0x390
[  532.359351][T15855]  ? bpf_prog_alloc+0x2a/0x150
[  532.359380][T15855]  bpf_prog_alloc+0x3c/0x150
[  532.359429][T15855]  bpf_prog_load+0x514/0x1070
[  532.359469][T15855]  ? security_bpf+0x2b/0x90
[  532.359491][T15855]  __sys_bpf+0x51d/0x790
[  532.359524][T15855]  __x64_sys_bpf+0x41/0x50
[  532.359628][T15855]  x64_sys_call+0x2478/0x2fb0
[  532.359652][T15855]  do_syscall_64+0xd2/0x200
[  532.359725][T15855]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  532.359825][T15855]  ? clear_bhb_loop+0x40/0x90
[  532.359853][T15855]  ? clear_bhb_loop+0x40/0x90
[  532.359880][T15855]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  532.359968][T15855] RIP: 0033:0x7fb68894e929
[  532.359987][T15855] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  532.360009][T15855] RSP: 002b:00007fb686fb7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  532.360029][T15855] RAX: ffffffffffffffda RBX: 00007fb688b75fa0 RCX: 00007fb68894e929
[  532.360042][T15855] RDX: 0000000000000070 RSI: 00002000000000c0 RDI: 0000000000000005
[  532.360190][T15855] RBP: 00007fb686fb7090 R08: 0000000000000000 R09: 0000000000000000
[  532.360206][T15855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  532.360221][T15855] R13: 0000000000000000 R14: 00007fb688b75fa0 R15: 00007ffe1cd3a208
[  532.360241][T15855]  </TASK>
[  532.360267][T15855] syz.4.3621: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null)
[  532.484731][T15859] lo speed is unknown, defaulting to 1000
[  532.485600][T15855] ,cpuset=/,mems_allowed=0
[  532.493040][T15856] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  532.494910][T15855] 
[  532.644819][T15855] CPU: 0 UID: 0 PID: 15855 Comm: syz.4.3621 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(voluntary) 
[  532.644850][T15855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  532.644862][T15855] Call Trace:
[  532.644869][T15855]  <TASK>
[  532.644887][T15855]  __dump_stack+0x1d/0x30
[  532.644910][T15855]  dump_stack_lvl+0xe8/0x140
[  532.644933][T15855]  dump_stack+0x15/0x1b
[  532.645020][T15855]  warn_alloc+0x12b/0x1a0
[  532.645052][T15855]  __vmalloc_node_range_noprof+0x297/0xe00
[  532.645085][T15855]  ? mntput_no_expire+0x6f/0x3c0
[  532.645125][T15855]  ? __rcu_read_unlock+0x4f/0x70
[  532.645148][T15855]  ? selinux_capable+0x1f9/0x270
[  532.645194][T15855]  ? bpf_prog_alloc_no_stats+0x47/0x390
[  532.645225][T15855]  __vmalloc_noprof+0x83/0xc0
[  532.645258][T15855]  ? bpf_prog_alloc_no_stats+0x47/0x390
[  532.645385][T15855]  bpf_prog_alloc_no_stats+0x47/0x390
[  532.645460][T15855]  ? bpf_prog_alloc+0x2a/0x150
[  532.645489][T15855]  bpf_prog_alloc+0x3c/0x150
[  532.645517][T15855]  bpf_prog_load+0x514/0x1070
[  532.645552][T15855]  ? security_bpf+0x2b/0x90
[  532.645599][T15855]  __sys_bpf+0x51d/0x790
[  532.645635][T15855]  __x64_sys_bpf+0x41/0x50
[  532.645738][T15855]  x64_sys_call+0x2478/0x2fb0
[  532.645764][T15855]  do_syscall_64+0xd2/0x200
[  532.645790][T15855]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  532.645827][T15855]  ? clear_bhb_loop+0x40/0x90
[  532.645885][T15855]  ? clear_bhb_loop+0x40/0x90
[  532.645912][T15855]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  532.645936][T15855] RIP: 0033:0x7fb68894e929
[  532.645960][T15855] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  532.645978][T15855] RSP: 002b:00007fb686fb7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  532.645998][T15855] RAX: ffffffffffffffda RBX: 00007fb688b75fa0 RCX: 00007fb68894e929
[  532.646014][T15855] RDX: 0000000000000070 RSI: 00002000000000c0 RDI: 0000000000000005
[  532.646030][T15855] RBP: 00007fb686fb7090 R08: 0000000000000000 R09: 0000000000000000
[  532.646046][T15855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  532.646062][T15855] R13: 0000000000000000 R14: 00007fb688b75fa0 R15: 00007ffe1cd3a208
[  532.646112][T15855]  </TASK>
[  532.646121][T15855] Mem-Info:
[  532.770352][T15859] chnl_net:caif_netlink_parms(): no params data found
[  532.771237][T15855] active_anon:69601 inactive_anon:2 isolated_anon:0
[  532.771237][T15855]  active_file:16757 inactive_file:12814 isolated_file:0
[  532.771237][T15855]  unevictable:0 dirty:434 writeback:0
[  532.771237][T15855]  slab_reclaimable:3096 slab_unreclaimable:13896
[  532.771237][T15855]  mapped:32219 shmem:66025 pagetables:1180
[  532.771237][T15855]  sec_pagetables:0 bounce:0
[  532.771237][T15855]  kernel_misc_reclaimable:0
[  532.771237][T15855]  free:1808420 free_pcp:10499 free_cma:0
[  532.791225][T15876] lo speed is unknown, defaulting to 1000
[  532.792612][T15855] Node 0 active_anon:278404kB inactive_anon:8kB active_file:67028kB inactive_file:51256kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:128876kB dirty:1736kB writeback:0kB shmem:264100kB writeback_tmp:0kB kernel_stack:3344kB pagetables:4836kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  532.798400][   T29] audit: type=1326 audit(2000000019.620:21618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15851 comm="syz.2.3619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efeb9b3e929 code=0x7ffc0000
[  532.816633][T15855] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  532.825082][   T29] audit: type=1326 audit(2000000019.620:21619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15851 comm="syz.2.3619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efeb9b3e929 code=0x7ffc0000
[  532.833060][T15855] lowmem_reserve[]: 0 2882
[  532.841060][   T29] audit: type=1326 audit(2000000019.620:21620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15851 comm="syz.2.3619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efeb9b3e929 code=0x7ffc0000
[  532.849161][T15855]  7861 7861
[  532.849180][T15855] Node 0 DMA32 free:2947940kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2951468kB mlocked:0kB bounce:0kB free_pcp:3528kB local_pcp:3528kB free_cma:0kB
[  532.857254][   T29] audit: type=1326 audit(2000000019.620:21621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15851 comm="syz.2.3619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efeb9b3e929 code=0x7ffc0000
[  532.865317][T15855] lowmem_reserve[]: 0
[  532.868347][   T29] audit: type=1326 audit(2000000019.620:21622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15851 comm="syz.2.3619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efeb9b3e929 code=0x7ffc0000
[  532.871461][T15855]  0 4978 4978
[  532.871484][T15855] Node 0 Normal free:4270380kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:278404kB inactive_anon:8kB active_file:67028kB inactive_file:51256kB unevictable:0kB writepending:1736kB present:5242880kB managed:5098232kB mlocked:0kB bounce:0kB free_pcp:38216kB local_pcp:26612kB free_cma:0kB
[  532.878629][   T29] audit: type=1326 audit(2000000019.630:21623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15851 comm="syz.2.3619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efeb9b3e929 code=0x7ffc0000
[  532.923821][T15855] lowmem_reserve[]: 0 0 0 0
[  532.923856][T15855] Node 0 
[  532.929671][   T29] audit: type=1326 audit(2000000019.630:21624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15851 comm="syz.2.3619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7efeb9b3e929 code=0x7ffc0000
[  532.959100][T15855] DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB 
[  532.982968][   T29] audit: type=1326 audit(2000000019.630:21625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15851 comm="syz.2.3619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efeb9b3e929 code=0x7ffc0000
[  532.982998][   T29] audit: type=1326 audit(2000000019.630:21626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15851 comm="syz.2.3619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7efeb9b3e929 code=0x7ffc0000
[  533.011604][T15855] (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  533.011656][T15855] Node 0 DMA32: 
[  533.035332][   T29] audit: type=1326 audit(2000000019.630:21627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15851 comm="syz.2.3619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efeb9b3e929 code=0x7ffc0000
[  533.039813][T15855] 5*4kB (M) 4*8kB (M) 3*16kB (M) 4*32kB (M) 2*64kB (M) 2*128kB (M) 3*256kB (M) 3*512kB (M) 4*1024kB (M) 2*2048kB (M) 717*4096kB (M) = 2947940kB
[  533.344178][T15855] Node 0 Normal: 3918*4kB (M) 4128*8kB (UME) 5144*16kB (M) 5179*32kB (UME) 2295*64kB (ME) 693*128kB (UME) 284*256kB (UME) 240*512kB (UM) 131*1024kB (UM) 38*2048kB (UME) 815*4096kB (UM) = 4278104kB
[  533.363922][T15855] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  533.373386][T15855] 81919 total pagecache pages
[  533.378137][T15855] 0 pages in swap cache
[  533.382313][T15855] Free swap  = 124996kB
[  533.386686][T15855] Total swap = 124996kB
[  533.390924][T15855] 2097051 pages RAM
[  533.394755][T15855] 0 pages HighMem/MovableOnly
[  533.396999][T15886] __nla_validate_parse: 7 callbacks suppressed
[  533.397015][T15886] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3624'.
[  533.399556][T15855] 80786 pages reserved
[  533.504540][T15859] bridge0: port 1(bridge_slave_0) entered blocking state
[  533.511666][T15859] bridge0: port 1(bridge_slave_0) entered disabled state
[  533.528251][T15859] bridge_slave_0: entered allmulticast mode
[  533.534833][T15859] bridge_slave_0: entered promiscuous mode
[  533.549006][T15859] bridge0: port 2(bridge_slave_1) entered blocking state
[  533.556131][T15859] bridge0: port 2(bridge_slave_1) entered disabled state
[  533.579717][T15859] bridge_slave_1: entered allmulticast mode
[  533.599611][T15859] bridge_slave_1: entered promiscuous mode
[  533.634753][T15859] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  533.646432][T15859] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  533.668506][T15859] team0: Port device team_slave_0 added
[  533.675269][T15859] team0: Port device team_slave_1 added
[  533.694171][T15859] batman_adv: batadv0: Adding interface: batadv_slave_0
[  533.701451][T15859] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  533.727615][T15859] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  533.741147][T15859] batman_adv: batadv0: Adding interface: batadv_slave_1
[  533.748328][T15859] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  533.774543][T15859] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  533.805012][T15859] hsr_slave_0: entered promiscuous mode
[  533.811331][T15859] hsr_slave_1: entered promiscuous mode
[  533.817232][T15859] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  533.824953][T15859] Cannot create hsr debugfs directory
[  533.886166][   T47] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  533.930526][   T47] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  533.980544][   T47] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  534.061037][   T47] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  534.146947][   T47] bond0 (unregistering): Released all slaves
[  534.189125][   T47] tipc: Disabling bearer <udp:s>
[  534.194159][   T47] tipc: Left network mode
[  534.202626][   T47] hsr_slave_0: left promiscuous mode
[  534.208383][   T47] hsr_slave_1: left promiscuous mode
[  534.215916][   T47] veth0_macvtap: left promiscuous mode
[  534.221499][   T47] veth1_vlan: left promiscuous mode
[  534.226750][   T47] veth0_vlan: left promiscuous mode
[  534.459097][T15859] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  534.467407][T15859] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  534.476114][T15859] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  534.485023][T15859] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  534.514906][T15859] 8021q: adding VLAN 0 to HW filter on device bond0
[  534.527325][T15859] 8021q: adding VLAN 0 to HW filter on device team0
[  534.536797][   T41] bridge0: port 1(bridge_slave_0) entered blocking state
[  534.544085][   T41] bridge0: port 1(bridge_slave_0) entered forwarding state
[  534.554604][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  534.561776][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  534.615925][T15859] 8021q: adding VLAN 0 to HW filter on device batadv0
[  534.672703][T15859] veth0_vlan: entered promiscuous mode
[  534.681878][T15859] veth1_vlan: entered promiscuous mode
[  534.696001][T15859] veth0_macvtap: entered promiscuous mode
[  534.703102][T15859] veth1_macvtap: entered promiscuous mode
[  534.713125][T15859] batman_adv: batadv0: Interface activated: batadv_slave_0
[  534.723430][T15859] batman_adv: batadv0: Interface activated: batadv_slave_1
[  534.732471][T15859] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  534.741398][T15859] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  534.750249][T15859] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  534.759016][T15859] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  568.087828][   T29] kauditd_printk_skb: 15 callbacks suppressed
[  568.087843][   T29] audit: type=1400 audit(2000000055.200:21643): avc:  denied  { prog_load } for  pid=15913 comm="syz.0.3626" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  568.113638][   T29] audit: type=1400 audit(2000000055.200:21644): avc:  denied  { bpf } for  pid=15913 comm="syz.0.3626" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  568.131444][T15918] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3629'.
[  568.160451][   T29] audit: type=1400 audit(2000000055.230:21645): avc:  denied  { execmem } for  pid=15915 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  568.180340][   T29] audit: type=1400 audit(2000000055.230:21646): avc:  denied  { create } for  pid=15916 comm="syz.3.3629" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  568.201387][   T29] audit: type=1400 audit(2000000055.230:21647): avc:  denied  { write } for  pid=15916 comm="syz.3.3629" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  568.222363][   T29] audit: type=1400 audit(2000000055.260:21648): avc:  denied  { read write } for  pid=15913 comm="syz.0.3626" name="ptp0" dev="devtmpfs" ino=246 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  568.246269][   T29] audit: type=1400 audit(2000000055.260:21649): avc:  denied  { open } for  pid=15913 comm="syz.0.3626" path="/dev/ptp0" dev="devtmpfs" ino=246 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  568.270258][   T29] audit: type=1400 audit(2000000055.270:21650): avc:  denied  { ioctl } for  pid=15913 comm="syz.0.3626" path="/dev/ptp0" dev="devtmpfs" ino=246 ioctlcmd=0x3d04 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  568.295656][   T29] audit: type=1400 audit(2000000055.270:21651): avc:  denied  { create } for  pid=15917 comm="syz.4.3630" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  568.315558][   T29] audit: type=1400 audit(2000000055.270:21652): avc:  denied  { map_create } for  pid=15913 comm="syz.0.3626" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  568.515896][T15942] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3633'.
[  568.606563][T15944] Unsupported ieee802154 address type: 0
[  568.727721][T15922] lo speed is unknown, defaulting to 1000
[  568.897932][T15922] chnl_net:caif_netlink_parms(): no params data found
[  568.933027][T15922] bridge0: port 1(bridge_slave_0) entered blocking state
[  568.940324][T15922] bridge0: port 1(bridge_slave_0) entered disabled state
[  568.947928][T15922] bridge_slave_0: entered allmulticast mode
[  568.951977][T15964] 9pnet_fd: p9_fd_create_unix (15964): problem connecting socket: ./file1: -2
[  568.963600][T15922] bridge_slave_0: entered promiscuous mode
[  569.026731][T15922] bridge0: port 2(bridge_slave_1) entered blocking state
[  569.034187][T15922] bridge0: port 2(bridge_slave_1) entered disabled state
[  569.042171][T15963] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3639'.
[  569.059085][T15922] bridge_slave_1: entered allmulticast mode
[  569.071016][T15922] bridge_slave_1: entered promiscuous mode
[  569.095599][ T1449] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  569.109839][T15922] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  569.123735][T15922] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  569.131243][T15973] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3643'.
[  569.133445][T15953] lo speed is unknown, defaulting to 1000
[  569.150355][ T1449] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  569.178413][T15922] team0: Port device team_slave_0 added
[  569.205208][T15978] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3645'.
[  569.215329][ T1449] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  569.230371][T15922] team0: Port device team_slave_1 added
[  569.242801][T15978] ip6gretap0: entered promiscuous mode
[  569.250560][T15978] ip6gretap0: left promiscuous mode
[  569.263680][ T1449] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  569.292746][T15922] batman_adv: batadv0: Adding interface: batadv_slave_0
[  569.299840][T15922] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  569.325907][T15922] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  569.350283][T15922] batman_adv: batadv0: Adding interface: batadv_slave_1
[  569.357311][T15922] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  569.383618][T15922] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  569.440424][T15922] hsr_slave_0: entered promiscuous mode
[  569.447160][T15922] hsr_slave_1: entered promiscuous mode
[  569.458717][T15922] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  569.476512][T15922] Cannot create hsr debugfs directory
[  569.558281][T15989] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  569.611579][T15990] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3647'.
[  569.761968][ T1449] hsr_slave_0: left promiscuous mode
[  569.774464][ T1449] hsr_slave_1: left promiscuous mode
[  569.785691][ T1449] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  569.793318][ T1449] batman_adv: batadv0: Removing interface: batadv_slave_1
[  569.821329][ T1449] veth1_macvtap: left promiscuous mode
[  569.827050][ T1449] veth0_macvtap: left promiscuous mode
[  569.833885][ T1449] veth1_vlan: left promiscuous mode
[  569.840325][ T1449] veth0_vlan: left promiscuous mode
[  569.859970][T15999] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3652'.
[  569.914278][ T1449] team0 (unregistering): Port device team_slave_1 removed
[  569.924567][ T1449] team0 (unregistering): Port device team_slave_0 removed
[  569.967125][ T3415] lo speed is unknown, defaulting to 1000
[  569.973062][ T3415] infiniband syz2: ib_query_port failed (-19)
[  569.998517][T16004] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3655'.
[  570.051332][T16006] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3656'.
[  570.090142][T16013] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3659'.
[  570.329782][T16028] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  570.369879][T15922] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  570.874958][T16032] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  570.922978][T16033] 8021q: adding VLAN 0 to HW filter on device bond1
[  570.938134][T15922] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  570.947254][T15922] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  570.978380][T15922] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  571.161794][T16062] 9pnet: Could not find request transport: tcp
[  571.234209][T15922] 8021q: adding VLAN 0 to HW filter on device bond0
[  571.288216][T16061] netlink: 'syz.3.3673': attribute type 1 has an invalid length.
[  571.311398][T15922] 8021q: adding VLAN 0 to HW filter on device team0
[  571.346976][T16061] 8021q: adding VLAN 0 to HW filter on device bond2
[  571.379363][T16066] bond2 (unregistering): Released all slaves
[  571.429664][   T47] bridge0: port 1(bridge_slave_0) entered blocking state
[  571.436768][   T47] bridge0: port 1(bridge_slave_0) entered forwarding state
[  571.452724][T16071] tipc: Started in network mode
[  571.457882][T16071] tipc: Node identity ac14140f, cluster identity 4711
[  571.464770][T16071] tipc: New replicast peer: 255.255.255.255
[  571.471014][T16071] tipc: Enabled bearer <udp:s>, priority 10
[  571.516519][T15922] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  571.527153][T15922] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  571.569643][   T47] bridge0: port 2(bridge_slave_1) entered blocking state
[  571.576780][   T47] bridge0: port 2(bridge_slave_1) entered forwarding state
[  571.774699][T15922] 8021q: adding VLAN 0 to HW filter on device batadv0
[  572.016422][T15922] veth0_vlan: entered promiscuous mode
[  572.037275][T15922] veth1_vlan: entered promiscuous mode
[  572.057212][T16107] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  572.067427][T16107] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  572.077760][T16107] bond0 (unregistering): Released all slaves
[  572.088512][T16105] tipc: Started in network mode
[  572.093499][T16105] tipc: Node identity ac14140f, cluster identity 4711
[  572.100430][T16105] tipc: New replicast peer: 255.255.255.255
[  572.106511][T16105] tipc: Enabled bearer <udp:s>, priority 10
[  572.117872][T15922] veth0_macvtap: entered promiscuous mode
[  572.128403][T16105] loop3: detected capacity change from 0 to 512
[  572.134982][T16105] EXT4-fs: Ignoring removed oldalloc option
[  572.136644][T15922] veth1_macvtap: entered promiscuous mode
[  572.151023][T16105] EXT4-fs (loop3): 1 truncate cleaned up
[  572.157279][T16105] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  572.163055][T15922] batman_adv: batadv0: Interface activated: batadv_slave_0
[  572.189620][T15922] batman_adv: batadv0: Interface activated: batadv_slave_1
[  572.198702][T15922] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  572.199580][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  572.207435][T15922] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  572.207478][T15922] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  572.207534][T15922] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  572.266939][T16118] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  572.492865][ T3396] tipc: Node number set to 2886997007
[  572.670196][T16153] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  572.687205][T16153] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  572.705201][T16153] bond0 (unregistering): Released all slaves
[  572.753756][T16129] chnl_net:caif_netlink_parms(): no params data found
[  572.787302][T16159] tipc: Started in network mode
[  572.792287][T16159] tipc: Node identity ac14140f, cluster identity 4711
[  572.799354][T16159] tipc: New replicast peer: 255.255.255.255
[  572.805475][T16159] tipc: Enabled bearer <udp:s>, priority 10
[  572.821984][T16159] loop1: detected capacity change from 0 to 512
[  572.823196][ T8597] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  572.828541][T16159] EXT4-fs: Ignoring removed oldalloc option
[  572.867186][T16159] EXT4-fs (loop1): 1 truncate cleaned up
[  572.873385][T16159] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  572.915767][T15922] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  572.942247][ T8597] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  573.017342][T16129] bridge0: port 1(bridge_slave_0) entered blocking state
[  573.024520][T16129] bridge0: port 1(bridge_slave_0) entered disabled state
[  573.045375][T16129] bridge_slave_0: entered allmulticast mode
[  573.053363][T16129] bridge_slave_0: entered promiscuous mode
[  573.064234][ T8597] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  573.101178][T16129] bridge0: port 2(bridge_slave_1) entered blocking state
[  573.108545][T16129] bridge0: port 2(bridge_slave_1) entered disabled state
[  573.115997][T16129] bridge_slave_1: entered allmulticast mode
[  573.122681][T16129] bridge_slave_1: entered promiscuous mode
[  573.162170][ T8597] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  573.189244][T16129] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  573.205326][T16129] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  573.218224][ T1036] tipc: Node number set to 2886997007
[  573.250073][   T29] kauditd_printk_skb: 443 callbacks suppressed
[  573.250091][   T29] audit: type=1326 audit(2000000060.370:22096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16188 comm="syz.2.3711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efeb9b3e929 code=0x7ffc0000
[  573.284445][   T29] audit: type=1326 audit(2000000060.400:22097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16188 comm="syz.2.3711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7efeb9b3e929 code=0x7ffc0000
[  573.308412][   T29] audit: type=1326 audit(2000000060.400:22098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16188 comm="syz.2.3711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efeb9b3e929 code=0x7ffc0000
[  573.332249][   T29] audit: type=1326 audit(2000000060.400:22099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16188 comm="syz.2.3711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7efeb9b3e929 code=0x7ffc0000
[  573.356144][   T29] audit: type=1326 audit(2000000060.400:22100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16188 comm="syz.2.3711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efeb9b3e929 code=0x7ffc0000
[  573.379769][   T29] audit: type=1326 audit(2000000060.400:22101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16188 comm="syz.2.3711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=225 compat=0 ip=0x7efeb9b3e929 code=0x7ffc0000
[  573.403618][   T29] audit: type=1326 audit(2000000060.400:22102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16188 comm="syz.2.3711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efeb9b3e929 code=0x7ffc0000
[  573.427381][   T29] audit: type=1326 audit(2000000060.400:22103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16188 comm="syz.2.3711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efeb9b3e929 code=0x7ffc0000
[  573.451097][   T29] audit: type=1326 audit(2000000060.400:22104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16188 comm="syz.2.3711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efeb9b3e929 code=0x7ffc0000
[  573.474925][   T29] audit: type=1326 audit(2000000060.400:22105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16188 comm="syz.2.3711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=166 compat=0 ip=0x7efeb9b3e929 code=0x7ffc0000
[  573.503177][T16190] __nla_validate_parse: 8 callbacks suppressed
[  573.503193][T16190] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  573.680276][T16129] team0: Port device team_slave_0 added
[  573.707790][T16129] team0: Port device team_slave_1 added
[  573.751974][T16208] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3718'.
[  573.765147][T16129] batman_adv: batadv0: Adding interface: batadv_slave_0
[  573.772346][T16129] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  573.798499][T16129] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  573.814568][T16129] batman_adv: batadv0: Adding interface: batadv_slave_1
[  573.821726][T16129] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  573.847757][T16129] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  573.848142][ T1036] tipc: Node number set to 2886997007
[  573.906755][T16129] hsr_slave_0: entered promiscuous mode
[  573.918558][T16129] hsr_slave_1: entered promiscuous mode
[  573.925203][T16129] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  573.948580][T16129] Cannot create hsr debugfs directory
[  574.041083][T16231] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3728'.
[  574.051248][ T8597] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  574.061404][ T8597] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  574.072160][ T8597] bond0 (unregistering): Released all slaves
[  574.081584][ T8597] bond1 (unregistering): Released all slaves
[  574.112666][T16235] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3730'.
[  574.140065][ T8597] tipc: Disabling bearer <udp:s>
[  574.145077][ T8597] tipc: Left network mode
[  574.193661][ T8597] hsr_slave_0: left promiscuous mode
[  574.199879][ T8597] hsr_slave_1: left promiscuous mode
[  574.205516][ T8597] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  574.213151][ T8597] batman_adv: batadv0: Removing interface: batadv_slave_1
[  574.258348][ T8597] veth1_macvtap: left promiscuous mode
[  574.260160][T16228] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  574.263883][ T8597] veth0_macvtap: left promiscuous mode
[  574.283548][T16242] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3732'.
[  574.284132][T16228] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  574.371715][ T8597] team0 (unregistering): Port device team_slave_1 removed
[  574.383173][ T8597] team0 (unregistering): Port device team_slave_0 removed
[  574.497132][T16250] netlink: 14 bytes leftover after parsing attributes in process `syz.0.3735'.
[  574.514605][T16246] xt_hashlimit: max too large, truncated to 1048576
[  574.547311][T16253] FAULT_INJECTION: forcing a failure.
[  574.547311][T16253] name failslab, interval 1, probability 0, space 0, times 0
[  574.560052][T16253] CPU: 1 UID: 0 PID: 16253 Comm: syz.4.3736 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(voluntary) 
[  574.560084][T16253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  574.560096][T16253] Call Trace:
[  574.560112][T16253]  <TASK>
[  574.560132][T16253]  __dump_stack+0x1d/0x30
[  574.560157][T16253]  dump_stack_lvl+0xe8/0x140
[  574.560179][T16253]  dump_stack+0x15/0x1b
[  574.560197][T16253]  should_fail_ex+0x265/0x280
[  574.560261][T16253]  should_failslab+0x8c/0xb0
[  574.560287][T16253]  __kmalloc_noprof+0xa5/0x3e0
[  574.560314][T16253]  ? io_alloc_ocqe+0x51/0x250
[  574.560344][T16253]  io_alloc_ocqe+0x51/0x250
[  574.560393][T16253]  io_cqe_overflow_locked+0x26/0x40
[  574.560417][T16253]  __io_submit_flush_completions+0x258/0xa00
[  574.560515][T16253]  io_submit_sqes+0xe32/0xfd0
[  574.560554][T16253]  __se_sys_io_uring_enter+0x1c1/0x1b70
[  574.560592][T16253]  ? 0xffffffff81000000
[  574.560605][T16253]  ? __rcu_read_unlock+0x4f/0x70
[  574.560650][T16253]  ? get_pid_task+0x96/0xd0
[  574.560672][T16253]  ? proc_fail_nth_write+0x12d/0x160
[  574.560742][T16253]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  574.560766][T16253]  ? vfs_write+0x75e/0x8e0
[  574.560788][T16253]  ? __rcu_read_unlock+0x4f/0x70
[  574.560810][T16253]  ? __fget_files+0x184/0x1c0
[  574.560837][T16253]  ? fput+0x8f/0xc0
[  574.560974][T16253]  __x64_sys_io_uring_enter+0x78/0x90
[  574.561012][T16253]  x64_sys_call+0x28c8/0x2fb0
[  574.561082][T16253]  do_syscall_64+0xd2/0x200
[  574.561133][T16253]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  574.561196][T16253]  ? clear_bhb_loop+0x40/0x90
[  574.561219][T16253]  ? clear_bhb_loop+0x40/0x90
[  574.561252][T16253]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  574.561275][T16253] RIP: 0033:0x7fb68894e929
[  574.561294][T16253] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  574.561315][T16253] RSP: 002b:00007fb686fb7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  574.561338][T16253] RAX: ffffffffffffffda RBX: 00007fb688b75fa0 RCX: 00007fb68894e929
[  574.561353][T16253] RDX: 000000000000ac98 RSI: 0000000002002def RDI: 0000000000000004
[  574.561439][T16253] RBP: 00007fb686fb7090 R08: 0000000000000000 R09: 0000000000000000
[  574.561454][T16253] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001
[  574.561514][T16253] R13: 0000000000000000 R14: 00007fb688b75fa0 R15: 00007ffe1cd3a208
[  574.561535][T16253]  </TASK>
[  574.827795][T16256] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  575.043284][T16129] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  575.080672][T16129] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  575.112126][T16129] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  575.138298][T16129] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  575.148121][T16275] netlink: 14 bytes leftover after parsing attributes in process `syz.4.3746'.
[  575.162353][T16276] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  575.417389][T16129] 8021q: adding VLAN 0 to HW filter on device bond0
[  575.434103][T16129] 8021q: adding VLAN 0 to HW filter on device team0
[  575.446080][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  575.453322][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  575.474599][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  575.481786][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  575.498719][T16129] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  575.592847][T16302] capability: warning: `syz.1.3754' uses deprecated v2 capabilities in a way that may be insecure
[  575.617479][T16129] 8021q: adding VLAN 0 to HW filter on device batadv0
[  575.661600][T16313] x_tables: ip6_tables: tcpmss match: only valid for protocol 6
[  575.769772][T16327] netlink: 14 bytes leftover after parsing attributes in process `syz.1.3758'.
[  575.785029][T16129] veth0_vlan: entered promiscuous mode
[  575.808787][T16327] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  575.819843][T16327] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  575.843495][T16327] bond0 (unregistering): Released all slaves
[  575.864485][T16129] veth1_vlan: entered promiscuous mode
[  575.901721][T16129] veth0_macvtap: entered promiscuous mode
[  575.923811][T16129] veth1_macvtap: entered promiscuous mode
[  575.957062][T16129] batman_adv: batadv0: Interface activated: batadv_slave_0
[  575.995596][T16129] batman_adv: batadv0: Interface activated: batadv_slave_1
[  576.004412][T16129] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  576.013180][T16129] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  576.022059][T16129] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  576.031020][T16129] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  576.327504][T16336] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  576.470426][T16354] netlink: 14 bytes leftover after parsing attributes in process `syz.0.3769'.
[  576.505599][T16344] loop3: detected capacity change from 0 to 2048
[  576.614194][T16362] loop1: detected capacity change from 0 to 2048
[  576.681562][T16362] Alternate GPT is invalid, using primary GPT.
[  576.688194][T16362]  loop1: p2 p3 p7
[  576.707966][T16366] tipc: Started in network mode
[  576.712998][T16366] tipc: Node identity ac14140f, cluster identity 4711
[  576.719958][T16366] tipc: New replicast peer: 255.255.255.255
[  576.726094][T16366] tipc: Enabled bearer <udp:s>, priority 10
[  576.980419][T16396] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  577.083038][T16410] loop1: detected capacity change from 0 to 1024
[  577.091025][T16411] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  577.109980][T16411] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  577.140514][T16411] bond0 (unregistering): Released all slaves
[  577.280202][T16422] block device autoloading is deprecated and will be removed.
[  577.327067][T16384] chnl_net:caif_netlink_parms(): no params data found
[  577.346255][T16423] loop2: detected capacity change from 0 to 1024
[  577.388795][T16426] xt_hashlimit: max too large, truncated to 1048576
[  577.419623][   T41] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  577.431143][T16423] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  577.442187][T16423] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  577.483465][T16423] JBD2: no valid journal superblock found
[  577.489310][T16423] EXT4-fs (loop2): Could not load journal inode
[  577.534245][   T41] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  577.553434][T16384] bridge0: port 1(bridge_slave_0) entered blocking state
[  577.560688][T16384] bridge0: port 1(bridge_slave_0) entered disabled state
[  577.578348][T16384] bridge_slave_0: entered allmulticast mode
[  577.585201][T16384] bridge_slave_0: entered promiscuous mode
[  577.600733][   T41] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  577.637255][T16384] bridge0: port 2(bridge_slave_1) entered blocking state
[  577.644568][T16384] bridge0: port 2(bridge_slave_1) entered disabled state
[  577.661190][T16384] bridge_slave_1: entered allmulticast mode
[  577.667907][T16384] bridge_slave_1: entered promiscuous mode
[  577.694566][   T41] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  577.731637][T16384] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  577.742491][T16384] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  577.766515][T16384] team0: Port device team_slave_0 added
[  577.788892][T16384] team0: Port device team_slave_1 added
[  577.848533][   T41] bond1 (unregistering): Released all slaves
[  577.858110][ T1036] tipc: Node number set to 2886997007
[  577.880398][T16384] batman_adv: batadv0: Adding interface: batadv_slave_0
[  577.887426][T16384] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  577.913943][T16384] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  577.930956][   T41] tipc: Disabling bearer <udp:s>
[  577.935987][   T41] tipc: Left network mode
[  577.941234][T16384] batman_adv: batadv0: Adding interface: batadv_slave_1
[  577.948421][T16384] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  577.974808][T16384] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  577.991248][   T41] hsr_slave_0: left promiscuous mode
[  577.997427][   T41] hsr_slave_1: left promiscuous mode
[  578.004396][   T41] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  578.011924][   T41] batman_adv: batadv0: Removing interface: batadv_slave_1
[  578.031521][   T41] veth1_macvtap: left promiscuous mode
[  578.037150][   T41] veth0_macvtap: left promiscuous mode
[  578.048225][   T41] veth1_vlan: left promiscuous mode
[  578.063807][   T41] veth0_vlan: left promiscuous mode
[  578.137352][T16471] 9pnet_fd: p9_fd_create_unix (16471): problem connecting socket: ./file1: -2
[  578.137880][   T41] team_slave_1 (unregistering): left promiscuous mode
[  578.153545][   T41] team_slave_1 (unregistering): left allmulticast mode
[  578.162656][   T41] team0 (unregistering): Port device team_slave_1 removed
[  578.175234][   T41] team_slave_0 (unregistering): left promiscuous mode
[  578.182146][   T41] team_slave_0 (unregistering): left allmulticast mode
[  578.189856][   T41] team0 (unregistering): Port device team_slave_0 removed
[  578.250046][T16384] hsr_slave_0: entered promiscuous mode
[  578.257626][T16384] hsr_slave_1: entered promiscuous mode
[  578.264683][   T29] kauditd_printk_skb: 649 callbacks suppressed
[  578.264699][   T29] audit: type=1326 audit(2000000065.380:22755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16476 comm="syz.1.3817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd46de5e929 code=0x7ffc0000
[  578.295034][   T29] audit: type=1326 audit(2000000065.390:22756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16476 comm="syz.1.3817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd46de5e929 code=0x7ffc0000
[  578.318654][   T29] audit: type=1326 audit(2000000065.390:22757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16476 comm="syz.1.3817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fd46de5e929 code=0x7ffc0000
[  578.342221][   T29] audit: type=1326 audit(2000000065.390:22758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16476 comm="syz.1.3817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd46de5e929 code=0x7ffc0000
[  578.365908][   T29] audit: type=1326 audit(2000000065.390:22759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16476 comm="syz.1.3817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7fd46de5e929 code=0x7ffc0000
[  578.389524][   T29] audit: type=1326 audit(2000000065.390:22760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16476 comm="syz.1.3817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd46de5e929 code=0x7ffc0000
[  578.413324][   T29] audit: type=1326 audit(2000000065.390:22761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16476 comm="syz.1.3817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=166 compat=0 ip=0x7fd46de5e929 code=0x7ffc0000
[  578.437500][   T29] audit: type=1326 audit(2000000065.550:22762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16476 comm="syz.1.3817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd46de5e929 code=0x7ffc0000
[  578.461157][   T29] audit: type=1326 audit(2000000065.550:22763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16476 comm="syz.1.3817" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd46de5e929 code=0x7ffc0000
[  578.494637][   T29] audit: type=1326 audit(2000000065.610:22764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16483 comm="syz.1.3819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd46de5e929 code=0x7ffc0000
[  578.649709][T16496] 9pnet_fd: p9_fd_create_unix (16496): problem connecting socket: ./file1: -2
[  578.662535][T16497] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  578.900868][T16501] __nla_validate_parse: 8 callbacks suppressed
[  578.900918][T16501] netlink: 44 bytes leftover after parsing attributes in process `syz.3.3825'.
[  578.934808][T16503] loop9: detected capacity change from 0 to 7
[  578.941443][T16503] Buffer I/O error on dev loop9, logical block 0, async page read
[  578.949439][T16503] Buffer I/O error on dev loop9, logical block 0, async page read
[  578.957465][T16503]  loop9: unable to read partition table
[  578.965412][T16503] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  578.965412][T16503] 
) failed (rc=-5)
[  578.986444][T16384] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  579.010477][T16384] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  579.034606][T16506] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3826'.
[  579.064432][T16507] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  579.184470][T16384] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  579.196698][T16506] dummy0: entered promiscuous mode
[  579.202110][T16506] macsec1: entered allmulticast mode
[  579.208317][T16506] dummy0: entered allmulticast mode
[  579.215218][T16384] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  579.357091][T16518] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  579.517111][T16532] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  579.534536][T16384] 8021q: adding VLAN 0 to HW filter on device bond0
[  579.580452][T16536] netlink: 44 bytes leftover after parsing attributes in process `syz.3.3836'.
[  579.583161][T16384] 8021q: adding VLAN 0 to HW filter on device team0
[  579.631999][T16540] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3838'.
[  579.641918][ T1449] bridge0: port 1(bridge_slave_0) entered blocking state
[  579.649047][ T1449] bridge0: port 1(bridge_slave_0) entered forwarding state
[  579.671109][ T1449] bridge0: port 2(bridge_slave_1) entered blocking state
[  579.678385][ T1449] bridge0: port 2(bridge_slave_1) entered forwarding state
[  579.708229][T16541] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  579.733498][T16384] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  579.743948][T16384] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  579.859864][T16384] 8021q: adding VLAN 0 to HW filter on device batadv0
[  579.989252][T16570] 9pnet_fd: p9_fd_create_unix (16570): problem connecting socket: ./file1: -2
[  580.067128][T16384] veth0_vlan: entered promiscuous mode
[  580.087232][T16384] veth1_vlan: entered promiscuous mode
[  580.108726][T16384] veth0_macvtap: entered promiscuous mode
[  580.116089][T16384] veth1_macvtap: entered promiscuous mode
[  580.128782][T16384] batman_adv: batadv0: Interface activated: batadv_slave_0
[  580.141079][T16384] batman_adv: batadv0: Interface activated: batadv_slave_1
[  580.151007][T16384] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  580.159890][T16384] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  580.168776][T16384] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  580.177506][T16384] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  580.251890][T16588] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  580.255195][T16587] loop3: detected capacity change from 0 to 512
[  580.269599][T16587] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  580.281943][T16587] EXT4-fs (loop3): 1 orphan inode deleted
[  580.287974][T16587] EXT4-fs (loop3): 1 truncate cleaned up
[  580.295340][T16587] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  580.302170][T16587] EXT4-fs error (device loop3): ext4_lookup:1787: inode #15: comm syz.3.3849: iget: bad extra_isize 46 (inode size 256)
[  580.323698][T16587] EXT4-fs (loop3): Remounting filesystem read-only
[  580.353155][T16590] netlink: 'syz.2.3851': attribute type 14 has an invalid length.
[  580.362379][T16129] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  580.435253][T16601] FAULT_INJECTION: forcing a failure.
[  580.435253][T16601] name failslab, interval 1, probability 0, space 0, times 0
[  580.442057][T16607] 9pnet_fd: p9_fd_create_unix (16607): problem connecting socket: ./file1: -2
[  580.448065][T16601] CPU: 1 UID: 0 PID: 16601 Comm: syz.4.3778 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(voluntary) 
[  580.448098][T16601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  580.448111][T16601] Call Trace:
[  580.448118][T16601]  <TASK>
[  580.448127][T16601]  __dump_stack+0x1d/0x30
[  580.448151][T16601]  dump_stack_lvl+0xe8/0x140
[  580.448231][T16601]  dump_stack+0x15/0x1b
[  580.448249][T16601]  should_fail_ex+0x265/0x280
[  580.448284][T16601]  should_failslab+0x8c/0xb0
[  580.448318][T16601]  __kmalloc_noprof+0xa5/0x3e0
[  580.448363][T16601]  ? mq_init+0xb9/0x380
[  580.448384][T16601]  ? dev_ifsioc+0x44b/0xaa0
[  580.448408][T16601]  mq_init+0xb9/0x380
[  580.448430][T16601]  ? __pfx_noop_dequeue+0x10/0x10
[  580.448470][T16601]  ? qdisc_alloc+0x3c3/0x440
[  580.448488][T16601]  ? __rcu_read_unlock+0x4f/0x70
[  580.448513][T16601]  qdisc_create_dflt+0xef/0x2d0
[  580.448546][T16601]  ? dev_activate+0xbb/0x9e0
[  580.448585][T16601]  dev_activate+0xde/0x9e0
[  580.448605][T16601]  ? _raw_spin_unlock_bh+0x36/0x40
[  580.448660][T16601]  __dev_open+0x472/0x530
[  580.448721][T16601]  __dev_change_flags+0x163/0x400
[  580.448754][T16601]  netif_change_flags+0x5a/0xd0
[  580.448786][T16601]  dev_change_flags+0xce/0x180
[  580.448821][T16601]  dev_ifsioc+0x44b/0xaa0
[  580.448842][T16601]  ? __rcu_read_unlock+0x4f/0x70
[  580.448866][T16601]  dev_ioctl+0x70a/0x960
[  580.448948][T16601]  sock_do_ioctl+0x197/0x220
[  580.448977][T16601]  sock_ioctl+0x41b/0x610
[  580.449003][T16601]  ? __pfx_sock_ioctl+0x10/0x10
[  580.449029][T16601]  __se_sys_ioctl+0xce/0x140
[  580.449150][T16601]  __x64_sys_ioctl+0x43/0x50
[  580.449180][T16601]  x64_sys_call+0x19a8/0x2fb0
[  580.449203][T16601]  do_syscall_64+0xd2/0x200
[  580.449271][T16601]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  580.449304][T16601]  ? clear_bhb_loop+0x40/0x90
[  580.449394][T16601]  ? clear_bhb_loop+0x40/0x90
[  580.449417][T16601]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  580.449440][T16601] RIP: 0033:0x7f774d18e929
[  580.449457][T16601] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  580.449477][T16601] RSP: 002b:00007f774b7f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  580.449556][T16601] RAX: ffffffffffffffda RBX: 00007f774d3b5fa0 RCX: 00007f774d18e929
[  580.449571][T16601] RDX: 0000200000000080 RSI: 0000000000008914 RDI: 0000000000000005
[  580.449585][T16601] RBP: 00007f774b7f7090 R08: 0000000000000000 R09: 0000000000000000
[  580.449598][T16601] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  580.449612][T16601] R13: 0000000000000000 R14: 00007f774d3b5fa0 R15: 00007fffed07de28
[  580.449631][T16601]  </TASK>
[  580.449651][T16601] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  580.734413][T16601] syzkaller0: entered promiscuous mode
[  580.739960][T16601] syzkaller0: entered allmulticast mode
[  580.762153][T16614] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  581.002219][T16640] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  581.084643][T16648] 9pnet_fd: p9_fd_create_unix (16648): problem connecting socket: ./file1: -2
[  581.467842][T16742] netlink: 14 bytes leftover after parsing attributes in process `syz.4.3883'.
[  581.482712][T16742] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  581.500849][T16742] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  581.501311][T16746] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3885'.
[  581.522004][T16742] bond0 (unregistering): Released all slaves
[  581.539113][T16746] loop3: detected capacity change from 0 to 2048
[  581.590819][T16746] Alternate GPT is invalid, using primary GPT.
[  581.597233][T16746]  loop3: p2 p3 p7
[  581.621718][T16751] xt_hashlimit: max too large, truncated to 1048576
[  581.622387][T16750] xt_hashlimit: max too large, truncated to 1048576
[  581.629134][T16751] xt_ipcomp: unknown flags 12
[  581.637210][T16750] xt_ipcomp: unknown flags 12
[  581.892531][T16769] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  581.900306][T16769] batman_adv: batadv0: Removing interface: batadv_slave_0
[  581.907767][T16769] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  581.915248][T16769] batman_adv: batadv0: Removing interface: batadv_slave_1
[  581.940160][T16770] bridge1: entered allmulticast mode
[  582.052983][T16778] FAULT_INJECTION: forcing a failure.
[  582.052983][T16778] name failslab, interval 1, probability 0, space 0, times 0
[  582.065877][T16778] CPU: 0 UID: 0 PID: 16778 Comm: syz.1.3898 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(voluntary) 
[  582.065903][T16778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  582.065913][T16778] Call Trace:
[  582.065919][T16778]  <TASK>
[  582.065926][T16778]  __dump_stack+0x1d/0x30
[  582.065984][T16778]  dump_stack_lvl+0xe8/0x140
[  582.066000][T16778]  dump_stack+0x15/0x1b
[  582.066075][T16778]  should_fail_ex+0x265/0x280
[  582.066105][T16778]  should_failslab+0x8c/0xb0
[  582.066126][T16778]  kmem_cache_alloc_noprof+0x50/0x310
[  582.066169][T16778]  ? security_inode_alloc+0x37/0x100
[  582.066198][T16778]  security_inode_alloc+0x37/0x100
[  582.066322][T16778]  inode_init_always_gfp+0x4b7/0x500
[  582.066356][T16778]  ? __pfx_sock_alloc_inode+0x10/0x10
[  582.066431][T16778]  alloc_inode+0x58/0x170
[  582.066506][T16778]  __sock_create+0x122/0x5b0
[  582.066522][T16778]  sock_create_kern+0x38/0x50
[  582.066538][T16778]  mptcp_subflow_create_socket+0x84/0x630
[  582.066595][T16778]  ? mntput_no_expire+0x6f/0x3c0
[  582.066611][T16778]  __mptcp_nmpc_sk+0xb3/0x3b0
[  582.066654][T16778]  mptcp_sendmsg_fastopen+0x90/0x320
[  582.066670][T16778]  mptcp_sendmsg+0xe22/0xf00
[  582.066686][T16778]  ? selinux_socket_sendmsg+0x175/0x1b0
[  582.066706][T16778]  ? __pfx_mptcp_sendmsg+0x10/0x10
[  582.066745][T16778]  inet6_sendmsg+0xc2/0xd0
[  582.066757][T16778]  __sock_sendmsg+0x8b/0x180
[  582.066772][T16778]  __sys_sendto+0x268/0x330
[  582.066844][T16778]  __x64_sys_sendto+0x76/0x90
[  582.066873][T16778]  x64_sys_call+0x2eb6/0x2fb0
[  582.066888][T16778]  do_syscall_64+0xd2/0x200
[  582.066899][T16778]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  582.066967][T16778]  ? clear_bhb_loop+0x40/0x90
[  582.066978][T16778]  ? clear_bhb_loop+0x40/0x90
[  582.066989][T16778]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  582.067001][T16778] RIP: 0033:0x7fd46de5e929
[  582.067012][T16778] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  582.067082][T16778] RSP: 002b:00007fd46c4c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  582.067094][T16778] RAX: ffffffffffffffda RBX: 00007fd46e085fa0 RCX: 00007fd46de5e929
[  582.067101][T16778] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000008
[  582.067108][T16778] RBP: 00007fd46c4c7090 R08: 0000200000000200 R09: 000000000000001c
[  582.067115][T16778] R10: 0000000020000046 R11: 0000000000000246 R12: 0000000000000001
[  582.067121][T16778] R13: 0000000000000000 R14: 00007fd46e085fa0 R15: 00007fffdfc3db08
[  582.067149][T16778]  </TASK>
[  582.067156][T16778] socket: no more sockets
[  582.374766][T16784] loop1: detected capacity change from 0 to 760
[  582.382468][T16784] iso9660: Unknown parameter '4'
[  582.415542][T16788] loop2: detected capacity change from 0 to 2048
[  582.441338][T16793] xt_hashlimit: max too large, truncated to 1048576
[  582.481693][T16788] Alternate GPT is invalid, using primary GPT.
[  582.487968][T16788]  loop2: p2 p3 p7
[  582.521732][T16802] loop9: detected capacity change from 0 to 7
[  582.528285][T16802] Buffer I/O error on dev loop9, logical block 0, async page read
[  582.529468][T16803] 9pnet_fd: p9_fd_create_unix (16803): problem connecting socket: ./file1: -2
[  582.537009][T16802] Buffer I/O error on dev loop9, logical block 0, async page read
[  582.553112][T16802]  loop9: unable to read partition table
[  582.559875][T16802] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  582.559875][T16802] 
) failed (rc=-5)
[  582.747554][T16814] loop3: detected capacity change from 0 to 512
[  582.771370][T16814] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  582.784789][T16814] ext4 filesystem being mounted at /40/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  582.870520][T16823] ==================================================================
[  582.878684][T16823] BUG: KCSAN: data-race in mas_state_walk / mas_wmb_replace
[  582.886025][T16823] 
[  582.888364][T16823] write to 0xffff888116802100 of 8 bytes by task 16813 on cpu 0:
[  582.896119][T16823]  mas_wmb_replace+0xe45/0x14a0
[  582.901019][T16823]  mas_wr_store_entry+0x1773/0x2b50
[  582.906299][T16823]  mas_store_prealloc+0x74d/0x9e0
[  582.911364][T16823]  vma_iter_store_new+0x1c5/0x200
[  582.916421][T16823]  mmap_region+0x1058/0x1560
[  582.921055][T16823]  do_mmap+0x9b3/0xbe0
[  582.925169][T16823]  vm_mmap_pgoff+0x17a/0x2e0
[  582.929808][T16823]  ksys_mmap_pgoff+0xc2/0x310
[  582.934544][T16823]  x64_sys_call+0x1602/0x2fb0
[  582.939327][T16823]  do_syscall_64+0xd2/0x200
[  582.943867][T16823]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  582.949798][T16823] 
[  582.952221][T16823] read to 0xffff888116802100 of 8 bytes by task 16823 on cpu 1:
[  582.960045][T16823]  mas_state_walk+0x485/0x650
[  582.964831][T16823]  mas_walk+0x30/0x120
[  582.969359][T16823]  lock_vma_under_rcu+0xa2/0x2f0
[  582.974310][T16823]  do_user_addr_fault+0x233/0x1090
[  582.979447][T16823]  exc_page_fault+0x62/0xa0
[  582.983970][T16823]  asm_exc_page_fault+0x26/0x30
[  582.988828][T16823] 
[  582.991158][T16823] value changed: 0xffff888103efc706 -> 0xffff888116802100
[  582.998532][T16823] 
[  583.000863][T16823] Reported by Kernel Concurrency Sanitizer on:
[  583.007020][T16823] CPU: 1 UID: 0 PID: 16823 Comm: syz.3.3914 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(voluntary) 
[  583.019628][T16823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  583.029725][T16823] ==================================================================
[  583.056375][T16129] EXT4-fs error (device loop3): ext4_lookup:1787: inode #12: comm syz-executor: iget: bad i_size value: 2533274857506816
[  583.069542][T16129] EXT4-fs error (device loop3): ext4_lookup:1787: inode #12: comm syz-executor: iget: bad i_size value: 2533274857506816
[  583.100943][T16575] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  583.223732][T16826] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  583.232646][T16826] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  583.332838][   T57] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  583.382170][   T57] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  583.430631][   T57] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  583.490922][   T57] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  583.572896][   T57] bridge_slave_1: left allmulticast mode
[  583.578657][   T57] bridge_slave_1: left promiscuous mode
[  583.584461][   T57] bridge0: port 2(bridge_slave_1) entered disabled state
[  583.593749][   T57] bridge_slave_0: left allmulticast mode
[  583.599989][   T57] bridge_slave_0: left promiscuous mode
[  583.605740][   T57] bridge0: port 1(bridge_slave_0) entered disabled state
[  583.719019][   T57] tipc: Disabling bearer <udp:s>
[  583.724122][   T57] tipc: Left network mode
[  583.731683][   T57] hsr_slave_0: left promiscuous mode
[  583.737568][   T57] hsr_slave_1: left promiscuous mode
[  583.746585][   T57] veth1_macvtap: left promiscuous mode
[  583.752148][   T57] veth0_macvtap: left promiscuous mode
[  583.757799][   T57] veth1_vlan: left promiscuous mode
[  583.763233][   T57] veth0_vlan: left promiscuous mode
[  583.833868][   T57] team0 (unregistering): Port device team_slave_1 removed
[  583.844222][   T57] team0 (unregistering): Port device team_slave_0 removed