last executing test programs:

2.874020777s ago: executing program 1 (id=1133):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x39)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="1809000000000000000000000001000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = syz_open_dev$usbfs(&(0x7f0000000040), 0x400000001fc, 0x301)
ioctl$USBDEVFS_REAPURB(r2, 0x4004550c, 0x0)
ioctl$USBDEVFS_SUBMITURB(r2, 0x8038550a, &(0x7f0000000280)=@urb_type_control={0x2, {}, 0x0, 0x40, &(0x7f0000000000)={0x4b5a9da54893e123, 0x14, 0x8, 0x2}, 0x8, 0x7, 0x200, 0x0, 0x0, 0x20000, 0x0})

2.198609778s ago: executing program 1 (id=1136):
pipe2$9p(&(0x7f00000000c0), 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x25}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='rxrpc_recvmsg\x00', r1}, 0x18)
socket$kcm(0x21, 0x2, 0x2)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000001680)=ANY=[@ANYBLOB="5801000010000304fe0f00"/20, @ANYRES32=0x0, @ANYBLOB="15020000000000003001128009000100766c616e000000002001028006000100000000001c0004800c00010032d10000ffff00000c000100ae0200009e000000700004800c00010009000000010000e29b5d2a0008000000010100000c000100f8ffffff080000000c00010006000000040000000c00010007000000010000800c00010005000000060000000c00010001000000000000000c000100910a00000d0000000c0001000e00000032000000880003800c002100060000000c0000000c00010003000000400000000c00010004000000ffffffff0c00010002000000110000000c00010001000000022000000c0001000b000000270000000c000100ffff00005f0200000c000100ffffffff030000000c00010001000000030000000c000100000000000180000031fa4a8a090000000900000008000500", @ANYRES8=r2], 0x158}, 0x1, 0xba01, 0x0, 0x4008881}, 0x24000040)

2.182389247s ago: executing program 1 (id=1138):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030097850000007b00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x29, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r0}, 0x10)
socket$nl_rdma(0x10, 0x3, 0x14)
madvise(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000004980)=ANY=[@ANYBLOB="380100001c0001"], 0x138}, 0x1, 0x0, 0x0, 0x4004050}, 0x8000)
open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000800000000"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r3}, 0x10)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = socket(0x10, 0x803, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0xfffd}}}]}, 0x38}}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000012c0)={<r8=>0xffffffffffffffff})
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x49, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r9, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r9, <r10=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r11}, 0x10)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r9, &(0x7f0000000000), &(0x7f00000000c0)=""/109}, 0x20)
sendmsg$inet(r8, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f00000005c0)='F', 0x1}], 0x1}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)=@newtfilter={0x5c, 0x2c, 0xd27, 0x70bd2a, 0x8000002, {0x0, 0x0, 0x0, r7, {0x0, 0x6}, {}, {0x7, 0xa}}, [@filter_kind_options=@f_basic={{0xa}, {0x2c, 0x2, [@TCA_BASIC_EMATCHES={0x28, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xffff}}, @TCA_EMATCH_TREE_LIST={0x1c, 0x2, 0x0, 0x1, [@TCF_EM_CMP={0x18, 0x1, 0x0, 0x0, {{0xff, 0x1, 0x7ffe}, {0x8, 0x6a6, 0xffff, 0x5, 0x2, 0x2}}}]}]}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x24008004}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)

1.898972072s ago: executing program 4 (id=1144):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, r1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r5, &(0x7f0000000340)={0xa, 0x3, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x1, &(0x7f0000000080)=@gcm_128={{0x304}, "a6341a1a379332f5", "1fd33c81cf7995313c09de00fd6ded74", "62266bd8", "1e00040000000100"}, 0x28)

1.831689313s ago: executing program 2 (id=1148):
r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x62000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_config_ext={0x50a, 0xae0}, 0x100000, 0x0, 0x0, 0x6, 0x3, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x4, 0x7ffc1ffb}]})
r1 = gettid()
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000001240)='kmem_cache_free\x00', r3, 0x0, 0x7}, 0x18)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.state\x00', 0x275a, 0x0)
fcntl$lock(r4, 0x5, &(0x7f0000000040)={0x0, 0x1, 0x42, 0xfffffffffffffffc})
ppoll(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
tkill(r1, 0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x5d032, 0xffffffffffffffff, 0x0)
r5 = syz_open_procfs$pagemap(0x0, &(0x7f0000001080))
ioctl$PAGEMAP_SCAN(r5, 0xc0606610, &(0x7f00000001c0)={0x60, 0x0, &(0x7f0000001000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x0, &(0x7f0000000000)=[{0x7, 0x0, 0x83}, {0x9, 0x0, 0xb187}], 0x2, 0xfffffffffffffffe, 0x0, 0x0, 0x42, 0x5c})
ioctl$AUTOFS_IOC_EXPIRE(r0, 0x810c9365, &(0x7f0000000300)={{0x8, 0x7f}, 0x100, './file0\x00'})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
unshare(0x20000400)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_COMPAT_GET(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000740)={0x14, 0x0, 0xb, 0x101, 0x0, 0x0, {0x3, 0x0, 0x8}}, 0x14}, 0x1, 0x0, 0x0, 0x60004000}, 0x40010)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000005000000010001000900000001"], 0x48)
rmdir(0x0)
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(0xffffffffffffffff, 0x7, &(0x7f0000000040), 0x1)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000000)="d8000000100081044e81f782db44b904021d080005000000e8fe55a1180015000600142603600e1209000d0000000401a80016000a00144006000000036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a9295", 0xd2}, {&(0x7f0000000500)="905783db451f", 0x6}], 0x2}, 0x2008854)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d00000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000004000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r7, 0x89f2, &(0x7f0000000540)={'syztnl2\x00', &(0x7f00000007c0)={'syztnl0\x00', <r10=>0x0, 0x0, 0x3, 0x3, 0x4, 0xc1, @private2, @remote, 0x10, 0x40, 0x5, 0x6}})
sendmsg$inet(r8, &(0x7f0000000700)={&(0x7f0000000440)={0x2, 0x4e22, @multicast1}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000480)="ccce625b0480d68735edce4c3194b7295bbb221451c06955361319821f3895ca6237c3003a25d684149c396c", 0x2c}, {&(0x7f00000005c0)="92c2f2fd55f955b02668ce82a4a54178c08570bf2efc360bf26e738e24c42f58dc926a22ab0c025f6514c6353427b04a5c7634cc30d613c561003db6fdc273d835124e40af49c77314033eb8b79e39c9c6037367e17df6cf29b3a4790a824303ef7211bb7c6d846e785387501f889227e7f397abfa76b3e356825ce4569b5dbce5", 0x81}, {&(0x7f0000000880)="773a1abbd112fad5b8e5577887b4241833cb7fd57eb418aca65ca837bd0818d866fa5aa5b3306b57ae47ae743fc29f5f27107f920e4ace035f1123a4d2bdf250e74dce17860ff0de154587b2fc189b57871c2c207696ca7810014c70c555d673d9758cae87e4aa8580eff5cba34e379756053729e6768592eb5f5dad4275c664a93a8627a2e17a826edc035dd51604e11b483a77beff9d21976791cc055ae10fe64029996070810ce513219dd489c7a3116c3f2e767e23feb38809f21590281251892486d9f973b9fed973d4c7a28b782b03a22901fd3e36334b833adaca7d30", 0xe0}, {&(0x7f0000000680)="ca3430a4d076b8665b6fb1174c89124f7c9ceca577a17b0cdf892f76b3afdbca69c4a58a74edc7c72431d35189ff1e3e64544d6906d93a25e3df6dba5c8354a2f0125c8e5e36df5a251fa0f0b4fd354f61", 0x51}], 0x4, &(0x7f0000000a00)=ANY=[@ANYBLOB="1100000000000000000000000100000081000000000000001c000000000000000000000008000000", @ANYRES32=r10, @ANYBLOB="e0000001ac1e00010000000010005636f47cd341ef54abdcf5d1d695284c7660a99a7632df83a35a0697ba9fe07281b4c992d080e3db74c344bf4a8aab2d3c444339a7bec994a61143eedad4c3588b72b4916322da9f51c56855befba689c2a02c6a015b8836609ffd37801401d3c6925268920621a41204ebe653d49bda7a23cba4b7d598e079e24a98305c6c2182a3c7b4406f94cfd0af3b0a13d3c0240909ce6412049ede14be2ae536b74eedc3cbe1fe26214a256b9e67f517e295c28392d12424e1e065127c2acf74"], 0x48}, 0x48000)

1.798264273s ago: executing program 1 (id=1149):
r0 = syz_open_procfs(0xffffffffffffffff, 0x0)
preadv(r0, 0x0, 0x0, 0x4f, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
socket$packet(0x11, 0x3, 0x300)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
socket(0x15, 0x5, 0x0)
socket(0x18, 0x5, 0x86b0)
r2 = openat(0xffffffffffffff9c, 0x0, 0x2040, 0x0)
clock_gettime(0xfffffff2, &(0x7f0000000940))
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000001c0)={&(0x7f0000000300)=""/112, 0x103000, 0x6bc22fd484172ea7, 0xc, 0x1}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0xd, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000600"/24], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x25, '\x00', 0x0, @fallback=0x6, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
r7 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000240)={'\x00', 0x8, 0x8a, 0x9, 0xffffffffffffffff, 0x400})
fsconfig$FSCONFIG_SET_BINARY(r7, 0x6, 0x0, 0x0, 0x0)
r8 = fsmount(r7, 0x0, 0x0)
r9 = openat$cgroup_subtree(r8, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r9, &(0x7f0000000380)=ANY=[@ANYBLOB="2d6370752056bd50e2e3a5331b3fb9912bc8e3320b6f2bd9b13cc2e135f852dd92c9b42243fb8ceeda5bf31ee8b3284c1d6337045e6b5ea9df5f6face105676562c5a6d0d41e8e154a9610422577c06a1ddd3dc2929501ac5c82be546260e4f8f4c22646e3ff4afab110b992cbb6fb9aedb4aa653edff617c8a46ad305edb183f1bee7e4ffaf20288edac2bddd909eb90231a6361b509050646102aa5d8932d2db150d8eca4c8611897bcc097ea0326b845b50b6bac2ecdf4cad330569aa539bdfa89703001ed3bda3ba26814a01333b3f1b1fb493ba224a88c831169894ae519236"], 0x5)

1.797540053s ago: executing program 3 (id=1150):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000f8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='mm_page_alloc\x00', r0}, 0x10)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r2, &(0x7f00000000c0), 0x10)
r3 = dup3(r2, r1, 0x0)
r4 = socket$unix(0x1, 0x5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r5=>0x0})
r6 = socket$unix(0x1, 0x5, 0x0)
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="0100000003ece1e40ad8871461ab0800", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r6, @ANYBLOB="3bf81bb9f9"], 0x20000600}}, 0x0)
sendmsg$can_bcm(r3, &(0x7f0000000080)={&(0x7f00000001c0)={0x1d, r5, 0x3f420f00, 0xf423f}, 0x10, &(0x7f0000000240)={&(0x7f0000000580)=ANY=[], 0x4640}, 0x2}, 0x2c004000)

1.738696435s ago: executing program 3 (id=1151):
r0 = syz_io_uring_setup(0x1114, &(0x7f00000007c0)={0x0, 0x8fc6, 0x0, 0x0, 0x21e}, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000380)=@IORING_OP_WRITEV={0x2, 0x4d, 0x0, @fd_index=0x7, 0xd, &(0x7f0000000300)=[{0x0}, {0x0}], 0x2, 0x10, 0x1, {0x2}})
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180200000020702500000000002020207b1af8ff00000000bfa100000000000007010000dbffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback=0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r3, 0x0, 0xfffffffffffffffc}, 0x18)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16], 0x2c}}, 0x0)
io_uring_enter(r0, 0x47fa, 0x0, 0x0, 0x0, 0x0)

1.636139606s ago: executing program 0 (id=1152):
r0 = syz_io_uring_setup(0x1114, &(0x7f00000007c0)={0x0, 0x8fc6, 0x0, 0x0, 0x21e}, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000380)=@IORING_OP_WRITEV={0x2, 0x4d, 0x0, @fd_index=0x7, 0xd, &(0x7f0000000300)=[{0x0}, {0x0}], 0x2, 0x10, 0x1, {0x2}})
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180200000020702500000000002020207b1af8ff00000000bfa100000000000007010000dbffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback=0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r3, 0x0, 0xfffffffffffffffc}, 0x18)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16], 0x2c}}, 0x0)
io_uring_enter(r0, 0x47fa, 0x0, 0x0, 0x0, 0x0) (fail_nth: 1)

1.416369799s ago: executing program 0 (id=1153):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000100)={'team0\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@newtaction={0x7c, 0x30, 0xb, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x6a00}, [{0x68, 0x1, [@m_mirred={0x64, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x16, 0xff, 0xffffffffffffffff, 0x7, 0x6}, 0x3, r3}}]}, {0x17, 0xa, "d6a4eea88e2bb013d594a913e58553e2040204"}, {0xc}, {0xc}}}]}]}, 0x7c}}, 0x2000a804)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="200000001100010100"/20, @ANYRES32=r3], 0x20}, 0x1, 0x0, 0x0, 0x80d5}, 0x4884)

1.222493372s ago: executing program 0 (id=1154):
syz_io_uring_setup(0x139d, &(0x7f0000000240)={0x0, 0x8fc6, 0x200, 0x0, 0xffffffff}, &(0x7f00000001c0)=<r0=>0x0, &(0x7f0000000040)=<r1=>0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf0667000)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000200b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70400000800000085000000950800009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
clock_nanosleep(0x2, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x0)
r4 = socket$inet(0x2, 0x80000, 0x5)
setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r4, &(0x7f0000000e80)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000c40)="5c5eafd3ae55a73702d6be", 0xb}], 0x1}}, {{0x0, 0x0, &(0x7f0000000e40)=[{&(0x7f0000001800)="353a35d6094e4ee7d764b6993f65136c5d6b84d9b1324a0b25e094700c9a66f9181738098f32e3e48859c3878d53a9752474da0d6af299d849d48f2fa2c8c807d7a1521da940585790ff1e6f9da83e32b751d1af9cfac640c1361f5ae8b99c187dafe9ea854120f6eaab11e7fdeb3f2152ebdbc21520ca01f64bb821576deef4ed6696cdddc1768b5b4fbd68a687cb6ba52ecf5cc6f8f05062f26de19d6aaaeb6cbca00e46685f77d2b3e8dd9d0d099e799cd5a76c67ab283f790366f7f744508edc9e48fa10", 0xc6}], 0x1}}], 0x2, 0x0)
sendto$inet(r4, &(0x7f0000000580)="17", 0xfffffffffffffe08, 0x10008095, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r0, r1, &(0x7f0000000380)=@IORING_OP_WRITEV={0x2, 0x4d, 0x0, @fd_index=0x7, 0xd, &(0x7f0000000300)=[{0x0}, {0x0}], 0x2, 0x10, 0x1, {0x2}})
r5 = creat(&(0x7f0000000100)='./file0\x00', 0x3)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r6, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000004c0)=[0x7], &(0x7f0000000500), 0x200000000000000, 0x1}}, 0x40)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180200000020702500000000002020207b1af8ff00000000bfa100000000000007010000dbffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback=0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r7, 0x0, 0xfffffffffffffffc}, 0x18)
syz_open_dev$tty1(0xc, 0x4, 0x4)
r8 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r8, 0x408c5333, &(0x7f00000003c0)={0xc21, 0x0, 0x0, 'queue0\x00', 0x1})
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x19, 0x200000000000022c, &(0x7f0000000000)=ANY=[@ANYRES16=r6], &(0x7f0000000080)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback=0xd, r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r9, 0x0, 0x2}, 0x18)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
pread64(r10, &(0x7f00000007c0)=""/96, 0x60, 0xb)

1.206486832s ago: executing program 3 (id=1155):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000080)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
syz_usb_connect$uac1(0x4, 0x71, &(0x7f0000000580)=ANY=[], 0x0)
close_range(r3, 0xffffffffffffffff, 0x200000000000000)

1.010613285s ago: executing program 4 (id=1156):
socket$kcm(0x10, 0x2, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x5, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
pipe(0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000180), &(0x7f00000001c0)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000280)={0xa, 0x2, 0x800, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
listen(r2, 0x2)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x2, @local}, 0x10)
close_range(r2, 0xffffffffffffffff, 0x0)

950.353746ms ago: executing program 4 (id=1157):
bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x50)
utimensat(0xffffffffffffff9c, 0x0, 0x0, 0x100000)
syz_emit_ethernet(0xc6, &(0x7f0000000880)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @local, @val={@val={0x88a8, 0x3, 0x1, 0x4}, {0x8100, 0x5, 0x1, 0x2}}, {@ipv4={0x800, @udp={{0x5, 0x4, 0x3, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x2f, 0x0, @rand_addr, @broadcast}, {0x0, 0x883e, 0x9c, 0x0, @wg=@initiation={0x1, 0x2, "17bb5a4e1245a66902efda0c3dd366b12b48fde5625465ec68c629b0128d297b", "2404b88e589e0e084186d0cf1c228e076941898e5cc6d9545b0ab57d52fe8c71d71d95eea4f3f241cc19d326b1876130", "7218cbb6395cd8b2cc7886000005369d5800fc201b2eb902a49e00", {"5e9bce9474ab84f7de1c3eb38614e23a", "e6cc1de8e22c639f71b067aa664bde36"}}}}}}}, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup.net/devices.allow\x00', 0x103041, 0x1ae)
pwritev2(r0, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYRES16=r0], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r2}, 0x10)
pread64(0xffffffffffffffff, &(0x7f0000000280)=""/155, 0x9b, 0x8000000)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e75"], 0x15)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x70, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
pipe2$9p(&(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000300)=ANY=[], 0x15)
r5 = dup(r4)
write$P9_RLERRORu(r5, &(0x7f00000003c0)=ANY=[@ANYBLOB="8b"], 0x53)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000380), 0x1084001, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_readahead}, {@ignoreqv}, {@loose}, {@access_client}, {@noextend}, {@noxattr}, {@access_user}, {@version_L}, {@debug={'debug', 0x3d, 0x6}}, {@posixacl}], [{@fscontext={'fscontext', 0x3d, 'system_u'}}, {@dont_appraise}, {@dont_hash}, {@obj_type={'obj_type', 0x3d, '*!%\xc9\''}}, {@smackfshat={'smackfshat', 0x3d, '9p\x00'}}]}})
write$RDMA_USER_CM_CMD_SET_OPTION(r5, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r5, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r5])
chown(&(0x7f0000000240)='./file0\x00', 0xee00, 0x0)

929.341406ms ago: executing program 2 (id=1158):
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="0000010001000000000000000000000018110000", @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x10, &(0x7f0000000000)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x20000000}, 0x94)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
r3 = dup(r1)
write$P9_RLERRORu(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x101, 0x0, 0x0, 0x41100, 0x59}, 0x94)
write$binfmt_elf64(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
creat(&(0x7f00000003c0)='./file0\x00', 0x36)

886.881236ms ago: executing program 4 (id=1159):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock}, 0x94)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$inet_udp_int(r1, 0x88, 0x68, 0x0, &(0x7f0000000040))
sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="ec00000021000100feffffff000000000000000000000000000000000000000000000000007c0000000000000000000000000000000000001700a00000000000", @ANYRES64=r1, @ANYRES32=0x0, @ANYBLOB="00000000000000009c00110000000000000000000000000000000000fe8000000000000000000000000000bbac1414210000000000000000000000002001000000000000000000000000000000000000000000000000020000000000000000000000000000000000fe8000000000000000000000000000bb"], 0xec}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)

884.305427ms ago: executing program 0 (id=1160):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="2501000000000000000009000000040003800400018050000380060007004e22000008000300040000001400020077673000000000000000000000000000080001000000000008000100"], 0x6c}}, 0x0)
r2 = openat$selinux_context(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x47, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x10, 0x103)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r5, 0x0, 0x2}, 0x18)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000000)={[{@errors_remount}, {@grpquota}]}, 0x4, 0x4f2, &(0x7f0000000740)="$eJzs3c9vVF0ZAOD3Tjttv34DBWWhRgURRUOY/gAaggthozGExEhcuYDaDk3TGabptEgri7J0byKJK/0T3LkwYeXCnTvducGFCSrRUBMXY+6dSzu0HVqk7dDO8yR37j3nXuY9Z4ZzztzDDCeAnnUuItYiYiAi7kfESJ6f5FvcbG3pda9fPZlef/VkOolm8+4/kux8mhdtfyb1af6cQxHxg+9G/DjZHrexsjo/Va1WFvP06FJtYbSxsnp5rpDnTEyOT45dv3JtYt/qerb2m5ffmbv9w9/99ksv/rj2zZ+mxSr97ER2rr0e+6lV9WKU2vL6I+L2QQTrkv787w9HT9raPhMR57P2PxJ92bsJABxnzeZINEfa0wDAcZfe/5ciKZTzuYBSFArlcmsO70wMF6r1xtKlkfryw5nI5rBORbHwYK5aGcvnCk9FMUnT49nxZnpiS/pKRJyOiJ8PfpKly9P16kw3P/gAQA/7dMv4/+/B1vgPABxzQ+95va8IAMDR977jPwBw9Bn/AaD3vMf4b+ofAI4J9/8A0HuM/wDQe3Yd/58eTjkAgEPx/Tt30q25nv//1zOPVpa/VXp0eabSmC/XlqfL0/XFhfJsvT5brZSnm83dnq9ary+MX91INlZW79Xqyw+X7s3VpmYr9yrFA64PALC702ef/zmJiLUbn2RbtK3lYKyG463Q7QIAXdPX7QIAXeP3PNC79nCPbxoAjrkdluh9S8evCD2z+CscVRc/b/4fepX5f+hd/9/8/7f3vRzA4TP/D72r2Uys+Q8APcYcP/BB//4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPaqUbUmhnK0FvpY+FsrliBMRcSqKyYO5amUsIk5GxJ8Gi4NperzbhQYAPlDhb0m+/tfFkQulrWcHkv8MZvuI+Mkv7/7i8dTS0uJ4mv/PjfylZ3n+xEA3KgAAtLu5Pas1Tuf7thv516+eTL/ZDrOIL2+1FhdN467nW+tMf/Rn+6EoRsTwv5I83ZJ+Xunbh/hrTyPic5v1f9wWoZTNgbRWPt0aP4194gDib77+W+MX3opfyM6l+2L2Wnx2H8oCveb5rVY/mbe9tInl7a8Q57L9zu1/KOuhPtyb/m99W/9X2Oj/+rbFT7I2f24j/e6SvLz6++9ty2yOtM49jfhC/07xk434SYf+98Ie6/iXL375fKdzzV9FXIyd47fUsm52dKm2MNpYWb08V5uarcxWHk5MTI5Pjl2/cm1iNJujbj3+YacYf79x6WSn+Gn9hzvEH9ql/l/bY/1//d/7P/rKO+J/46s7v/9n3hE/HRO/vsf4U8M3Oy7fncaf6VD/3d7/S3uM/+KvqzN7vBQAOASNldX5qWq1srjLQfpZc7drHBzNg1iL+AiKkR8MxEdRjJ4/6HbPBBy0zUbf7ZIAAAAAAAAAAAAAAACdNFZW5wfjYH9O1O06AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHz9LwAA//9Jt84K")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
write$selinux_context(r2, &(0x7f0000000600)='system_u:object_r:kmsg_device_t:s0\x00', 0x23)

883.997367ms ago: executing program 2 (id=1161):
r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
close(r0)
execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)

761.856589ms ago: executing program 0 (id=1162):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000640)='./file1\x00', 0x3014850, &(0x7f00000001c0), 0x3, 0x4c1, &(0x7f0000000b80)="$eJzs3d9rW9cdAPDvle3ESZzZ2faQBZaFLcMJWyQ7XhKzh8yDsT0FlmXvnmfLxli2jCUnsQnDYX9AofQX7VOf+lLocymU/AmlEGjfSyktoU3Shz60VZF81SSubMvEshLr84Hje8+9V/5+j4SOdO656AbQsU5FxFhEdEXE2YjoT7dn0hJr66V63IP7tyarJYlK5dqXSSTptvr/StLlkfRhvRHxr39E/Df5adzSyurcRKGQX0rrufL8Yq60snpudn5iJj+TXxgbGb44emn0wujQrrX18t8+e+WFt/5++f0/3vhk/Isz/6um1Zfue7wdzVhr8rj1pvfUnou67ohY2kmwZ1hX2p6edicCAEBTqt/xfx4Rv42Ih6+3OxsAAACgFSp/6Ytvk4gKAAAAsG9latfAJplsei1AX2Qy2ez6Nby/jMOZQrFU/sN0cXlhav1a2YHoyUzPFvJD6bXCA9GTVOvDtfVH9fMb6iMRcSwiXuo/VKtnJ4uFqXaf/AAAAIAOcWTD+P/r/vXxPwAAALDPDLQ7AQAAAKDljP8BAABg/9t0/J90720iAAAAQCv888qVaqnU7389dX1lea54/dxUvjSXnV+ezE4WlxazM8XiTO03++a3+3+FYnHxT7GwfDNXzpfKudLK6vh8cXmhPF67r/d43n2iAQAAYO8d+82dj5OIWPvzoVqpOpDua2KsPtba7IBWyuzs8KRVeQB7r6vdCQBt4wJf6Fzm44FtBvYvb6jv8LQBAADwLBj81VPN/5sPhOeYgTx0LvP/0LnM/0PnMv8PHe7g9of0brbjg13OBQAAaJm+Wkky2XQusC8ymWw24mjttgA9yfRsIT8UET+LiI/6ew5W68PtThoAAAAAAAAAAAAAAAAAAAAAAAAAnjOVShIVAAAAYF+LyHyepDfyH+w/3bfx/MCB5Jv+2jIibrxx7dWbE+Xy0nB1+1c/bi+/lm4/344zGAAAAMBG9XF6fRwPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALvpwf1bk/Wyl3Hv/TUiBhrF747e2rL33f6IOPwwie7HHpdERNcuxF+7HRHHG8VPqmnFQJrFxviZiDjU5vhHdiE+dLI71f5nrNH7LxOnasvG77/utDyte6c26/8y9f6v1s816v+ONhnjxN13cpvGvx1xortx/1OPnzxl//uff6+ubrav8mbEYMPPn+SJWLny/GKutLJ6bnZ+YiY/k18YGRm+OHpp9MLoUG56tpBP/zaM8eKv3/t+q/Yf3iT+wDbtP91k+7+7e/P+L7aIf+Z3jV//41vErz73v08/B6r7B+vra+vrjzv59ocnt2r/1Cbt3+71P9Nk+89e/f+nTR4KAOyB0srq3EShkF+yYsXK/lu5mr7Rd/zwNndMAADArnv0pb/dmQAAAAAAAAAAAAAAAAAAAEDnavmPkB188pcFetvXVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALf0QAAD//9sy0wA=")
quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f0000000000)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000100)={0x3, 0x100000000, 0x2000000000000000, 0x0, 0x80000001, 0x2, 0x7b, 0xfffffffffffffffd, 0x2})
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x4d, 0x1}, 0xfff2)

760.082629ms ago: executing program 4 (id=1163):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
prctl$PR_SET_NAME(0xf, &(0x7f0000000380)='t\xcahX\x05 ')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
r3 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
write$selinux_attr(r3, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x14, r1, 0x28543634fae43ad, 0x0, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20000054}, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r4}, 0x10)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$inet_int(r5, 0x0, 0x14, 0x0, &(0x7f0000000200))
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000001000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000a80)='kfree\x00', r7, 0x0, 0xfffffffffffffffd}, 0x18)
r8 = accept$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x0, 0x0, @ipv4={""/10, ""/2, @local}}, &(0x7f0000000240)=0x1c)
ioctl$SIOCGSTAMP(r8, 0x8906, &(0x7f0000000340))
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000008c0)=ANY=[@ANYBLOB="54000000000801010000ffffe00000000a000000050003002f0000000600024000000000240004800800024000000000080001400000fcff07000140800000010800014080000001090001"], 0x54}, 0x1, 0x0, 0x0, 0x4004}, 0x28040000)
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000040)={'macvlan1\x00', <r10=>0x0})
r11 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000000)={'ipvlan0\x00', <r12=>0x0})
sendmsg$nl_route(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="400000001000030500000000fddbdf0000000000", @ANYRES32=0x0, @ANYBLOB="02880100373004002000128008000100687372001400028008000100", @ANYRES32=r10, @ANYBLOB="08000200", @ANYRES32=r12], 0x40}}, 0x4008054)

759.583759ms ago: executing program 2 (id=1164):
bpf$TOKEN_CREATE(0x24, &(0x7f00000000c0), 0x8)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000080000000000000004850000006d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0xfffffe79)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000003c0)={0x0, 0x3ff, 0x0, 'queue1\x00'})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000003e000701fcfffffffddbdf25047c0000100036800c00020007009300000000000c0001"], 0x30}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r1, 0x404c534a, &(0x7f0000000040))

669.05185ms ago: executing program 2 (id=1165):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
rt_sigtimedwait(&(0x7f0000000000)={[0x5]}, 0x0, 0xffffffffffffffff, 0x8)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r2 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x7, 0x590, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, @perf_bp={0x0, 0x8}, 0x4c58, 0x0, 0x0, 0x1, 0x8, 0x2, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000003, 0x13, r2, 0x0)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$IPVS_CMD_ZERO(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)={0xa4, r3, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DAEMON={0xc, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @remote}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x40}, @IPVS_CMD_ATTR_DEST={0x38, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x101}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x8}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@private1}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e22}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x3}]}, @IPVS_CMD_ATTR_SERVICE={0xc, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x1}]}, @IPVS_CMD_ATTR_SERVICE={0x2c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@loopback}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x13, 0x28}}]}, @IPVS_CMD_ATTR_DEST={0x4}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x4}]}, 0xa4}, 0x1, 0x0, 0x0, 0x801}, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x62000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x100000, 0x0, 0x0, 0x6, 0x3, 0x0, 0x4}, 0x0, 0xffffffffffffffff, r2, 0xa)
perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0xc7, 0x2, 0x0, 0x0, 0x0, 0xd, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x54b3, 0x0, @perf_bp={0x0, 0x6}, 0x0, 0x80, 0x8000001, 0x8, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x9)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r1, 0x0)
syz_emit_ethernet(0x5a, &(0x7f00000000c0)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x24, 0x6, 0x0, @local, @local, {[], {{0x4e23, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x9, 0x2, 0xf, 0x0, 0x1b00, {[@mptcp=@synack={0x1e, 0x10, 0x3, 0x2, 0x9, 0x0, 0xc000000}]}}}}}}}}, 0x0)

668.75099ms ago: executing program 0 (id=1166):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, r1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r5, &(0x7f0000000340)={0xa, 0x3, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x1, &(0x7f0000000080)=@gcm_128={{0x304}, "a6341a1a379332f5", "1fd33c81cf7995313c09de00fd6ded74", "62266bd8", "1e00040000000100"}, 0x28)

668.27487ms ago: executing program 3 (id=1167):
r0 = socket$pppl2tp(0x18, 0x1, 0x1) (async)
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
ioctl$RTC_AIE_OFF(r1, 0x7002) (async)
accept(r0, 0x0, 0x0)

606.656531ms ago: executing program 3 (id=1168):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000000c0), 0x8002, 0x0)
write$binfmt_aout(r1, &(0x7f0000000380)={{0x107, 0x7, 0x47, 0x2cf, 0x1a3, 0x96, 0xe0, 0x1}, "0b5db85550242ec8bb42b5fc025893fafc385bedfa7a64e690e222b88294e95447edc6de5c0dfcdefd6737a24379a6571864369a3f9fdcb799bc0c33654aa5b6e04c9c21c15458bdf09b9f74c8730f", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0xa6f)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd29, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0x10}, {0x7, 0xffff}, {0x5, 0x7}}}, 0x24}, 0x1, 0x0, 0x0, 0x40010}, 0x840)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000001c0)={&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, &(0x7f0000000e00)=""/157, 0x9d, 0x1, &(0x7f0000000140)=""/25, 0x19}, &(0x7f0000000ec0)=0x40)
socket$netlink(0x10, 0x3, 0x4)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'bond0\x00', <r2=>0x0})
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000340)=@newqdisc={0xac, 0x24, 0xf0b, 0x70bd2b, 0xfffffffd, {0x0, 0x0, 0x12, r2, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x7c, 0x2, [@TCA_TAPRIO_ATTR_FLAGS={0x8, 0xa, 0x2}, @TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x8, 0x4, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x8, 0x6, 0x0, 0x10]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x4000000}]}]}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8, 0x5, 0xc2}]}}]}, 0xac}}, 0x0)

604.425681ms ago: executing program 1 (id=1169):
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0c00000004000000040000000700000000000000", @ANYRES32, @ANYBLOB="0300000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="030000008000"], 0x50)
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000002e40), 0x2, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
writev(r1, 0x0, 0x0)
write$UHID_CREATE(r0, &(0x7f0000002ec0)={0x0, {'syz1\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000002e80)=""/51, 0x33, 0x8, 0x1000006, 0x4, 0x8, 0xc}}, 0x120)
r2 = socket(0x40000000015, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r2, 0x114, 0x8, &(0x7f00000008c0), 0x4)
r3 = socket$netlink(0x10, 0x3, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000300)={'syzkaller0\x00', 0x20})
socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r7}, 0x18)
gettid()
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.state\x00', 0x275a, 0x0)
fcntl$lock(r8, 0x25, &(0x7f00000000c0)={0x1, 0x0, 0x4004, 0xffffffffffffffff})
pipe(&(0x7f0000000000))
timer_settime(0x0, 0x0, 0x0, 0x0)
timer_settime(0x0, 0x1, &(0x7f00000002c0)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
creat(0x0, 0x2)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000"], 0x7c}}, 0x10)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xb, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0x5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000200)={'geneve0\x00', <r9=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="3400000010000100"/20, @ANYRES32=r9, @ANYBLOB="000004000000000014001280f9ff010700656e657665000004000280"], 0x34}, 0x1, 0x2}, 0x0)

184.310587ms ago: executing program 3 (id=1170):
syz_open_procfs(0x0, &(0x7f00000001c0)='net/vlan/vlan0\x00')
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
getrusage(0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
ioctl$int_in(r0, 0x5452, &(0x7f0000000080)=0x8000000ffffffff)
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = gettid()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)=<r3=>0x0)
timer_settime(r3, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = perf_event_open(&(0x7f0000001480)={0x2, 0x80, 0x5a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0x101, 0x7, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x1fffffffffffffcd, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x40082406, &(0x7f0000000180)='cpu==0||!')
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x82000, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
splice(r0, 0x0, r1, 0x0, 0x7, 0x0)

151.891308ms ago: executing program 4 (id=1171):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1b000000"], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000000)={[], [{@hash}, {@smackfsfloor}, {@smackfshat={'smackfshat', 0x3d, 'ip6gre0\x00'}}]}, 0x1, 0x77a, &(0x7f0000001d80)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigNDE1tgouKi5EsFDQte0wmYaaSaZkJqUJAVtEcCOouBB007U/6s6tP7b6X7gQS9W0WBGRyJ3c206TSTppk0x0Ph+4mXPuvZNzvnPujzNzD/cG0LWG0z+FiMMR8U4SMZjNTyKir5HqjTi5ut7t5aVSOiWxsvLyz0ljnVvLS6Voek/qYJb5f0R8/WbEkcL6cmsLi9PFSqU8l+XH6jMXxmoLi0fPzxSnylPl2ePjExPHTjx14vj2xfrrd4uHrr/7wuOfnfz9jf9de/ubJE7GoWxZcxzbZTiGs8+kL/0I7/H8dhfWYUmnK8ADSXfNntW9PA7HYPQ0UgDAP9nrEbECAHSZxPkfALpM/jvAreWlUj519heJ3XXjuYjYvxp/fn1zdUlvds1uf+M66MCt5J4rI0lEDG1D+cMR8dEXr36STrFD1yEBWrl8JSLODg2vP/4n68YsbNUTmyzbl70Or5nv+Ae758u0//N0q/5f4U7/J1r0f/pb7LsP4r77/4FtKGQTaf/v2aaxbbeb4s8M9WS5fzX6fH3JufOVcnps+3dEjERff5of36SMkZt/3txoWXP/75f3Xvs4LT99vbtG4cfe/nvfM1msFx8m5mY3rkQ80tsq/uRO+ycb9H9Pt1nGi8+89eFGy9L403jzaX38kY1O2hkrVyMea9n+d0e0JZuOTxxrbA5j+UbRwufffzCwUfnN7Z9Oafn5d4HdkLb/wObxDyXN4zVrWy/j26uDX7VckLQT/9rtP6vX5VcaL3k/4lKxXp8bj9iXvLR+/rG7787z+fpp/COPtt7/N9v+0++EZ9uMv/f6T5+umfVH/tV7L7T/5Jbaf+uJa7enezYqv732n2ikRrI57Rz/2q3gw3x2AAAAAAAAAAAAAAAAAAAAAAAAANCuQkQciqQweiddKIyOrj7D+78xUKhUa/Uj56rzs5PReFb2UPQV8ltdDjbdD3U8ux9+nj+2Jv9kRPwnIt7vP5Dk91Gc7HDsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJA7uMHz/1M/9He6dgDAjtnf6QoAALvO+R8Auo/zPwB0H+d/AOg+zv8A0H2c/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANhhp0+dSqeV35aXSml+8uLC/HT14tHJcm16dGa+NFqqzl0YnapWpyrl0VJ15n7/r1KtXpiI2flLY/VyrT5WW1g8M1Odn62fOT9TnCqfKfftSlQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDW1hcXpYqVSnpN4gMTK3qhG5xM92ea0V+qzq4lkb1RjmxMdPjABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/E38FQAA//9s0yXY")
r1 = syz_open_dev$vcsu(&(0x7f0000000040), 0x7, 0x200441)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000340)={'ip6_vti0\x00', &(0x7f00000001c0)={'ip6gre0\x00', <r2=>0x0, 0x0, 0x1, 0x3, 0x101, 0x10, @mcast2, @private0, 0x7800, 0x80, 0x0, 0x1}})
sendmsg$nl_route_sched(r1, &(0x7f0000000540)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000400)={&(0x7f00000004c0)=@gettfilter={0x4c, 0x2e, 0x200, 0x70bd2c, 0x25dfdbff, {0x0, 0x0, 0x0, r2, {0x9, 0x4}, {0x7}, {0xfffc, 0xf}}, [{0x8, 0xb, 0x7f}, {0x8, 0xb, 0xc13}, {0x8, 0xb, 0x4}, {0x8, 0xb, 0x4cc}, {0x8, 0xb, 0x80}]}, 0x4c}, 0x1, 0x0, 0x0, 0x24000010}, 0x1)
r3 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x9, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @sched_cls}, 0x94)
setsockopt$EBT_SO_SET_ENTRIES(r3, 0x0, 0x80, &(0x7f0000000380)=@nat={'nat\x00', 0x19, 0x6, 0x448, [0x200000001900, 0x0, 0x0, 0x200000001a3e, 0x200000001b84], 0x0, 0x0, &(0x7f0000001900)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{0x11, 0x42, 0x9300, 'veth0_to_team\x00', 'pim6reg\x00', 'dummy0\x00', 'veth1_to_bridge\x00', @remote, [0x0, 0xff, 0x0, 0xff, 0x0, 0xff], @random="20c5c5257988", [0xff, 0xff, 0x0, 0x0, 0xff], 0x6e, 0xde, 0x116, [], [@arpreply={'arpreply\x00', 0x10, {{@broadcast, 0xffffffffffffffff}}}, @arpreply={'arpreply\x00', 0x10, {{@empty, 0xfffffffffffffffd}}}], @arpreply={'arpreply\x00', 0x10, {{@broadcast, 0xffffffffffffffff}}}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x2, [{0x11, 0x0, 0xa, 'pim6reg1\x00', 'wlan1\x00', 'bridge_slave_1\x00', 'bond0\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x25}, [0x0, 0xff, 0xff, 0x0, 0x0, 0xff], @multicast, [0xff, 0xff, 0xff, 0xff, 0xff], 0x6e, 0x6e, 0xa6, [], [], @snat={'snat\x00', 0x10, {{@dev={'\xaa\xaa\xaa\xaa\xaa', 0x1d}, 0xffffffffffffffff}}}}, {0x11, 0x10, 0x60, 'veth0_to_batadv\x00', 'rose0\x00', 'vxcan1\x00', 'veth1_to_team\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, [0x0, 0x0, 0x7f80120dfc95287b, 0xff, 0xff], @random="98ca34c0e4e1", [0x0, 0xff, 0xff, 0x0, 0xff, 0xff], 0xae, 0xae, 0x126, [@time={{'time\x00', 0x0, 0x18}, {{0x8, 0x1b47, 0xfcc0, 0x9fe1, 0x1, 0x6}}}], [], @common=@nflog={'nflog\x00', 0x50, {{0x5, 0x3, 0xffff, 0x0, 0x0, "f86e10275037a8a084780e4172572b8ac7aad16b5dd2148ea7847f42d0ad6e5096eafc622d822c0a348d852a99ca5e0a28f4e456128ae380578a0325ab1de40d"}}}}]}, {0x0, '\x00', 0x4, 0xffffffffffffffff, 0x1, [{0x9, 0x0, 0x8884, 'tunl0\x00', 'ip6gre0\x00', 'pim6reg0\x00', 'batadv_slave_1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, [0x0, 0xff, 0x0, 0xff, 0x0, 0xff], @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, [0xff, 0xff, 0xff, 0xff, 0xff, 0xff], 0x6e, 0x6e, 0xa6, [], [], @snat={'snat\x00', 0x10, {{@dev={'\xaa\xaa\xaa\xaa\xaa', 0x30}, 0xffffffffffffffff}}}}]}]}, 0x4c0)
socket$packet(0x11, 0x3, 0x300)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[], 0x30}}, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a181000b00000000010000000000000e000a000f000000028002002d1f", 0x2e}], 0x1}, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480f0000005e140602000000000e000a001000000002800000121f", 0x2e}], 0x1}, 0x800)
syz_emit_ethernet(0x7a, &(0x7f0000000040)={@local, @multicast, @void, {@ipv6={0x86dd, @gre_packet={0x5, 0x6, "d15cdc", 0x44, 0x2f, 0x1, @local, @private0, {[], {{0x0, 0x0, 0x1, 0x1}, {0x1, 0x0, 0x0, 0x1}, {0x1, 0x0, 0x0, 0x1}, {0x8, 0x88be, 0x0, {{0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x3}, 0x1, {0x5}}}, {0x8, 0x22eb, 0x1, {{0x5, 0x2, 0x5, 0x2, 0x0, 0x3, 0x7, 0x6}, 0x2, {0x7, 0x3, 0x2, 0x2, 0x1, 0x1, 0x2, 0x1, 0x1}}}, {0x8, 0x6558, 0x4}}}}}}}, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_open_dev$usbfs(&(0x7f0000000580), 0x6, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000100)='kmem_cache_free\x00', r8}, 0x18)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'ip6_vti0\x00'})

10.50394ms ago: executing program 1 (id=1172):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x64842, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x8)
r3 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r3, &(0x7f0000004200)='t', 0x1)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000100000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendfile(r3, r2, 0x0, 0x3ffff)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r5}, 0x10)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x0, 0x3)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r6=>0x0})
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000000)={'lo\x00', <r10=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000280)=@getqdisc={0x30, 0x26, 0x300, 0x70bd29, 0x25dfdbfe, {0x0, 0x0, 0x0, r10, {0xc, 0xb}, {0xfff2, 0xffe0}, {0xfff3, 0x5}}, [{0x4}, {0x4}, {0x4}]}, 0x30}}, 0x44080)
sendmsg$nl_route_sched(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000002c0)=@newqdisc={0x34, 0x24, 0x1, 0xf0bd29, 0x0, {0x60, 0x0, 0x0, r10, {}, {0xffe0, 0xffe0}, {0x1, 0x10}}, [@qdisc_kind_options=@q_pfifo_fast={0xf}]}, 0x34}, 0x1, 0x0, 0x0, 0x55}, 0x4000)
sendmsg$nl_route(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="240000001a000100000000000000000002080004000000030036000008000101000000017bc170f3ce07148ffe78594308d94c4ec6ddec06552ac0ee35809523f4427157a178878781c1b8f6df0b7cbbe15a8c0b7040aafbcfdb09a918f600f920f03f32c2b4156314ac65241196b8c38ceb8e2a8cfc94beecb7c8a3fa14c37cbcda02ada010dc79a2e285a10fb4337b73b8d59ee5cdfe9df991ef27566475f86789e7e8e57e7dc31f423df6b4d53db827b77608596c864126ea80f84dceb9fa0b8dcaf9a1c79d3cbd82696ec2cf1e33511e3dbcc578"], 0x24}}, 0x4)
recvfrom$rxrpc(r8, &(0x7f0000000340)=""/76, 0x4c, 0x2, &(0x7f0000000100)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e23, @rand_addr=0x64010102}}, 0x24)
r11 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="340000001c00070c000000000000000007000000", @ANYRES32=r6, @ANYBLOB="fb00060b0a000200aaaaaaaaaabb00000c000e80050001"], 0x34}}, 0x0)
r12 = socket$pppl2tp(0x18, 0x1, 0x1)
r13 = fcntl$dupfd(r12, 0x0, r12)
setsockopt$MRT_DONE(r13, 0x0, 0xc9, 0x0, 0x0)
r14 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$inet6_mtu(r14, 0x29, 0x17, &(0x7f0000000b00), 0x4)
setsockopt$inet6_udp_int(r14, 0x11, 0x67, &(0x7f0000000000)=0x28, 0x4)
sendmmsg$inet6(r14, &(0x7f0000001340)=[{{&(0x7f0000000140)={0xa, 0x4e21, 0x8, @dev={0xfe, 0x80, '\x00', 0xa}}, 0x1c, 0x0}}], 0x1, 0xc040)

0s ago: executing program 2 (id=1173):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x7, 0xfff, 0x7}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000300), &(0x7f00000001c0), 0xd35, r0}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
syz_io_uring_setup(0x5f59, &(0x7f0000000040)={0x0, 0xd654, 0x10, 0x1, 0x310, 0x0, r0}, &(0x7f0000000180)=<r2=>0x0, &(0x7f00000001c0))
prctl$PR_SET_NAME(0xf, &(0x7f0000000180)='wg1\x00')
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x14)
r4 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_elf32(r4, &(0x7f0000000000)={{0x7f, 0x45, 0x4c, 0x46, 0x4, 0x7, 0x0, 0x3, 0x7, 0x2, 0x3, 0x3, 0x309, 0x38, 0xfffffffc, 0xe, 0x0, 0x20, 0x1, 0x5}, [{0x3, 0x8, 0xf3, 0x7f, 0x4, 0x200004, 0xc, 0x400}]}, 0x58)
close(r4)
execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x13, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r2, r5, &(0x7f0000000280)=@IORING_OP_MADVISE={0x19, 0x42, 0x0, 0x0, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x16})
r6 = socket$netlink(0x10, 0x3, 0x0)
writev(r6, &(0x7f0000000140)=[{&(0x7f0000000000)="3900000013000b4700bb65e1c3e4ffff010000003e000000560000022500000019000a001000000007fd17e5ffff080004fe0000000000000a", 0x39}], 0x1)

kernel console output (not intermixed with test programs):

972737][ T5029]  getname_flags+0x80/0x3b0
[   61.972829][ T5029]  user_path_at+0x28/0x130
[   61.972855][ T5029]  __se_sys_mount+0x25b/0x2e0
[   61.972934][ T5029]  __x64_sys_mount+0x67/0x80
[   61.972951][ T5029]  x64_sys_call+0xd36/0x2fb0
[   61.972963][ T5029]  do_syscall_64+0xd2/0x200
[   61.972991][ T5029]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   61.973006][ T5029]  ? clear_bhb_loop+0x40/0x90
[   61.973051][ T5029]  ? clear_bhb_loop+0x40/0x90
[   61.973118][ T5029]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.973129][ T5029] RIP: 0033:0x7f0ff9a7e929
[   61.973138][ T5029] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   61.973148][ T5029] RSP: 002b:00007f0ff80e7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   61.973159][ T5029] RAX: ffffffffffffffda RBX: 00007f0ff9ca5fa0 RCX: 00007f0ff9a7e929
[   61.973166][ T5029] RDX: 0000200000000040 RSI: 0000200000000000 RDI: 0000000000000000
[   61.973173][ T5029] RBP: 00007f0ff80e7090 R08: 0000200000000800 R09: 0000000000000000
[   61.973192][ T5029] R10: 0000000000000010 R11: 0000000000000246 R12: 0000000000000001
[   61.973199][ T5029] R13: 0000000000000000 R14: 00007f0ff9ca5fa0 R15: 00007ffdd6b03a88
[   61.973209][ T5029]  </TASK>
[   62.189926][ T5034] FAULT_INJECTION: forcing a failure.
[   62.189926][ T5034] name failslab, interval 1, probability 0, space 0, times 0
[   62.202619][ T5034] CPU: 0 UID: 0 PID: 5034 Comm: syz.2.495 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(voluntary) 
[   62.202642][ T5034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   62.202732][ T5034] Call Trace:
[   62.202738][ T5034]  <TASK>
[   62.202746][ T5034]  __dump_stack+0x1d/0x30
[   62.202766][ T5034]  dump_stack_lvl+0xe8/0x140
[   62.202784][ T5034]  dump_stack+0x15/0x1b
[   62.202800][ T5034]  should_fail_ex+0x265/0x280
[   62.202842][ T5034]  should_failslab+0x8c/0xb0
[   62.202863][ T5034]  kmem_cache_alloc_node_noprof+0x57/0x320
[   62.202958][ T5034]  ? __alloc_skb+0x101/0x320
[   62.202983][ T5034]  __alloc_skb+0x101/0x320
[   62.203005][ T5034]  ? audit_log_start+0x365/0x6c0
[   62.203093][ T5034]  audit_log_start+0x380/0x6c0
[   62.203124][ T5034]  audit_seccomp+0x48/0x100
[   62.203162][ T5034]  ? __seccomp_filter+0x68c/0x10d0
[   62.203180][ T5034]  __seccomp_filter+0x69d/0x10d0
[   62.203198][ T5034]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   62.203247][ T5034]  ? vfs_write+0x75e/0x8e0
[   62.203354][ T5034]  __secure_computing+0x82/0x150
[   62.203376][ T5034]  syscall_trace_enter+0xcf/0x1e0
[   62.203401][ T5034]  do_syscall_64+0xac/0x200
[   62.203431][ T5034]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   62.203493][ T5034]  ? clear_bhb_loop+0x40/0x90
[   62.203510][ T5034]  ? clear_bhb_loop+0x40/0x90
[   62.203529][ T5034]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   62.203626][ T5034] RIP: 0033:0x7f0ff9a7e929
[   62.203641][ T5034] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   62.203658][ T5034] RSP: 002b:00007f0ff80e7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c4
[   62.203678][ T5034] RAX: ffffffffffffffda RBX: 00007f0ff9ca5fa0 RCX: 00007f0ff9a7e929
[   62.203724][ T5034] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   62.203734][ T5034] RBP: 00007f0ff80e7090 R08: 0000000000000000 R09: 0000000000000000
[   62.203744][ T5034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   62.203754][ T5034] R13: 0000000000000000 R14: 00007f0ff9ca5fa0 R15: 00007ffdd6b03a88
[   62.203827][ T5034]  </TASK>
[   62.571303][ T5055] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   62.579316][ T5055] vhci_hcd: default hub control req: 2314 v0008 i0002 l0
[   62.633306][ T5059] FAULT_INJECTION: forcing a failure.
[   62.633306][ T5059] name failslab, interval 1, probability 0, space 0, times 0
[   62.646171][ T5059] CPU: 1 UID: 0 PID: 5059 Comm: syz.4.506 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(voluntary) 
[   62.646196][ T5059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   62.646208][ T5059] Call Trace:
[   62.646214][ T5059]  <TASK>
[   62.646222][ T5059]  __dump_stack+0x1d/0x30
[   62.646241][ T5059]  dump_stack_lvl+0xe8/0x140
[   62.646273][ T5059]  dump_stack+0x15/0x1b
[   62.646288][ T5059]  should_fail_ex+0x265/0x280
[   62.646317][ T5059]  should_failslab+0x8c/0xb0
[   62.646369][ T5059]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[   62.646391][ T5059]  ? v9fs_session_init+0x4b/0xde0
[   62.646453][ T5059]  kstrdup+0x3e/0xd0
[   62.646545][ T5059]  v9fs_session_init+0x4b/0xde0
[   62.646606][ T5059]  ? ___slab_alloc+0x275/0x900
[   62.646628][ T5059]  ? obj_cgroup_charge_account+0x122/0x1a0
[   62.646651][ T5059]  ? __rcu_read_unlock+0x4f/0x70
[   62.646668][ T5059]  ? v9fs_mount+0x51/0x590
[   62.646696][ T5059]  ? should_fail_ex+0xdb/0x280
[   62.646719][ T5059]  ? v9fs_mount+0x51/0x590
[   62.646765][ T5059]  ? __kmalloc_cache_noprof+0x189/0x320
[   62.646792][ T5059]  v9fs_mount+0x67/0x590
[   62.646868][ T5059]  ? __pfx_v9fs_mount+0x10/0x10
[   62.646940][ T5059]  legacy_get_tree+0x78/0xd0
[   62.646964][ T5059]  vfs_get_tree+0x54/0x1d0
[   62.646988][ T5059]  do_new_mount+0x207/0x680
[   62.647016][ T5059]  path_mount+0x4a4/0xb20
[   62.647121][ T5059]  ? user_path_at+0x109/0x130
[   62.647156][ T5059]  __se_sys_mount+0x28f/0x2e0
[   62.647186][ T5059]  ? fput+0x8f/0xc0
[   62.647205][ T5059]  __x64_sys_mount+0x67/0x80
[   62.647272][ T5059]  x64_sys_call+0xd36/0x2fb0
[   62.647294][ T5059]  do_syscall_64+0xd2/0x200
[   62.647324][ T5059]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   62.647346][ T5059]  ? clear_bhb_loop+0x40/0x90
[   62.647433][ T5059]  ? clear_bhb_loop+0x40/0x90
[   62.647454][ T5059]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   62.647479][ T5059] RIP: 0033:0x7f817bc1e929
[   62.647493][ T5059] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   62.647507][ T5059] RSP: 002b:00007f817a287038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   62.647542][ T5059] RAX: ffffffffffffffda RBX: 00007f817be45fa0 RCX: 00007f817bc1e929
[   62.647555][ T5059] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 0000000000000000
[   62.647567][ T5059] RBP: 00007f817a287090 R08: 0000200000000080 R09: 0000000000000000
[   62.647580][ T5059] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   62.647592][ T5059] R13: 0000000000000000 R14: 00007f817be45fa0 R15: 00007fff30f63c88
[   62.647612][ T5059]  </TASK>
[   63.060481][ T5068] lo speed is unknown, defaulting to 1000
[   63.106107][ T5078] 
@ÿ: renamed from veth0_vlan (while UP)
[   63.726782][   T29] kauditd_printk_skb: 116 callbacks suppressed
[   63.726797][   T29] audit: type=1400 audit(1752039637.525:1725): avc:  denied  { write } for  pid=5101 comm="syz.2.519" lport=49843 faddr=::ffff:10.1.1.1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   64.006440][   T29] audit: type=1400 audit(1752039637.805:1726): avc:  denied  { write } for  pid=5114 comm="syz.4.522" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   64.007813][ T5115] netlink: 'syz.4.522': attribute type 7 has an invalid length.
[   64.203208][   T29] audit: type=1400 audit(1752039638.005:1727): avc:  denied  { create } for  pid=5124 comm="syz.4.527" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   64.223042][   T29] audit: type=1400 audit(1752039638.005:1728): avc:  denied  { setopt } for  pid=5124 comm="syz.4.527" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   64.242474][   T29] audit: type=1400 audit(1752039638.005:1729): avc:  denied  { bind } for  pid=5124 comm="syz.4.527" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   64.261913][   T29] audit: type=1400 audit(1752039638.005:1730): avc:  denied  { read } for  pid=5124 comm="syz.4.527" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   64.263382][ T5126] 9pnet: p9_errstr2errno: server reported unknown error 
[   64.409991][ T5136] FAULT_INJECTION: forcing a failure.
[   64.409991][ T5136] name failslab, interval 1, probability 0, space 0, times 0
[   64.422774][ T5136] CPU: 0 UID: 0 PID: 5136 Comm: syz.1.530 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(voluntary) 
[   64.422865][ T5136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   64.422877][ T5136] Call Trace:
[   64.422885][ T5136]  <TASK>
[   64.422893][ T5136]  __dump_stack+0x1d/0x30
[   64.422912][ T5136]  dump_stack_lvl+0xe8/0x140
[   64.422930][ T5136]  dump_stack+0x15/0x1b
[   64.422945][ T5136]  should_fail_ex+0x265/0x280
[   64.422970][ T5136]  should_failslab+0x8c/0xb0
[   64.423059][ T5136]  kmem_cache_alloc_node_noprof+0x57/0x320
[   64.423093][ T5136]  ? __alloc_skb+0x101/0x320
[   64.423115][ T5136]  ? _raw_spin_unlock_bh+0x36/0x40
[   64.423141][ T5136]  __alloc_skb+0x101/0x320
[   64.423188][ T5136]  qdisc_notify+0xcb/0x280
[   64.423212][ T5136]  qdisc_graft+0xafb/0xcc0
[   64.423236][ T5136]  tc_modify_qdisc+0xe78/0x1380
[   64.423281][ T5136]  ? __pfx_tc_modify_qdisc+0x10/0x10
[   64.423303][ T5136]  rtnetlink_rcv_msg+0x65a/0x6d0
[   64.423364][ T5136]  netlink_rcv_skb+0x120/0x220
[   64.423451][ T5136]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   64.423478][ T5136]  rtnetlink_rcv+0x1c/0x30
[   64.423493][ T5136]  netlink_unicast+0x59e/0x670
[   64.423573][ T5136]  netlink_sendmsg+0x58b/0x6b0
[   64.423610][ T5136]  ? __pfx_netlink_sendmsg+0x10/0x10
[   64.423640][ T5136]  __sock_sendmsg+0x142/0x180
[   64.423690][ T5136]  ____sys_sendmsg+0x31e/0x4e0
[   64.423721][ T5136]  ___sys_sendmsg+0x17b/0x1d0
[   64.423925][ T5136]  __x64_sys_sendmsg+0xd4/0x160
[   64.423966][ T5136]  x64_sys_call+0x2999/0x2fb0
[   64.423986][ T5136]  do_syscall_64+0xd2/0x200
[   64.424015][ T5136]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   64.424039][ T5136]  ? clear_bhb_loop+0x40/0x90
[   64.424064][ T5136]  ? clear_bhb_loop+0x40/0x90
[   64.424085][ T5136]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   64.424105][ T5136] RIP: 0033:0x7f31151fe929
[   64.424121][ T5136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   64.424135][ T5136] RSP: 002b:00007f3113867038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   64.424153][ T5136] RAX: ffffffffffffffda RBX: 00007f3115425fa0 RCX: 00007f31151fe929
[   64.424210][ T5136] RDX: 0000000000008840 RSI: 0000200000000740 RDI: 0000000000000006
[   64.424221][ T5136] RBP: 00007f3113867090 R08: 0000000000000000 R09: 0000000000000000
[   64.424233][ T5136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   64.424245][ T5136] R13: 0000000000000000 R14: 00007f3115425fa0 R15: 00007fffe6fc1d08
[   64.424264][ T5136]  </TASK>
[   64.755722][   T29] audit: type=1400 audit(1752039638.555:1731): avc:  denied  { read } for  pid=5139 comm="syz.3.533" name="autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[   64.779514][   T29] audit: type=1400 audit(1752039638.555:1732): avc:  denied  { open } for  pid=5139 comm="syz.3.533" path="/dev/autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[   65.050787][   T29] audit: type=1400 audit(1752039638.855:1733): avc:  denied  { mount } for  pid=5147 comm="syz.4.534" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   65.050949][ T5148] tmpfs: Cannot disable swap on remount
[   65.079230][ T5148] tmpfs: Cannot disable swap on remount
[   65.092256][   T29] audit: type=1400 audit(1752039638.895:1734): avc:  denied  { unmount } for  pid=3313 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   65.655078][ T5184] can0: slcan on ttyS3.
[   65.740414][ T5189] 9pnet_fd: Insufficient options for proto=fd
[   65.759350][ T5184] can0 (unregistered): slcan off ttyS3.
[   65.773325][ T5184] Falling back ldisc for ttyS3.
[   65.783166][ T5194] tmpfs: Bad value for 'mpol'
[   66.023248][ T5204] __nla_validate_parse: 17 callbacks suppressed
[   66.023261][ T5204] netlink: 76 bytes leftover after parsing attributes in process `syz.2.555'.
[   66.185113][ T5211] FAULT_INJECTION: forcing a failure.
[   66.185113][ T5211] name failslab, interval 1, probability 0, space 0, times 0
[   66.197789][ T5211] CPU: 0 UID: 0 PID: 5211 Comm: syz.4.557 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(voluntary) 
[   66.197934][ T5211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   66.197947][ T5211] Call Trace:
[   66.197954][ T5211]  <TASK>
[   66.197960][ T5211]  __dump_stack+0x1d/0x30
[   66.198043][ T5211]  dump_stack_lvl+0xe8/0x140
[   66.198085][ T5211]  dump_stack+0x15/0x1b
[   66.198102][ T5211]  should_fail_ex+0x265/0x280
[   66.198135][ T5211]  should_failslab+0x8c/0xb0
[   66.198158][ T5211]  kmem_cache_alloc_noprof+0x50/0x310
[   66.198183][ T5211]  ? getname_flags+0x80/0x3b0
[   66.198202][ T5211]  getname_flags+0x80/0x3b0
[   66.198238][ T5211]  do_sys_openat2+0x60/0x110
[   66.198264][ T5211]  __x64_sys_openat+0xf2/0x120
[   66.198322][ T5211]  x64_sys_call+0x1af/0x2fb0
[   66.198340][ T5211]  do_syscall_64+0xd2/0x200
[   66.198369][ T5211]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   66.198455][ T5211]  ? clear_bhb_loop+0x40/0x90
[   66.198518][ T5211]  ? clear_bhb_loop+0x40/0x90
[   66.198610][ T5211]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.198627][ T5211] RIP: 0033:0x7f817bc1e929
[   66.198643][ T5211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   66.198657][ T5211] RSP: 002b:00007f817a287038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   66.198686][ T5211] RAX: ffffffffffffffda RBX: 00007f817be45fa0 RCX: 00007f817bc1e929
[   66.198697][ T5211] RDX: 00000000000a4000 RSI: 00002000000002c0 RDI: ffffffffffffff9c
[   66.198708][ T5211] RBP: 00007f817a287090 R08: 0000000000000000 R09: 0000000000000000
[   66.198719][ T5211] R10: 00000000000000e9 R11: 0000000000000246 R12: 0000000000000001
[   66.198784][ T5211] R13: 0000000000000000 R14: 00007f817be45fa0 R15: 00007fff30f63c88
[   66.198836][ T5211]  </TASK>
[   66.401143][ T5212] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[   66.434485][ T5211] netlink: 76 bytes leftover after parsing attributes in process `syz.4.557'.
[   66.466288][ T5219] netlink: 76 bytes leftover after parsing attributes in process `syz.1.558'.
[   66.499748][ T5223] FAULT_INJECTION: forcing a failure.
[   66.499748][ T5223] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   66.512952][ T5223] CPU: 0 UID: 0 PID: 5223 Comm: syz.2.562 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(voluntary) 
[   66.513055][ T5223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   66.513067][ T5223] Call Trace:
[   66.513073][ T5223]  <TASK>
[   66.513080][ T5223]  __dump_stack+0x1d/0x30
[   66.513103][ T5223]  dump_stack_lvl+0xe8/0x140
[   66.513121][ T5223]  dump_stack+0x15/0x1b
[   66.513135][ T5223]  should_fail_ex+0x265/0x280
[   66.513187][ T5223]  should_fail+0xb/0x20
[   66.513209][ T5223]  should_fail_usercopy+0x1a/0x20
[   66.513280][ T5223]  _copy_to_user+0x20/0xa0
[   66.513299][ T5223]  simple_read_from_buffer+0xb5/0x130
[   66.513349][ T5223]  proc_fail_nth_read+0x100/0x140
[   66.513376][ T5223]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   66.513402][ T5223]  vfs_read+0x1a0/0x6f0
[   66.513452][ T5223]  ? selinux_file_ioctl+0x2e3/0x370
[   66.513472][ T5223]  ? putname+0xda/0x100
[   66.513489][ T5223]  ksys_read+0xda/0x1a0
[   66.513513][ T5223]  __x64_sys_read+0x40/0x50
[   66.513608][ T5223]  x64_sys_call+0x2d77/0x2fb0
[   66.513627][ T5223]  do_syscall_64+0xd2/0x200
[   66.513671][ T5223]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   66.513698][ T5223]  ? clear_bhb_loop+0x40/0x90
[   66.513725][ T5223]  ? clear_bhb_loop+0x40/0x90
[   66.513745][ T5223]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.513762][ T5223] RIP: 0033:0x7f0ff9a7d33c
[   66.513826][ T5223] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   66.513843][ T5223] RSP: 002b:00007f0ff80e7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   66.513906][ T5223] RAX: ffffffffffffffda RBX: 00007f0ff9ca5fa0 RCX: 00007f0ff9a7d33c
[   66.513917][ T5223] RDX: 000000000000000f RSI: 00007f0ff80e70a0 RDI: 0000000000000004
[   66.513929][ T5223] RBP: 00007f0ff80e7090 R08: 0000000000000000 R09: 0000000000000000
[   66.513941][ T5223] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   66.513954][ T5223] R13: 0000000000000000 R14: 00007f0ff9ca5fa0 R15: 00007ffdd6b03a88
[   66.514030][ T5223]  </TASK>
[   66.880720][ T3375] kernel write not supported for file /290/loginuid (pid: 3375 comm: kworker/1:2)
[   66.951412][ T5240] netlink: 'syz.0.570': attribute type 5 has an invalid length.
[   67.094527][ T5257] FAULT_INJECTION: forcing a failure.
[   67.094527][ T5257] name failslab, interval 1, probability 0, space 0, times 0
[   67.107275][ T5257] CPU: 1 UID: 0 PID: 5257 Comm: syz.3.574 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(voluntary) 
[   67.107300][ T5257] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   67.107351][ T5257] Call Trace:
[   67.107357][ T5257]  <TASK>
[   67.107418][ T5257]  __dump_stack+0x1d/0x30
[   67.107435][ T5257]  dump_stack_lvl+0xe8/0x140
[   67.107451][ T5257]  dump_stack+0x15/0x1b
[   67.107464][ T5257]  should_fail_ex+0x265/0x280
[   67.107554][ T5257]  should_failslab+0x8c/0xb0
[   67.107645][ T5257]  kmem_cache_alloc_noprof+0x50/0x310
[   67.107702][ T5257]  ? audit_log_start+0x365/0x6c0
[   67.107723][ T5257]  ? __pfx_min_vruntime_cb_rotate+0x10/0x10
[   67.107746][ T5257]  audit_log_start+0x365/0x6c0
[   67.107767][ T5257]  ? bpf_trace_run4+0x134/0x1d0
[   67.107910][ T5257]  audit_seccomp+0x48/0x100
[   67.107929][ T5257]  ? __seccomp_filter+0x68c/0x10d0
[   67.107945][ T5257]  __seccomp_filter+0x69d/0x10d0
[   67.107964][ T5257]  ? __cond_resched+0x4e/0x90
[   67.108040][ T5257]  ? synchronize_rcu_expedited+0x6d3/0x790
[   67.108067][ T5257]  __secure_computing+0x82/0x150
[   67.108083][ T5257]  syscall_trace_enter+0xcf/0x1e0
[   67.108125][ T5257]  do_syscall_64+0xac/0x200
[   67.108148][ T5257]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   67.108177][ T5257]  ? clear_bhb_loop+0x40/0x90
[   67.108274][ T5257]  ? clear_bhb_loop+0x40/0x90
[   67.108290][ T5257]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.108372][ T5257] RIP: 0033:0x7f2ecc70d33c
[   67.108385][ T5257] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   67.108399][ T5257] RSP: 002b:00007f2ecad77030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   67.108414][ T5257] RAX: ffffffffffffffda RBX: 00007f2ecc935fa0 RCX: 00007f2ecc70d33c
[   67.108423][ T5257] RDX: 000000000000000f RSI: 00007f2ecad770a0 RDI: 0000000000000007
[   67.108511][ T5257] RBP: 00007f2ecad77090 R08: 0000000000000000 R09: 0000000000000000
[   67.108521][ T5257] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   67.108530][ T5257] R13: 0000000000000000 R14: 00007f2ecc935fa0 R15: 00007fff153816c8
[   67.108544][ T5257]  </TASK>
[   67.330477][ T5259] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5259 comm=syz.2.569
[   67.453355][ T5258] lo speed is unknown, defaulting to 1000
[   67.808478][ T5266] lo speed is unknown, defaulting to 1000
[   67.969750][ T5270] netlink: 28 bytes leftover after parsing attributes in process `syz.1.579'.
[   67.991526][ T5270] FAULT_INJECTION: forcing a failure.
[   67.991526][ T5270] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   68.004669][ T5270] CPU: 1 UID: 0 PID: 5270 Comm: syz.1.579 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(voluntary) 
[   68.004695][ T5270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   68.004707][ T5270] Call Trace:
[   68.004714][ T5270]  <TASK>
[   68.004747][ T5270]  __dump_stack+0x1d/0x30
[   68.004768][ T5270]  dump_stack_lvl+0xe8/0x140
[   68.004784][ T5270]  dump_stack+0x15/0x1b
[   68.004798][ T5270]  should_fail_ex+0x265/0x280
[   68.004825][ T5270]  should_fail+0xb/0x20
[   68.005008][ T5270]  should_fail_usercopy+0x1a/0x20
[   68.005038][ T5270]  strncpy_from_user+0x25/0x230
[   68.005111][ T5270]  strncpy_from_user_nofault+0x68/0xf0
[   68.005138][ T5270]  bpf_probe_read_user_str+0x2a/0x70
[   68.005169][ T5270]  bpf_prog_02a70dbeb5f742df+0x43/0x49
[   68.005186][ T5270]  bpf_trace_run2+0x107/0x1c0
[   68.005217][ T5270]  ? netem_change+0x1203/0x14d0
[   68.005239][ T5270]  ? netem_change+0x1203/0x14d0
[   68.005259][ T5270]  kfree+0x27b/0x320
[   68.005281][ T5270]  netem_change+0x1203/0x14d0
[   68.005303][ T5270]  ? __nla_validate_parse+0x1652/0x1d00
[   68.005418][ T5270]  ? nla_strcmp+0xc3/0xe0
[   68.005454][ T5270]  tc_modify_qdisc+0x1081/0x1380
[   68.005487][ T5270]  ? __pfx_tc_modify_qdisc+0x10/0x10
[   68.005551][ T5270]  rtnetlink_rcv_msg+0x65a/0x6d0
[   68.005613][ T5270]  netlink_rcv_skb+0x120/0x220
[   68.005637][ T5270]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   68.005659][ T5270]  rtnetlink_rcv+0x1c/0x30
[   68.005677][ T5270]  netlink_unicast+0x59e/0x670
[   68.005744][ T5270]  netlink_sendmsg+0x58b/0x6b0
[   68.005772][ T5270]  ? __pfx_netlink_sendmsg+0x10/0x10
[   68.005797][ T5270]  __sock_sendmsg+0x142/0x180
[   68.005878][ T5270]  ____sys_sendmsg+0x31e/0x4e0
[   68.005999][ T5270]  ___sys_sendmsg+0x17b/0x1d0
[   68.006042][ T5270]  __x64_sys_sendmsg+0xd4/0x160
[   68.006086][ T5270]  x64_sys_call+0x2999/0x2fb0
[   68.006103][ T5270]  do_syscall_64+0xd2/0x200
[   68.006131][ T5270]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   68.006151][ T5270]  ? clear_bhb_loop+0x40/0x90
[   68.006168][ T5270]  ? clear_bhb_loop+0x40/0x90
[   68.006190][ T5270]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.006210][ T5270] RIP: 0033:0x7f31151fe929
[   68.006267][ T5270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   68.006284][ T5270] RSP: 002b:00007f3113867038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   68.006303][ T5270] RAX: ffffffffffffffda RBX: 00007f3115425fa0 RCX: 00007f31151fe929
[   68.006331][ T5270] RDX: 0000000000000000 RSI: 0000200000001200 RDI: 0000000000000005
[   68.006342][ T5270] RBP: 00007f3113867090 R08: 0000000000000000 R09: 0000000000000000
[   68.006352][ T5270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   68.006363][ T5270] R13: 0000000000000000 R14: 00007f3115425fa0 R15: 00007fffe6fc1d08
[   68.006382][ T5270]  </TASK>
[   68.350056][ T5277] tipc: Can't bind to reserved service type 0
[   68.389876][ T5290] x_tables: ip6_tables: tcpmss match: only valid for protocol 6
[   68.435298][ T5290] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   68.612112][ T5290] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   68.658940][ T5308] netlink: 24 bytes leftover after parsing attributes in process `syz.1.592'.
[   68.700423][ T5290] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   68.747888][ T5305] netlink: 4 bytes leftover after parsing attributes in process `syz.1.592'.
[   68.782278][   T29] kauditd_printk_skb: 197 callbacks suppressed
[   68.782354][   T29] audit: type=1400 audit(1752039642.585:1930): avc:  denied  { write } for  pid=5311 comm="syz.4.594" name="001" dev="devtmpfs" ino=171 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   68.850289][ T5290] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   68.886641][   T29] audit: type=1400 audit(1752039642.675:1931): avc:  denied  { read write } for  pid=5311 comm="syz.4.594" name="rdma_cm" dev="devtmpfs" ino=250 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[   68.910865][   T29] audit: type=1400 audit(1752039642.675:1932): avc:  denied  { open } for  pid=5311 comm="syz.4.594" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=250 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[   68.964673][ T5318] FAULT_INJECTION: forcing a failure.
[   68.964673][ T5318] name failslab, interval 1, probability 0, space 0, times 0
[   68.977844][ T5318] CPU: 0 UID: 0 PID: 5318 Comm: syz.0.595 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(voluntary) 
[   68.977911][ T5318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   68.977923][ T5318] Call Trace:
[   68.977928][ T5318]  <TASK>
[   68.977937][ T5318]  __dump_stack+0x1d/0x30
[   68.977959][ T5318]  dump_stack_lvl+0xe8/0x140
[   68.977978][ T5318]  dump_stack+0x15/0x1b
[   68.977994][ T5318]  should_fail_ex+0x265/0x280
[   68.978049][ T5318]  should_failslab+0x8c/0xb0
[   68.978067][ T5318]  __kvmalloc_node_noprof+0x123/0x4e0
[   68.978090][ T5318]  ? copy_regset_to_user+0x7f/0x180
[   68.978109][ T5318]  copy_regset_to_user+0x7f/0x180
[   68.978130][ T5318]  arch_ptrace+0x23f/0x3f0
[   68.978147][ T5318]  __se_sys_ptrace+0xf3/0x2b0
[   68.978168][ T5318]  __x64_sys_ptrace+0x55/0x70
[   68.978186][ T5318]  x64_sys_call+0x1d6a/0x2fb0
[   68.978203][ T5318]  do_syscall_64+0xd2/0x200
[   68.978369][ T5318]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   68.978394][ T5318]  ? clear_bhb_loop+0x40/0x90
[   68.978415][ T5318]  ? clear_bhb_loop+0x40/0x90
[   68.978457][ T5318]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.978474][ T5318] RIP: 0033:0x7f2046afe929
[   68.978486][ T5318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   68.978500][ T5318] RSP: 002b:00007f2045167038 EFLAGS: 00000246 ORIG_RAX: 0000000000000065
[   68.978528][ T5318] RAX: ffffffffffffffda RBX: 00007f2046d25fa0 RCX: 00007f2046afe929
[   68.978541][ T5318] RDX: ffffffffffffdcaf RSI: 000000000000012c RDI: 000000000000000c
[   68.978597][ T5318] RBP: 00007f2045167090 R08: 0000000000000000 R09: 0000000000000000
[   68.978675][ T5318] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001
[   68.978688][ T5318] R13: 0000000000000000 R14: 00007f2046d25fa0 R15: 00007ffd9e0c99d8
[   68.978704][ T5318]  </TASK>
[   68.979146][   T29] audit: type=1400 audit(1752039642.785:1933): avc:  denied  { write } for  pid=5294 comm="syz.3.589" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   69.084836][ T5329] 9pnet: p9_errstr2errno: server reported unknown error 
[   69.103329][   T29] audit: type=1400 audit(1752039642.865:1934): avc:  denied  { module_request } for  pid=5322 comm="syz.1.596" kmod="iptable_" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[   69.213416][   T29] audit: type=1400 audit(1752039642.885:1935): avc:  denied  { mounton } for  pid=5328 comm="syz.0.599" path="/113/file0" dev="tmpfs" ino=621 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   69.228067][ T5298] netlink: 'syz.3.589': attribute type 13 has an invalid length.
[   69.238116][   T29] audit: type=1326 audit(1752039643.005:1936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5294 comm="syz.3.589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ecc70e929 code=0x7ffc0000
[   69.243675][ T5298] netlink: 152 bytes leftover after parsing attributes in process `syz.3.589'.
[   69.266966][   T29] audit: type=1326 audit(1752039643.005:1937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5294 comm="syz.3.589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ecc70e929 code=0x7ffc0000
[   69.299379][   T29] audit: type=1400 audit(1752039643.015:1938): avc:  denied  { read } for  pid=5331 comm="syz.4.600" dev="nsfs" ino=4026532395 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   69.320538][   T29] audit: type=1400 audit(1752039643.015:1939): avc:  denied  { open } for  pid=5331 comm="syz.4.600" path="net:[4026532395]" dev="nsfs" ino=4026532395 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   69.344553][ T5298] erspan0: refused to change device tx_queue_len
[   69.356033][ T5298] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[   69.376053][ T5290] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   69.403810][ T5290] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   69.451009][ T5290] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   69.478400][ T5339] netlink: 24 bytes leftover after parsing attributes in process `syz.0.602'.
[   69.490954][ T5290] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   69.505274][ T5343] FAULT_INJECTION: forcing a failure.
[   69.505274][ T5343] name failslab, interval 1, probability 0, space 0, times 0
[   69.518026][ T5343] CPU: 0 UID: 0 PID: 5343 Comm: syz.4.604 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(voluntary) 
[   69.518056][ T5343] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   69.518079][ T5343] Call Trace:
[   69.518104][ T5343]  <TASK>
[   69.518111][ T5343]  __dump_stack+0x1d/0x30
[   69.518129][ T5343]  dump_stack_lvl+0xe8/0x140
[   69.518174][ T5343]  dump_stack+0x15/0x1b
[   69.518198][ T5343]  should_fail_ex+0x265/0x280
[   69.518225][ T5343]  should_failslab+0x8c/0xb0
[   69.518244][ T5343]  __kvmalloc_node_noprof+0x123/0x4e0
[   69.518268][ T5343]  ? alloc_netdev_mqs+0x5ac/0xab0
[   69.518317][ T5343]  alloc_netdev_mqs+0x5ac/0xab0
[   69.518348][ T5343]  tun_set_iff+0x42c/0x890
[   69.518430][ T5343]  __tun_chr_ioctl+0x5f0/0x14c0
[   69.518459][ T5343]  ? __pfx_tun_chr_ioctl+0x10/0x10
[   69.518483][ T5343]  tun_chr_ioctl+0x27/0x40
[   69.518504][ T5343]  __se_sys_ioctl+0xce/0x140
[   69.518559][ T5343]  __x64_sys_ioctl+0x43/0x50
[   69.518585][ T5343]  x64_sys_call+0x19a8/0x2fb0
[   69.518653][ T5343]  do_syscall_64+0xd2/0x200
[   69.518689][ T5343]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   69.518715][ T5343]  ? clear_bhb_loop+0x40/0x90
[   69.518736][ T5343]  ? clear_bhb_loop+0x40/0x90
[   69.518769][ T5343]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.518786][ T5343] RIP: 0033:0x7f817bc1e929
[   69.518798][ T5343] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.518813][ T5343] RSP: 002b:00007f817a287038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   69.518882][ T5343] RAX: ffffffffffffffda RBX: 00007f817be45fa0 RCX: 00007f817bc1e929
[   69.518893][ T5343] RDX: 0000200000000100 RSI: 00000000400454ca RDI: 0000000000000008
[   69.518904][ T5343] RBP: 00007f817a287090 R08: 0000000000000000 R09: 0000000000000000
[   69.518914][ T5343] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   69.518926][ T5343] R13: 0000000000000000 R14: 00007f817be45fa0 R15: 00007fff30f63c88
[   69.518946][ T5343]  </TASK>
[   70.581795][ T5373] netlink: 'syz.2.613': attribute type 13 has an invalid length.
[   70.589715][ T5373] netlink: 152 bytes leftover after parsing attributes in process `syz.2.613'.
[   70.665867][ T5373] erspan0: refused to change device tx_queue_len
[   70.684179][ T5373] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[   71.340462][ T5372] netlink: 'syz.4.616': attribute type 13 has an invalid length.
[   71.348288][ T5372] netlink: 152 bytes leftover after parsing attributes in process `syz.4.616'.
[   71.372749][ T5413] lo speed is unknown, defaulting to 1000
[   71.396913][ T5372] erspan0: refused to change device tx_queue_len
[   71.411585][ T5372] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[   71.536439][ T5419] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[   72.369763][ T3508] kernel write not supported for file task/320/attr/sockcreate (pid: 3508 comm: kworker/1:4)
[   72.455254][ T5478] netlink: 8 bytes leftover after parsing attributes in process `syz.3.658'.
[   72.610500][ T5484] netlink: 4 bytes leftover after parsing attributes in process `syz.0.660'.
[   72.661408][ T5484] erspan0: entered promiscuous mode
[   72.666667][ T5484] macvtap1: entered promiscuous mode
[   72.672067][ T5484] macvtap1: entered allmulticast mode
[   72.677497][ T5484] erspan0: entered allmulticast mode
[   73.319421][ T5496] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[   73.395311][ T5505] netlink: 4 bytes leftover after parsing attributes in process `syz.0.667'.
[   73.546557][ T5515] netlink: 24 bytes leftover after parsing attributes in process `syz.0.670'.
[   73.598437][ T5515] netlink: 4 bytes leftover after parsing attributes in process `syz.0.670'.
[   73.790421][ T5528] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   73.797897][ T5528] vhci_hcd: default hub control req: 2314 v0008 i0002 l0
[   73.833817][   T29] kauditd_printk_skb: 253 callbacks suppressed
[   73.833833][   T29] audit: type=1326 audit(1752039647.635:2193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5529 comm="syz.4.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f817bc1e929 code=0x7ffc0000
[   73.863332][   T29] audit: type=1326 audit(1752039647.635:2194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5529 comm="syz.4.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f817bc1e929 code=0x7ffc0000
[   73.887510][   T29] audit: type=1326 audit(1752039647.635:2195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5529 comm="syz.4.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f817bc1e929 code=0x7ffc0000
[   73.910927][   T29] audit: type=1326 audit(1752039647.635:2196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5529 comm="syz.4.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f817bc1e929 code=0x7ffc0000
[   73.934358][   T29] audit: type=1326 audit(1752039647.635:2197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5529 comm="syz.4.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f817bc1e929 code=0x7ffc0000
[   73.957801][   T29] audit: type=1326 audit(1752039647.635:2198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5529 comm="syz.4.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f817bc1e929 code=0x7ffc0000
[   73.981413][   T29] audit: type=1326 audit(1752039647.635:2199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5529 comm="syz.4.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=128 compat=0 ip=0x7f817bc1e929 code=0x7ffc0000
[   74.004867][   T29] audit: type=1326 audit(1752039647.685:2200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5529 comm="syz.4.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f817bc1e929 code=0x7ffc0000
[   74.028293][   T29] audit: type=1326 audit(1752039647.685:2201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5529 comm="syz.4.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f817bc1e929 code=0x7ffc0000
[   74.054012][   T29] audit: type=1326 audit(1752039647.705:2202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5529 comm="syz.4.674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f817bc1e929 code=0x7ffc0000
[   74.099975][ T5538] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[   74.243146][ T5546] lo speed is unknown, defaulting to 1000
[   74.406965][ T5549] netlink: 24 bytes leftover after parsing attributes in process `syz.1.683'.
[   74.649829][ T5573] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   74.662477][ T5581] netlink: 'syz.1.695': attribute type 21 has an invalid length.
[   74.679401][ T5573] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   74.689725][ T5585] FAULT_INJECTION: forcing a failure.
[   74.689725][ T5585] name failslab, interval 1, probability 0, space 0, times 0
[   74.702545][ T5585] CPU: 0 UID: 0 PID: 5585 Comm: syz.0.697 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(voluntary) 
[   74.702605][ T5585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   74.702617][ T5585] Call Trace:
[   74.702624][ T5585]  <TASK>
[   74.702632][ T5585]  __dump_stack+0x1d/0x30
[   74.702716][ T5585]  dump_stack_lvl+0xe8/0x140
[   74.702736][ T5585]  dump_stack+0x15/0x1b
[   74.702809][ T5585]  should_fail_ex+0x265/0x280
[   74.702834][ T5585]  should_failslab+0x8c/0xb0
[   74.702881][ T5585]  kmem_cache_alloc_node_noprof+0x57/0x320
[   74.702904][ T5585]  ? __alloc_skb+0x101/0x320
[   74.702926][ T5585]  __alloc_skb+0x101/0x320
[   74.702990][ T5585]  netlink_dump+0x148/0x7f0
[   74.703016][ T5585]  ? nlmon_xmit+0x4f/0x60
[   74.703033][ T5585]  ? consume_skb+0x49/0x150
[   74.703067][ T5585]  __netlink_dump_start+0x43e/0x520
[   74.703094][ T5585]  ? __pfx_tc_dump_qdisc+0x10/0x10
[   74.703114][ T5585]  rtnetlink_rcv_msg+0x552/0x6d0
[   74.703131][ T5585]  ? __pfx_tc_dump_qdisc+0x10/0x10
[   74.703149][ T5585]  ? __pfx_rtnl_dumpit+0x10/0x10
[   74.703219][ T5585]  ? __pfx_tc_dump_qdisc+0x10/0x10
[   74.703240][ T5585]  netlink_rcv_skb+0x120/0x220
[   74.703332][ T5585]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   74.703359][ T5585]  rtnetlink_rcv+0x1c/0x30
[   74.703376][ T5585]  netlink_unicast+0x59e/0x670
[   74.703485][ T5585]  netlink_sendmsg+0x58b/0x6b0
[   74.703516][ T5585]  ? __pfx_netlink_sendmsg+0x10/0x10
[   74.703626][ T5585]  __sock_sendmsg+0x142/0x180
[   74.703645][ T5585]  sock_write_iter+0x165/0x1b0
[   74.703695][ T5585]  ? __pfx_sock_write_iter+0x10/0x10
[   74.703714][ T5585]  vfs_write+0x4a0/0x8e0
[   74.703744][ T5585]  ksys_write+0xda/0x1a0
[   74.703771][ T5585]  __x64_sys_write+0x40/0x50
[   74.703808][ T5585]  x64_sys_call+0x2cdd/0x2fb0
[   74.703826][ T5585]  do_syscall_64+0xd2/0x200
[   74.703863][ T5585]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   74.703885][ T5585]  ? clear_bhb_loop+0x40/0x90
[   74.703913][ T5585]  ? clear_bhb_loop+0x40/0x90
[   74.703955][ T5585]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.703972][ T5585] RIP: 0033:0x7f2046afe929
[   74.703985][ T5585] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.704001][ T5585] RSP: 002b:00007f2045167038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   74.704023][ T5585] RAX: ffffffffffffffda RBX: 00007f2046d25fa0 RCX: 00007f2046afe929
[   74.704036][ T5585] RDX: 000000000000fe33 RSI: 0000200000000000 RDI: 0000000000000005
[   74.704115][ T5585] RBP: 00007f2045167090 R08: 0000000000000000 R09: 0000000000000000
[   74.704126][ T5585] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   74.704137][ T5585] R13: 0000000000000000 R14: 00007f2046d25fa0 R15: 00007ffd9e0c99d8
[   74.704155][ T5585]  </TASK>
[   75.002168][ T5589] netlink: 'wg1': attribute type 1 has an invalid length.
[   75.018182][ T5589] bond1: entered promiscuous mode
[   75.023682][ T5589] 8021q: adding VLAN 0 to HW filter on device bond1
[   75.035506][ T5589] netlink: 'wg1': attribute type 10 has an invalid length.
[   75.043086][ T5589] ipvlan0: entered allmulticast mode
[   75.048370][ T5589] veth0_vlan: entered allmulticast mode
[   75.055280][ T5589] team0: Device ipvlan0 failed to register rx_handler
[   75.097027][ T5589] wg1 (5589) used greatest stack depth: 9696 bytes left
[   75.522566][ T5615] lo speed is unknown, defaulting to 1000
[   75.533044][ T5617] xt_hashlimit: max too large, truncated to 1048576
[   75.586498][ T5615] wireguard0: entered promiscuous mode
[   75.593728][ T5615] wireguard0: entered allmulticast mode
[   75.751427][ T5635] FAULT_INJECTION: forcing a failure.
[   75.751427][ T5635] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   75.764681][ T5635] CPU: 1 UID: 0 PID: 5635 Comm: syz.4.715 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(voluntary) 
[   75.764771][ T5635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   75.764781][ T5635] Call Trace:
[   75.764786][ T5635]  <TASK>
[   75.764793][ T5635]  __dump_stack+0x1d/0x30
[   75.764812][ T5635]  dump_stack_lvl+0xe8/0x140
[   75.764830][ T5635]  dump_stack+0x15/0x1b
[   75.764864][ T5635]  should_fail_ex+0x265/0x280
[   75.764888][ T5635]  should_fail+0xb/0x20
[   75.764940][ T5635]  should_fail_usercopy+0x1a/0x20
[   75.765012][ T5635]  _copy_from_user+0x1c/0xb0
[   75.765059][ T5635]  core_sys_select+0x34a/0x6e0
[   75.765157][ T5635]  ? set_user_sigmask+0x84/0x190
[   75.765178][ T5635]  __se_sys_pselect6+0x216/0x280
[   75.765249][ T5635]  __x64_sys_pselect6+0x78/0x90
[   75.765279][ T5635]  x64_sys_call+0x1caa/0x2fb0
[   75.765367][ T5635]  do_syscall_64+0xd2/0x200
[   75.765397][ T5635]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   75.765418][ T5635]  ? clear_bhb_loop+0x40/0x90
[   75.765439][ T5635]  ? clear_bhb_loop+0x40/0x90
[   75.765458][ T5635]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.765479][ T5635] RIP: 0033:0x7f817bc1e929
[   75.765495][ T5635] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.765531][ T5635] RSP: 002b:00007f817a287038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[   75.765547][ T5635] RAX: ffffffffffffffda RBX: 00007f817be45fa0 RCX: 00007f817bc1e929
[   75.765606][ T5635] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000040
[   75.765616][ T5635] RBP: 00007f817a287090 R08: 0000000000000000 R09: 0000000000000000
[   75.765658][ T5635] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[   75.765671][ T5635] R13: 0000000000000000 R14: 00007f817be45fa0 R15: 00007fff30f63c88
[   75.765691][ T5635]  </TASK>
[   76.177487][ T5674] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.230319][ T5676] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   76.244719][ T5674] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.260132][ T5678] 9pnet_fd: Insufficient options for proto=fd
[   76.300242][ T5674] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.350567][ T5674] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.416165][ T5674] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   76.427049][ T5674] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   76.437844][ T5674] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   76.448598][ T5674] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   76.532516][ T5696] FAULT_INJECTION: forcing a failure.
[   76.532516][ T5696] name failslab, interval 1, probability 0, space 0, times 0
[   76.545176][ T5696] CPU: 0 UID: 0 PID: 5696 Comm: syz.2.736 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(voluntary) 
[   76.545272][ T5696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   76.545285][ T5696] Call Trace:
[   76.545293][ T5696]  <TASK>
[   76.545301][ T5696]  __dump_stack+0x1d/0x30
[   76.545396][ T5696]  dump_stack_lvl+0xe8/0x140
[   76.545415][ T5696]  dump_stack+0x15/0x1b
[   76.545432][ T5696]  should_fail_ex+0x265/0x280
[   76.545460][ T5696]  ? __se_sys_memfd_create+0x1cc/0x590
[   76.545532][ T5696]  should_failslab+0x8c/0xb0
[   76.545550][ T5696]  __kmalloc_cache_noprof+0x4c/0x320
[   76.545594][ T5696]  ? fput+0x8f/0xc0
[   76.545617][ T5696]  __se_sys_memfd_create+0x1cc/0x590
[   76.545655][ T5696]  __x64_sys_memfd_create+0x31/0x40
[   76.545680][ T5696]  x64_sys_call+0x122f/0x2fb0
[   76.545699][ T5696]  do_syscall_64+0xd2/0x200
[   76.545775][ T5696]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   76.545914][ T5696]  ? clear_bhb_loop+0x40/0x90
[   76.545934][ T5696]  ? clear_bhb_loop+0x40/0x90
[   76.545959][ T5696]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.545976][ T5696] RIP: 0033:0x7f0ff9a7e929
[   76.545992][ T5696] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.546076][ T5696] RSP: 002b:00007f0ff80e6e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   76.546092][ T5696] RAX: ffffffffffffffda RBX: 00000000000005ad RCX: 00007f0ff9a7e929
[   76.546102][ T5696] RDX: 00007f0ff80e6ef0 RSI: 0000000000000000 RDI: 00007f0ff9b014cc
[   76.546115][ T5696] RBP: 0000200000000180 R08: 00007f0ff80e6bb7 R09: 00007f0ff80e6e40
[   76.546202][ T5696] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000040
[   76.546212][ T5696] R13: 00007f0ff80e6ef0 R14: 00007f0ff80e6eb0 R15: 0000200000000940
[   76.546228][ T5696]  </TASK>
[   76.751722][ T5700] lo speed is unknown, defaulting to 1000
[   76.795828][ T5701] __nla_validate_parse: 11 callbacks suppressed
[   76.795846][ T5701] netlink: 36 bytes leftover after parsing attributes in process `syz.2.737'.
[   76.811116][ T5701] netlink: 16 bytes leftover after parsing attributes in process `syz.2.737'.
[   76.820079][ T5701] netlink: 36 bytes leftover after parsing attributes in process `syz.2.737'.
[   76.829480][ T5701] netlink: 36 bytes leftover after parsing attributes in process `syz.2.737'.
[   76.929847][ T5704] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[   77.038408][ T5718] lo speed is unknown, defaulting to 1000
[   77.044764][ T5718] lo speed is unknown, defaulting to 1000
[   77.051049][ T5718] lo speed is unknown, defaulting to 1000
[   77.057522][ T5718] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[   77.069166][ T5718] lo speed is unknown, defaulting to 1000
[   77.075401][ T5718] lo speed is unknown, defaulting to 1000
[   77.081465][ T5718] lo speed is unknown, defaulting to 1000
[   77.087603][ T5718] lo speed is unknown, defaulting to 1000
[   77.093734][ T5718] lo speed is unknown, defaulting to 1000
[   77.187374][ T5731] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.747'.
[   77.196835][ T5724] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.747'.
[   77.257497][ T5736] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[   77.693503][ T5758] bridge_slave_0: left allmulticast mode
[   77.699236][ T5758] bridge_slave_0: left promiscuous mode
[   77.705041][ T5758] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.741794][ T5758] bridge_slave_1: left allmulticast mode
[   77.747491][ T5758] bridge_slave_1: left promiscuous mode
[   77.753291][ T5758] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.780519][ T5758] bond0: (slave bond_slave_0): Releasing backup interface
[   77.803768][ T5758] bond0: (slave bond_slave_1): Releasing backup interface
[   77.825607][ T5758] team0: Port device team_slave_0 removed
[   77.838177][ T5758] team0: Port device team_slave_1 removed
[   77.845599][ T5758] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   77.853084][ T5758] batman_adv: batadv0: Removing interface: batadv_slave_0
[   77.875497][ T5758] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   77.883072][ T5758] batman_adv: batadv0: Removing interface: batadv_slave_1
[   77.892209][ T5769] netlink: 96 bytes leftover after parsing attributes in process `syz.0.760'.
[   77.901244][ T5769] netlink: 12 bytes leftover after parsing attributes in process `syz.0.760'.
[   77.921921][ T5769] vlan2: entered allmulticast mode
[   77.927121][ T5769] ip6gretap0: entered allmulticast mode
[   78.067698][ T5767] bridge0: port 2(bridge_slave_1) entered disabled state
[   78.074977][ T5767] bridge0: port 1(bridge_slave_0) entered disabled state
[   78.148488][ T5767] veth0_to_batadv: left promiscuous mode
[   78.440984][ T5767] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[   78.449576][ T5767] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[   78.457936][ T5767] netdevsim netdevsim3 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[   78.466417][ T5767] netdevsim netdevsim3 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[   78.599568][ T5824] vhci_hcd: invalid port number 236
[   78.642374][ T5836] xt_CT: You must specify a L4 protocol and not use inversions on it
[   78.841428][   T29] kauditd_printk_skb: 95 callbacks suppressed
[   78.841443][   T29] audit: type=1326 audit(1752039652.645:2296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5853 comm="syz.0.783" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2046afe929 code=0x0
[   78.890648][   T29] audit: type=1326 audit(1752039652.695:2297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5851 comm="syz.1.782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31151fe929 code=0x7ffc0000
[   78.914448][   T29] audit: type=1326 audit(1752039652.695:2298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5851 comm="syz.1.782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31151fe929 code=0x7ffc0000
[   78.937838][   T29] audit: type=1326 audit(1752039652.695:2299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5851 comm="syz.1.782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f31151fe929 code=0x7ffc0000
[   78.961352][   T29] audit: type=1326 audit(1752039652.695:2300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5851 comm="syz.1.782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31151fe929 code=0x7ffc0000
[   78.984755][   T29] audit: type=1326 audit(1752039652.695:2301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5851 comm="syz.1.782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f31151fe929 code=0x7ffc0000
[   79.008103][   T29] audit: type=1400 audit(1752039652.695:2302): avc:  denied  { ioctl } for  pid=5851 comm="syz.1.782" path="socket:[13359]" dev="sockfs" ino=13359 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   79.032791][   T29] audit: type=1326 audit(1752039652.715:2303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5851 comm="syz.1.782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31151fe929 code=0x7ffc0000
[   79.056241][   T29] audit: type=1326 audit(1752039652.715:2304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5851 comm="syz.1.782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31151fe929 code=0x7ffc0000
[   79.079852][   T29] audit: type=1326 audit(1752039652.715:2305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5851 comm="syz.1.782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f31151fe929 code=0x7ffc0000
[   79.177635][ T5864] bridge0: entered promiscuous mode
[   79.184616][ T5864] bridge0: port 3(macvlan2) entered blocking state
[   79.191188][ T5864] bridge0: port 3(macvlan2) entered disabled state
[   79.197837][ T5864] macvlan2: entered allmulticast mode
[   79.203290][ T5864] bridge0: entered allmulticast mode
[   79.209176][ T5864] macvlan2: left allmulticast mode
[   79.214292][ T5864] bridge0: left allmulticast mode
[   79.219973][ T5864] bridge0: left promiscuous mode
[   79.286376][ T5867] tipc: Started in network mode
[   79.291313][ T5867] tipc: Node identity ac14140f, cluster identity 4711
[   79.298174][ T5867] tipc: New replicast peer: 255.255.255.255
[   79.304374][ T5867] tipc: Enabled bearer <udp:syz2>, priority 10
[   79.347961][ T5869] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.355329][ T5869] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.395262][ T5869] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   79.405465][ T5869] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   79.438701][ T5869] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[   79.447313][ T5869] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[   79.455803][ T5869] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[   79.464265][ T5869] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[   79.476689][ T5774] syz1: Port: 1 Link DOWN
[   79.535542][ T5877] FAULT_INJECTION: forcing a failure.
[   79.535542][ T5877] name failslab, interval 1, probability 0, space 0, times 0
[   79.548426][ T5877] CPU: 1 UID: 0 PID: 5877 Comm: syz.2.789 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(voluntary) 
[   79.548494][ T5877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   79.548501][ T5877] Call Trace:
[   79.548505][ T5877]  <TASK>
[   79.548509][ T5877]  __dump_stack+0x1d/0x30
[   79.548523][ T5877]  dump_stack_lvl+0xe8/0x140
[   79.548592][ T5877]  dump_stack+0x15/0x1b
[   79.548601][ T5877]  should_fail_ex+0x265/0x280
[   79.548618][ T5877]  should_failslab+0x8c/0xb0
[   79.548687][ T5877]  __kmalloc_noprof+0xa5/0x3e0
[   79.548701][ T5877]  ? genl_family_rcv_msg_attrs_parse+0x75/0x190
[   79.548717][ T5877]  genl_family_rcv_msg_attrs_parse+0x75/0x190
[   79.548822][ T5877]  ? selinux_capable+0x1f9/0x270
[   79.548841][ T5877]  genl_family_rcv_msg_doit+0x48/0x1b0
[   79.548903][ T5877]  ? security_capable+0x83/0x90
[   79.548917][ T5877]  ? ns_capable+0x7d/0xb0
[   79.548928][ T5877]  genl_rcv_msg+0x422/0x460
[   79.548941][ T5877]  ? __pfx_nl80211_pre_doit+0x10/0x10
[   79.548954][ T5877]  ? __pfx_nl80211_reload_regdb+0x10/0x10
[   79.549025][ T5877]  ? __pfx_nl80211_post_doit+0x10/0x10
[   79.549050][ T5877]  netlink_rcv_skb+0x120/0x220
[   79.549121][ T5877]  ? __pfx_genl_rcv_msg+0x10/0x10
[   79.549147][ T5877]  genl_rcv+0x28/0x40
[   79.549208][ T5877]  netlink_unicast+0x59e/0x670
[   79.549235][ T5877]  netlink_sendmsg+0x58b/0x6b0
[   79.549265][ T5877]  ? __pfx_netlink_sendmsg+0x10/0x10
[   79.549369][ T5877]  __sock_sendmsg+0x142/0x180
[   79.549383][ T5877]  ____sys_sendmsg+0x31e/0x4e0
[   79.549457][ T5877]  ___sys_sendmsg+0x17b/0x1d0
[   79.549501][ T5877]  __x64_sys_sendmsg+0xd4/0x160
[   79.549532][ T5877]  x64_sys_call+0x2999/0x2fb0
[   79.549572][ T5877]  do_syscall_64+0xd2/0x200
[   79.549600][ T5877]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   79.549687][ T5877]  ? clear_bhb_loop+0x40/0x90
[   79.549709][ T5877]  ? clear_bhb_loop+0x40/0x90
[   79.549808][ T5877]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.549829][ T5877] RIP: 0033:0x7f0ff9a7e929
[   79.549845][ T5877] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.549863][ T5877] RSP: 002b:00007f0ff80e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   79.549924][ T5877] RAX: ffffffffffffffda RBX: 00007f0ff9ca5fa0 RCX: 00007f0ff9a7e929
[   79.549932][ T5877] RDX: 0300000000000000 RSI: 0000200000000480 RDI: 0000000000000006
[   79.549939][ T5877] RBP: 00007f0ff80e7090 R08: 0000000000000000 R09: 0000000000000000
[   79.549946][ T5877] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   79.550027][ T5877] R13: 0000000000000000 R14: 00007f0ff9ca5fa0 R15: 00007ffdd6b03a88
[   79.550038][ T5877]  </TASK>
[   79.906379][ T5894] IPv6: Can't replace route, no match found
[   79.993887][ T5900] bond2: entered promiscuous mode
[   79.998959][ T5900] bond2: entered allmulticast mode
[   80.013897][ T5900] 8021q: adding VLAN 0 to HW filter on device bond2
[   80.030365][ T5900] bond2 (unregistering): Released all slaves
[   80.040166][ T5913] FAULT_INJECTION: forcing a failure.
[   80.040166][ T5913] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   80.053330][ T5913] CPU: 1 UID: 0 PID: 5913 Comm: syz.1.803 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(voluntary) 
[   80.053346][ T5913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   80.053354][ T5913] Call Trace:
[   80.053358][ T5913]  <TASK>
[   80.053363][ T5913]  __dump_stack+0x1d/0x30
[   80.053376][ T5913]  dump_stack_lvl+0xe8/0x140
[   80.053386][ T5913]  dump_stack+0x15/0x1b
[   80.053395][ T5913]  should_fail_ex+0x265/0x280
[   80.053471][ T5913]  should_fail+0xb/0x20
[   80.053484][ T5913]  should_fail_usercopy+0x1a/0x20
[   80.053525][ T5913]  _copy_from_user+0x1c/0xb0
[   80.053536][ T5913]  ___sys_sendmsg+0xc1/0x1d0
[   80.053561][ T5913]  __x64_sys_sendmsg+0xd4/0x160
[   80.053586][ T5913]  x64_sys_call+0x2999/0x2fb0
[   80.053597][ T5913]  do_syscall_64+0xd2/0x200
[   80.053615][ T5913]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   80.053629][ T5913]  ? clear_bhb_loop+0x40/0x90
[   80.053644][ T5913]  ? clear_bhb_loop+0x40/0x90
[   80.053656][ T5913]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.053737][ T5913] RIP: 0033:0x7f31151fe929
[   80.053746][ T5913] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   80.053756][ T5913] RSP: 002b:00007f3113867038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   80.053767][ T5913] RAX: ffffffffffffffda RBX: 00007f3115425fa0 RCX: 00007f31151fe929
[   80.053789][ T5913] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000007
[   80.053823][ T5913] RBP: 00007f3113867090 R08: 0000000000000000 R09: 0000000000000000
[   80.053830][ T5913] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   80.053837][ T5913] R13: 0000000000000000 R14: 00007f3115425fa0 R15: 00007fffe6fc1d08
[   80.053847][ T5913]  </TASK>
[   80.247279][ T5916] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   80.254669][ T5916] syzkaller0: entered promiscuous mode
[   80.260262][ T5916] syzkaller0: entered allmulticast mode
[   80.282018][ T5916] tipc: Resetting bearer <eth:syzkaller0>
[   80.299230][ T5916] tipc: Disabling bearer <eth:syzkaller0>
[   80.349070][ T5782] tipc: Node number set to 2886997007
[   80.793369][ T5936] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check.
[   80.809578][ T5936] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check.
[   81.646381][ T5963] FAULT_INJECTION: forcing a failure.
[   81.646381][ T5963] name failslab, interval 1, probability 0, space 0, times 0
[   81.659100][ T5963] CPU: 1 UID: 0 PID: 5963 Comm: syz.2.820 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(voluntary) 
[   81.659206][ T5963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   81.659218][ T5963] Call Trace:
[   81.659226][ T5963]  <TASK>
[   81.659234][ T5963]  __dump_stack+0x1d/0x30
[   81.659283][ T5963]  dump_stack_lvl+0xe8/0x140
[   81.659303][ T5963]  dump_stack+0x15/0x1b
[   81.659321][ T5963]  should_fail_ex+0x265/0x280
[   81.659351][ T5963]  should_failslab+0x8c/0xb0
[   81.659430][ T5963]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[   81.659527][ T5963]  ? scm_fp_dup+0x40/0x200
[   81.659546][ T5963]  kmemdup_noprof+0x2b/0x70
[   81.659569][ T5963]  scm_fp_dup+0x40/0x200
[   81.659595][ T5963]  __unix_dgram_recvmsg+0x693/0x840
[   81.659657][ T5963]  unix_dgram_recvmsg+0x81/0x90
[   81.659678][ T5963]  ? __pfx_unix_dgram_recvmsg+0x10/0x10
[   81.659705][ T5963]  sock_recvmsg+0x139/0x170
[   81.659731][ T5963]  ____sys_recvmsg+0xf5/0x280
[   81.659796][ T5963]  ___sys_recvmsg+0x11f/0x370
[   81.659896][ T5963]  do_recvmmsg+0x1ef/0x540
[   81.659917][ T5963]  ? fput+0x8f/0xc0
[   81.659935][ T5963]  __x64_sys_recvmmsg+0xe5/0x170
[   81.659956][ T5963]  x64_sys_call+0x1c6a/0x2fb0
[   81.660003][ T5963]  do_syscall_64+0xd2/0x200
[   81.660071][ T5963]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   81.660097][ T5963]  ? clear_bhb_loop+0x40/0x90
[   81.660114][ T5963]  ? clear_bhb_loop+0x40/0x90
[   81.660194][ T5963]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.660212][ T5963] RIP: 0033:0x7f0ff9a7e929
[   81.660224][ T5963] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   81.660239][ T5963] RSP: 002b:00007f0ff80e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[   81.660310][ T5963] RAX: ffffffffffffffda RBX: 00007f0ff9ca5fa0 RCX: 00007f0ff9a7e929
[   81.660374][ T5963] RDX: 0000000000000700 RSI: 0000200000001140 RDI: 0000000000000008
[   81.660388][ T5963] RBP: 00007f0ff80e7090 R08: 0000000000000000 R09: 0000000000000000
[   81.660401][ T5963] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[   81.660489][ T5963] R13: 0000000000000000 R14: 00007f0ff9ca5fa0 R15: 00007ffdd6b03a88
[   81.660505][ T5963]  </TASK>
[   82.171311][ T5972] FAULT_INJECTION: forcing a failure.
[   82.171311][ T5972] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   82.184557][ T5972] CPU: 1 UID: 0 PID: 5972 Comm: syz.1.823 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(voluntary) 
[   82.184621][ T5972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   82.184641][ T5972] Call Trace:
[   82.184645][ T5972]  <TASK>
[   82.184652][ T5972]  __dump_stack+0x1d/0x30
[   82.184671][ T5972]  dump_stack_lvl+0xe8/0x140
[   82.184704][ T5972]  dump_stack+0x15/0x1b
[   82.184790][ T5972]  should_fail_ex+0x265/0x280
[   82.184819][ T5972]  should_fail+0xb/0x20
[   82.184919][ T5972]  should_fail_usercopy+0x1a/0x20
[   82.184948][ T5972]  _copy_to_user+0x20/0xa0
[   82.184967][ T5972]  simple_read_from_buffer+0xb5/0x130
[   82.185000][ T5972]  proc_fail_nth_read+0x100/0x140
[   82.185055][ T5972]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   82.185079][ T5972]  vfs_read+0x1a0/0x6f0
[   82.185133][ T5972]  ? __rcu_read_unlock+0x4f/0x70
[   82.185155][ T5972]  ? __fget_files+0x184/0x1c0
[   82.185212][ T5972]  ksys_read+0xda/0x1a0
[   82.185239][ T5972]  __x64_sys_read+0x40/0x50
[   82.185290][ T5972]  x64_sys_call+0x2d77/0x2fb0
[   82.185311][ T5972]  do_syscall_64+0xd2/0x200
[   82.185405][ T5972]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   82.185426][ T5972]  ? clear_bhb_loop+0x40/0x90
[   82.185443][ T5972]  ? clear_bhb_loop+0x40/0x90
[   82.185462][ T5972]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.185542][ T5972] RIP: 0033:0x7f31151fd33c
[   82.185558][ T5972] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   82.185590][ T5972] RSP: 002b:00007f3113867030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   82.185607][ T5972] RAX: ffffffffffffffda RBX: 00007f3115425fa0 RCX: 00007f31151fd33c
[   82.185617][ T5972] RDX: 000000000000000f RSI: 00007f31138670a0 RDI: 0000000000000007
[   82.185630][ T5972] RBP: 00007f3113867090 R08: 0000000000000000 R09: 0000000000000000
[   82.185643][ T5972] R10: 0000000008000c62 R11: 0000000000000246 R12: 0000000000000001
[   82.185656][ T5972] R13: 0000000000000000 R14: 00007f3115425fa0 R15: 00007fffe6fc1d08
[   82.185675][ T5972]  </TASK>
[   82.718376][ T5984] FAULT_INJECTION: forcing a failure.
[   82.718376][ T5984] name failslab, interval 1, probability 0, space 0, times 0
[   82.731135][ T5984] CPU: 1 UID: 0 PID: 5984 Comm: syz.4.828 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(voluntary) 
[   82.731232][ T5984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   82.731244][ T5984] Call Trace:
[   82.731250][ T5984]  <TASK>
[   82.731258][ T5984]  __dump_stack+0x1d/0x30
[   82.731278][ T5984]  dump_stack_lvl+0xe8/0x140
[   82.731299][ T5984]  dump_stack+0x15/0x1b
[   82.731315][ T5984]  should_fail_ex+0x265/0x280
[   82.731356][ T5984]  ? ip_ra_control+0xd6/0x2c0
[   82.731379][ T5984]  should_failslab+0x8c/0xb0
[   82.731479][ T5984]  __kmalloc_cache_noprof+0x4c/0x320
[   82.731512][ T5984]  ? __pfx_mrtsock_destruct+0x10/0x10
[   82.731645][ T5984]  ip_ra_control+0xd6/0x2c0
[   82.731664][ T5984]  ? __pfx_mrtsock_destruct+0x10/0x10
[   82.731726][ T5984]  ip_mroute_setsockopt+0x32b/0x960
[   82.731751][ T5984]  do_ip_setsockopt+0xcea/0x2240
[   82.731846][ T5984]  ip_setsockopt+0x58/0x110
[   82.731912][ T5984]  raw_setsockopt+0xbd/0x150
[   82.731942][ T5984]  sock_common_setsockopt+0x69/0x80
[   82.731977][ T5984]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   82.732002][ T5984]  __sys_setsockopt+0x184/0x200
[   82.732032][ T5984]  __x64_sys_setsockopt+0x64/0x80
[   82.732096][ T5984]  x64_sys_call+0x2bd5/0x2fb0
[   82.732113][ T5984]  do_syscall_64+0xd2/0x200
[   82.732139][ T5984]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   82.732165][ T5984]  ? clear_bhb_loop+0x40/0x90
[   82.732225][ T5984]  ? clear_bhb_loop+0x40/0x90
[   82.732243][ T5984]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.732341][ T5984] RIP: 0033:0x7f817bc1e929
[   82.732357][ T5984] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   82.732376][ T5984] RSP: 002b:00007f817a287038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   82.732433][ T5984] RAX: ffffffffffffffda RBX: 00007f817be45fa0 RCX: 00007f817bc1e929
[   82.732444][ T5984] RDX: 00000000000000c8 RSI: 0000000000000000 RDI: 0000000000000005
[   82.732456][ T5984] RBP: 00007f817a287090 R08: 0000000000000004 R09: 0000000000000000
[   82.732468][ T5984] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000001
[   82.732478][ T5984] R13: 0000000000000000 R14: 00007f817be45fa0 R15: 00007fff30f63c88
[   82.732497][ T5984]  </TASK>
[   83.067587][ T6001] __nla_validate_parse: 16 callbacks suppressed
[   83.067647][ T6001] netlink: 8 bytes leftover after parsing attributes in process `syz.0.832'.
[   83.528945][ T6021] netlink: 4 bytes leftover after parsing attributes in process `syz.1.839'.
[   83.553096][ T6020] SELinux: failure in sel_netif_sid_slow(), invalid network interface (11)
[   83.729191][ T6023] ucma_write: process 393 (+}[@) changed security contexts after opening file descriptor, this is not allowed.
[   83.760633][ T6025] netlink: 8 bytes leftover after parsing attributes in process `syz.3.841'.
[   83.778490][ T6025] netlink: 8 bytes leftover after parsing attributes in process `syz.3.841'.
[   83.849328][   T29] kauditd_printk_skb: 584 callbacks suppressed
[   83.849343][   T29] audit: type=1326 audit(1752039657.655:2890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6014 comm="syz.4.838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f817bc158e7 code=0x7ffc0000
[   83.878765][   T29] audit: type=1326 audit(1752039657.655:2891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6014 comm="syz.4.838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f817bbbab19 code=0x7ffc0000
[   83.902036][   T29] audit: type=1326 audit(1752039657.655:2892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6014 comm="syz.4.838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7f817bc1e929 code=0x7ffc0000
[   83.999318][   T29] audit: type=1326 audit(1752039657.725:2893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6014 comm="syz.4.838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f817bc158e7 code=0x7ffc0000
[   84.022756][   T29] audit: type=1326 audit(1752039657.725:2894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6014 comm="syz.4.838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f817bbbab19 code=0x7ffc0000
[   84.046065][   T29] audit: type=1326 audit(1752039657.725:2895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6014 comm="syz.4.838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7f817bc1e929 code=0x7ffc0000
[   84.069438][   T29] audit: type=1326 audit(1752039657.745:2896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6014 comm="syz.4.838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f817bc158e7 code=0x7ffc0000
[   84.069984][ T6031] netlink: 24 bytes leftover after parsing attributes in process `syz.3.845'.
[   84.092734][   T29] audit: type=1326 audit(1752039657.745:2897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6014 comm="syz.4.838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f817bbbab19 code=0x7ffc0000
[   84.092774][   T29] audit: type=1326 audit(1752039657.745:2898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6014 comm="syz.4.838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7f817bc1e929 code=0x7ffc0000
[   84.148505][   T29] audit: type=1400 audit(1752039657.745:2899): avc:  denied  { read append } for  pid=6030 comm="syz.3.845" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[   84.172982][ T6035] netlink: 4 bytes leftover after parsing attributes in process `syz.3.845'.
[   84.253650][ T6029] lo speed is unknown, defaulting to 1000
[   84.272843][ T6029] lo speed is unknown, defaulting to 1000
[   84.371356][ T6046] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   84.383913][ T6046] vhci_hcd: default hub control req: 2314 v0008 i0002 l0
[   85.413066][ T6081] capability: warning: `syz.2.860' uses 32-bit capabilities (legacy support in use)
[   85.773670][ T6091] FAULT_INJECTION: forcing a failure.
[   85.773670][ T6091] name failslab, interval 1, probability 0, space 0, times 0
[   85.786343][ T6091] CPU: 0 UID: 0 PID: 6091 Comm: syz.3.865 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(voluntary) 
[   85.786371][ T6091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   85.786384][ T6091] Call Trace:
[   85.786391][ T6091]  <TASK>
[   85.786446][ T6091]  __dump_stack+0x1d/0x30
[   85.786465][ T6091]  dump_stack_lvl+0xe8/0x140
[   85.786485][ T6091]  dump_stack+0x15/0x1b
[   85.786503][ T6091]  should_fail_ex+0x265/0x280
[   85.786538][ T6091]  should_failslab+0x8c/0xb0
[   85.786556][ T6091]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[   85.786608][ T6091]  ? sidtab_sid2str_get+0xa0/0x130
[   85.786626][ T6091]  ? skb_put+0xa9/0xf0
[   85.786755][ T6091]  kmemdup_noprof+0x2b/0x70
[   85.786773][ T6091]  sidtab_sid2str_get+0xa0/0x130
[   85.786792][ T6091]  security_sid_to_context_core+0x1eb/0x2e0
[   85.786816][ T6091]  security_sid_to_context+0x27/0x40
[   85.786837][ T6091]  avc_audit_post_callback+0x9d/0x520
[   85.786896][ T6091]  ? __pfx_avc_audit_post_callback+0x10/0x10
[   85.786923][ T6091]  common_lsm_audit+0x1b8/0x230
[   85.786942][ T6091]  ? __pfx_avc_audit_post_callback+0x10/0x10
[   85.786966][ T6091]  slow_avc_audit+0x104/0x140
[   85.786999][ T6091]  avc_has_perm+0x128/0x150
[   85.787032][ T6091]  selinux_socket_setsockopt+0x17c/0x1e0
[   85.787145][ T6091]  security_socket_setsockopt+0x46/0x80
[   85.787212][ T6091]  __sys_setsockopt+0x98/0x200
[   85.787244][ T6091]  __x64_sys_setsockopt+0x64/0x80
[   85.787273][ T6091]  x64_sys_call+0x2bd5/0x2fb0
[   85.787338][ T6091]  do_syscall_64+0xd2/0x200
[   85.787369][ T6091]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   85.787395][ T6091]  ? clear_bhb_loop+0x40/0x90
[   85.787416][ T6091]  ? clear_bhb_loop+0x40/0x90
[   85.787435][ T6091]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.787452][ T6091] RIP: 0033:0x7f2ecc70e929
[   85.787465][ T6091] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   85.787480][ T6091] RSP: 002b:00007f2ecad77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   85.787495][ T6091] RAX: ffffffffffffffda RBX: 00007f2ecc935fa0 RCX: 00007f2ecc70e929
[   85.787506][ T6091] RDX: 0000000000000039 RSI: 0000000000000029 RDI: 0000000000000003
[   85.787516][ T6091] RBP: 00007f2ecad77090 R08: 0000000000000018 R09: 0000000000000000
[   85.787535][ T6091] R10: 0000200000000340 R11: 0000000000000246 R12: 0000000000000001
[   85.787575][ T6091] R13: 0000000000000000 R14: 00007f2ecc935fa0 R15: 00007fff153816c8
[   85.787643][ T6091]  </TASK>
[   86.924744][ T6102] netlink: 4 bytes leftover after parsing attributes in process `syz.0.867'.
[   87.014758][ T6110] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[   87.022321][ T6110] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   87.067670][ T6110] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub
[   87.173394][   T36] kernel write not supported for file /cpu/0/msr (pid: 36 comm: kworker/1:1)
[   87.265330][ T6130] lo speed is unknown, defaulting to 1000
[   87.284350][ T6130] lo speed is unknown, defaulting to 1000
[   87.369811][ T6135] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[   87.541912][ T6144] netlink: 'syz.4.883': attribute type 1 has an invalid length.
[   87.581146][ T6144] 8021q: adding VLAN 0 to HW filter on device bond1
[   87.609604][ T6146] 8021q: adding VLAN 0 to HW filter on device bond1
[   87.616769][ T6146] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[   87.628935][ T6146] bond1: (slave vxcan3): Error -95 calling set_mac_address
[   87.648317][ T6148] 9pnet: p9_errstr2errno: server reported unknown error 
[   87.819314][ T6152] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[   87.826412][ T5779] IPVS: starting estimator thread 0...
[   87.896277][ T6156] xt_hashlimit: max too large, truncated to 1048576
[   87.920029][ T6154] IPVS: using max 2592 ests per chain, 129600 per kthread
[   88.262604][ T6184] netlink: 36 bytes leftover after parsing attributes in process `syz.2.886'.
[   88.279207][ T6184] netlink: 36 bytes leftover after parsing attributes in process `syz.2.886'.
[   88.299235][ T6184] netlink: 36 bytes leftover after parsing attributes in process `syz.2.886'.
[   88.316179][ T6184] netlink: 36 bytes leftover after parsing attributes in process `syz.2.886'.
[   88.333766][ T6184] netlink: 36 bytes leftover after parsing attributes in process `syz.2.886'.
[   88.346253][ T6184] netlink: 36 bytes leftover after parsing attributes in process `syz.2.886'.
[   88.355362][ T6184] netlink: 36 bytes leftover after parsing attributes in process `syz.2.886'.
[   88.364376][ T6184] netlink: 36 bytes leftover after parsing attributes in process `syz.2.886'.
[   88.379063][ T6184] netlink: 36 bytes leftover after parsing attributes in process `syz.2.886'.
[   88.397012][ T6184] netlink: 36 bytes leftover after parsing attributes in process `syz.2.886'.
[   88.823148][ T6218] loop0: detected capacity change from 0 to 512
[   88.843212][ T6218] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   88.867446][ T6218] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.900: invalid indirect mapped block 4294967295 (level 1)
[   88.897579][ T6218] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.900: invalid indirect mapped block 4294967295 (level 1)
[   88.929589][   T29] kauditd_printk_skb: 204 callbacks suppressed
[   88.929603][   T29] audit: type=1400 audit(1752039662.735:3102): avc:  denied  { bind } for  pid=6219 comm="syz.1.901" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   88.968292][   T29] audit: type=1400 audit(1752039662.765:3103): avc:  denied  { setopt } for  pid=6219 comm="syz.1.901" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   88.980259][ T6218] EXT4-fs (loop0): 2 truncates cleaned up
[   89.002965][   T29] audit: type=1400 audit(1752039662.805:3104): avc:  denied  { ioctl } for  pid=6224 comm="syz.2.902" path="socket:[13188]" dev="sockfs" ino=13188 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   89.028644][   T29] audit: type=1400 audit(1752039662.805:3105): avc:  denied  { setopt } for  pid=6224 comm="syz.2.902" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   89.035494][ T6218] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   89.048345][   T29] audit: type=1400 audit(1752039662.805:3106): avc:  denied  { write } for  pid=6224 comm="syz.2.902" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   89.080000][   T29] audit: type=1400 audit(1752039662.805:3107): avc:  denied  { ioctl } for  pid=6224 comm="syz.2.902" path="socket:[13187]" dev="sockfs" ino=13187 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   89.114493][ T6227] netlink: 'syz.2.904': attribute type 1 has an invalid length.
[   89.148600][   T29] audit: type=1400 audit(1752039662.945:3108): avc:  denied  { mount } for  pid=6217 comm="syz.0.900" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   89.176439][ T6227] bond1: entered promiscuous mode
[   89.181882][ T6227] 8021q: adding VLAN 0 to HW filter on device bond1
[   89.192591][ T6237] batadv1: entered promiscuous mode
[   89.197817][ T6237] batadv1: entered allmulticast mode
[   89.204673][ T6237] 8021q: adding VLAN 0 to HW filter on device batadv1
[   89.212843][ T6237] bond1: (slave batadv1): making interface the new active one
[   89.227891][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.237521][ T6237] bond1: (slave batadv1): Enslaving as an active interface with an up link
[   89.248357][   T29] audit: type=1400 audit(1752039663.025:3109): avc:  denied  { unmount } for  pid=3308 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   89.250503][ T6227] batadv2: entered promiscuous mode
[   89.273690][ T6227] batadv2: entered allmulticast mode
[   89.286682][ T6227] 8021q: adding VLAN 0 to HW filter on device batadv2
[   89.308174][ T6241] loop0: detected capacity change from 0 to 2048
[   89.320795][   T29] audit: type=1400 audit(1752039663.095:3110): avc:  denied  { mounton } for  pid=6243 comm="syz.3.907" path="/172/file0" dev="tmpfs" ino=936 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   89.326983][ T6227] bond1: (slave batadv2): Enslaving as an active interface with an up link
[   89.343435][   T29] audit: type=1400 audit(1752039663.095:3111): avc:  denied  { setopt } for  pid=6226 comm="syz.2.904" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   89.376349][ T6241] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   89.401822][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.477546][ T6255] xt_hashlimit: max too large, truncated to 1048576
[   89.692764][ T6274] syzkaller0: entered promiscuous mode
[   89.698253][ T6274] syzkaller0: entered allmulticast mode
[   89.784749][ T6283] team0 (unregistering): Port device team_slave_0 removed
[   89.794059][ T6283] team0 (unregistering): Port device team_slave_1 removed
[   89.838723][ T6292] 9pnet: p9_errstr2errno: server reported unknown error 
[   90.454748][ T6327] FAULT_INJECTION: forcing a failure.
[   90.454748][ T6327] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   90.467944][ T6327] CPU: 0 UID: 0 PID: 6327 Comm: syz.3.938 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(voluntary) 
[   90.467968][ T6327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   90.467979][ T6327] Call Trace:
[   90.467984][ T6327]  <TASK>
[   90.467992][ T6327]  __dump_stack+0x1d/0x30
[   90.468067][ T6327]  dump_stack_lvl+0xe8/0x140
[   90.468086][ T6327]  dump_stack+0x15/0x1b
[   90.468102][ T6327]  should_fail_ex+0x265/0x280
[   90.468126][ T6327]  should_fail+0xb/0x20
[   90.468170][ T6327]  should_fail_usercopy+0x1a/0x20
[   90.468214][ T6327]  strncpy_from_user+0x25/0x230
[   90.468236][ T6327]  ? __kmalloc_cache_noprof+0x189/0x320
[   90.468291][ T6327]  __se_sys_memfd_create+0x1ff/0x590
[   90.468318][ T6327]  __x64_sys_memfd_create+0x31/0x40
[   90.468346][ T6327]  x64_sys_call+0x122f/0x2fb0
[   90.468397][ T6327]  do_syscall_64+0xd2/0x200
[   90.468427][ T6327]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   90.468538][ T6327]  ? clear_bhb_loop+0x40/0x90
[   90.468557][ T6327]  ? clear_bhb_loop+0x40/0x90
[   90.468579][ T6327]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.468641][ T6327] RIP: 0033:0x7f2ecc70e929
[   90.468657][ T6327] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   90.468674][ T6327] RSP: 002b:00007f2ecad76e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   90.468750][ T6327] RAX: ffffffffffffffda RBX: 00000000000002d2 RCX: 00007f2ecc70e929
[   90.468760][ T6327] RDX: 00007f2ecad76ef0 RSI: 0000000000000000 RDI: 00007f2ecc7914cc
[   90.468823][ T6327] RBP: 00002000000008c0 R08: 00007f2ecad76bb7 R09: 00007f2ecad76e40
[   90.468833][ T6327] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000000
[   90.468843][ T6327] R13: 00007f2ecad76ef0 R14: 00007f2ecad76eb0 R15: 00002000000002c0
[   90.468861][ T6327]  </TASK>
[   90.688206][ T6333] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1538 sclass=netlink_route_socket pid=6333 comm=syz.4.940
[   90.848384][ T6349] lo speed is unknown, defaulting to 1000
[   90.860757][ T6349] lo speed is unknown, defaulting to 1000
[   90.897754][ T6355] gretap1: entered promiscuous mode
[   91.410867][ T6388] can0: slcan on ttyS3.
[   91.466210][ T6395] SELinux: syz.1.965 (6395) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[   91.481167][ T6388] can0 (unregistered): slcan off ttyS3.
[   91.486949][ T6388] Falling back ldisc for ttyS3.
[   91.937277][ T6459] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4)
[   91.943846][ T6459] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   91.951537][ T6459] vhci_hcd vhci_hcd.0: Device attached
[   92.036450][ T6473] FAULT_INJECTION: forcing a failure.
[   92.036450][ T6473] name failslab, interval 1, probability 0, space 0, times 0
[   92.049444][ T6473] CPU: 1 UID: 0 PID: 6473 Comm: syz.1.984 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(voluntary) 
[   92.049472][ T6473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   92.049484][ T6473] Call Trace:
[   92.049491][ T6473]  <TASK>
[   92.049498][ T6473]  __dump_stack+0x1d/0x30
[   92.049520][ T6473]  dump_stack_lvl+0xe8/0x140
[   92.049578][ T6473]  dump_stack+0x15/0x1b
[   92.049595][ T6473]  should_fail_ex+0x265/0x280
[   92.049631][ T6473]  should_failslab+0x8c/0xb0
[   92.049653][ T6473]  kmem_cache_alloc_node_noprof+0x57/0x320
[   92.049680][ T6473]  ? __alloc_skb+0x101/0x320
[   92.049757][ T6473]  ? __rtnl_unlock+0x95/0xb0
[   92.049786][ T6473]  __alloc_skb+0x101/0x320
[   92.049814][ T6473]  netlink_ack+0xfd/0x500
[   92.049909][ T6473]  netlink_rcv_skb+0x192/0x220
[   92.049938][ T6473]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   92.050010][ T6473]  rtnetlink_rcv+0x1c/0x30
[   92.050029][ T6473]  netlink_unicast+0x59e/0x670
[   92.050084][ T6473]  netlink_sendmsg+0x58b/0x6b0
[   92.050117][ T6473]  ? __pfx_netlink_sendmsg+0x10/0x10
[   92.050222][ T6473]  __sock_sendmsg+0x142/0x180
[   92.050267][ T6473]  ____sys_sendmsg+0x31e/0x4e0
[   92.050300][ T6473]  ___sys_sendmsg+0x17b/0x1d0
[   92.050362][ T6473]  __x64_sys_sendmsg+0xd4/0x160
[   92.050399][ T6473]  x64_sys_call+0x2999/0x2fb0
[   92.050469][ T6473]  do_syscall_64+0xd2/0x200
[   92.050497][ T6473]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   92.050608][ T6473]  ? clear_bhb_loop+0x40/0x90
[   92.050629][ T6473]  ? clear_bhb_loop+0x40/0x90
[   92.050650][ T6473]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.050671][ T6473] RIP: 0033:0x7f31151fe929
[   92.050688][ T6473] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   92.050719][ T6473] RSP: 002b:00007f3113867038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   92.050739][ T6473] RAX: ffffffffffffffda RBX: 00007f3115425fa0 RCX: 00007f31151fe929
[   92.050753][ T6473] RDX: 0000000000000000 RSI: 0000200000001200 RDI: 0000000000000003
[   92.050766][ T6473] RBP: 00007f3113867090 R08: 0000000000000000 R09: 0000000000000000
[   92.050779][ T6473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   92.050792][ T6473] R13: 0000000000000000 R14: 00007f3115425fa0 R15: 00007fffe6fc1d08
[   92.050823][ T6473]  </TASK>
[   92.078457][ T6416] netlink: 'syz.4.970': attribute type 13 has an invalid length.
[   92.269262][ T6485] netlink: 'syz.1.988': attribute type 1 has an invalid length.
[   92.306615][ T6416] erspan0: refused to change device tx_queue_len
[   92.314774][ T6416] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[   92.330421][ T5782] usb 7-1: new high-speed USB device number 2 using vhci_hcd
[   92.463932][ T6496] FAULT_INJECTION: forcing a failure.
[   92.463932][ T6496] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   92.477200][ T6496] CPU: 0 UID: 0 PID: 6496 Comm: syz.4.992 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(voluntary) 
[   92.477229][ T6496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   92.477241][ T6496] Call Trace:
[   92.477325][ T6496]  <TASK>
[   92.477332][ T6496]  __dump_stack+0x1d/0x30
[   92.477352][ T6496]  dump_stack_lvl+0xe8/0x140
[   92.477369][ T6496]  dump_stack+0x15/0x1b
[   92.477384][ T6496]  should_fail_ex+0x265/0x280
[   92.477409][ T6496]  should_fail+0xb/0x20
[   92.477535][ T6496]  should_fail_usercopy+0x1a/0x20
[   92.477564][ T6496]  _copy_to_user+0x20/0xa0
[   92.477583][ T6496]  simple_read_from_buffer+0xb5/0x130
[   92.477734][ T6496]  proc_fail_nth_read+0x100/0x140
[   92.477765][ T6496]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   92.477793][ T6496]  vfs_read+0x1a0/0x6f0
[   92.477837][ T6496]  ? __rcu_read_unlock+0x4f/0x70
[   92.477907][ T6496]  ? __fget_files+0x184/0x1c0
[   92.477927][ T6496]  ksys_read+0xda/0x1a0
[   92.477955][ T6496]  __x64_sys_read+0x40/0x50
[   92.478105][ T6496]  x64_sys_call+0x2d77/0x2fb0
[   92.478125][ T6496]  do_syscall_64+0xd2/0x200
[   92.478163][ T6496]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   92.478188][ T6496]  ? clear_bhb_loop+0x40/0x90
[   92.478232][ T6496]  ? clear_bhb_loop+0x40/0x90
[   92.478252][ T6496]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.478272][ T6496] RIP: 0033:0x7f817bc1d33c
[   92.478287][ T6496] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   92.478304][ T6496] RSP: 002b:00007f817a287030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   92.478323][ T6496] RAX: ffffffffffffffda RBX: 00007f817be45fa0 RCX: 00007f817bc1d33c
[   92.478358][ T6496] RDX: 000000000000000f RSI: 00007f817a2870a0 RDI: 0000000000000008
[   92.478369][ T6496] RBP: 00007f817a287090 R08: 0000000000000000 R09: 0000000000000000
[   92.478380][ T6496] R10: 0000000008000c62 R11: 0000000000000246 R12: 0000000000000001
[   92.478392][ T6496] R13: 0000000000000000 R14: 00007f817be45fa0 R15: 00007fff30f63c88
[   92.478409][ T6496]  </TASK>
[   92.483555][ T6498] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=5126 sclass=netlink_audit_socket pid=6498 comm=syz.0.993
[   92.563316][ T6502] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6502 comm=syz.0.993
[   92.579164][ T6500] uprobe: syz.4.994:6500 failed to unregister, leaking uprobe
[   92.655316][ T6498] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=6498 comm=syz.0.993
[   92.732467][ T6505] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6505 comm=syz.0.993
[   92.755060][ T6507] lo speed is unknown, defaulting to 1000
[   92.761820][ T6507] lo speed is unknown, defaulting to 1000
[   92.768192][ T6461] vhci_hcd: connection reset by peer
[   92.775691][ T6233] vhci_hcd: stop threads
[   92.780182][ T6233] vhci_hcd: release socket
[   92.784596][ T6233] vhci_hcd: disconnect device
[   92.861599][ T6509] FAULT_INJECTION: forcing a failure.
[   92.861599][ T6509] name failslab, interval 1, probability 0, space 0, times 0
[   92.874252][ T6509] CPU: 0 UID: 0 PID: 6509 Comm: syz.4.996 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(voluntary) 
[   92.874279][ T6509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   92.874301][ T6509] Call Trace:
[   92.874305][ T6509]  <TASK>
[   92.874310][ T6509]  __dump_stack+0x1d/0x30
[   92.874359][ T6509]  dump_stack_lvl+0xe8/0x140
[   92.874370][ T6509]  dump_stack+0x15/0x1b
[   92.874379][ T6509]  should_fail_ex+0x265/0x280
[   92.874396][ T6509]  should_failslab+0x8c/0xb0
[   92.874417][ T6509]  __kvmalloc_node_noprof+0x123/0x4e0
[   92.874433][ T6509]  ? bpf_test_run_xdp_live+0xed/0xfe0
[   92.874451][ T6509]  bpf_test_run_xdp_live+0xed/0xfe0
[   92.874468][ T6509]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   92.874498][ T6509]  ? __pfx_autoremove_wake_function+0x10/0x10
[   92.874516][ T6509]  ? 0xffffffffa0205480
[   92.874524][ T6509]  ? synchronize_rcu+0x45/0x320
[   92.874578][ T6509]  ? 0xffffffffa0205480
[   92.874585][ T6509]  ? 0xffffffffa0205480
[   92.874592][ T6509]  ? bpf_dispatcher_change_prog+0x6ec/0x7f0
[   92.874607][ T6509]  ? 0xffffffffa0202b6c
[   92.874679][ T6509]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   92.874700][ T6509]  bpf_prog_test_run_xdp+0x4f5/0x910
[   92.874717][ T6509]  ? __rcu_read_unlock+0x4f/0x70
[   92.874748][ T6509]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   92.874764][ T6509]  bpf_prog_test_run+0x22a/0x390
[   92.874855][ T6509]  __sys_bpf+0x3dc/0x790
[   92.874878][ T6509]  __x64_sys_bpf+0x41/0x50
[   92.874892][ T6509]  x64_sys_call+0x2478/0x2fb0
[   92.874904][ T6509]  do_syscall_64+0xd2/0x200
[   92.874922][ T6509]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   92.875048][ T6509]  ? clear_bhb_loop+0x40/0x90
[   92.875060][ T6509]  ? clear_bhb_loop+0x40/0x90
[   92.875113][ T6509]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.875171][ T6509] RIP: 0033:0x7f817bc1e929
[   92.875180][ T6509] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   92.875190][ T6509] RSP: 002b:00007f817a287038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   92.875208][ T6509] RAX: ffffffffffffffda RBX: 00007f817be45fa0 RCX: 00007f817bc1e929
[   92.875221][ T6509] RDX: 0000000000000050 RSI: 0000200000000000 RDI: 000000000000000a
[   92.875233][ T6509] RBP: 00007f817a287090 R08: 0000000000000000 R09: 0000000000000000
[   92.875279][ T6509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   92.875285][ T6509] R13: 0000000000000000 R14: 00007f817be45fa0 R15: 00007fff30f63c88
[   92.875296][ T6509]  </TASK>
[   93.182213][ T6512] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   93.191029][ T6512] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   93.199750][ T6512] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   93.208518][ T6512] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[   93.217504][ T6512] vxlan0: entered promiscuous mode
[   93.318062][ T6527] __nla_validate_parse: 55 callbacks suppressed
[   93.318078][ T6527] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1001'.
[   93.334977][ T6525] IPVS: stopping master sync thread 6526 ...
[   93.341753][ T6526] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[   93.439010][ T6545] netlink: 'syz.4.1008': attribute type 11 has an invalid length.
[   93.444380][ T6539] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   93.446845][ T6545] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1008'.
[   93.510178][ T6546] lo speed is unknown, defaulting to 1000
[   93.519250][ T6546] lo speed is unknown, defaulting to 1000
[   93.552042][ T6557] netlink: 'syz.0.1014': attribute type 4 has an invalid length.
[   93.559834][ T6557] netlink: 'syz.0.1014': attribute type 2 has an invalid length.
[   93.589961][ T6560] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.1011'.
[   93.613372][ T6552] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.1011'.
[   93.684825][ T6578] netlink: 1084 bytes leftover after parsing attributes in process `syz.0.1018'.
[   93.695090][ T6578] netlink: 1084 bytes leftover after parsing attributes in process `syz.0.1018'.
[   93.776150][ T6559] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1013'.
[   93.792890][ T6580] bridge_slave_0: left allmulticast mode
[   93.798693][ T6580] bridge_slave_0: left promiscuous mode
[   93.804640][ T6580] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.836419][ T6580] bridge_slave_1: left allmulticast mode
[   93.842122][ T6580] bridge_slave_1: left promiscuous mode
[   93.847947][ T6580] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.875287][ T6580] bond0: (slave bond_slave_0): Releasing backup interface
[   93.892923][ T6580] bond0: (slave bond_slave_1): Releasing backup interface
[   93.916565][ T6580] team0: Port device team_slave_0 removed
[   93.934698][ T6580] team0: Port device team_slave_1 removed
[   93.971319][ T5783] lo speed is unknown, defaulting to 1000
[   94.020356][   T29] kauditd_printk_skb: 447 callbacks suppressed
[   94.020371][   T29] audit: type=1326 audit(1752039667.825:3557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6558 comm="syz.3.1013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ecc70e929 code=0x7ffc0000
[   94.050048][   T29] audit: type=1326 audit(1752039667.825:3558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6558 comm="syz.3.1013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2ecc70e929 code=0x7ffc0000
[   94.244426][   T29] audit: type=1400 audit(1752039668.045:3559): avc:  denied  { watch watch_reads } for  pid=6587 comm="syz.0.1019" path="/193" dev="tmpfs" ino=1049 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   94.311154][ T6592] veth1_macvtap: left promiscuous mode
[   94.316672][ T6592] macsec0: entered allmulticast mode
[   94.371545][ T6592] loop0: detected capacity change from 0 to 512
[   94.426128][ T6592] EXT4-fs (loop0): 1 orphan inode deleted
[   94.444408][ T6592] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   94.452044][ T6606] netlink: 'syz.2.1024': attribute type 6 has an invalid length.
[   94.470616][ T6594] lo speed is unknown, defaulting to 1000
[   94.479326][ T6592] ext4 filesystem being mounted at /194/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   94.492970][ T6608] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1024'.
[   94.502558][ T6592] veth1_macvtap: entered promiscuous mode
[   94.508421][ T6592] veth1_macvtap: entered allmulticast mode
[   94.544002][ T6592] macsec0: left allmulticast mode
[   94.549108][ T6592] veth1_macvtap: left allmulticast mode
[   94.561974][   T29] audit: type=1400 audit(1752039668.365:3560): avc:  denied  { read } for  pid=6593 comm="syz.2.1024" name="snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   94.585068][   T29] audit: type=1400 audit(1752039668.365:3561): avc:  denied  { open } for  pid=6593 comm="syz.2.1024" path="/dev/snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   94.609927][ T6594] lo speed is unknown, defaulting to 1000
[   94.649186][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.680500][   T29] audit: type=1400 audit(1752039668.365:3562): avc:  denied  { firmware_load } for  pid=6232 comm="kworker/u8:32" path="/lib/firmware/regulatory.db.p7s" dev="sda1" ino=449 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1
[   94.830458][ T6623] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1027'.
[   94.865065][ T6619] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1027'.
[   94.877275][ T6623] loop0: detected capacity change from 0 to 164
[   94.927825][   T29] audit: type=1400 audit(1752039668.725:3563): avc:  denied  { mount } for  pid=6617 comm="syz.0.1027" name="/" dev="loop0" ino=1792 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[   95.039240][   T29] audit: type=1400 audit(1752039668.755:3564): avc:  denied  { unmount } for  pid=3308 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[   95.059557][   T29] audit: type=1326 audit(1752039668.815:3565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6624 comm="syz.2.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ff9a7e929 code=0x7ffc0000
[   95.082993][   T29] audit: type=1326 audit(1752039668.815:3566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6624 comm="syz.2.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0ff9a7e929 code=0x7ffc0000
[   95.385604][ T6664] FAULT_INJECTION: forcing a failure.
[   95.385604][ T6664] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   95.398784][ T6664] CPU: 0 UID: 0 PID: 6664 Comm: syz.4.1042 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(voluntary) 
[   95.398811][ T6664] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   95.398823][ T6664] Call Trace:
[   95.398830][ T6664]  <TASK>
[   95.398838][ T6664]  __dump_stack+0x1d/0x30
[   95.398858][ T6664]  dump_stack_lvl+0xe8/0x140
[   95.398939][ T6664]  dump_stack+0x15/0x1b
[   95.398974][ T6664]  should_fail_ex+0x265/0x280
[   95.399006][ T6664]  should_fail+0xb/0x20
[   95.399029][ T6664]  should_fail_usercopy+0x1a/0x20
[   95.399084][ T6664]  _copy_from_user+0x1c/0xb0
[   95.399102][ T6664]  __sys_connect+0xd0/0x2b0
[   95.399189][ T6664]  __x64_sys_connect+0x3f/0x50
[   95.399213][ T6664]  x64_sys_call+0x1daa/0x2fb0
[   95.399233][ T6664]  do_syscall_64+0xd2/0x200
[   95.399317][ T6664]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   95.399338][ T6664]  ? clear_bhb_loop+0x40/0x90
[   95.399355][ T6664]  ? clear_bhb_loop+0x40/0x90
[   95.399451][ T6664]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.399468][ T6664] RIP: 0033:0x7f817bc1e929
[   95.399517][ T6664] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.399534][ T6664] RSP: 002b:00007f817a287038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[   95.399553][ T6664] RAX: ffffffffffffffda RBX: 00007f817be45fa0 RCX: 00007f817bc1e929
[   95.399567][ T6664] RDX: 000000000000001c RSI: 0000200000000000 RDI: 0000000000000003
[   95.399580][ T6664] RBP: 00007f817a287090 R08: 0000000000000000 R09: 0000000000000000
[   95.399594][ T6664] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   95.399723][ T6664] R13: 0000000000000000 R14: 00007f817be45fa0 R15: 00007fff30f63c88
[   95.399777][ T6664]  </TASK>
[   95.401187][ T6659] loop0: detected capacity change from 0 to 164
[   95.624803][ T6669] netlink: 'syz.4.1043': attribute type 1 has an invalid length.
[   95.640536][ T6661] Falling back ldisc for ttyS3.
[   95.694731][ T6669] 8021q: adding VLAN 0 to HW filter on device bond2
[   95.724177][ T6682] bond2 (unregistering): Released all slaves
[   95.741544][ T6685] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   95.766138][ T6686] lo speed is unknown, defaulting to 1000
[   95.772911][ T6685] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   95.790418][ T6686] lo speed is unknown, defaulting to 1000
[   96.071202][ T6739] netlink: 'syz.2.1059': attribute type 39 has an invalid length.
[   96.291878][ T6763] sd 0:0:1:0: device reset
[   96.308003][ T6763] 9pnet_fd: Insufficient options for proto=fd
[   96.659560][ T6762] netlink: 'syz.3.1065': attribute type 13 has an invalid length.
[   96.667558][ T6762] erspan0: refused to change device tx_queue_len
[   96.673990][ T6762] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[   96.753788][ T6788] Invalid ELF header type: 3 != 1
[   96.792307][ T6789] lo speed is unknown, defaulting to 1000
[   96.807849][ T6789] lo speed is unknown, defaulting to 1000
[   96.888121][ T6800] loop0: detected capacity change from 0 to 2048
[   96.915561][ T6800] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   96.948048][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.993156][ T6811] netlink: 'syz.0.1086': attribute type 2 has an invalid length.
[   97.168255][ T6824] FAULT_INJECTION: forcing a failure.
[   97.168255][ T6824] name failslab, interval 1, probability 0, space 0, times 0
[   97.181005][ T6824] CPU: 0 UID: 0 PID: 6824 Comm: syz.3.1090 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(voluntary) 
[   97.181029][ T6824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   97.181114][ T6824] Call Trace:
[   97.181121][ T6824]  <TASK>
[   97.181128][ T6824]  __dump_stack+0x1d/0x30
[   97.181179][ T6824]  dump_stack_lvl+0xe8/0x140
[   97.181199][ T6824]  dump_stack+0x15/0x1b
[   97.181216][ T6824]  should_fail_ex+0x265/0x280
[   97.181299][ T6824]  should_failslab+0x8c/0xb0
[   97.181317][ T6824]  kmem_cache_alloc_node_noprof+0x57/0x320
[   97.181345][ T6824]  ? __alloc_skb+0x101/0x320
[   97.181447][ T6824]  __alloc_skb+0x101/0x320
[   97.181532][ T6824]  ? audit_log_start+0x365/0x6c0
[   97.181569][ T6824]  audit_log_start+0x380/0x6c0
[   97.181602][ T6824]  audit_seccomp+0x48/0x100
[   97.181704][ T6824]  ? __seccomp_filter+0x68c/0x10d0
[   97.181725][ T6824]  __seccomp_filter+0x69d/0x10d0
[   97.181750][ T6824]  ? poll_select_finish+0x164/0x3f0
[   97.181774][ T6824]  __secure_computing+0x82/0x150
[   97.181791][ T6824]  syscall_trace_enter+0xcf/0x1e0
[   97.181811][ T6824]  do_syscall_64+0xac/0x200
[   97.181840][ T6824]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   97.181870][ T6824]  ? clear_bhb_loop+0x40/0x90
[   97.181887][ T6824]  ? clear_bhb_loop+0x40/0x90
[   97.182009][ T6824]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.182029][ T6824] RIP: 0033:0x7f2ecc70d33c
[   97.182045][ T6824] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   97.182138][ T6824] RSP: 002b:00007f2ecad77030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   97.182157][ T6824] RAX: ffffffffffffffda RBX: 00007f2ecc935fa0 RCX: 00007f2ecc70d33c
[   97.182168][ T6824] RDX: 000000000000000f RSI: 00007f2ecad770a0 RDI: 0000000000000007
[   97.182179][ T6824] RBP: 00007f2ecad77090 R08: 0000000000000000 R09: 0000000000000000
[   97.182189][ T6824] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   97.182199][ T6824] R13: 0000000000000000 R14: 00007f2ecc935fa0 R15: 00007fff153816c8
[   97.182269][ T6824]  </TASK>
[   97.405452][ T6817] netlink: 'syz.1.1087': attribute type 13 has an invalid length.
[   97.455346][ T6817] erspan0: refused to change device tx_queue_len
[   97.456943][ T6832] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=6832 comm=syz.0.1092
[   97.475241][ T6817] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[   97.480577][ T5782] vhci_hcd: vhci_device speed not set
[   97.579456][ T6839] FAULT_INJECTION: forcing a failure.
[   97.579456][ T6839] name failslab, interval 1, probability 0, space 0, times 0
[   97.592361][ T6839] CPU: 1 UID: 0 PID: 6839 Comm: syz.0.1095 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(voluntary) 
[   97.592438][ T6839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   97.592475][ T6839] Call Trace:
[   97.592481][ T6839]  <TASK>
[   97.592488][ T6839]  __dump_stack+0x1d/0x30
[   97.592510][ T6839]  dump_stack_lvl+0xe8/0x140
[   97.592530][ T6839]  dump_stack+0x15/0x1b
[   97.592546][ T6839]  should_fail_ex+0x265/0x280
[   97.592589][ T6839]  should_failslab+0x8c/0xb0
[   97.592610][ T6839]  __kmalloc_noprof+0xa5/0x3e0
[   97.592634][ T6839]  ? tcf_idr_create+0x41/0x4a0
[   97.592695][ T6839]  tcf_idr_create+0x41/0x4a0
[   97.592718][ T6839]  tcf_police_init+0x296/0xc80
[   97.592827][ T6839]  tcf_action_init_1+0x36a/0x4a0
[   97.592856][ T6839]  tcf_action_init+0x267/0x6d0
[   97.592878][ T6839]  ? mark_reg_read+0x233/0x340
[   97.592968][ T6839]  tc_ctl_action+0x291/0x830
[   97.593065][ T6839]  ? __pfx_tc_ctl_action+0x10/0x10
[   97.593084][ T6839]  rtnetlink_rcv_msg+0x65a/0x6d0
[   97.593111][ T6839]  netlink_rcv_skb+0x120/0x220
[   97.593140][ T6839]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   97.593227][ T6839]  rtnetlink_rcv+0x1c/0x30
[   97.593279][ T6839]  netlink_unicast+0x59e/0x670
[   97.593307][ T6839]  netlink_sendmsg+0x58b/0x6b0
[   97.593341][ T6839]  ? __pfx_netlink_sendmsg+0x10/0x10
[   97.593373][ T6839]  __sock_sendmsg+0x142/0x180
[   97.593469][ T6839]  ____sys_sendmsg+0x31e/0x4e0
[   97.593499][ T6839]  ___sys_sendmsg+0x17b/0x1d0
[   97.593573][ T6839]  __x64_sys_sendmsg+0xd4/0x160
[   97.593658][ T6839]  x64_sys_call+0x2999/0x2fb0
[   97.593679][ T6839]  do_syscall_64+0xd2/0x200
[   97.593783][ T6839]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   97.593807][ T6839]  ? clear_bhb_loop+0x40/0x90
[   97.593824][ T6839]  ? clear_bhb_loop+0x40/0x90
[   97.593886][ T6839]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.593903][ T6839] RIP: 0033:0x7f2046afe929
[   97.593916][ T6839] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.593934][ T6839] RSP: 002b:00007f2045167038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   97.593953][ T6839] RAX: ffffffffffffffda RBX: 00007f2046d25fa0 RCX: 00007f2046afe929
[   97.594013][ T6839] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000006
[   97.594024][ T6839] RBP: 00007f2045167090 R08: 0000000000000000 R09: 0000000000000000
[   97.594056][ T6839] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   97.594066][ T6839] R13: 0000000000000000 R14: 00007f2046d25fa0 R15: 00007ffd9e0c99d8
[   97.594109][ T6839]  </TASK>
[   97.883874][ T6844] netlink: 'syz.0.1098': attribute type 10 has an invalid length.
[   97.905162][ T6844] veth0_macvtap: left promiscuous mode
[   97.914395][ T6844] veth0_macvtap: entered promiscuous mode
[   97.921411][ T6844] team0: Device macvtap0 failed to register rx_handler
[   97.931838][ T6844] veth0_macvtap: left promiscuous mode
[   98.418316][ T6879] loop0: detected capacity change from 0 to 2048
[   98.430384][ T6879] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   98.458318][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.500771][ T6885] FAULT_INJECTION: forcing a failure.
[   98.500771][ T6885] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   98.514049][ T6885] CPU: 1 UID: 0 PID: 6885 Comm: syz.0.1112 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(voluntary) 
[   98.514077][ T6885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   98.514087][ T6885] Call Trace:
[   98.514093][ T6885]  <TASK>
[   98.514102][ T6885]  __dump_stack+0x1d/0x30
[   98.514124][ T6885]  dump_stack_lvl+0xe8/0x140
[   98.514198][ T6885]  dump_stack+0x15/0x1b
[   98.514211][ T6885]  should_fail_ex+0x265/0x280
[   98.514300][ T6885]  should_fail+0xb/0x20
[   98.514324][ T6885]  should_fail_usercopy+0x1a/0x20
[   98.514349][ T6885]  _copy_from_user+0x1c/0xb0
[   98.514368][ T6885]  __ia32_sys_rt_sigreturn+0x128/0x350
[   98.514422][ T6885]  x64_sys_call+0x2e8a/0x2fb0
[   98.514443][ T6885]  do_syscall_64+0xd2/0x200
[   98.514543][ T6885]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   98.514567][ T6885]  ? clear_bhb_loop+0x40/0x90
[   98.514588][ T6885]  ? clear_bhb_loop+0x40/0x90
[   98.514670][ T6885]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.514687][ T6885] RIP: 0033:0x7f2046a9ab19
[   98.514701][ T6885] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[   98.514715][ T6885] RSP: 002b:00007f2045166a80 EFLAGS: 00000202 ORIG_RAX: 000000000000000f
[   98.514732][ T6885] RAX: ffffffffffffffda RBX: 00007f2046d25fa0 RCX: 00007f2046a9ab19
[   98.514815][ T6885] RDX: 00007f2045166a80 RSI: 00007f2045166bb0 RDI: 0000000000000021
[   98.514828][ T6885] RBP: 00007f2045167090 R08: 0000000000000001 R09: 0000000000000000
[   98.514841][ T6885] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[   98.514854][ T6885] R13: 0000000000000000 R14: 00007f2046d25fa0 R15: 00007ffd9e0c99d8
[   98.514872][ T6885]  </TASK>
[   98.714473][ T6887] __nla_validate_parse: 24 callbacks suppressed
[   98.714487][ T6887] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1113'.
[   98.730237][ T6887] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1113'.
[   98.739292][ T6887] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1113'.
[   98.757416][ T6887] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1113'.
[   98.769430][ T6887] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1113'.
[   98.798511][ T6887] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1113'.
[   98.807722][ T6887] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1113'.
[   98.818335][ T6887] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1113'.
[   98.827623][ T6887] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1113'.
[   98.991153][ T6904] netlink: 332 bytes leftover after parsing attributes in process `syz.4.1119'.
[   99.000837][ T6904] validate_nla: 1 callbacks suppressed
[   99.000848][ T6904] netlink: 'syz.4.1119': attribute type 9 has an invalid length.
[   99.039088][   T29] kauditd_printk_skb: 430 callbacks suppressed
[   99.039103][   T29] audit: type=1326 audit(1752039672.815:3995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6903 comm="syz.4.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f817bc1e929 code=0x7ffc0000
[   99.068843][   T29] audit: type=1326 audit(1752039672.815:3996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6903 comm="syz.4.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f817bc1e929 code=0x7ffc0000
[   99.092578][   T29] audit: type=1326 audit(1752039672.815:3997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6903 comm="syz.4.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f817bc1e929 code=0x7ffc0000
[   99.116031][   T29] audit: type=1326 audit(1752039672.815:3998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6903 comm="syz.4.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f817bc1e929 code=0x7ffc0000
[   99.139499][   T29] audit: type=1326 audit(1752039672.815:3999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6903 comm="syz.4.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f817bc1e929 code=0x7ffc0000
[   99.162806][   T29] audit: type=1326 audit(1752039672.815:4000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6903 comm="syz.4.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f817bc1e929 code=0x7ffc0000
[   99.186194][   T29] audit: type=1326 audit(1752039672.815:4001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6903 comm="syz.4.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f817bc1e929 code=0x7ffc0000
[   99.209972][   T29] audit: type=1326 audit(1752039672.815:4002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6903 comm="syz.4.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f817bc1e929 code=0x7ffc0000
[   99.233403][   T29] audit: type=1326 audit(1752039672.815:4003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6903 comm="syz.4.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f817bc1e929 code=0x7ffc0000
[   99.256830][   T29] audit: type=1326 audit(1752039672.815:4004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6903 comm="syz.4.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=75 compat=0 ip=0x7f817bc1e929 code=0x7ffc0000
[   99.273201][ T6906] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   99.292429][ T6906] vhci_hcd: default hub control req: 2314 v0008 i0002 l0
[   99.309122][ T6900] program syz.2.1118 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   99.393070][ T6927] netlink: 'syz.0.1126': attribute type 10 has an invalid length.
[   99.403775][ T6927] team0: Port device dummy0 added
[   99.416957][ T6933] syzkaller1: entered promiscuous mode
[   99.422740][ T6933] syzkaller1: entered allmulticast mode
[   99.457565][ T6939] netlink: 'syz.4.1129': attribute type 13 has an invalid length.
[   99.516711][ T6939] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   99.532688][ T5782] lo speed is unknown, defaulting to 1000
[   99.542619][ T6942] all: renamed from lo (while UP)
[  100.069397][ T6955] FAULT_INJECTION: forcing a failure.
[  100.069397][ T6955] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  100.082503][ T6955] CPU: 0 UID: 0 PID: 6955 Comm: syz.0.1132 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(voluntary) 
[  100.082531][ T6955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  100.082544][ T6955] Call Trace:
[  100.082551][ T6955]  <TASK>
[  100.082560][ T6955]  __dump_stack+0x1d/0x30
[  100.082633][ T6955]  dump_stack_lvl+0xe8/0x140
[  100.082653][ T6955]  dump_stack+0x15/0x1b
[  100.082671][ T6955]  should_fail_ex+0x265/0x280
[  100.082700][ T6955]  should_fail+0xb/0x20
[  100.082765][ T6955]  should_fail_usercopy+0x1a/0x20
[  100.082851][ T6955]  _copy_to_user+0x20/0xa0
[  100.082871][ T6955]  simple_read_from_buffer+0xb5/0x130
[  100.082955][ T6955]  proc_fail_nth_read+0x100/0x140
[  100.082988][ T6955]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  100.083071][ T6955]  vfs_read+0x1a0/0x6f0
[  100.083099][ T6955]  ? __rcu_read_unlock+0x4f/0x70
[  100.083116][ T6955]  ? __fget_files+0x184/0x1c0
[  100.083170][ T6955]  ksys_read+0xda/0x1a0
[  100.083199][ T6955]  __x64_sys_read+0x40/0x50
[  100.083226][ T6955]  x64_sys_call+0x2d77/0x2fb0
[  100.083243][ T6955]  do_syscall_64+0xd2/0x200
[  100.083305][ T6955]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  100.083331][ T6955]  ? clear_bhb_loop+0x40/0x90
[  100.083352][ T6955]  ? clear_bhb_loop+0x40/0x90
[  100.083371][ T6955]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.083421][ T6955] RIP: 0033:0x7f2046afd33c
[  100.083437][ T6955] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  100.083498][ T6955] RSP: 002b:00007f2045125030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  100.083514][ T6955] RAX: ffffffffffffffda RBX: 00007f2046d26160 RCX: 00007f2046afd33c
[  100.083525][ T6955] RDX: 000000000000000f RSI: 00007f20451250a0 RDI: 0000000000000006
[  100.083535][ T6955] RBP: 00007f2045125090 R08: 0000000000000000 R09: 0000000000000000
[  100.083619][ T6955] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  100.083630][ T6955] R13: 0000000000000000 R14: 00007f2046d26160 R15: 00007ffd9e0c99d8
[  100.083644][ T6955]  </TASK>
[  100.293550][ T6951] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  100.301008][ T6951] vhci_hcd: default hub control req: 2314 v0008 i0002 l0
[  100.367325][ T6964] FAULT_INJECTION: forcing a failure.
[  100.367325][ T6964] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  100.380547][ T6964] CPU: 1 UID: 0 PID: 6964 Comm: syz.2.1137 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(voluntary) 
[  100.380576][ T6964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  100.380588][ T6964] Call Trace:
[  100.380594][ T6964]  <TASK>
[  100.380602][ T6964]  __dump_stack+0x1d/0x30
[  100.380624][ T6964]  dump_stack_lvl+0xe8/0x140
[  100.380696][ T6964]  dump_stack+0x15/0x1b
[  100.380711][ T6964]  should_fail_ex+0x265/0x280
[  100.380797][ T6964]  should_fail+0xb/0x20
[  100.380837][ T6964]  should_fail_usercopy+0x1a/0x20
[  100.380867][ T6964]  _copy_from_user+0x1c/0xb0
[  100.380887][ T6964]  load_msg+0x173/0x2f0
[  100.380908][ T6964]  do_mq_timedsend+0x23e/0x6b0
[  100.381008][ T6964]  __x64_sys_mq_timedsend+0xd1/0x160
[  100.381034][ T6964]  x64_sys_call+0x2db9/0x2fb0
[  100.381052][ T6964]  do_syscall_64+0xd2/0x200
[  100.381140][ T6964]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  100.381166][ T6964]  ? clear_bhb_loop+0x40/0x90
[  100.381187][ T6964]  ? clear_bhb_loop+0x40/0x90
[  100.381241][ T6964]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.381261][ T6964] RIP: 0033:0x7f0ff9a7e929
[  100.381277][ T6964] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.381293][ T6964] RSP: 002b:00007f0ff80e7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f2
[  100.381313][ T6964] RAX: ffffffffffffffda RBX: 00007f0ff9ca5fa0 RCX: 00007f0ff9a7e929
[  100.381326][ T6964] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  100.381340][ T6964] RBP: 00007f0ff80e7090 R08: 0000000000000000 R09: 0000000000000000
[  100.381375][ T6964] R10: 0000000000000a00 R11: 0000000000000246 R12: 0000000000000001
[  100.381386][ T6964] R13: 0000000000000000 R14: 00007f0ff9ca5fa0 R15: 00007ffdd6b03a88
[  100.381465][ T6964]  </TASK>
[  100.653994][ T6973] sd 0:0:1:0: device reset
[  100.851535][ T6998] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  100.881455][ T6998] vhci_hcd: default hub control req: 2314 v0008 i0002 l0
[  101.219766][ T7005] team0 (unregistering): Port device dummy0 removed
[  101.428655][ T6995] netlink: 'syz.2.1148': attribute type 13 has an invalid length.
[  101.448485][ T6995] erspan0: refused to change device tx_queue_len
[  101.454976][ T6995] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  101.688663][ T7025] IPVS: Unknown mcast interface: wg0
[  101.697774][ T7025] loop0: detected capacity change from 0 to 512
[  101.715282][ T7025] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.732798][ T7025] ext4 filesystem being mounted at /240/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  101.743763][ T7025] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.796272][ T7034] loop0: detected capacity change from 0 to 512
[  101.819347][ T7038] netlink: 'syz.2.1164': attribute type 1 has an invalid length.
[  101.821495][ T7034] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.840293][ T7036] netlink: 'tÊhX ': attribute type 1 has an invalid length.
[  101.845687][ T7034] ext4 filesystem being mounted at /241/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  101.864582][ T7036] macvlan1: entered promiscuous mode
[  101.882672][ T3308] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.894333][ T7036] ipvlan0: entered promiscuous mode
[  101.905120][ T7036] ipvlan0: left promiscuous mode
[  101.923303][ T7036] macvlan1: left promiscuous mode
[  101.974380][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  101.982108][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  101.989880][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  101.997530][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.005198][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.012861][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.020632][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.028277][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.036053][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.043774][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.043797][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.043817][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.043846][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.043938][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.043962][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.043986][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.044009][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.044038][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.044057][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.044078][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.044102][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.044125][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.044200][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.044220][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.044246][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.044270][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.044293][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.044319][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.044342][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.044361][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.044381][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.044450][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.044473][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.044551][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.044574][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.044598][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.044622][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.044643][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.044663][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.044748][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.044767][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.044790][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.044811][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.044839][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.044938][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.044961][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.044984][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.045082][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.045111][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.045134][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.045157][ T5784] hid-generic 0008:1000006:0004.0003: unknown main item tag 0x0
[  102.053780][ T5784] hid-generic 0008:1000006:0004.0003: hidraw0: <UNKNOWN> HID v0.08 Device [syz1] on syz0
[  102.640499][ T7066] bridge_slave_0: entered promiscuous mode
[  102.684872][ T7062] ==================================================================
[  102.692977][ T7062] BUG: KCSAN: data-race in __htab_map_lookup_elem / bpf_lru_pop_free
[  102.701049][ T7062] 
[  102.703363][ T7062] write to 0xffff888119c96d28 of 4 bytes by task 7069 on cpu 0:
[  102.710979][ T7062]  bpf_lru_pop_free+0xbf0/0xcd0
[  102.715824][ T7062]  __htab_lru_percpu_map_update_elem+0xea/0x600
[  102.722059][ T7062]  bpf_percpu_hash_update+0x61/0xa0
[  102.727350][ T7062]  bpf_map_update_value+0x297/0x3a0
[  102.732557][ T7062]  generic_map_update_batch+0x3f5/0x540
[  102.738104][ T7062]  bpf_map_do_batch+0x258/0x380
[  102.742947][ T7062]  __sys_bpf+0x2e0/0x790
[  102.747185][ T7062]  __x64_sys_bpf+0x41/0x50
[  102.751601][ T7062]  x64_sys_call+0x2478/0x2fb0
[  102.756271][ T7062]  do_syscall_64+0xd2/0x200
[  102.760864][ T7062]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.766778][ T7062] 
[  102.769092][ T7062] read to 0xffff888119c96d28 of 4 bytes by task 7062 on cpu 1:
[  102.776633][ T7062]  __htab_map_lookup_elem+0xab/0x150
[  102.781914][ T7062]  htab_lru_percpu_map_lookup_elem+0x20/0xb0
[  102.787896][ T7062]  bpf_prog_67a7f92a6a5e5f13+0x43/0x4b
[  102.793380][ T7062]  bpf_trace_run2+0x107/0x1c0
[  102.798068][ T7062]  kfree+0x27b/0x320
[  102.801963][ T7062]  ___sys_recvmsg+0x135/0x370
[  102.806648][ T7062]  do_recvmmsg+0x1ef/0x540
[  102.811134][ T7062]  __x64_sys_recvmmsg+0xe5/0x170
[  102.816079][ T7062]  x64_sys_call+0x1c6a/0x2fb0
[  102.821277][ T7062]  do_syscall_64+0xd2/0x200
[  102.825781][ T7062]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.831679][ T7062] 
[  102.834081][ T7062] value changed: 0xcd70be3e -> 0x24a75381
[  102.839788][ T7062] 
[  102.842112][ T7062] Reported by Kernel Concurrency Sanitizer on:
[  102.848251][ T7062] CPU: 1 UID: 0 PID: 7062 Comm: syz.0.1166 Not tainted 6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(voluntary) 
[  102.860655][ T7062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  102.871231][ T7062] ==================================================================
[  102.987402][ T7069] netlink: 'syz.2.1173': attribute type 10 has an invalid length.
[  102.996753][ T7069] team0: Device macvtap0 failed to register rx_handler
[  103.028285][ T7061] netlink: 'syz.4.1171': attribute type 10 has an invalid length.
[  103.037729][ T7061] netlink: 'syz.4.1171': attribute type 10 has an invalid length.