last executing test programs:

1m8.910992803s ago: executing program 1 (id=9147):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x0, 0x0, 0x1000)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000080000000000000004850000006d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
creat(&(0x7f0000000080)='./bus\x00', 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0xfffffffffffffffc, &(0x7f00000002c0)={<r2=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r1, &(0x7f0000000380)={0xe, 0x18, 0xfa00, @id_afonly={0x0, r2, 0x0, 0x2, 0x2}}, 0x20)

1m8.865116306s ago: executing program 1 (id=9151):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x84aa5000)
bind$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424d", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3}, 0x94)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x9}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
recvmmsg(0xffffffffffffffff, &(0x7f00000024c0)=[{{0x0, 0x27, &(0x7f0000000d00)=[{&(0x7f00000007c0)=""/49, 0x31}, {&(0x7f0000000800)=""/245, 0xf5}], 0x2}, 0x9}], 0x1, 0x10000, 0x0)

1m8.675278182s ago: executing program 1 (id=9153):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x34, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r4, {0xc, 0x4}, {}, {0x5, 0xf}}, [@filter_kind_options=@f_flow={{0x9}, {0x4}}]}, 0x34}}, 0x20040054)

1m8.488063327s ago: executing program 1 (id=9159):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7020000080000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x1, 0x0, 0x7ffc0005}]})
kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff, 0x1ff})

1m8.369233797s ago: executing program 1 (id=9160):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bind$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @multicast2}, 0x6}, 0x1c)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000001680)=ANY=[@ANYBLOB="1800000000030000000000000000000095"], &(0x7f0000001700)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='kmem_cache_free\x00', r0}, 0x18)
r1 = epoll_create1(0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
setsockopt$sock_int(r2, 0x1, 0x2e, &(0x7f0000000040)=0x80, 0x4)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000100)={0xa0028000})
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000400)={'ip_vti0\x00', &(0x7f00000002c0)={'syztnl2\x00', <r4=>0x0, 0x8, 0x8, 0x8001, 0x6, {{0xd, 0x4, 0x2, 0x14, 0x34, 0x68, 0x0, 0x0, 0x29, 0x0, @private=0xa010101, @empty, {[@ra={0x94, 0x4, 0x1}, @timestamp_prespec={0x44, 0xc, 0x8c, 0x3, 0x6, [{@empty, 0x200}]}, @ra={0x94, 0x4, 0x1}, @rr={0x7, 0xb, 0x6b, [@local, @remote]}]}}}}})
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000440)=<r5=>0x0, &(0x7f0000000480)=0x4)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000700)={'ipvlan0\x00', <r7=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="680000001000030500f0e66f1500000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000400012800c0001006d6163766c616e00300002800800010010000000100005800a000400aaaaaaaaaabb000008000300030000000a000400aaaaaaaab1aa000008000500", @ANYRES32=r7], 0x68}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000004c0)={'syztnl0\x00', &(0x7f0000000ec0)={'ip6gre0\x00', <r8=>0x0, 0x29, 0x4, 0x40, 0x4, 0x22, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, 0x1, 0x40, 0x52f0, 0x3}})
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001200)={r0, 0xe0, &(0x7f0000001100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r9=>0x0, 0x0, 0x0, 0x0, 0x4, 0x2, &(0x7f0000000f80)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000fc0)=[0x0, 0x0], 0x0, 0xd0, &(0x7f0000001000)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000001040), &(0x7f0000001080), 0x8, 0xc1, 0x8, 0x8, &(0x7f00000010c0)}}, 0x10)
sendmsg$ETHTOOL_MSG_WOL_GET(0xffffffffffffffff, &(0x7f0000001380)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000001340)={&(0x7f0000001240)=ANY=[@ANYBLOB="f0000000", @ANYRES16=r3, @ANYBLOB="00082dbd7000ffdbdf2509000000180001801400020076657468305f746f5f7465616d00000024000180080003000000000008000100", @ANYRES32=r4, @ANYBLOB="08000100", @ANYRES32=r5, @ANYBLOB="08000300010000003400018014000200636169663000000000000000000000000800030001000000140000002c0001800800030002000000080003000100000008000100", @ANYRES32=r7, @ANYBLOB="08000100", @ANYRES32=r8, @ANYBLOB="08000300030000004000018008000100", @ANYRES32, @ANYBLOB="080003000100000008000100", @ANYRES32=r9, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="08000300030000001400020076657468305f766972745f7769666900"], 0xf0}, 0x1, 0x0, 0x0, 0x4060004}, 0x10)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={0x1, <r10=>0xffffffffffffffff}, 0x4)
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
r12 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r12, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001440)=ANY=[@ANYBLOB="1c870000000303000000000000000000000000000800010001000000b82d36fe8ab89c98f78fe80e84cc0b7aa90d389786d281c9e7eacc03e945a471ec5e09c5dd8412bb1966ebcad2c75458ac79ef1ce46f32e9fc5f0385608722399e70e6ccfa722119519491ea89054e3355347b97157d8e22e1ef82b36081c8fd178c3b6788e0afeee7b4edbf1a2d61655ad4caa2f60b95c927cd22696e6b4192d78e9d4e1f6bebac2e150c3b4008be84ddaf27b532f4d28fec573ddb6be6eed9e7df658b22e4ca9bea70aedbccb395f8bda9a1212f95b970b01983f55760749555be630f6b88aabfc3c5a9fc691fed8546e7754272da6574d10f00"], 0x1c}}, 0x0)
sendmsg$NFQNL_MSG_VERDICT_BATCH(r11, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000001540)=ANY=[@ANYBLOB="14000000000000000000000000000000888f00000000e64f0004c3509440d2182e906d5a68cbf202ca9660188d86d8010b11e08900dfd54746b724631307ddb574e8d5e21b0fc7a1000e7564837e581d4406839ffb473e1a95a7543ecd235f3d6482a845cdf1cd06cc277b82b188d7320c17e56b91ea92b261b761240b68d2e9f445fb24cac2879e9d0b408e2ffc06e5da4cf0def757c77ce320"], 0x14}, 0x1, 0x0, 0x0, 0x20004000}, 0x20000014)
arch_prctl$ARCH_MAP_VDSO_X32(0x2001, 0x3)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000f40)={r10, 0x58, &(0x7f00000001c0)}, 0x10)
r13 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0xa0)
ioctl$FS_IOC_SETFLAGS(r13, 0x40086602, &(0x7f0000000280)=0x10)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x800, 0x40)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000500)=ANY=[@ANYBLOB="61153c00000000006113500000000000bfa00000000000001503000008004e002d3501000000000095004100000000006916000000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf630000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ff3d4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf664e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932c9a6aa57f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2739670b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc401000000cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386ba3b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be19637302f3b41eae50509fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524a3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18402cde8b0100010000000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f44fc00b69151d681a2f71373f20d92c9048407c91fabecfe8b3f2d545ffffffff00000000a1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf857689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18533d4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684ee54c0a263c806aabac2f66cb052f847c62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961ef4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fc0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bb000000000000000000000000000000884efcecca45ea4ab2ec097668456a6ff12854997f5aed737d5205ace5c0b64f87ef10784d0479cb44ca077e0c4ce6ff880e2ce3de63853a9740e9233683bfc8636bee293aeeb680b399a296e6f44c07b5fc5d9d359af007f23004a7acb6df23664ea209620b4fe0f4df81c33bd8ca2335cb4b50881937379b45a301175c3e8eb32970564ec8e25c46ee3bae079faedaad94276cfa251be8256c4c37fc84a299fa176018054e9149a1c9d20a809ce3000000000000000000000000f6fad8476470bf4bb79d2ba2c0f7147577466f4229b364d6900ad22583c0ec630ea0c6177ad88014b074d88fea473d5ef91ed786bbd3371f0dfcc5ccf4aa82927192aa94fe70a261f1899e1f2f62d50b027f7e7cac8fe3691aa323e71d5e479d466512d1df57633a9006016322978a795431c745f0502e37b8884c368a3f9d5c05a7fb5bd25d95442d09f79c5bd656dccb450cb19c6df406ffcfc414334021df3e4654f84f10070846d3b06795445f79b1f0"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2}, 0x48)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f0000001400), 0xffffffffffffffff)

1m8.289720074s ago: executing program 1 (id=9164):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x84aa5000)
bind$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424d", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3}, 0x94)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x9}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
recvmmsg(0xffffffffffffffff, &(0x7f00000024c0)=[{{0x0, 0x27, &(0x7f0000000d00)=[{&(0x7f00000007c0)=""/49, 0x31}, {&(0x7f0000000800)=""/245, 0xf5}], 0x2}, 0x9}], 0x1, 0x10000, 0x0)

53.307554098s ago: executing program 32 (id=9164):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x84aa5000)
bind$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424d", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3}, 0x94)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x9}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
recvmmsg(0xffffffffffffffff, &(0x7f00000024c0)=[{{0x0, 0x27, &(0x7f0000000d00)=[{&(0x7f00000007c0)=""/49, 0x31}, {&(0x7f0000000800)=""/245, 0xf5}], 0x2}, 0x9}], 0x1, 0x10000, 0x0)

4.342507108s ago: executing program 2 (id=10808):
r0 = syz_create_resource$binfmt(&(0x7f0000000000)='./file0\x00')
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000300)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x6}}, './file0\x00'})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x12, 0x0, &(0x7f0000000040)='GPL\x00', 0xc, 0xff6, &(0x7f0000001e00)=""/4086, 0x41100, 0x20, '\x00', 0x0, 0x0, r1}, 0x94)
accept(0xffffffffffffffff, 0x0, &(0x7f0000000140))
r2 = openat$binfmt(0xffffffffffffff9c, r0, 0x41, 0x1ff)
fcntl$setlease(r2, 0x400, 0x1)
r3 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r3, &(0x7f0000000040)={0x18, 0x0, {0x4, @random="bb7fb37b9489", 'bond0\x00'}}, 0x1e)
ioctl$PPPIOCSMRU(r3, 0x40047452, 0x0)
socket$packet(0x11, 0x2, 0x300)
socket$packet(0x11, 0xa, 0x300)
socket$packet(0x11, 0xa, 0x300)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x6, 0x3, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2608064c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r5, &(0x7f00000000c0), 0x0, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @dev={0xfe, 0x80, '\x00', 0x1d}}, 0x1c)
io_setup(0x5, &(0x7f0000000240)=<r6=>0x0)
r7 = inotify_init()
io_submit(r6, 0x1, &(0x7f00000003c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x7, r7, 0x0}])
io_cancel(r6, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x8, 0xc1, 0xffffffffffffffff, 0x0, 0x0, 0x100000000, 0x0, 0x2}, 0x0)
openat$binfmt(0xffffffffffffff9c, r0, 0x41, 0x1ff)
openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x13c)
r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
pread64(r8, &(0x7f00000024c0)=""/209, 0xd1, 0x8)

2.986518638s ago: executing program 2 (id=10827):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f00000003c0)='kmem_cache_free\x00', r0}, 0x10)
linkat(0xffffffffffffffff, &(0x7f0000000040)='\x00', 0xffffffffffffff9c, 0x0, 0x1000)

2.944836861s ago: executing program 2 (id=10832):
fsync(0xffffffffffffffff)

2.926350503s ago: executing program 2 (id=10834):
r0 = msgget$private(0x0, 0x790)
msgsnd(r0, &(0x7f0000000d00)=ANY=[@ANYRES8], 0x401, 0x0)
perf_event_open(0x0, 0x0, 0xffffffbfffffffff, 0xffffffffffffffff, 0xb)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, 0x0, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r2, &(0x7f0000001240)=""/102400, 0x200000, 0x0)

2.010131587s ago: executing program 2 (id=10845):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x200000, &(0x7f0000000500)={[{@dioread_nolock}, {@stripe={'stripe', 0x3d, 0x3}}, {@min_batch_time={'min_batch_time', 0x3d, 0x1}}, {@nogrpid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@errors_remount}, {@acl}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x343}}, {@jqfmt_vfsold}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@nombcache}]}, 0xfd, 0x573, &(0x7f0000000cc0)="$eJzs3V9rW+UfAPDvSZP9636/djCGeiGDXTgZS9fWPxOEzUvR4UDvZ2izMpouo0nHWgduF+7GGxmCiAPxBXjv5fAN+CoGOhgyil6IUDnpSZe1Sf8tNbH5fOBsz5Nzkud58pzvyfOck/QEMLBOpv/kIl6OiK+SiJGWdfnIVp5c3W756e2pdEliZeXj35O4sO61kuz/4SzzUkT8/EXEmdzGcmuLS7OlSqU8n+XH6nM3xmqLS2evzZVmyjPl6xOTk+ffnJx45+23utbW1y//+e1HD98//+Wp5W9+fHzsfhIX42i2Lm1XF4q405o5Wfo7SxXi4roNx7tQWD9Jel0BdmUoi/NCpMeAkRjKoh7Y/z6PiBVgQCXiHwZUcxzQnNt3aR78n/HkvdUJ0Mb251fPjcShxtzoyHLy3Mwone+OdqH8tIyffntwP11i8/MQh7fIA+zInbsRcS6f33j8S7Lj3+6da5w83tz6Mgbt8wd66WE6/knuRGyI/9za+CfajH+G28Tubmwd/7nHXSimo3T8927b8e/aoWt0KMv9rzHmKyRXr1XK5yLi/xFxOgoH0/xm13POLz9a6bSudfyXLmn5zbFgVo/H+YPPP2e6VC+9SJtbPbkb8Urb8W+y1v9Jm/5P34/L2yzjRPnBq53Wbd3+vbXyQ8Rrbfv/2RWtZPPrk2ON/WGsuVds9Me9E790Kr/X7U/7/8jm7R9NWq/X1nZexveH/ip3Wrfb/f9A8kkjfSB77FapXp8fjziQfJgfXv/4xLPnNvPN7dP2nz7VPv432//Tyden22z/veP3Om7aD/0/vaP+33ni0Qeffdep/O31/xuN1Onske0c/7ZbwRd57wAAAAAAAKDf5CLiaCS54lo6lysWV7/fcTyO5CrVWv3M1erC9elo/FZ2NAq55pXukZbvQ4xn34dt5ifW5Scj4lhEfD10uJEvTlUr071uPAAAAAAAAAAAAAAAAAAAAPSJ4Q6//0/9OtTr2gF7rnFjg4O9rgXQC1ve8r8bd3oC+tKW8Q/sWzuPf2cGYL/w+Q+DS/zD4BL/MLi2G/+FkT2uCPCv8/kPg0v8AwAAAAAAAAAAAAAAAAAAAAAAAAAAQFddvnQpXVaWn96eSvPTNxcXZqs3z06Xa7PFuYWp4lR1/kZxplqdqZSLU9W5rV6vUq3eGJ+IhVtj9XKtPlZbXLoyV124Xr9yba40U75SLvhjwwAAAAAAAAAAAAAAAAAAALBBbXFptlSplOclOiYuRF9UYy8buGpXT8/3Syskupro8YEJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFr8EwAA//8DDjNQ")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143441, 0x98)
fallocate(r0, 0x10, 0x160483b7, 0x5)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs(r1, &(0x7f0000000400)='ns\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
write$tun(0xffffffffffffffff, &(0x7f0000000400)=ANY=[], 0xa2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
syz_clone3(&(0x7f00000003c0)={0x44084000, &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140), {0x3}, &(0x7f0000000180)=""/163, 0xa3, &(0x7f0000000240)=""/9, &(0x7f0000000380)=[r1, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6, {r0}}, 0x58)

1.85067035s ago: executing program 4 (id=10849):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b70400000000000085000000010000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r2, &(0x7f0000001240)=""/102400, 0x200000, 0x0)

1.793870314s ago: executing program 0 (id=10851):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0100000004000000080000000b"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa1", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
umount2(&(0x7f00000003c0)='./file0\x00', 0xa)

1.793315685s ago: executing program 0 (id=10852):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b7040000000000008500000001"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r2, &(0x7f0000001240)=""/102400, 0x200000, 0x0)

1.661088785s ago: executing program 4 (id=10855):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = socket(0x10, 0x3, 0x0)
getsockname$packet(r3, &(0x7f00000002c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000000d7c0d6c878f064eb", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)

1.573702982s ago: executing program 4 (id=10858):
bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x50)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'batadv_slave_0\x00'})
pipe2(&(0x7f0000000300), 0x80000)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000033c0)={0x53, 0x0, 0x6, 0x6b, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000040)='\x00\x00\x00\x00\x00\x00', &(0x7f0000002240)=""/4103, 0xfffffffe, 0x0, 0x0, 0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0xc2f00, 0x4d, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000000000)={0x18, 0x0, {0x7, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x35}, 'macvlan1\x00'}}, 0x1e)
recvmmsg(r1, &(0x7f0000000a80)=[{{0x0, 0x0, 0x0}, 0x5}], 0x1, 0x40018003, 0x0)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000200), r1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2a}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
unshare(0x68040200)

1.510283387s ago: executing program 0 (id=10859):
syz_open_dev$sg(&(0x7f00000002c0), 0x7992, 0x0)
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000280)={'vcan0\x00', <r1=>0x0})
r2 = fcntl$dupfd(r0, 0x406, r0)
bind$can_j1939(r2, &(0x7f0000000040)={0x1d, r1, 0x2, {0x0, 0xff, 0x7}, 0x4}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
msync(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x6)
r3 = socket(0x10, 0x3, 0x9)
sendfile(r3, 0xffffffffffffffff, 0x0, 0x7fffffffffffffff)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x7, &(0x7f00000190c0)=ANY=[@ANYBLOB="180000000000000000000000fcffffff18110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000000000100850000008600000095"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r5}, 0x18)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
splice(0xffffffffffffffff, 0x0, r6, 0x0, 0x7, 0x9)
write$P9_RWRITE(r6, &(0x7f0000000040)={0xb}, 0x11000)
recvmmsg(0xffffffffffffffff, &(0x7f0000006940)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000003c0)=""/6, 0x6}], 0x1}, 0x53}], 0x1, 0x2, 0x0)
socketpair$tipc(0x1e, 0x4, 0x0, &(0x7f0000000180)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000c40)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r9}, 0x10)
sendmmsg$sock(r7, &(0x7f00000044c0), 0x4000000000001c0, 0x0)
recvfrom(r8, &(0x7f00000000c0)=""/60, 0x3c, 0x40, 0x0, 0x0)
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r10, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c)
shutdown(r10, 0x1)

594.276702ms ago: executing program 3 (id=10861):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000001400000000000000ff000000850000000e000000850000000700000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={0x0, r0}, 0x18)
fsync(0xffffffffffffffff)

572.599333ms ago: executing program 3 (id=10863):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_emit_ethernet(0x1e, &(0x7f00000003c0)=ANY=[@ANYBLOB="0180c200000001000097668d14729d000000000001f700a0060100000000000002000000000000000000"], 0x0)

448.412904ms ago: executing program 4 (id=10864):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000084271606eaa9f3832ffffff01000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r0 = perf_event_open(&(0x7f0000000580)={0x5, 0x80, 0xea, 0x7, 0x40, 0xe5, 0x0, 0x0, 0xd000, 0x6, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x5, 0x2, @perf_bp={0x0, 0x2}, 0x9c7, 0xfc, 0x4, 0x0, 0x81, 0x9, 0x5, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000540)={0x2, 0x80, 0xd2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x22160, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1, 0x7, 0x0, 0x3}, 0x0, 0x1, r0, 0xb)
pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80000)
write$P9_ROPEN(r1, &(0x7f00000004c0)={0x18, 0x71, 0x1, {{0x0, 0x0, 0x3}, 0x4}}, 0x18)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000980)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f0000000600)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kfree\x00', r2, 0x0, 0x401}, 0x11)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$KDFONTOP_SET(r3, 0x4b72, &(0x7f0000000080)={0x0, 0x3000000, 0x8, 0x6, 0x100, &(0x7f00000000c0)="387ed7626d850509a2d6c1aa38f15cd00f85c263cb226db671261fff7ce9c555f189afae3530db6dd493f28fd988721b9ae21b3e3b4523ae2594f47d8f62b480c4160b1f90ac9c41fae6ab12ac4c113fef588684ef495689092883b902a41cd75387ef6f7bc7d460d5e665f398ff95596dc94ec97003a3db08e500c2fb07e11aa4031a61c51caf7a65a2b613bda33f3eaeae635d7cd81761e74c38a7695800a15516eb337056e02335f9a7d10aa2eaf7beb7e1f7a1e850ecb3421143c5c4ded0f083a0c524dcf320827266819b6a952db5bc96141b26c54db857edbcbbc81c7af7aadf50bc549974b6401a19cdb130282b955592efa94242065a4c8d695a2cdd9ada350defd58c775b92d348305774d3a256c7520b285d8da0dbf5e20d604413ed2ddf9bcbf881caf811852806175d63892a15234fbcd7a88a2a0aea45d19148f0e7dada7d6d0d77881387fdeaa02863be90b88dfff412bff40c31c6415c54ae3335e54a49d315851feffe30d999c36def4df7df747695ef060000001bbe1b649f42f310859122c0d2c1e558dc6586958a28374f386ecf369274e43003a09b5159ea515eb44521901ef0d00baa91c10a8e44a76aac3468a15bd3d45ad389977467f306f9bcde071b30769795eed2f1580414d168f557cd90040c4bd2a3d6bc509254a12cece59181fcb5bad8c24bd9f8f78d17ab01831325501e80d899e9252f99d3a2666343392fda115048e4f4dd9f45657f8224fc78eb1168fe0527fac33466aadf48f16994d29a47778566e0f3945b2bf36b6eecc7fa18914beb66ac9e519bd3330000000000000009a3237aebbe3bed781e39d5a0fb0cdc60e196f2261305feb596b5b66ab89d2d6333f699b16db68986ab3eee7b199fefb5f79ffb2d1050e46982af1c14a88dd9b647ba812f56a8404755c73e74bb90e64bab9647c70ed5afca1c3d87907d14df8aa9df6f40a80ace2bb8a2aad3b0c66915927db4173181943d88c0c76d5969e2043db5bd77fd60ba0f012139929ccfec965c1f769785a4d23332d71f0875e3146afef5b20cc306d3ecee65944fe9829e0ad0c3f6bb2fdc1bc31152538db50f47dc38ba908a0d808687e478a609fe0daa0000000000000000e7f2e98597e27f3e1dba9c3c16e9fab3bda6ed33cb1c75513e2264b69d4794ded98eff9aa53d22eb77c9d93169c04ab2490bf28106f770e07eb7a9e8fd4e71929f918b98c4cbfcb11a90139264a9ee807c973167f493760278df0cc34be9e8f86f948d9a62e63ad6ca9d174d2465380b1a00ddc42915e4f3a5db640600000095a3d63904c9ecd1c313c08e29b814bd8fed1ab6d2846c73345962895d289ac77152cac2e04c93a5470774975b42091f218dd1e68a15f8226577bf9481ae0555db64a717eb23a811356d00000000ddffffff00"})
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000300)={<r4=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r4, 0x1, 0x1d, 0x0, 0x0)

376.443769ms ago: executing program 0 (id=10865):
clock_getres(0x0, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f0000000000)=0x2, 0x4)
getpid()
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
add_key(&(0x7f0000000080)='syzkaller\x00', &(0x7f0000000240)={'syz', 0x3}, &(0x7f0000000280)="1058ab6a727aa6109dd53ada75d20aaa64b7d0ec38740fe544da4f4bf88059b9758cd6b9ec851a56ae418a0cfcd4258da3ae66d25bc903db64f3a166a5cce5dfffac449e36703f2c4aaadf5e004996292620139ad7b7fef7c99a55a38ae459c10481c6d4078256a350f1ff44ba899241ea499466495d50c42f2a9a883a8bd60b739e173df492516b94f049caf5633b9de02e44d509650942f1f3e30fe67e2803", 0xa0, 0xfffffffffffffff8)
ptrace(0x10, r1)
ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000540))
ptrace$cont(0x21, r1, 0x0, 0x0)
r2 = syz_open_procfs(r1, &(0x7f0000000100)='personality\x00')
sendto$inet6(r2, 0x0, 0x0, 0x2000c080, &(0x7f0000000180)={0xa, 0x4e20, 0x3, @private0={0xfc, 0x0, '\x00', 0x1}, 0x26}, 0x1c)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000"], 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x6, 0x4, 0x599, 0xa, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001340), &(0x7f0000000900), 0x404, r4, 0x0, 0x1ba8847c99}, 0x38)
setsockopt$inet_int(r3, 0x0, 0x3, &(0x7f0000000140)=0xfffff7ff, 0x4)
waitid$P_PIDFD(0x3, 0xffffffffffffffff, 0x0, 0x8, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x8)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_type(r5, &(0x7f00000000c0), 0x2, 0x0)
rmdir(&(0x7f0000000140)='./cgroup/../file0\x00')
setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x41, &(0x7f00000001c0)=0x81b, 0x4)
sendto$inet(r3, &(0x7f0000000040)='\f\x00', 0xffeb, 0x0, &(0x7f0000000340), 0x10)
recvmmsg(r0, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x12000, 0x0)

364.19769ms ago: executing program 3 (id=10866):
sendmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x2160)

334.644273ms ago: executing program 4 (id=10867):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x2840, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'veth0_virt_wifi\x00', 0x1000})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'veth1_to_batadv\x00', @link_local})
write$tun(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="034886dd010000000000140000006000000000082f00fe88a43de1a400000000000000007d01ff02000000000000000000000000000112"], 0xfdef)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'ip6_vti0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x2000000, 0x0, {0x0, 0x0, 0x0, r4, {}, {}, {0xfff3}}}, 0x24}}, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000100)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x8, '\x00', r4, 0xffffffffffffffff, 0x3, 0x3, 0x3}, 0x50)

314.085014ms ago: executing program 3 (id=10868):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1}, 0x50)
r0 = perf_event_open(&(0x7f0000000580)={0x5, 0x80, 0xea, 0x7, 0x40, 0xe5, 0x0, 0x0, 0xd000, 0x6, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x5, 0x2, @perf_bp={0x0, 0x2}, 0x9c7, 0xfc, 0x4, 0x0, 0x81, 0x9, 0x5, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000540)={0x2, 0x80, 0xd2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x22160, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1, 0x7, 0x0, 0x3}, 0x0, 0x1, r0, 0xb)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000980)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f0000000600)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kfree\x00', r1, 0x0, 0x401}, 0x11)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x3) (fail_nth: 3)
ioctl$KDFONTOP_SET(r2, 0x4b72, &(0x7f0000000080)={0x0, 0x3000000, 0x8, 0x6, 0x100, &(0x7f00000000c0)="387ed7626d850509a2d6c1aa38f15cd00f85c263cb226db671261fff7ce9c555f189afae3530db6dd493f28fd988721b9ae21b3e3b4523ae2594f47d8f62b480c4160b1f90ac9c41fae6ab12ac4c113fef588684ef495689092883b902a41cd75387ef6f7bc7d460d5e665f398ff95596dc94ec97003a3db08e500c2fb07e11aa4031a61c51caf7a65a2b613bda33f3eaeae635d7cd81761e74c38a7695800a15516eb337056e02335f9a7d10aa2eaf7beb7e1f7a1e850ecb3421143c5c4ded0f083a0c524dcf320827266819b6a952db5bc96141b26c54db857edbcbbc81c7af7aadf50bc549974b6401a19cdb130282b955592efa94242065a4c8d695a2cdd9ada350defd58c775b92d348305774d3a256c7520b285d8da0dbf5e20d604413ed2ddf9bcbf881caf811852806175d63892a15234fbcd7a88a2a0aea45d19148f0e7dada7d6d0d77881387fdeaa02863be90b88dfff412bff40c31c6415c54ae3335e54a49d315851feffe30d999c36def4df7df747695ef060000001bbe1b649f42f310859122c0d2c1e558dc6586958a28374f386ecf369274e43003a09b5159ea515eb44521901ef0d00baa91c10a8e44a76aac3468a15bd3d45ad389977467f306f9bcde071b30769795eed2f1580414d168f557cd90040c4bd2a3d6bc509254a12cece59181fcb5bad8c24bd9f8f78d17ab01831325501e80d899e9252f99d3a2666343392fda115048e4f4dd9f45657f8224fc78eb1168fe0527fac33466aadf48f16994d29a47778566e0f3945b2bf36b6eecc7fa18914beb66ac9e519bd3330000000000000009a3237aebbe3bed781e39d5a0fb0cdc60e196f2261305feb596b5b66ab89d2d6333f699b16db68986ab3eee7b199fefb5f79ffb2d1050e46982af1c14a88dd9b647ba812f56a8404755c73e74bb90e64bab9647c70ed5afca1c3d87907d14df8aa9df6f40a80ace2bb8a2aad3b0c66915927db4173181943d88c0c76d5969e2043db5bd77fd60ba0f012139929ccfec965c1f769785a4d23332d71f0875e3146afef5b20cc306d3ecee65944fe9829e0ad0c3f6bb2fdc1bc31152538db50f47dc38ba908a0d808687e478a609fe0daa0000000000000000e7f2e98597e27f3e1dba9c3c16e9fab3bda6ed33cb1c75513e2264b69d4794ded98eff9aa53d22eb77c9d93169c04ab2490bf28106f770e07eb7a9e8fd4e71929f918b98c4cbfcb11a90139264a9ee807c973167f493760278df0cc34be9e8f86f948d9a62e63ad6ca9d174d2465380b1a00ddc42915e4f3a5db640600000095a3d63904c9ecd1c313c08e29b814bd8fed1ab6d2846c73345962895d289ac77152cac2e04c93a5470774975b42091f218dd1e68a15f8226577bf9481ae0555db64a717eb23a811356d00000000ddffffff00"})
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000300)={<r3=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r3, 0x1, 0x1d, 0x0, 0x0)

275.851898ms ago: executing program 4 (id=10869):
r0 = syz_create_resource$binfmt(&(0x7f0000000000)='./file0\x00')
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000300)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x6}}, './file0\x00'})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x12, 0x0, &(0x7f0000000040)='GPL\x00', 0xc, 0xff6, &(0x7f0000001e00)=""/4086, 0x41100, 0x20, '\x00', 0x0, 0x0, r1}, 0x94)
accept(0xffffffffffffffff, 0x0, &(0x7f0000000140))
r2 = openat$binfmt(0xffffffffffffff9c, r0, 0x41, 0x1ff)
fcntl$setlease(r2, 0x400, 0x1)
r3 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r3, &(0x7f0000000040)={0x18, 0x0, {0x4, @random="bb7fb37b9489", 'bond0\x00'}}, 0x1e)
ioctl$PPPIOCSMRU(r3, 0x40047452, 0x0)
socket$packet(0x11, 0x2, 0x300)
socket$packet(0x11, 0xa, 0x300)
socket$packet(0x11, 0xa, 0x300)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x6, 0x3, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2608064c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r5, &(0x7f00000000c0)="04", 0x1, 0x20000845, 0x0, 0x0)
io_setup(0x5, &(0x7f0000000240)=<r6=>0x0)
r7 = inotify_init()
io_submit(r6, 0x1, &(0x7f00000003c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x7, r7, 0x0}])
io_cancel(r6, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x8, 0xc1, 0xffffffffffffffff, 0x0, 0x0, 0x100000000, 0x0, 0x2}, 0x0)
openat$binfmt(0xffffffffffffff9c, r0, 0x41, 0x1ff)
openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x13c)
r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
pread64(r8, &(0x7f00000024c0)=""/209, 0xd1, 0x8)

260.399449ms ago: executing program 0 (id=10870):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000770000000e000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r0}, 0x10)
r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0)
r2 = openat$selinux_policy(0xffffff9c, &(0x7f0000000300), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x5, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$selinux_load(r1, &(0x7f0000000000)=ANY=[], 0xffa8)
execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1000)

259.424669ms ago: executing program 5 (id=10871):
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f00000015c0)={'batadv_slave_1\x00'})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001740)={&(0x7f0000001600)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xd0, 0xd0, 0x8, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x4, 0x1000000}}, @enum64={0x2, 0x4, 0x0, 0x13, 0x0, 0x1, [{0x2, 0x5, 0x4}, {0xb, 0x668, 0x6}, {0x2, 0x3, 0x2}, {0x9, 0x2, 0x9}]}, @fwd={0x10}, @union={0x3, 0x6, 0x0, 0x5, 0x0, 0xb6d3, [{0xa}, {0x5, 0x2, 0xa4a}, {0x8, 0x0, 0x2}, {0x3, 0x0, 0x7}, {0x0, 0x4, 0x9}, {0x8, 0x5, 0x6}]}, @var={0x5, 0x0, 0x0, 0xe, 0x3, 0x1}, @fwd={0x5}]}, {0x0, [0x0, 0x0, 0x30, 0x0, 0x2e, 0x30]}}, &(0x7f0000001700)=""/54, 0xf0, 0x36, 0x1, 0xd}, 0x28)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001880)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x1c4, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x4, 0x2}, 0x50)
connect$unix(r0, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)

214.098913ms ago: executing program 3 (id=10872):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc680000000c0a010100000000000000000a0000070900020073797a31000000000900010073797a31000000003c0003803800008008000340000000022c0007800a0001006c696d69740000001c0002800c00024000000000000000050c000140000000000000000414000000110001"], 0xcc}, 0x1, 0x0, 0x0, 0x24000850}, 0x40)

213.133683ms ago: executing program 0 (id=10873):
syz_open_dev$sg(&(0x7f00000002c0), 0x7992, 0x0)
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000280)={'vcan0\x00', <r1=>0x0})
r2 = fcntl$dupfd(r0, 0x406, r0)
bind$can_j1939(r2, &(0x7f0000000040)={0x1d, r1, 0x2, {0x0, 0xff, 0x7}, 0x4}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
msync(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x6)
r3 = socket(0x10, 0x3, 0x9)
sendfile(r3, 0xffffffffffffffff, 0x0, 0x7fffffffffffffff)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x7, &(0x7f00000190c0)=ANY=[@ANYBLOB="180000000000000000000000fcffffff18110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000000000100850000008600000095"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r5}, 0x18)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
splice(0xffffffffffffffff, 0x0, r6, 0x0, 0x7, 0x9)
write$P9_RWRITE(r6, &(0x7f0000000040)={0xb}, 0x11000)
recvmmsg(0xffffffffffffffff, &(0x7f0000006940)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000003c0)=""/6, 0x6}], 0x1}, 0x53}], 0x1, 0x2, 0x0)
socketpair$tipc(0x1e, 0x4, 0x0, &(0x7f0000000180)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000c40)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r9}, 0x10)
sendmmsg$sock(r7, &(0x7f00000044c0), 0x4000000000001c0, 0x0)
recvfrom(r8, &(0x7f00000000c0)=""/60, 0x3c, 0x40, 0x0, 0x0)
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r10, 0x0, 0xff91, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
shutdown(r10, 0x1)

209.751593ms ago: executing program 5 (id=10874):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000040)={0x0, 0xaf1}, 0x8)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x1002, @loopback, 0xffdfffff}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000d80)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x4, @loopback, 0x1}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000001680)='\t', 0x1}], 0x1}}], 0x1, 0x4080)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r2, 0x0, 0x200000000000006}, 0x18)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305829, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x80})
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x79, &(0x7f0000000000)=ANY=[], 0x8)

179.945975ms ago: executing program 3 (id=10875):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000040)={0x0, 0xaf1}, 0x8)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x1002, @loopback, 0xffdfffff}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000d80)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x4, @loopback, 0x1}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000001680)='\t', 0x1}], 0x1}}], 0x1, 0x4080)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r2, 0x0, 0x200000000000006}, 0x18)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305829, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x80})
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x79, &(0x7f0000000000)=ANY=[], 0x8)

151.961568ms ago: executing program 5 (id=10876):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000140)={r0, &(0x7f0000000000), &(0x7f0000000040)=""/89}, 0x20)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
r2 = perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x9c, 0x3, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1cd9, 0x9}, 0x0, 0x0, 0x0, 0x0, 0xd4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000380)='cpu')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0x2}, 0x18)
fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x103, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0xb95b5ec032cc8e84}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r6 = socket$unix(0x1, 0x1, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000006c0)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x3, 0x400, 0x0, 0x7, 0x0, 0xff}, [@TCA_NETEM_JITTER64={0xc, 0xb, 0x7fffffff}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[], 0x0, 0x65}, 0x94)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r9, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r9, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r9, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r9, 0x11a, 0x1, &(0x7f0000000280)=@ccm_128={{0x303}, "010000000100", "1af70bac149bcd13d3b29c3cf88e1e32", "12624b6e", "1e8fd953c48fc902"}, 0x28)
setsockopt$inet6_tcp_TLS_TX(r9, 0x11a, 0x1, &(0x7f0000000080)=@gcm_256={{0x304}, "fb7faf0400", "0d35db0d4af1cbcce779bbc24b53fc4988c215118dd14cb837de56339a336a19", "a9a9f902", "8891ea13f18ef0be"}, 0x13)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r4}, &(0x7f0000000180), &(0x7f00000001c0)=r3}, 0x20)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r10}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x0, &(0x7f0000000040)})
fgetxattr(r3, &(0x7f0000000000)=@known='trusted.overlay.opaque\x00', &(0x7f0000000300)=""/227, 0xe3)

84.161573ms ago: executing program 2 (id=10877):
r0 = msgget$private(0x0, 0x790)
msgsnd(r0, &(0x7f0000000d00)=ANY=[@ANYRES8], 0x401, 0x0)
perf_event_open(0x0, 0x0, 0xffffffbfffffffff, 0xffffffffffffffff, 0xb)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, 0x0, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r2, &(0x7f0000001240)=""/102400, 0x200000, 0x0)

21.609908ms ago: executing program 5 (id=10878):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000007c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1, 0x0, 0x9}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x2c, 0x16, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x10}}, 0x74}, 0x1, 0x0, 0x0, 0x890}, 0x0)

21.064118ms ago: executing program 5 (id=10879):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r0}, &(0x7f00000002c0), &(0x7f0000000300)=r1}, 0x20)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)

0s ago: executing program 5 (id=10880):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, @perf_config_ext={0x6, 0xe7fd}, 0x6052, 0x3, 0xfffffffc}, 0x0, 0xa, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4a, '\x00', 0x0, @lirc_mode2=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffffd}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
write(r4, &(0x7f0000000740)="cc", 0x1)
sendfile(r4, r3, 0x0, 0x3ffff)
sendfile(r4, r3, 0x0, 0x7fffeffd)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000680)='fsi_master_acf_poll_response_busy\x00', r2, 0x0, 0x2}, 0x18)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000140)={{r5}, &(0x7f00000002c0), &(0x7f0000000500)='%pK    \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

kernel console output (not intermixed with test programs):

[T31511] batman_adv: batadv0: Adding interface: batadv_slave_0
[  460.513496][T31511] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  460.539586][T31511] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  460.558757][T31545] cgroup2: Unknown parameter 'pts'
[  460.561671][T31511] batman_adv: batadv0: Adding interface: batadv_slave_1
[  460.571087][T31511] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  460.597313][T31511] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  460.608091][T31545] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9475'.
[  460.618195][T30937] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  460.633218][T31543] !€ÿgid=0x000: renamed from bond_slave_0 (while UP)
[  460.669163][T30937] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  460.693981][T31511] hsr_slave_0: entered promiscuous mode
[  460.704517][T31511] hsr_slave_1: entered promiscuous mode
[  460.704789][T31552] FAULT_INJECTION: forcing a failure.
[  460.704789][T31552] name failslab, interval 1, probability 0, space 0, times 0
[  460.717101][T31511] debugfs: 'hsr0' already exists in 'hsr'
[  460.722703][T31552] CPU: 1 UID: 0 PID: 31552 Comm: syz.3.9476 Tainted: G        W           6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(voluntary) 
[  460.722819][T31552] Tainted: [W]=WARN
[  460.722826][T31552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  460.722845][T31552] Call Trace:
[  460.722852][T31552]  <TASK>
[  460.722860][T31552]  __dump_stack+0x1d/0x30
[  460.722945][T31552]  dump_stack_lvl+0xe8/0x140
[  460.722966][T31552]  dump_stack+0x15/0x1b
[  460.722985][T31552]  should_fail_ex+0x265/0x280
[  460.723019][T31552]  should_failslab+0x8c/0xb0
[  460.723089][T31552]  __kmalloc_noprof+0xa5/0x3e0
[  460.723136][T31552]  ? iter_file_splice_write+0xfe/0x970
[  460.723159][T31552]  iter_file_splice_write+0xfe/0x970
[  460.723218][T31552]  ? atime_needs_update+0x3be/0x3e0
[  460.723253][T31552]  ? shmem_file_splice_read+0x5c2/0x600
[  460.723282][T31552]  ? __pfx_iter_file_splice_write+0x10/0x10
[  460.723324][T31552]  direct_splice_actor+0x156/0x2a0
[  460.723345][T31552]  ? shmem_file_open+0x11/0x40
[  460.723369][T31552]  splice_direct_to_actor+0x312/0x680
[  460.723391][T31552]  ? __pfx_direct_splice_actor+0x10/0x10
[  460.723463][T31552]  do_splice_direct+0xda/0x150
[  460.723515][T31552]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  460.723542][T31552]  do_sendfile+0x380/0x650
[  460.723576][T31552]  __x64_sys_sendfile64+0x105/0x150
[  460.723644][T31552]  x64_sys_call+0x2bb0/0x2ff0
[  460.723667][T31552]  do_syscall_64+0xd2/0x200
[  460.723693][T31552]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  460.723719][T31552]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  460.723802][T31552]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  460.723891][T31552] RIP: 0033:0x7fa16c54ebe9
[  460.723908][T31552] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  460.723935][T31552] RSP: 002b:00007fa16ab8e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  460.723956][T31552] RAX: ffffffffffffffda RBX: 00007fa16c776090 RCX: 00007fa16c54ebe9
[  460.723970][T31552] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[  460.723984][T31552] RBP: 00007fa16ab8e090 R08: 0000000000000000 R09: 0000000000000000
[  460.723998][T31552] R10: 000000007fffeffd R11: 0000000000000246 R12: 0000000000000001
[  460.724012][T31552] R13: 00007fa16c776128 R14: 00007fa16c776090 R15: 00007ffd3a88c2f8
[  460.724096][T31552]  </TASK>
[  460.840398][T31556] netlink: 36 bytes leftover after parsing attributes in process `syz.3.9479'.
[  460.842685][T31511] Cannot create hsr debugfs directory
[  460.911215][T31558] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9479'.
[  461.032287][T31566] netlink: 16 bytes leftover after parsing attributes in process `syz.2.9482'.
[  461.053430][   T29] kauditd_printk_skb: 67 callbacks suppressed
[  461.053446][   T29] audit: type=1400 audit(1754449770.085:26556): avc:  denied  { setopt } for  pid=31563 comm="syz.0.9481" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  461.102559][   T29] audit: type=1400 audit(1754449770.085:26557): avc:  denied  { create } for  pid=31565 comm="syz.2.9482" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  461.123113][   T29] audit: type=1400 audit(1754449770.085:26558): avc:  denied  { open } for  pid=31565 comm="syz.2.9482" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  461.142585][   T29] audit: type=1400 audit(1754449770.085:26559): avc:  denied  { perfmon } for  pid=31565 comm="syz.2.9482" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  461.164098][   T29] audit: type=1400 audit(1754449770.085:26560): avc:  denied  { kernel } for  pid=31565 comm="syz.2.9482" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  461.183748][   T29] audit: type=1400 audit(1754449770.085:26561): avc:  denied  { tracepoint } for  pid=31565 comm="syz.2.9482" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  461.203931][   T29] audit: type=1400 audit(1754449770.115:26562): avc:  denied  { map_create } for  pid=31567 comm="syz.4.9483" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  461.223328][   T29] audit: type=1400 audit(1754449770.115:26563): avc:  denied  { map_read map_write } for  pid=31567 comm="syz.4.9483" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  461.243507][   T29] audit: type=1400 audit(1754449770.125:26564): avc:  denied  { create } for  pid=31567 comm="syz.4.9483" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  461.264393][   T29] audit: type=1400 audit(1754449770.125:26565): avc:  denied  { write } for  pid=31567 comm="syz.4.9483" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  461.338679][T31576] netlink: 24 bytes leftover after parsing attributes in process `syz.3.9484'.
[  461.354498][T30937] bridge_slave_1: left allmulticast mode
[  461.360168][T30937] bridge_slave_1: left promiscuous mode
[  461.366201][T30937] bridge0: port 2(bridge_slave_1) entered disabled state
[  461.374231][T30937] bridge_slave_0: left allmulticast mode
[  461.379984][T30937] bridge_slave_0: left promiscuous mode
[  461.385929][T30937] bridge0: port 1(bridge_slave_0) entered disabled state
[  461.482622][T31584] SELinux:  policydb version 1138950933 does not match my version range 15-35
[  461.491622][T31584] SELinux: failed to load policy
[  461.552279][T31589] random: crng reseeded on system resumption
[  461.558589][T30937] bond0 (unregistering): (slave 
1!€ÿgid=0x000): Releasing backup interface
[  461.569370][T30937] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  461.579280][T30937] bond0 (unregistering): Released all slaves
[  461.620173][T31511] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  461.630307][T31511] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  461.646911][T30937] hsr_slave_1: left promiscuous mode
[  461.665790][T30937] veth1_macvtap: left promiscuous mode
[  461.675671][T30937] veth0_macvtap: left promiscuous mode
[  461.682192][T30937] veth1_vlan: left promiscuous mode
[  461.687781][T30937] veth0_vlan: left promiscuous mode
[  461.773668][T30937] team0 (unregistering): Port device team_slave_1 removed
[  461.789966][T30937] team0 (unregistering): Port device team_slave_0 removed
[  461.826482][T31511] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  461.850477][T31593] ip6gre2: entered allmulticast mode
[  461.861255][T31511] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  461.964069][T31511] 8021q: adding VLAN 0 to HW filter on device bond0
[  461.993704][T31511] 8021q: adding VLAN 0 to HW filter on device team0
[  462.011761][T30908] bridge0: port 1(bridge_slave_0) entered blocking state
[  462.018846][T30908] bridge0: port 1(bridge_slave_0) entered forwarding state
[  462.053432][T30908] bridge0: port 2(bridge_slave_1) entered blocking state
[  462.060525][T30908] bridge0: port 2(bridge_slave_1) entered forwarding state
[  462.477632][T31511] 8021q: adding VLAN 0 to HW filter on device batadv0
[  462.497486][T31642] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  462.514392][T31642] SELinux: failed to load policy
[  462.532678][T31647] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  462.540322][T31647] SELinux: failed to load policy
[  462.668533][T31511] veth0_vlan: entered promiscuous mode
[  462.694416][T31511] veth1_vlan: entered promiscuous mode
[  462.713767][T31511] veth0_macvtap: entered promiscuous mode
[  462.736808][T31511] veth1_macvtap: entered promiscuous mode
[  462.779869][T31511] batman_adv: batadv0: Interface activated: batadv_slave_0
[  462.788997][T31511] batman_adv: batadv0: Interface activated: batadv_slave_1
[  462.810025][T30900] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  462.822153][T31674] random: crng reseeded on system resumption
[  462.840178][T30900] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  462.870526][T30900] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  462.894939][T30900] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  463.004478][T31706] __nla_validate_parse: 7 callbacks suppressed
[  463.004497][T31706] netlink: 36 bytes leftover after parsing attributes in process `syz.5.9527'.
[  463.020093][T31705] cgroup2: Unknown parameter 'pts'
[  463.027401][T31705] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9526'.
[  463.032477][T31706] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9527'.
[  463.048320][T31702] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  463.058593][T31702] SELinux: failed to load policy
[  463.669929][T31753] cgroup2: Unknown parameter 'pts'
[  463.678016][T31753] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9540'.
[  463.692586][T31753] hsr_slave_0 (unregistering): left promiscuous mode
[  463.714194][T31755] netlink: 36 bytes leftover after parsing attributes in process `syz.2.9541'.
[  463.725025][T31755] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9541'.
[  463.738478][T31758] netlink: 24 bytes leftover after parsing attributes in process `syz.4.9542'.
[  463.835599][T31758] random: crng reseeded on system resumption
[  463.903856][T31775] netlink: 5 bytes leftover after parsing attributes in process `syz.2.9550'.
[  463.913340][T31775] 1ªî{X¹¦: renamed from 
30ªî{X¹¦ (while UP)
[  463.917408][T31777] netlink: 24 bytes leftover after parsing attributes in process `syz.0.9551'.
[  463.930040][T31775] A link change request failed with some changes committed already. Interface 
31ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  464.014634][T31782] netlink: 24 bytes leftover after parsing attributes in process `syz.4.9553'.
[  464.037682][T31777] random: crng reseeded on system resumption
[  464.098035][T31789] random: crng reseeded on system resumption
[  464.196011][T31799] SELinux:  policydb version 1138950933 does not match my version range 15-35
[  464.206427][T31799] SELinux: failed to load policy
[  464.558941][T31839] FAULT_INJECTION: forcing a failure.
[  464.558941][T31839] name failslab, interval 1, probability 0, space 0, times 0
[  464.571629][T31839] CPU: 1 UID: 0 PID: 31839 Comm: syz.4.9578 Tainted: G        W           6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(voluntary) 
[  464.571735][T31839] Tainted: [W]=WARN
[  464.571741][T31839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  464.571816][T31839] Call Trace:
[  464.571824][T31839]  <TASK>
[  464.571832][T31839]  __dump_stack+0x1d/0x30
[  464.571852][T31839]  dump_stack_lvl+0xe8/0x140
[  464.571870][T31839]  dump_stack+0x15/0x1b
[  464.571887][T31839]  should_fail_ex+0x265/0x280
[  464.571931][T31839]  should_failslab+0x8c/0xb0
[  464.571956][T31839]  kmem_cache_alloc_noprof+0x50/0x310
[  464.571988][T31839]  ? getname_kernel+0x3c/0x1f0
[  464.572078][T31839]  getname_kernel+0x3c/0x1f0
[  464.572111][T31839]  open_exec+0x17/0x60
[  464.572129][T31839]  bm_register_write+0x8e9/0xbf0
[  464.572163][T31839]  ? __pfx_bm_register_write+0x10/0x10
[  464.572221][T31839]  vfs_write+0x269/0x8e0
[  464.572241][T31839]  ? __rcu_read_unlock+0x4f/0x70
[  464.572265][T31839]  ? __fget_files+0x184/0x1c0
[  464.572296][T31839]  ksys_write+0xda/0x1a0
[  464.572323][T31839]  __x64_sys_write+0x40/0x50
[  464.572418][T31839]  x64_sys_call+0x27fe/0x2ff0
[  464.572484][T31839]  do_syscall_64+0xd2/0x200
[  464.572509][T31839]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  464.572553][T31839]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  464.572578][T31839]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  464.572602][T31839] RIP: 0033:0x7f67873febe9
[  464.572617][T31839] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  464.572706][T31839] RSP: 002b:00007f6785a67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  464.572724][T31839] RAX: ffffffffffffffda RBX: 00007f6787625fa0 RCX: 00007f67873febe9
[  464.572737][T31839] RDX: 0000000000000032 RSI: 0000200000000440 RDI: 0000000000000004
[  464.572785][T31839] RBP: 00007f6785a67090 R08: 0000000000000000 R09: 0000000000000000
[  464.572807][T31839] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  464.572822][T31839] R13: 00007f6787626038 R14: 00007f6787625fa0 R15: 00007ffe43b151e8
[  464.572843][T31839]  </TASK>
[  464.572853][T31839] binfmt_misc: register: failed to install interpreter file ./file2
[  464.882407][T31846] lo: entered promiscuous mode
[  464.889032][T31846] tunl0: entered promiscuous mode
[  464.896042][T31846] gre0: entered promiscuous mode
[  464.906354][T31846] 0ªî{X¹¦: entered promiscuous mode
[  464.911759][T31846] 0ªî{X¹¦: left allmulticast mode
[  464.924540][T31846] erspan0: entered promiscuous mode
[  464.933806][T31846] ip_vti0: entered promiscuous mode
[  464.939302][T31850] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  464.942376][T31846] ip6_vti0: entered promiscuous mode
[  464.961469][T31850] SELinux: failed to load policy
[  464.963934][T31846] sit0: entered promiscuous mode
[  464.982349][T31846] ip6tnl0: entered promiscuous mode
[  464.989632][T31846] ip6gre0: entered promiscuous mode
[  464.998085][ T6463] kernel write not supported for file /510/attr/exec (pid: 6463 comm: kworker/0:8)
[  465.009977][T31846] syz_tun: entered promiscuous mode
[  465.020190][T31846] ip6gretap0: entered promiscuous mode
[  465.029510][T31846] bridge0: port 2(bridge_slave_1) entered disabled state
[  465.036756][T31846] bridge0: port 1(bridge_slave_0) entered disabled state
[  465.046488][T31846] vcan0: entered promiscuous mode
[  465.052669][T31846] bond0: entered promiscuous mode
[  465.057719][T31846] !€ÿgid=0x000: entered promiscuous mode
[  465.063542][T31846] bond_slave_1: entered promiscuous mode
[  465.073230][T31846] team0: entered promiscuous mode
[  465.078286][T31846] team_slave_0: entered promiscuous mode
[  465.084218][T31846] team_slave_1: entered promiscuous mode
[  465.092079][T31846] dummy0: entered promiscuous mode
[  465.101086][T31846] nlmon0: entered promiscuous mode
[  465.112286][T31846] caif0: entered promiscuous mode
[  465.117669][T31846] vxcan0: entered promiscuous mode
[  465.124290][T31846] vxcan1: entered promiscuous mode
[  465.131117][T31846] veth0: entered promiscuous mode
[  465.138375][T31846] veth1: entered promiscuous mode
[  465.145631][T31846] wg0: entered promiscuous mode
[  465.152250][T31846] wg1: entered promiscuous mode
[  465.158763][T31846] wg2: entered promiscuous mode
[  465.165265][T31846] veth0_to_bridge: entered promiscuous mode
[  465.174570][T31846] veth1_to_bridge: entered promiscuous mode
[  465.183680][T31846] veth0_to_bond: entered promiscuous mode
[  465.192188][T31846] veth1_to_bond: entered promiscuous mode
[  465.200364][T31846] veth0_to_team: entered promiscuous mode
[  465.208904][T31846] veth1_to_team: entered promiscuous mode
[  465.217471][T31846] veth0_to_batadv: entered promiscuous mode
[  465.225284][T31846] batadv_slave_0: entered promiscuous mode
[  465.232724][T31846] veth1_to_batadv: entered promiscuous mode
[  465.240387][T31846] batadv_slave_1: entered promiscuous mode
[  465.248356][T31846] xfrm0: entered promiscuous mode
[  465.255926][T31846] veth1_to_hsr: entered promiscuous mode
[  465.265113][T31846] hsr0: entered promiscuous mode
[  465.272353][T31846] veth1_virt_wifi: entered promiscuous mode
[  465.279963][T31846] veth0_virt_wifi: entered promiscuous mode
[  465.289335][T31846] veth0_vlan: entered promiscuous mode
[  465.297351][T31846] macvlan0: entered promiscuous mode
[  465.304590][T31846] macvlan1: entered promiscuous mode
[  465.311086][T31846] ipvlan0: entered promiscuous mode
[  465.316457][T31846] ipvlan1: entered promiscuous mode
[  465.324522][T31846] macvtap0: entered promiscuous mode
[  465.331374][T31846] macsec0: entered promiscuous mode
[  465.339744][T31846] geneve0: entered promiscuous mode
[  465.347484][T31846] geneve1: entered promiscuous mode
[  465.353986][T31846] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  465.363075][T31846] netdevsim netdevsim0 netdevsim1: entered promiscuous mode
[  465.371254][T31846] netdevsim netdevsim0 netdevsim2: entered promiscuous mode
[  465.379527][T31846] netdevsim netdevsim0 netdevsim3: entered promiscuous mode
[  465.387645][T31846] ip6gre1: entered promiscuous mode
[  465.392932][T31846] ip6gre1: left allmulticast mode
[  465.398608][T31846] ieee802154 phy1 wpan37: entered promiscuous mode
[  465.405315][T31846] veth2: entered promiscuous mode
[  465.410707][T31846] veth3: entered promiscuous mode
[  465.415963][T31846] veth4: entered promiscuous mode
[  465.421042][T31846] veth5: entered promiscuous mode
[  465.426311][T31846] ip6gre2: entered promiscuous mode
[  465.431611][T31846] ip6gre2: left allmulticast mode
[  465.437825][T31846] veth6: entered promiscuous mode
[  465.443000][T31846] veth7: entered promiscuous mode
[  465.450255][T31848] ip6gre8: entered allmulticast mode
[  465.460126][T30937] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  465.469778][T30937] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  465.479392][T30937] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  465.489449][T30937] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  465.645984][T31890] ip6gre2: entered allmulticast mode
[  466.077846][T31899] SELinux:  policydb version 1138950933 does not match my version range 15-35
[  466.106838][T31899] SELinux: failed to load policy
[  466.149033][   T29] kauditd_printk_skb: 186 callbacks suppressed
[  466.149048][   T29] audit: type=1326 audit(1754449775.175:26752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31880 comm="syz.4.9595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67873febe9 code=0x7ffc0000
[  466.178923][   T29] audit: type=1326 audit(1754449775.175:26753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31880 comm="syz.4.9595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67873febe9 code=0x7ffc0000
[  466.203250][T31902] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  466.210830][T31902] SELinux: failed to load policy
[  466.276149][T31906] binfmt_misc: register: failed to install interpreter file ./file2
[  466.383645][T31914] random: crng reseeded on system resumption
[  466.482150][T31924] 0ªî{X¹¦: renamed from 
31ªî{X¹¦ (while UP)
[  466.492396][T31924] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  466.512636][T31916] random: crng reseeded on system resumption
[  466.629058][T31946] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  466.637117][T31946] SELinux: failed to load policy
[  466.723385][T31954] bridge0: entered promiscuous mode
[  466.728635][T31954] macsec1: entered promiscuous mode
[  466.735373][T31954] bridge0: port 3(macsec1) entered blocking state
[  466.741916][T31954] bridge0: port 3(macsec1) entered disabled state
[  466.749352][T31954] macsec1: entered allmulticast mode
[  466.754968][T31954] bridge0: entered allmulticast mode
[  466.761481][T31954] macsec1: left allmulticast mode
[  466.766594][T31954] bridge0: left allmulticast mode
[  466.775875][T31954] bridge0: left promiscuous mode
[  466.788361][T31956] random: crng reseeded on system resumption
[  466.842837][   T29] audit: type=1326 audit(1754449775.875:26754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31963 comm="syz.5.9625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9bdceebe9 code=0x7ffc0000
[  466.866604][   T29] audit: type=1326 audit(1754449775.875:26755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31963 comm="syz.5.9625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9bdceebe9 code=0x7ffc0000
[  466.890459][   T29] audit: type=1326 audit(1754449775.875:26756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31963 comm="syz.5.9625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=133 compat=0 ip=0x7fe9bdceebe9 code=0x7ffc0000
[  466.914191][   T29] audit: type=1400 audit(1754449775.875:26757): avc:  denied  { create } for  pid=31963 comm="syz.5.9625" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  466.935231][   T29] audit: type=1326 audit(1754449775.875:26758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31963 comm="syz.5.9625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9bdceebe9 code=0x7ffc0000
[  466.959306][   T29] audit: type=1326 audit(1754449775.875:26759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31963 comm="syz.5.9625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9bdceebe9 code=0x7ffc0000
[  466.963309][T31970] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  466.985598][   T29] audit: type=1326 audit(1754449775.925:26760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31963 comm="syz.5.9625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe9bdceebe9 code=0x7ffc0000
[  467.014048][   T29] audit: type=1326 audit(1754449775.925:26761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31963 comm="syz.5.9625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9bdceebe9 code=0x7ffc0000
[  467.014542][T31970] SELinux: failed to load policy
[  467.056934][T31964] block device autoloading is deprecated and will be removed.
[  467.089875][T31979] cgroup2: Unknown parameter 'pts'
[  467.101084][T31979] hsr_slave_0 (unregistering): left promiscuous mode
[  468.231409][T30896] bridge_slave_1: left allmulticast mode
[  468.237099][T30896] bridge_slave_1: left promiscuous mode
[  468.242931][T30896] bridge0: port 2(bridge_slave_1) entered disabled state
[  468.256107][T30896] bridge_slave_0: left allmulticast mode
[  468.261937][T30896] bridge_slave_0: left promiscuous mode
[  468.267569][T30896] bridge0: port 1(bridge_slave_0) entered disabled state
[  468.279596][T32089] __nla_validate_parse: 18 callbacks suppressed
[  468.279614][T32089] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9669'.
[  468.301415][ T3408] SELinux: failure in sel_netif_sid_slow(), invalid network interface (13)
[  468.336150][T30896] bond0 (unregistering): (slave 
1!€ÿgid=0x000): Releasing backup interface
[  468.346133][T30896] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  468.355186][T30896] bond0 (unregistering): Released all slaves
[  468.365691][T32046] chnl_net:caif_netlink_parms(): no params data found
[  468.383435][T32091] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9670'.
[  468.412734][T30896] tipc: Left network mode
[  468.425132][T32046] bridge0: port 1(bridge_slave_0) entered blocking state
[  468.432290][T32046] bridge0: port 1(bridge_slave_0) entered disabled state
[  468.440190][T32046] bridge_slave_0: entered allmulticast mode
[  468.447351][T32046] bridge_slave_0: entered promiscuous mode
[  468.472527][T32096] cgroup2: Unknown parameter 'pts'
[  468.481738][T32096] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9671'.
[  468.508590][T30896] hsr_slave_1: left promiscuous mode
[  468.544787][T32102] cgroup2: Unknown parameter 'pts'
[  468.558072][T32102] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9673'.
[  468.627652][T30896] team0 (unregistering): Port device team_slave_1 removed
[  468.637620][T30896] team0 (unregistering): Port device team_slave_0 removed
[  468.664505][T32046] bridge0: port 2(bridge_slave_1) entered blocking state
[  468.671826][T32046] bridge0: port 2(bridge_slave_1) entered disabled state
[  468.680684][T32046] bridge_slave_1: entered allmulticast mode
[  468.694777][T32046] bridge_slave_1: entered promiscuous mode
[  468.722486][T32046] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  468.736889][T32046] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  468.784295][T32046] team0: Port device team_slave_0 added
[  468.791597][T32046] team0: Port device team_slave_1 added
[  468.813390][T32046] batman_adv: batadv0: Adding interface: batadv_slave_0
[  468.820342][T32046] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  468.846285][T32046] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  468.870525][T32130] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9683'.
[  468.879488][T32130] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9683'.
[  468.954836][T32046] batman_adv: batadv0: Adding interface: batadv_slave_1
[  468.961841][T32046] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  468.987919][T32046] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  469.058249][T32137] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9685'.
[  469.110544][T32046] hsr_slave_0: entered promiscuous mode
[  469.117160][T32046] hsr_slave_1: entered promiscuous mode
[  469.124422][T32046] debugfs: 'hsr0' already exists in 'hsr'
[  469.130194][T32046] Cannot create hsr debugfs directory
[  469.230505][T32143] SELinux:  policydb version 1138950933 does not match my version range 15-35
[  469.241095][T32143] SELinux: failed to load policy
[  469.285021][T32154] vhci_hcd: default hub control req: 0310 v0006 i0003 l0
[  469.323922][T32160] netlink: 36 bytes leftover after parsing attributes in process `syz.2.9696'.
[  469.333831][T32160] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9696'.
[  469.518030][T32176] SELinux:  policydb version 1138950933 does not match my version range 15-35
[  469.532354][T32176] SELinux: failed to load policy
[  469.573925][T32046] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  469.595740][T32046] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  469.638764][T32046] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  469.662257][T32046] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  469.710249][T32046] 8021q: adding VLAN 0 to HW filter on device bond0
[  469.726052][T32046] 8021q: adding VLAN 0 to HW filter on device team0
[  469.740982][T32205] SELinux:  policydb version 1138950933 does not match my version range 15-35
[  469.750573][T32205] SELinux: failed to load policy
[  469.771807][T30896] bridge0: port 1(bridge_slave_0) entered blocking state
[  469.778894][T30896] bridge0: port 1(bridge_slave_0) entered forwarding state
[  469.787519][T30896] bridge0: port 2(bridge_slave_1) entered blocking state
[  469.794609][T30896] bridge0: port 2(bridge_slave_1) entered forwarding state
[  469.920228][T32046] 8021q: adding VLAN 0 to HW filter on device batadv0
[  470.043686][T32242] netlink: 8 bytes leftover after parsing attributes in process `syz.5.9726'.
[  470.046404][T32046] veth0_vlan: entered promiscuous mode
[  470.065507][T32242] !€ÿgid=0x000: renamed from bond_slave_0 (while UP)
[  470.095805][T32046] veth1_vlan: entered promiscuous mode
[  470.118608][T32046] veth0_macvtap: entered promiscuous mode
[  470.127069][T32046] veth1_macvtap: entered promiscuous mode
[  470.138685][T32046] batman_adv: batadv0: Interface activated: batadv_slave_0
[  470.152172][T32046] batman_adv: batadv0: Interface activated: batadv_slave_1
[  470.163932][T30944] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  470.173116][T30944] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  470.182481][T30944] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  470.196817][T30944] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  470.204536][T32246] SELinux:  policydb version 1138950933 does not match my version range 15-35
[  470.215684][T32246] SELinux: failed to load policy
[  470.356573][T32259] bridge0: entered promiscuous mode
[  470.362952][T32259] macsec1: entered promiscuous mode
[  470.368904][T32259] bridge0: port 3(macsec1) entered blocking state
[  470.375379][T32259] bridge0: port 3(macsec1) entered disabled state
[  470.382389][T32259] macsec1: entered allmulticast mode
[  470.387695][T32259] bridge0: entered allmulticast mode
[  470.393936][T32259] macsec1: left allmulticast mode
[  470.399015][T32259] bridge0: left allmulticast mode
[  470.405555][T32259] bridge0: left promiscuous mode
[  470.415021][T32261] random: crng reseeded on system resumption
[  470.581933][T32271] SELinux:  policydb version 1138950933 does not match my version range 15-35
[  470.590843][T32271] SELinux: failed to load policy
[  470.664761][T32281] cgroup2: Unknown parameter 'pts'
[  471.174489][T32317] cgroup2: Unknown parameter 'pts'
[  471.239176][   T29] kauditd_printk_skb: 186 callbacks suppressed
[  471.239190][   T29] audit: type=1400 audit(1754449780.265:26948): avc:  denied  { connect } for  pid=32322 comm="syz.2.9755" lport=60 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  471.267185][   T29] audit: type=1400 audit(1754449780.275:26949): avc:  denied  { write } for  pid=32322 comm="syz.2.9755" laddr=fe80::16 lport=60 faddr=fe80::bb fport=3 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  471.291165][   T29] audit: type=1326 audit(1754449780.275:26950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32322 comm="syz.2.9755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c2f86ebe9 code=0x7ffc0000
[  471.314992][   T29] audit: type=1326 audit(1754449780.275:26951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32322 comm="syz.2.9755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=125 compat=0 ip=0x7f2c2f86ebe9 code=0x7ffc0000
[  471.339013][   T29] audit: type=1326 audit(1754449780.275:26952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32322 comm="syz.2.9755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c2f86ebe9 code=0x7ffc0000
[  471.362641][   T29] audit: type=1326 audit(1754449780.275:26953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32322 comm="syz.2.9755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7f2c2f86ebe9 code=0x7ffc0000
[  471.386351][   T29] audit: type=1326 audit(1754449780.275:26954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32322 comm="syz.2.9755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c2f86ebe9 code=0x7ffc0000
[  471.410101][   T29] audit: type=1326 audit(1754449780.275:26955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32322 comm="syz.2.9755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f2c2f86ebe9 code=0x7ffc0000
[  471.433784][   T29] audit: type=1326 audit(1754449780.275:26956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32322 comm="syz.2.9755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c2f86ebe9 code=0x7ffc0000
[  471.457357][   T29] audit: type=1326 audit(1754449780.275:26957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32322 comm="syz.2.9755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c2f86ebe9 code=0x7ffc0000
[  471.680750][T32349] cgroup2: Unknown parameter 'pts'
[  471.680754][T32354] 0ªî{X¹¦: renamed from 
31ªî{X¹¦ (while UP)
[  471.693464][T32354] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  471.759203][T32362] SELinux:  policydb version 1138950933 does not match my version range 15-35
[  471.768985][T32362] SELinux: failed to load policy
[  471.832585][T32372] vhci_hcd: default hub control req: 0310 v0006 i0003 l0
[  471.895358][T32381] random: crng reseeded on system resumption
[  472.299491][T32435] bridge0: entered promiscuous mode
[  472.305151][T32435] macsec1: entered promiscuous mode
[  472.312221][T32435] bridge0: port 3(macsec1) entered blocking state
[  472.318758][T32435] bridge0: port 3(macsec1) entered disabled state
[  472.325700][T32435] macsec1: entered allmulticast mode
[  472.331000][T32435] bridge0: entered allmulticast mode
[  472.337040][T32435] macsec1: left allmulticast mode
[  472.342117][T32435] bridge0: left allmulticast mode
[  472.347701][T32435] bridge0: left promiscuous mode
[  472.357890][T32440] random: crng reseeded on system resumption
[  472.368141][T32438] random: crng reseeded on system resumption
[  472.736320][T32471] cgroup2: Unknown parameter 'pts'
[  472.790107][T32479] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  472.798661][T32479] SELinux: failed to load policy
[  472.923291][T32493] ip6gre3: entered allmulticast mode
[  472.954036][T32501] cgroup2: Unknown parameter 'pts'
[  472.956964][T32500] ip6gre4: entered allmulticast mode
[  472.973886][T32501] hsr_slave_0 (unregistering): left promiscuous mode
[  473.263436][T32526] ip6gre1: entered allmulticast mode
[  473.338259][T32530] __nla_validate_parse: 17 callbacks suppressed
[  473.338275][T32530] netlink: 24 bytes leftover after parsing attributes in process `syz.5.9842'.
[  473.386268][T32532] netlink: 8 bytes leftover after parsing attributes in process `syz.5.9843'.
[  473.419964][T32536] netlink: 24 bytes leftover after parsing attributes in process `syz.0.9844'.
[  473.497431][T32545] random: crng reseeded on system resumption
[  473.563244][T32551] ip6gre3: entered allmulticast mode
[  473.660361][T32565] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9856'.
[  473.969078][T32601] netlink: 5 bytes leftover after parsing attributes in process `syz.2.9872'.
[  473.983048][T32601] 1ªî{X¹¦: renamed from 
30ªî{X¹¦ (while UP)
[  473.994044][T32601] A link change request failed with some changes committed already. Interface 
31ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  474.018051][T32606] SELinux:  policydb magic number 0x7 does not match expected magic number 0xf97cff8c
[  474.027868][T32606] SELinux: failed to load policy
[  474.180593][T32634] netlink: 12 bytes leftover after parsing attributes in process `syz.5.9888'.
[  474.194034][T32634] FAULT_INJECTION: forcing a failure.
[  474.194034][T32634] name failslab, interval 1, probability 0, space 0, times 0
[  474.206934][T32634] CPU: 0 UID: 0 PID: 32634 Comm: syz.5.9888 Tainted: G        W           6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(voluntary) 
[  474.206956][T32634] Tainted: [W]=WARN
[  474.206960][T32634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  474.207028][T32634] Call Trace:
[  474.207033][T32634]  <TASK>
[  474.207038][T32634]  __dump_stack+0x1d/0x30
[  474.207052][T32634]  dump_stack_lvl+0xe8/0x140
[  474.207063][T32634]  dump_stack+0x15/0x1b
[  474.207073][T32634]  should_fail_ex+0x265/0x280
[  474.207101][T32634]  should_failslab+0x8c/0xb0
[  474.207137][T32634]  kmem_cache_alloc_node_noprof+0x57/0x320
[  474.207157][T32634]  ? __alloc_skb+0x101/0x320
[  474.207181][T32634]  __alloc_skb+0x101/0x320
[  474.207272][T32634]  netlink_alloc_large_skb+0xba/0xf0
[  474.207290][T32634]  netlink_sendmsg+0x3cf/0x6b0
[  474.207309][T32634]  ? __pfx_netlink_sendmsg+0x10/0x10
[  474.207393][T32634]  __sock_sendmsg+0x145/0x180
[  474.207407][T32634]  ____sys_sendmsg+0x31e/0x4e0
[  474.207426][T32634]  ___sys_sendmsg+0x17b/0x1d0
[  474.207516][T32634]  __x64_sys_sendmsg+0xd4/0x160
[  474.207583][T32634]  x64_sys_call+0x191e/0x2ff0
[  474.207596][T32634]  do_syscall_64+0xd2/0x200
[  474.207610][T32634]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  474.207668][T32634]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  474.207680][T32634]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  474.207693][T32634] RIP: 0033:0x7fe9bdceebe9
[  474.207703][T32634] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  474.207714][T32634] RSP: 002b:00007fe9bc357038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  474.207736][T32634] RAX: ffffffffffffffda RBX: 00007fe9bdf15fa0 RCX: 00007fe9bdceebe9
[  474.207744][T32634] RDX: 0000000000000040 RSI: 0000200000000140 RDI: 0000000000000004
[  474.207751][T32634] RBP: 00007fe9bc357090 R08: 0000000000000000 R09: 0000000000000000
[  474.207759][T32634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  474.207767][T32634] R13: 00007fe9bdf16038 R14: 00007fe9bdf15fa0 R15: 00007ffc13970848
[  474.207777][T32634]  </TASK>
[  474.536560][T32646] SELinux:  policydb magic number 0x7 does not match expected magic number 0xf97cff8c
[  474.547119][T32646] SELinux: failed to load policy
[  474.667172][T32657] netlink: 24 bytes leftover after parsing attributes in process `syz.5.9896'.
[  475.386486][T32687] SELinux:  policydb magic number 0x7 does not match expected magic number 0xf97cff8c
[  475.398826][T32687] SELinux: failed to load policy
[  475.482762][T32694] cgroup2: Unknown parameter 'pts'
[  475.488462][T32694] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9909'.
[  475.502256][T32702] vhci_hcd: default hub control req: 0310 v0006 i0003 l0
[  475.580724][T32710] netlink: 24 bytes leftover after parsing attributes in process `syz.2.9915'.
[  475.643728][T32718] SELinux:  policydb magic number 0x7 does not match expected magic number 0xf97cff8c
[  475.671459][T32718] SELinux: failed to load policy
[  475.677707][T32721] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9920'.
[  475.767665][T32736] cgroup2: Unknown parameter 'pts'
[  475.928437][T32757] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  475.939427][T32757] SELinux: failed to load policy
[  476.014747][  T301] SELinux:  policydb magic number 0x7 does not match expected magic number 0xf97cff8c
[  476.031372][  T301] SELinux: failed to load policy
[  476.087391][  T309] vhci_hcd: default hub control req: 0310 v0006 i0003 l0
[  476.108810][  T308] cgroup2: Unknown parameter 'pts'
[  476.229628][  T334] bridge0: entered promiscuous mode
[  476.235188][  T334] macsec1: entered promiscuous mode
[  476.245041][  T334] bridge0: port 3(macsec1) entered blocking state
[  476.251596][  T334] bridge0: port 3(macsec1) entered disabled state
[  476.259318][  T334] macsec1: entered allmulticast mode
[  476.264894][  T334] bridge0: entered allmulticast mode
[  476.272408][  T334] macsec1: left allmulticast mode
[  476.277570][  T334] bridge0: left allmulticast mode
[  476.287890][  T334] bridge0: left promiscuous mode
[  476.295805][  T340] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  476.303737][  T340] SELinux: failed to load policy
[  476.323470][  T339] random: crng reseeded on system resumption
[  476.399212][  T345] SELinux:  policydb magic number 0x7 does not match expected magic number 0xf97cff8c
[  476.423535][  T345] SELinux: failed to load policy
[  476.494518][  T351] cgroup2: Unknown parameter 'pts'
[  476.512751][   T29] kauditd_printk_skb: 177 callbacks suppressed
[  476.512766][   T29] audit: type=1326 audit(1754449785.545:27135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=355 comm="syz.0.9961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1fd47ebe9 code=0x7ffc0000
[  476.542623][   T29] audit: type=1326 audit(1754449785.545:27136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=355 comm="syz.0.9961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1fd47ebe9 code=0x7ffc0000
[  476.566370][   T29] audit: type=1326 audit(1754449785.545:27137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=355 comm="syz.0.9961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=193 compat=0 ip=0x7fc1fd47ebe9 code=0x7ffc0000
[  476.589949][   T29] audit: type=1326 audit(1754449785.545:27138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=355 comm="syz.0.9961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1fd47ebe9 code=0x7ffc0000
[  476.613407][   T29] audit: type=1326 audit(1754449785.545:27139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=355 comm="syz.0.9961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1fd47ebe9 code=0x7ffc0000
[  476.708849][  T371] bridge0: entered promiscuous mode
[  476.714431][  T371] macsec1: entered promiscuous mode
[  476.731438][  T371] bridge0: port 3(macsec1) entered blocking state
[  476.738126][  T371] bridge0: port 3(macsec1) entered disabled state
[  476.746751][  T371] macsec1: entered allmulticast mode
[  476.752306][  T371] bridge0: entered allmulticast mode
[  476.760383][  T371] macsec1: left allmulticast mode
[  476.763447][  T380] SELinux:  policydb string S does not match my string SE Linux
[  476.765481][  T371] bridge0: left allmulticast mode
[  476.773469][  T380] SELinux: failed to load policy
[  476.783674][  T371] bridge0: left promiscuous mode
[  476.796957][  T373] bridge0: entered promiscuous mode
[  476.803070][  T373] macsec1: entered promiscuous mode
[  476.809601][  T373] bridge0: port 3(macsec1) entered blocking state
[  476.816212][  T373] bridge0: port 3(macsec1) entered disabled state
[  476.831269][  T373] macsec1: entered allmulticast mode
[  476.836609][  T373] bridge0: entered allmulticast mode
[  476.858665][  T392] SELinux:  policydb version 1138950933 does not match my version range 15-35
[  476.863410][  T393] random: crng reseeded on system resumption
[  476.868323][  T392] SELinux: failed to load policy
[  476.878922][  T373] macsec1: left allmulticast mode
[  476.884011][  T373] bridge0: left allmulticast mode
[  476.889913][  T373] bridge0: left promiscuous mode
[  476.906057][   T29] audit: type=1326 audit(1754449785.935:27140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=375 comm="syz.0.9969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1fd47ebe9 code=0x7ffc0000
[  476.930064][   T29] audit: type=1326 audit(1754449785.935:27141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=375 comm="syz.0.9969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1fd47ebe9 code=0x7ffc0000
[  476.953616][   T29] audit: type=1326 audit(1754449785.935:27142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=375 comm="syz.0.9969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=193 compat=0 ip=0x7fc1fd47ebe9 code=0x7ffc0000
[  476.977120][   T29] audit: type=1326 audit(1754449785.935:27143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=375 comm="syz.0.9969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1fd47ebe9 code=0x7ffc0000
[  477.000647][   T29] audit: type=1326 audit(1754449785.935:27144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=375 comm="syz.0.9969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1fd47ebe9 code=0x7ffc0000
[  477.070206][  T405] vhci_hcd: default hub control req: 0310 v0006 i0003 l0
[  477.077672][  T401] cgroup2: Unknown parameter 'pts'
[  477.141052][  T411] 1ªî{X¹¦: renamed from 
30ªî{X¹¦
[  477.156905][  T411] 1ªî{X¹¦: left promiscuous mode
[  477.162089][  T411] 1ªî{X¹¦: entered allmulticast mode
[  477.172323][  T411] A link change request failed with some changes committed already. Interface 
31ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  477.371222][  T435] random: crng reseeded on system resumption
[  477.430530][  T445] cgroup2: Unknown parameter 'pts'
[  477.775970][  T481] cgroup2: Unknown parameter 'pts'
[  477.825982][  T479] random: crng reseeded on system resumption
[  478.168335][  T519] cgroup2: Unknown parameter 'pts'
[  478.250685][  T526] bridge0: entered promiscuous mode
[  478.256463][  T526] macsec1: entered promiscuous mode
[  478.264712][  T526] bridge0: port 3(macsec1) entered blocking state
[  478.271307][  T526] bridge0: port 3(macsec1) entered disabled state
[  478.278694][  T526] macsec1: entered allmulticast mode
[  478.284047][  T526] bridge0: entered allmulticast mode
[  478.290034][  T526] macsec1: left allmulticast mode
[  478.295183][  T526] bridge0: left allmulticast mode
[  478.306892][  T526] bridge0: left promiscuous mode
[  478.316472][  T538] random: crng reseeded on system resumption
[  478.459593][  T561] __nla_validate_parse: 24 callbacks suppressed
[  478.459608][  T561] netlink: 36 bytes leftover after parsing attributes in process `syz.4.10034'.
[  478.481938][  T561] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10034'.
[  478.513089][  T563] netlink: 36 bytes leftover after parsing attributes in process `syz.0.10035'.
[  478.548407][  T569] vhci_hcd: default hub control req: 0310 v0006 i0003 l0
[  478.557023][  T573] netlink: 24 bytes leftover after parsing attributes in process `syz.4.10040'.
[  478.635162][  T573] random: crng reseeded on system resumption
[  478.694885][  T584] SELinux:  Context system_u:object_r:event_device_t:s0 is not valid (left unmapped).
[  478.739052][  T597] netlink: 36 bytes leftover after parsing attributes in process `syz.5.10050'.
[  478.959934][  T622] FAULT_INJECTION: forcing a failure.
[  478.959934][  T622] name failslab, interval 1, probability 0, space 0, times 0
[  478.972699][  T622] CPU: 1 UID: 0 PID: 622 Comm: syz.5.10060 Tainted: G        W           6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(voluntary) 
[  478.972736][  T622] Tainted: [W]=WARN
[  478.972742][  T622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  478.972755][  T622] Call Trace:
[  478.972764][  T622]  <TASK>
[  478.972773][  T622]  __dump_stack+0x1d/0x30
[  478.972798][  T622]  dump_stack_lvl+0xe8/0x140
[  478.972876][  T622]  dump_stack+0x15/0x1b
[  478.972894][  T622]  should_fail_ex+0x265/0x280
[  478.972926][  T622]  should_failslab+0x8c/0xb0
[  478.972950][  T622]  __kmalloc_noprof+0xa5/0x3e0
[  478.973056][  T622]  ? get_callchain_buffers+0xbe/0x2f0
[  478.973077][  T622]  ? static_key_slow_inc+0x21/0x30
[  478.973095][  T622]  get_callchain_buffers+0xbe/0x2f0
[  478.973121][  T622]  perf_event_alloc+0x1573/0x1740
[  478.973177][  T622]  __se_sys_perf_event_open+0x615/0x11c0
[  478.973248][  T622]  ? __rcu_read_unlock+0x4f/0x70
[  478.973294][  T622]  __x64_sys_perf_event_open+0x67/0x80
[  478.973425][  T622]  x64_sys_call+0x7bd/0x2ff0
[  478.973449][  T622]  do_syscall_64+0xd2/0x200
[  478.973481][  T622]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  478.973506][  T622]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  478.973528][  T622]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  478.973549][  T622] RIP: 0033:0x7fe9bdceebe9
[  478.973566][  T622] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  478.973593][  T622] RSP: 002b:00007fe9bc357038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  478.973615][  T622] RAX: ffffffffffffffda RBX: 00007fe9bdf15fa0 RCX: 00007fe9bdceebe9
[  478.973630][  T622] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000200000000100
[  478.973645][  T622] RBP: 00007fe9bc357090 R08: 0000000000000000 R09: 0000000000000000
[  478.973658][  T622] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[  478.973672][  T622] R13: 00007fe9bdf16038 R14: 00007fe9bdf15fa0 R15: 00007ffc13970848
[  478.973692][  T622]  </TASK>
[  479.224952][  T628] netlink: 36 bytes leftover after parsing attributes in process `syz.4.10064'.
[  479.248927][  T628] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10064'.
[  479.295298][  T637] FAULT_INJECTION: forcing a failure.
[  479.295298][  T637] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  479.308473][  T637] CPU: 1 UID: 0 PID: 637 Comm: syz.0.10068 Tainted: G        W           6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(voluntary) 
[  479.308579][  T637] Tainted: [W]=WARN
[  479.308585][  T637] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  479.308597][  T637] Call Trace:
[  479.308603][  T637]  <TASK>
[  479.308689][  T637]  __dump_stack+0x1d/0x30
[  479.308709][  T637]  dump_stack_lvl+0xe8/0x140
[  479.308797][  T637]  dump_stack+0x15/0x1b
[  479.308815][  T637]  should_fail_ex+0x265/0x280
[  479.308846][  T637]  should_fail+0xb/0x20
[  479.308946][  T637]  should_fail_usercopy+0x1a/0x20
[  479.308964][  T637]  _copy_from_user+0x1c/0xb0
[  479.308991][  T637]  memdup_user+0x5e/0xd0
[  479.309017][  T637]  strndup_user+0x68/0xb0
[  479.309072][  T637]  perf_ioctl+0x58a/0x12e0
[  479.309102][  T637]  ? ioctl_has_perm+0x289/0x2a0
[  479.309121][  T637]  ? do_vfs_ioctl+0x866/0xe10
[  479.309142][  T637]  ? selinux_file_ioctl+0x308/0x3a0
[  479.309215][  T637]  ? __fget_files+0x184/0x1c0
[  479.309244][  T637]  ? __pfx_perf_ioctl+0x10/0x10
[  479.309303][  T637]  __se_sys_ioctl+0xce/0x140
[  479.309402][  T637]  __x64_sys_ioctl+0x43/0x50
[  479.309438][  T637]  x64_sys_call+0x1816/0x2ff0
[  479.309463][  T637]  do_syscall_64+0xd2/0x200
[  479.309535][  T637]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  479.309675][  T637]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  479.309695][  T637]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  479.309715][  T637] RIP: 0033:0x7fc1fd47ebe9
[  479.309789][  T637] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  479.309807][  T637] RSP: 002b:00007fc1fbae7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  479.309825][  T637] RAX: ffffffffffffffda RBX: 00007fc1fd6a5fa0 RCX: 00007fc1fd47ebe9
[  479.309838][  T637] RDX: 0000200000000340 RSI: 0000000040082406 RDI: 0000000000000005
[  479.309850][  T637] RBP: 00007fc1fbae7090 R08: 0000000000000000 R09: 0000000000000000
[  479.309862][  T637] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  479.309937][  T637] R13: 00007fc1fd6a6038 R14: 00007fc1fd6a5fa0 R15: 00007ffe8af90868
[  479.309959][  T637]  </TASK>
[  479.546307][  T644] SELinux:  policydb string S does not match my string SE Linux
[  479.558117][  T644] SELinux: failed to load policy
[  479.602628][  T650] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  479.614177][  T650] SELinux: failed to load policy
[  479.667375][  T669] netlink: 36 bytes leftover after parsing attributes in process `syz.2.10081'.
[  479.678349][  T669] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10081'.
[  479.986459][  T674] FAULT_INJECTION: forcing a failure.
[  479.986459][  T674] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  479.999616][  T674] CPU: 1 UID: 0 PID: 674 Comm: syz.3.10080 Tainted: G        W           6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(voluntary) 
[  479.999734][  T674] Tainted: [W]=WARN
[  479.999741][  T674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  479.999753][  T674] Call Trace:
[  479.999760][  T674]  <TASK>
[  479.999768][  T674]  __dump_stack+0x1d/0x30
[  479.999789][  T674]  dump_stack_lvl+0xe8/0x140
[  479.999814][  T674]  dump_stack+0x15/0x1b
[  479.999831][  T674]  should_fail_ex+0x265/0x280
[  479.999866][  T674]  should_fail+0xb/0x20
[  479.999895][  T674]  should_fail_usercopy+0x1a/0x20
[  479.999918][  T674]  _copy_to_user+0x20/0xa0
[  479.999943][  T674]  simple_read_from_buffer+0xb5/0x130
[  479.999965][  T674]  proc_fail_nth_read+0x10e/0x150
[  480.000014][  T674]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  480.000043][  T674]  vfs_read+0x19d/0x6f0
[  480.000111][  T674]  ? __rcu_read_unlock+0x4f/0x70
[  480.000133][  T674]  ? __fget_files+0x184/0x1c0
[  480.000201][  T674]  ? ldsem_up_read+0x8a/0xd0
[  480.000222][  T674]  ksys_read+0xda/0x1a0
[  480.000288][  T674]  __x64_sys_read+0x40/0x50
[  480.000310][  T674]  x64_sys_call+0x27bc/0x2ff0
[  480.000390][  T674]  do_syscall_64+0xd2/0x200
[  480.000413][  T674]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  480.000437][  T674]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  480.000530][  T674]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  480.000552][  T674] RIP: 0033:0x7f455387d5fc
[  480.000567][  T674] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  480.000585][  T674] RSP: 002b:00007f4551ebe030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  480.000609][  T674] RAX: ffffffffffffffda RBX: 00007f4553aa6090 RCX: 00007f455387d5fc
[  480.000661][  T674] RDX: 000000000000000f RSI: 00007f4551ebe0a0 RDI: 0000000000000007
[  480.000673][  T674] RBP: 00007f4551ebe090 R08: 0000000000000000 R09: 0000000000000000
[  480.000686][  T674] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  480.000699][  T674] R13: 00007f4553aa6128 R14: 00007f4553aa6090 R15: 00007fff6200b788
[  480.000717][  T674]  </TASK>
[  480.347101][  T703] netlink: 36 bytes leftover after parsing attributes in process `syz.3.10093'.
[  480.364827][  T705] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  480.373089][  T705] SELinux: failed to load policy
[  480.663479][  T737] SELinux:  policydb version 0 does not match my version range 15-35
[  480.683551][  T737] SELinux: failed to load policy
[  480.750153][  T742] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  480.767876][  T742] SELinux: failed to load policy
[  480.834283][  T744] random: crng reseeded on system resumption
[  481.055951][  T765] SELinux:  policydb version 0 does not match my version range 15-35
[  481.065762][  T761] cgroup2: Unknown parameter 'pts'
[  481.068986][  T765] SELinux: failed to load policy
[  481.112412][  T769] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  481.134734][  T769] SELinux: failed to load policy
[  481.197313][  T785] 1ªî{X¹¦: renamed from 
30ªî{X¹¦ (while UP)
[  481.214192][  T785] A link change request failed with some changes committed already. Interface 
31ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  481.280597][  T796] !€ÿgid=0x000: renamed from bond_slave_0 (while UP)
[  481.553786][  T812] cgroup2: Unknown parameter 'pts'
[  481.570210][  T817] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  481.578631][  T817] SELinux: failed to load policy
[  481.692746][   T29] kauditd_printk_skb: 308 callbacks suppressed
[  481.692760][   T29] audit: type=1326 audit(1754449790.725:27453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=823 comm="syz.2.10145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c2f86ebe9 code=0x7ffc0000
[  481.753730][   T29] audit: type=1326 audit(1754449790.765:27454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=823 comm="syz.2.10145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f2c2f86ebe9 code=0x7ffc0000
[  481.777346][   T29] audit: type=1326 audit(1754449790.765:27455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=823 comm="syz.2.10145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c2f86ebe9 code=0x7ffc0000
[  481.801138][   T29] audit: type=1326 audit(1754449790.765:27456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=823 comm="syz.2.10145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c2f86ebe9 code=0x7ffc0000
[  481.824658][   T29] audit: type=1326 audit(1754449790.765:27457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=823 comm="syz.2.10145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2c2f86ebe9 code=0x7ffc0000
[  481.848219][   T29] audit: type=1326 audit(1754449790.765:27458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=823 comm="syz.2.10145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c2f86ebe9 code=0x7ffc0000
[  481.871763][   T29] audit: type=1326 audit(1754449790.765:27459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=823 comm="syz.2.10145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c2f86ebe9 code=0x7ffc0000
[  481.895280][   T29] audit: type=1326 audit(1754449790.765:27460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=823 comm="syz.2.10145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=74 compat=0 ip=0x7f2c2f86ebe9 code=0x7ffc0000
[  481.918816][   T29] audit: type=1326 audit(1754449790.765:27461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=823 comm="syz.2.10145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c2f86ebe9 code=0x7ffc0000
[  481.942362][   T29] audit: type=1326 audit(1754449790.765:27462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=823 comm="syz.2.10145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c2f86ebe9 code=0x7ffc0000
[  482.013420][  T832] random: crng reseeded on system resumption
[  482.120920][  T858] vhci_hcd: default hub control req: 0310 v0006 i0003 l0
[  482.218968][  T866] vhci_hcd: default hub control req: 0310 v0006 i0003 l0
[  482.244709][  T869] 0ªî{X¹¦: renamed from 
31ªî{X¹¦ (while UP)
[  482.253203][  T869] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  482.979569][  T907] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  483.002935][  T907] SELinux: failed to load policy
[  483.303369][  T938] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  483.319061][  T938] SELinux: failed to load policy
[  483.419181][  T944] bridge0: entered promiscuous mode
[  483.447016][  T944] macsec1: entered promiscuous mode
[  483.467520][  T944] bridge0: port 3(macsec1) entered blocking state
[  483.474037][  T944] bridge0: port 3(macsec1) entered disabled state
[  483.496029][  T956] __nla_validate_parse: 18 callbacks suppressed
[  483.496047][  T956] netlink: 28 bytes leftover after parsing attributes in process `syz.5.10197'.
[  483.506591][  T944] macsec1: entered allmulticast mode
[  483.517854][  T944] bridge0: entered allmulticast mode
[  483.552322][  T944] macsec1: left allmulticast mode
[  483.557472][  T944] bridge0: left allmulticast mode
[  483.561367][  T960] netlink: 20 bytes leftover after parsing attributes in process `syz.5.10197'.
[  483.580224][  T944] bridge0: left promiscuous mode
[  483.588790][  T962] random: crng reseeded on system resumption
[  483.606486][  T950] netlink: 8 bytes leftover after parsing attributes in process `syz.5.10197'.
[  483.758559][  T979] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=979 comm=syz.2.10205
[  483.848916][  T988] netlink: 36 bytes leftover after parsing attributes in process `syz.2.10209'.
[  483.859824][  T988] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10209'.
[  484.026140][ T1001] ip6gre1: entered allmulticast mode
[  484.168541][ T1013] netlink: 36 bytes leftover after parsing attributes in process `syz.4.10220'.
[  484.182606][ T1013] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10220'.
[  484.334969][ T1027] ip6gre2: entered allmulticast mode
[  484.386798][ T1035] netlink: 24 bytes leftover after parsing attributes in process `syz.2.10230'.
[  484.453187][ T1035] random: crng reseeded on system resumption
[  484.558172][ T1052] netlink: 24 bytes leftover after parsing attributes in process `syz.2.10238'.
[  484.584707][ T1054] ip6gre2: entered allmulticast mode
[  484.658700][ T1066] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  484.667187][ T1066] SELinux: failed to load policy
[  484.720949][ T1076] netlink: 36 bytes leftover after parsing attributes in process `syz.3.10248'.
[  484.814138][ T1085] ip6gre5: entered allmulticast mode
[  484.969006][ T1108] random: crng reseeded on system resumption
[  485.033737][ T1117] ip6gre6: entered allmulticast mode
[  485.060610][ T1118] bridge0: entered promiscuous mode
[  485.066037][ T1118] macsec1: entered promiscuous mode
[  485.072586][ T1118] bridge0: port 3(macsec1) entered blocking state
[  485.079142][ T1118] bridge0: port 3(macsec1) entered disabled state
[  485.099379][ T1118] macsec1: entered allmulticast mode
[  485.104753][ T1118] bridge0: entered allmulticast mode
[  485.121819][ T1118] macsec1: left allmulticast mode
[  485.122330][ T1128] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  485.126895][ T1118] bridge0: left allmulticast mode
[  485.147897][ T1128] SELinux: failed to load policy
[  485.156317][ T1118] bridge0: left promiscuous mode
[  485.172742][ T1137] vhci_hcd: default hub control req: 0310 v0006 i0003 l0
[  485.181107][ T1129] random: crng reseeded on system resumption
[  485.254282][ T1146] vhci_hcd: default hub control req: 0310 v0006 i0003 l0
[  485.777775][ T1176] bridge0: entered promiscuous mode
[  485.785384][ T1176] macsec1: entered promiscuous mode
[  485.791678][ T1176] bridge0: port 3(macsec1) entered blocking state
[  485.798176][ T1176] bridge0: port 3(macsec1) entered disabled state
[  485.805196][ T1176] macsec1: entered allmulticast mode
[  485.810504][ T1176] bridge0: entered allmulticast mode
[  485.816695][ T1176] macsec1: left allmulticast mode
[  485.821770][ T1176] bridge0: left allmulticast mode
[  485.828250][ T1176] bridge0: left promiscuous mode
[  485.844110][ T1178] hub 9-0:1.0: USB hub found
[  485.848895][ T1178] hub 9-0:1.0: 8 ports detected
[  485.855282][ T1181] random: crng reseeded on system resumption
[  486.094755][ T1208] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  486.123000][ T1212] RDS: rds_bind could not find a transport for ::ffff:10.1.1.1, load rds_tcp or rds_rdma?
[  486.165415][ T1208] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  486.203485][ T1218] cgroup2: Unknown parameter 'pts'
[  486.253646][ T1208] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  486.316103][ T1208] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  486.411338][T30937] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  486.431316][T30937] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  486.453586][T30937] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  486.475418][T30937] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  486.499061][ T1226] ip6gre3: entered allmulticast mode
[  486.620314][ T1240] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  486.630741][ T1240] SELinux: failed to load policy
[  486.727256][   T29] kauditd_printk_skb: 462 callbacks suppressed
[  486.727274][   T29] audit: type=1400 audit(1754449795.665:27925): avc:  denied  { execmem } for  pid=1231 comm="syz.4.10309" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  486.764643][   T29] audit: type=1400 audit(1754449795.795:27926): avc:  denied  { read } for  pid=1248 comm="syz.5.10319" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  486.790612][   T29] audit: type=1400 audit(1754449795.795:27927): avc:  denied  { open } for  pid=1248 comm="syz.5.10319" path="/dev/loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  486.815460][   T29] audit: type=1400 audit(1754449795.795:27928): avc:  denied  { ioctl } for  pid=1248 comm="syz.5.10319" path="/dev/loop-control" dev="devtmpfs" ino=99 ioctlcmd=0x4c82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  487.360964][ T1275] 0ªî{X¹¦: renamed from 
31ªî{X¹¦ (while UP)
[  487.370287][ T1275] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  487.501447][   T29] audit: type=1326 audit(1754449796.525:27929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1274 comm="syz.0.10328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1fd47ebe9 code=0x7ffc0000
[  487.525116][   T29] audit: type=1326 audit(1754449796.525:27930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1274 comm="syz.0.10328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1fd47ebe9 code=0x7ffc0000
[  487.548812][   T29] audit: type=1326 audit(1754449796.535:27931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1274 comm="syz.0.10328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc1fd47ebe9 code=0x7ffc0000
[  487.572528][   T29] audit: type=1326 audit(1754449796.535:27932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1274 comm="syz.0.10328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1fd47ebe9 code=0x7ffc0000
[  487.599089][   T29] audit: type=1326 audit(1754449796.535:27933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1274 comm="syz.0.10328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1fd47ebe9 code=0x7ffc0000
[  487.622713][   T29] audit: type=1326 audit(1754449796.555:27934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1274 comm="syz.0.10328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc1fd47ebe9 code=0x7ffc0000
[  487.852883][ T1301] loop0: detected capacity change from 0 to 512
[  487.859893][ T1301] EXT4-fs: Ignoring removed mblk_io_submit option
[  488.140579][ T1301] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  488.198086][ T1301] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  488.219265][ T1301] EXT4-fs (loop0): orphan cleanup on readonly fs
[  488.229184][ T1301] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.10336: Invalid block bitmap block 0 in block_group 0
[  488.251754][ T1301] EXT4-fs (loop0): Remounting filesystem read-only
[  488.258689][ T1309] SELinux:  policydb magic number 0x89 does not match expected magic number 0xf97cff8c
[  488.259994][ T1301] EXT4-fs (loop0): 1 orphan inode deleted
[  488.274799][ T1309] SELinux: failed to load policy
[  488.274994][ T1301] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  488.328954][ T1318] vhci_hcd: default hub control req: 0310 v0006 i0003 l0
[  488.422979][T28858] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  488.512796][ T1347] vhci_hcd: default hub control req: 0310 v0006 i0003 l0
[  488.527157][ T1349] FAULT_INJECTION: forcing a failure.
[  488.527157][ T1349] name failslab, interval 1, probability 0, space 0, times 0
[  488.539908][ T1349] CPU: 1 UID: 0 PID: 1349 Comm: syz.4.10355 Tainted: G        W           6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(voluntary) 
[  488.539973][ T1349] Tainted: [W]=WARN
[  488.539980][ T1349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  488.539992][ T1349] Call Trace:
[  488.539999][ T1349]  <TASK>
[  488.540007][ T1349]  __dump_stack+0x1d/0x30
[  488.540030][ T1349]  dump_stack_lvl+0xe8/0x140
[  488.540088][ T1349]  dump_stack+0x15/0x1b
[  488.540132][ T1349]  should_fail_ex+0x265/0x280
[  488.540223][ T1349]  should_failslab+0x8c/0xb0
[  488.540262][ T1349]  __kmalloc_noprof+0xa5/0x3e0
[  488.540370][ T1349]  ? kobject_get_path+0x92/0x1c0
[  488.540402][ T1349]  kobject_get_path+0x92/0x1c0
[  488.540466][ T1349]  kobject_uevent_env+0x1da/0x570
[  488.540500][ T1349]  ? device_pm_check_callbacks+0x683/0x6a0
[  488.540571][ T1349]  kobject_uevent+0x1d/0x30
[  488.540601][ T1349]  device_del+0x710/0x790
[  488.540623][ T1349]  device_unregister+0x15/0x40
[  488.540640][ T1349]  bdi_unregister+0x307/0x3a0
[  488.540744][ T1349]  __del_gendisk+0x2c3/0x570
[  488.540773][ T1349]  del_gendisk+0xac/0xf0
[  488.540812][ T1349]  loop_remove+0x26/0x80
[  488.540883][ T1349]  loop_control_ioctl+0x3b3/0x3f0
[  488.540981][ T1349]  ? __pfx_loop_control_ioctl+0x10/0x10
[  488.541009][ T1349]  __se_sys_ioctl+0xce/0x140
[  488.541040][ T1349]  __x64_sys_ioctl+0x43/0x50
[  488.541070][ T1349]  x64_sys_call+0x1816/0x2ff0
[  488.541122][ T1349]  do_syscall_64+0xd2/0x200
[  488.541146][ T1349]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  488.541170][ T1349]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  488.541191][ T1349]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  488.541260][ T1349] RIP: 0033:0x7f67873febe9
[  488.541277][ T1349] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  488.541295][ T1349] RSP: 002b:00007f6785a67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  488.541315][ T1349] RAX: ffffffffffffffda RBX: 00007f6787625fa0 RCX: 00007f67873febe9
[  488.541330][ T1349] RDX: 0000000000000000 RSI: 0000000000004c81 RDI: 0000000000000006
[  488.541343][ T1349] RBP: 00007f6785a67090 R08: 0000000000000000 R09: 0000000000000000
[  488.541356][ T1349] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  488.541390][ T1349] R13: 00007f6787626038 R14: 00007f6787625fa0 R15: 00007ffe43b151e8
[  488.541412][ T1349]  </TASK>
[  488.863412][ T1356] ip6gre3: entered allmulticast mode
[  488.885311][ T1358] __nla_validate_parse: 23 callbacks suppressed
[  488.885323][ T1358] netlink: 36 bytes leftover after parsing attributes in process `syz.4.10359'.
[  488.902735][ T1358] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10359'.
[  489.044316][ T1362] SELinux:  policydb magic number 0x89 does not match expected magic number 0xf97cff8c
[  489.054241][ T1362] SELinux: failed to load policy
[  489.085009][ T1364] netlink: 5 bytes leftover after parsing attributes in process `syz.4.10362'.
[  489.094271][ T1364] 1ªî{X¹¦: renamed from 
30ªî{X¹¦ (while UP)
[  489.102319][ T1364] A link change request failed with some changes committed already. Interface 
31ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  489.317491][ T1376] netlink: 5 bytes leftover after parsing attributes in process `syz.4.10366'.
[  489.326801][ T1376] 0ªî{X¹¦: renamed from 
31ªî{X¹¦ (while UP)
[  489.331296][ T1373] netlink: 12 bytes leftover after parsing attributes in process `syz.0.10365'.
[  489.344265][ T1376] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  489.408413][ T1382] ip6gre7: entered allmulticast mode
[  489.433404][ T1385] netlink: 36 bytes leftover after parsing attributes in process `syz.2.10370'.
[  489.444151][ T1385] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10370'.
[  489.484307][ T1390] SELinux:  policydb magic number 0x89 does not match expected magic number 0xf97cff8c
[  489.494188][ T1390] SELinux: failed to load policy
[  489.541190][ T1397] netlink: 5 bytes leftover after parsing attributes in process `syz.4.10375'.
[  489.550303][ T1397] 1ªî{X¹¦: renamed from 
30ªî{X¹¦ (while UP)
[  489.558584][ T1397] A link change request failed with some changes committed already. Interface 
31ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  489.750425][ T1414] netlink: 36 bytes leftover after parsing attributes in process `syz.2.10381'.
[  489.761197][ T1414] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10381'.
[  490.280223][ T1424] netlink: 'syz.4.10385': attribute type 10 has an invalid length.
[  490.292017][ T1424] team0: Port device dummy0 added
[  490.343626][ T1426] random: crng reseeded on system resumption
[  490.372667][ T1430] SELinux:  policydb string  does not match my string SE Linux
[  490.380369][ T1430] SELinux: failed to load policy
[  490.536986][ T1442] cgroup2: Unknown parameter 'pts'
[  490.643369][ T1465] SELinux:  policydb magic number 0x7cff8c does not match expected magic number 0xf97cff8c
[  490.654336][ T1465] SELinux: failed to load policy
[  490.779184][ T1472] FAULT_INJECTION: forcing a failure.
[  490.779184][ T1472] name failslab, interval 1, probability 0, space 0, times 0
[  490.791984][ T1472] CPU: 0 UID: 0 PID: 1472 Comm: syz.3.10405 Tainted: G        W           6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(voluntary) 
[  490.792024][ T1472] Tainted: [W]=WARN
[  490.792032][ T1472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  490.792047][ T1472] Call Trace:
[  490.792055][ T1472]  <TASK>
[  490.792118][ T1472]  __dump_stack+0x1d/0x30
[  490.792143][ T1472]  dump_stack_lvl+0xe8/0x140
[  490.792166][ T1472]  dump_stack+0x15/0x1b
[  490.792185][ T1472]  should_fail_ex+0x265/0x280
[  490.792222][ T1472]  should_failslab+0x8c/0xb0
[  490.792303][ T1472]  kmem_cache_alloc_noprof+0x50/0x310
[  490.792335][ T1472]  ? __kernfs_new_node+0x6d/0x350
[  490.792365][ T1472]  __kernfs_new_node+0x6d/0x350
[  490.792394][ T1472]  ? __rcu_read_unlock+0x4f/0x70
[  490.792468][ T1472]  ? __rcu_read_unlock+0x4f/0x70
[  490.792523][ T1472]  ? __rcu_read_unlock+0x4f/0x70
[  490.792547][ T1472]  ? kernfs_next_descendant_post+0xd3/0x110
[  490.792582][ T1472]  kernfs_new_node+0xd0/0x140
[  490.792612][ T1472]  kernfs_create_link+0x70/0x130
[  490.792711][ T1472]  sysfs_do_create_link_sd+0x6a/0x100
[  490.792738][ T1472]  sysfs_create_link+0x51/0x70
[  490.792838][ T1472]  driver_sysfs_add+0x98/0x160
[  490.792863][ T1472]  really_probe+0xf6/0x5c0
[  490.792887][ T1472]  ? __driver_probe_device+0x116/0x190
[  490.792914][ T1472]  __driver_probe_device+0x121/0x190
[  490.792966][ T1472]  driver_probe_device+0x37/0x2f0
[  490.792993][ T1472]  __device_attach_driver+0x205/0x310
[  490.793018][ T1472]  ? __pfx___device_attach_driver+0x10/0x10
[  490.793087][ T1472]  bus_for_each_drv+0x1bd/0x230
[  490.793122][ T1472]  __device_attach+0x1c7/0x290
[  490.793147][ T1472]  device_attach+0x17/0x20
[  490.793169][ T1472]  proc_ioctl+0x2f7/0x400
[  490.793276][ T1472]  proc_ioctl_default+0x71/0xa0
[  490.793307][ T1472]  usbdev_ioctl+0xe97/0x1710
[  490.793397][ T1472]  ? __pfx_usbdev_ioctl+0x10/0x10
[  490.793484][ T1472]  __se_sys_ioctl+0xce/0x140
[  490.793522][ T1472]  __x64_sys_ioctl+0x43/0x50
[  490.793559][ T1472]  x64_sys_call+0x1816/0x2ff0
[  490.793660][ T1472]  do_syscall_64+0xd2/0x200
[  490.793686][ T1472]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  490.793714][ T1472]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  490.793739][ T1472]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  490.793806][ T1472] RIP: 0033:0x7f455387ebe9
[  490.793824][ T1472] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  490.793845][ T1472] RSP: 002b:00007f4551edf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  490.793867][ T1472] RAX: ffffffffffffffda RBX: 00007f4553aa5fa0 RCX: 00007f455387ebe9
[  490.793882][ T1472] RDX: 0000200000000000 RSI: 00000000c0105512 RDI: 0000000000000003
[  490.793905][ T1472] RBP: 00007f4551edf090 R08: 0000000000000000 R09: 0000000000000000
[  490.793920][ T1472] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  490.793935][ T1472] R13: 00007f4553aa6038 R14: 00007f4553aa5fa0 R15: 00007fff6200b788
[  490.793956][ T1472]  </TASK>
[  490.794710][ T1472] hub 9-0:1.0: really_probe: driver_sysfs_add failed
[  491.142045][ T1475] tipc: Can't bind to reserved service type 2
[  492.021724][   T29] kauditd_printk_skb: 346 callbacks suppressed
[  492.021744][   T29] audit: type=1400 audit(1754449801.045:28278): avc:  denied  { mounton } for  pid=1501 comm="syz.2.10416" path="/proc/846/task" dev="proc" ino=132566 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  492.050996][   T29] audit: type=1400 audit(1754449801.045:28279): avc:  denied  { mount } for  pid=1501 comm="syz.2.10416" name="/" dev="configfs" ino=2008 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  492.109637][   T29] audit: type=1326 audit(1754449801.115:28280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1501 comm="syz.2.10416" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2c2f86ebe9 code=0x0
[  492.219473][   T29] audit: type=1326 audit(1754449801.245:28281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1489 comm="syz.0.10411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1fd47ebe9 code=0x7ffc0000
[  492.261398][   T29] audit: type=1326 audit(1754449801.285:28282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1489 comm="syz.0.10411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1fd47ebe9 code=0x7ffc0000
[  492.408493][   T29] audit: type=1326 audit(1754449801.435:28283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1478 comm="syz.4.10408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67873febe9 code=0x7ffc0000
[  492.432195][   T29] audit: type=1326 audit(1754449801.435:28284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1478 comm="syz.4.10408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67873febe9 code=0x7ffc0000
[  492.474885][   T29] audit: type=1400 audit(1754449801.495:28285): avc:  denied  { egress } for  pid=13064 comm="kworker/u8:19" saddr=fe80::1b daddr=ff02::2 netif=gretap0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=1
[  492.499434][   T29] audit: type=1400 audit(1754449801.495:28286): avc:  denied  { sendto } for  pid=13064 comm="kworker/u8:19" saddr=fe80::1b daddr=ff02::2 netif=gretap0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=node permissive=1
[  492.540643][   T29] audit: type=1400 audit(1754449801.565:28287): avc:  denied  { getopt } for  pid=1511 comm="syz.4.10419" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  492.864331][ T1558] 0ªî{X¹¦: renamed from 
31ªî{X¹¦ (while UP)
[  492.872768][ T1558] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  493.297535][ T1590] vhci_hcd: default hub control req: 0310 v0006 i0003 l0
[  493.671684][ T1627] cgroup2: Unknown parameter 'pts'
[  494.658052][ T1646] __nla_validate_parse: 14 callbacks suppressed
[  494.658068][ T1646] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10470'.
[  495.153166][ T1698] FAULT_INJECTION: forcing a failure.
[  495.153166][ T1698] name failslab, interval 1, probability 0, space 0, times 0
[  495.166068][ T1698] CPU: 0 UID: 0 PID: 1698 Comm: syz.0.10491 Tainted: G        W           6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(voluntary) 
[  495.166145][ T1698] Tainted: [W]=WARN
[  495.166152][ T1698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  495.166222][ T1698] Call Trace:
[  495.166230][ T1698]  <TASK>
[  495.166237][ T1698]  __dump_stack+0x1d/0x30
[  495.166258][ T1698]  dump_stack_lvl+0xe8/0x140
[  495.166317][ T1698]  dump_stack+0x15/0x1b
[  495.166336][ T1698]  should_fail_ex+0x265/0x280
[  495.166366][ T1698]  should_failslab+0x8c/0xb0
[  495.166398][ T1698]  __kmalloc_node_noprof+0xa9/0x410
[  495.166429][ T1698]  ? qdisc_alloc+0x65/0x440
[  495.166456][ T1698]  qdisc_alloc+0x65/0x440
[  495.166483][ T1698]  ? nla_strcmp+0xc3/0xe0
[  495.166510][ T1698]  qdisc_create+0xf5/0x9e0
[  495.166538][ T1698]  tc_modify_qdisc+0xf2e/0x1420
[  495.166575][ T1698]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  495.166601][ T1698]  rtnetlink_rcv_msg+0x657/0x6d0
[  495.166628][ T1698]  ? avc_has_perm_noaudit+0x1b1/0x200
[  495.166720][ T1698]  netlink_rcv_skb+0x120/0x220
[  495.166748][ T1698]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  495.166790][ T1698]  rtnetlink_rcv+0x1c/0x30
[  495.166814][ T1698]  netlink_unicast+0x5c0/0x690
[  495.166891][ T1698]  netlink_sendmsg+0x58b/0x6b0
[  495.166950][ T1698]  ? __pfx_netlink_sendmsg+0x10/0x10
[  495.166982][ T1698]  __sock_sendmsg+0x145/0x180
[  495.167086][ T1698]  ____sys_sendmsg+0x31e/0x4e0
[  495.167181][ T1698]  ___sys_sendmsg+0x17b/0x1d0
[  495.167277][ T1698]  __x64_sys_sendmsg+0xd4/0x160
[  495.167317][ T1698]  x64_sys_call+0x191e/0x2ff0
[  495.167410][ T1698]  do_syscall_64+0xd2/0x200
[  495.167435][ T1698]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  495.167458][ T1698]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  495.167497][ T1698]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  495.167522][ T1698] RIP: 0033:0x7fc1fd47ebe9
[  495.167541][ T1698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  495.167562][ T1698] RSP: 002b:00007fc1fbae7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  495.167584][ T1698] RAX: ffffffffffffffda RBX: 00007fc1fd6a5fa0 RCX: 00007fc1fd47ebe9
[  495.167725][ T1698] RDX: 0000000000000000 RSI: 00002000000012c0 RDI: 0000000000000003
[  495.167737][ T1698] RBP: 00007fc1fbae7090 R08: 0000000000000000 R09: 0000000000000000
[  495.167748][ T1698] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  495.167760][ T1698] R13: 00007fc1fd6a6038 R14: 00007fc1fd6a5fa0 R15: 00007ffe8af90868
[  495.167825][ T1698]  </TASK>
[  495.496182][ T1710] netlink: 36 bytes leftover after parsing attributes in process `syz.4.10496'.
[  495.507066][ T1710] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10496'.
[  495.846831][ T1717] SELinux:  policydb string SE Li does not match my string SE Linux
[  495.902900][ T1717] SELinux: failed to load policy
[  495.942027][ T1724] netlink: 12 bytes leftover after parsing attributes in process `syz.4.10501'.
[  496.023115][ T1730] hub 9-0:1.0: USB hub found
[  496.032732][ T1730] hub 9-0:1.0: 8 ports detected
[  496.075288][ T1735] FAULT_INJECTION: forcing a failure.
[  496.075288][ T1735] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  496.088487][ T1735] CPU: 1 UID: 0 PID: 1735 Comm: syz.2.10506 Tainted: G        W           6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(voluntary) 
[  496.088544][ T1735] Tainted: [W]=WARN
[  496.088551][ T1735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  496.088566][ T1735] Call Trace:
[  496.088573][ T1735]  <TASK>
[  496.088583][ T1735]  __dump_stack+0x1d/0x30
[  496.088648][ T1735]  dump_stack_lvl+0xe8/0x140
[  496.088750][ T1735]  dump_stack+0x15/0x1b
[  496.088769][ T1735]  should_fail_ex+0x265/0x280
[  496.088806][ T1735]  should_fail+0xb/0x20
[  496.088844][ T1735]  should_fail_usercopy+0x1a/0x20
[  496.088866][ T1735]  _copy_from_iter+0xcf/0xe40
[  496.088892][ T1735]  ? __build_skb_around+0x1a0/0x200
[  496.089001][ T1735]  ? __alloc_skb+0x223/0x320
[  496.089028][ T1735]  netlink_sendmsg+0x471/0x6b0
[  496.089061][ T1735]  ? __pfx_netlink_sendmsg+0x10/0x10
[  496.089092][ T1735]  __sock_sendmsg+0x145/0x180
[  496.089117][ T1735]  sock_write_iter+0x165/0x1b0
[  496.089216][ T1735]  ? __pfx_sock_write_iter+0x10/0x10
[  496.089237][ T1735]  vfs_write+0x49d/0x8e0
[  496.089262][ T1735]  ksys_write+0xda/0x1a0
[  496.089286][ T1735]  __x64_sys_write+0x40/0x50
[  496.089324][ T1735]  x64_sys_call+0x27fe/0x2ff0
[  496.089349][ T1735]  do_syscall_64+0xd2/0x200
[  496.089376][ T1735]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  496.089438][ T1735]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  496.089460][ T1735]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  496.089484][ T1735] RIP: 0033:0x7f2c2f86ebe9
[  496.089502][ T1735] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  496.089521][ T1735] RSP: 002b:00007f2c2ded7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  496.089552][ T1735] RAX: ffffffffffffffda RBX: 00007f2c2fa95fa0 RCX: 00007f2c2f86ebe9
[  496.089568][ T1735] RDX: 0000000000000085 RSI: 0000200000000000 RDI: 0000000000000006
[  496.089612][ T1735] RBP: 00007f2c2ded7090 R08: 0000000000000000 R09: 0000000000000000
[  496.089627][ T1735] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  496.089642][ T1735] R13: 00007f2c2fa96038 R14: 00007f2c2fa95fa0 R15: 00007ffc98e850c8
[  496.089663][ T1735]  </TASK>
[  496.445292][ T1758] netlink: 36 bytes leftover after parsing attributes in process `syz.4.10516'.
[  496.455248][ T1761] netlink: 36 bytes leftover after parsing attributes in process `syz.3.10517'.
[  496.466496][ T1758] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10516'.
[  496.467419][ T1761] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10517'.
[  496.650854][ T1789] netlink: 24 bytes leftover after parsing attributes in process `syz.2.10530'.
[  496.750158][ T1796] netlink: 36 bytes leftover after parsing attributes in process `syz.0.10533'.
[  496.787140][ T1801] netlink: 'syz.0.10535': attribute type 27 has an invalid length.
[  497.047239][   T29] kauditd_printk_skb: 292 callbacks suppressed
[  497.047255][   T29] audit: type=1326 audit(1754449806.075:28580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1804 comm="syz.0.10536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1fd47ebe9 code=0x7ffc0000
[  497.103715][   T29] audit: type=1326 audit(1754449806.115:28581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1804 comm="syz.0.10536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fc1fd47ebe9 code=0x7ffc0000
[  497.127431][   T29] audit: type=1326 audit(1754449806.115:28582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1804 comm="syz.0.10536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1fd47ebe9 code=0x7ffc0000
[  497.151105][   T29] audit: type=1326 audit(1754449806.115:28583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1804 comm="syz.0.10536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1fd47ebe9 code=0x7ffc0000
[  497.174872][   T29] audit: type=1326 audit(1754449806.115:28584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1804 comm="syz.0.10536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc1fd47ebe9 code=0x7ffc0000
[  497.198464][   T29] audit: type=1326 audit(1754449806.115:28585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1804 comm="syz.0.10536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1fd47ebe9 code=0x7ffc0000
[  497.222101][   T29] audit: type=1326 audit(1754449806.115:28586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1804 comm="syz.0.10536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1fd47ebe9 code=0x7ffc0000
[  497.245751][   T29] audit: type=1326 audit(1754449806.115:28587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1804 comm="syz.0.10536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc1fd47ebe9 code=0x7ffc0000
[  497.269324][   T29] audit: type=1326 audit(1754449806.115:28588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1804 comm="syz.0.10536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1fd47ebe9 code=0x7ffc0000
[  497.292987][   T29] audit: type=1326 audit(1754449806.115:28589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1804 comm="syz.0.10536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc1fd47ebe9 code=0x7ffc0000
[  497.377897][ T1811] cgroup2: Unknown parameter 'pts'
[  497.443780][ T1816] SELinux:  policydb string SE Linu does not match my string SE Linux
[  497.457281][ T1816] SELinux: failed to load policy
[  497.654513][ T1838] FAULT_INJECTION: forcing a failure.
[  497.654513][ T1838] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  497.667645][ T1838] CPU: 0 UID: 0 PID: 1838 Comm: syz.2.10548 Tainted: G        W           6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(voluntary) 
[  497.667682][ T1838] Tainted: [W]=WARN
[  497.667690][ T1838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  497.667704][ T1838] Call Trace:
[  497.667712][ T1838]  <TASK>
[  497.667721][ T1838]  __dump_stack+0x1d/0x30
[  497.667745][ T1838]  dump_stack_lvl+0xe8/0x140
[  497.667812][ T1838]  dump_stack+0x15/0x1b
[  497.667880][ T1838]  should_fail_ex+0x265/0x280
[  497.667916][ T1838]  should_fail+0xb/0x20
[  497.668004][ T1838]  should_fail_usercopy+0x1a/0x20
[  497.668071][ T1838]  _copy_to_user+0x20/0xa0
[  497.668101][ T1838]  simple_read_from_buffer+0xb5/0x130
[  497.668126][ T1838]  proc_fail_nth_read+0x10e/0x150
[  497.668158][ T1838]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  497.668239][ T1838]  vfs_read+0x19d/0x6f0
[  497.668262][ T1838]  ? __rcu_read_unlock+0x4f/0x70
[  497.668287][ T1838]  ? __fget_files+0x184/0x1c0
[  497.668373][ T1838]  ksys_read+0xda/0x1a0
[  497.668398][ T1838]  __x64_sys_read+0x40/0x50
[  497.668501][ T1838]  x64_sys_call+0x27bc/0x2ff0
[  497.668526][ T1838]  do_syscall_64+0xd2/0x200
[  497.668553][ T1838]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  497.668634][ T1838]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  497.668659][ T1838]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  497.668727][ T1838] RIP: 0033:0x7f2c2f86d5fc
[  497.668744][ T1838] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  497.668765][ T1838] RSP: 002b:00007f2c2ded7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  497.668896][ T1838] RAX: ffffffffffffffda RBX: 00007f2c2fa95fa0 RCX: 00007f2c2f86d5fc
[  497.668983][ T1838] RDX: 000000000000000f RSI: 00007f2c2ded70a0 RDI: 0000000000000004
[  497.668997][ T1838] RBP: 00007f2c2ded7090 R08: 0000000000000000 R09: 0000000000000000
[  497.669011][ T1838] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  497.669026][ T1838] R13: 00007f2c2fa96038 R14: 00007f2c2fa95fa0 R15: 00007ffc98e850c8
[  497.669050][ T1838]  </TASK>
[  498.059834][ T1872] vhci_hcd: default hub control req: 0310 v0006 i0003 l0
[  498.158091][ T1883] 0ªî{X¹¦: renamed from 
31ªî{X¹¦ (while UP)
[  498.167706][ T1883] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  498.457325][ T1907] vlan0: entered allmulticast mode
[  498.564617][ T1912] cgroup2: Unknown parameter 'pts'
[  498.952089][ T1951] cgroup2: Unknown parameter 'pts'
[  499.080117][ T1965] vhci_hcd: default hub control req: 0310 v0006 i0003 l0
[  499.140484][ T1977] cgroup2: Unknown parameter 'pts'
[  500.993820][ T2072] __nla_validate_parse: 17 callbacks suppressed
[  500.993838][ T2072] netlink: 36 bytes leftover after parsing attributes in process `syz.2.10638'.
[  501.011465][ T2072] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10638'.
[  501.021002][ T2074] netlink: 28 bytes leftover after parsing attributes in process `syz.3.10637'.
[  501.030132][ T2074] netlink: 28 bytes leftover after parsing attributes in process `syz.3.10637'.
[  501.120987][ T2084] bridge0: entered promiscuous mode
[  501.128463][ T2084] macsec1: entered promiscuous mode
[  501.135319][ T2084] bridge0: port 3(macsec1) entered blocking state
[  501.142005][ T2084] bridge0: port 3(macsec1) entered disabled state
[  501.156521][ T2084] macsec1: entered allmulticast mode
[  501.161874][ T2084] bridge0: entered allmulticast mode
[  501.168441][ T2084] macsec1: left allmulticast mode
[  501.173860][ T2084] bridge0: left allmulticast mode
[  501.180655][ T2084] bridge0: left promiscuous mode
[  501.641827][ T2125] netlink: 'syz.5.10657': attribute type 3 has an invalid length.
[  501.654801][ T2125] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=2125 comm=syz.5.10657
[  502.166464][ T2140] netlink: 24 bytes leftover after parsing attributes in process `syz.3.10663'.
[  502.254422][   T29] kauditd_printk_skb: 271 callbacks suppressed
[  502.254439][   T29] audit: type=1400 audit(1754449811.285:28861): avc:  denied  { create } for  pid=2155 comm="syz.0.10672" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  502.809665][ T2178] bridge0: entered promiscuous mode
[  502.845036][ T2178] macsec1: entered promiscuous mode
[  502.852896][ T2178] bridge0: port 3(macsec1) entered blocking state
[  502.859363][ T2178] bridge0: port 3(macsec1) entered disabled state
[  502.873911][ T2178] macsec1: entered allmulticast mode
[  502.879376][ T2178] bridge0: entered allmulticast mode
[  502.920285][ T2186] netlink: 24 bytes leftover after parsing attributes in process `syz.0.10681'.
[  502.924144][ T2178] macsec1: left allmulticast mode
[  502.934439][ T2178] bridge0: left allmulticast mode
[  502.960239][ T2178] bridge0: left promiscuous mode
[  502.973622][ T2188] random: crng reseeded on system resumption
[  503.003462][   T29] audit: type=1400 audit(1754449812.035:28862): avc:  denied  { firmware_load } for  pid=30910 comm="kworker/u8:37" path="/lib/firmware/regulatory.db" dev="sda1" ino=448 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1
[  503.028837][   T29] audit: type=1400 audit(1754449812.035:28863): avc:  denied  { firmware_load } for  pid=30900 comm="kworker/u8:29" path="/lib/firmware/regulatory.db.p7s" dev="sda1" ino=449 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1
[  503.096126][   T29] audit: type=1326 audit(1754449812.125:28864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2191 comm="syz.4.10682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67873febe9 code=0x7ffc0000
[  503.142941][   T29] audit: type=1326 audit(1754449812.155:28865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2191 comm="syz.4.10682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=68 compat=0 ip=0x7f67873febe9 code=0x7ffc0000
[  503.166608][   T29] audit: type=1326 audit(1754449812.155:28866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2191 comm="syz.4.10682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67873febe9 code=0x7ffc0000
[  503.190303][   T29] audit: type=1326 audit(1754449812.155:28867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2191 comm="syz.4.10682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67873febe9 code=0x7ffc0000
[  503.213915][   T29] audit: type=1326 audit(1754449812.155:28868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2191 comm="syz.4.10682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f67873febe9 code=0x7ffc0000
[  503.237982][   T29] audit: type=1326 audit(1754449812.155:28869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2191 comm="syz.4.10682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67873febe9 code=0x7ffc0000
[  503.261672][   T29] audit: type=1326 audit(1754449812.155:28870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2191 comm="syz.4.10682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67873febe9 code=0x7ffc0000
[  503.379582][ T2209] netlink: 5 bytes leftover after parsing attributes in process `syz.2.10689'.
[  503.393988][ T2209] 1ªî{X¹¦: renamed from 
30ªî{X¹¦ (while UP)
[  503.410513][ T2209] A link change request failed with some changes committed already. Interface 
31ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  503.433998][ T2216] netlink: 36 bytes leftover after parsing attributes in process `syz.0.10692'.
[  503.706408][ T2237] netlink: 36 bytes leftover after parsing attributes in process `syz.2.10698'.
[  503.744578][ T2228] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[  503.805442][ T2233] hub 6-0:1.0: USB hub found
[  503.813695][ T2233] hub 6-0:1.0: 8 ports detected
[  504.155428][ T2255] 0ªî{X¹¦: renamed from gretap0 (while UP)
[  504.163320][ T2255] 0ªî{X¹¦: entered allmulticast mode
[  504.169370][ T2255] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  504.220234][ T2257] 9pnet_fd: Insufficient options for proto=fd
[  504.807959][ T2318] ip6tnl1: entered promiscuous mode
[  504.813483][ T2318] ip6tnl1: entered allmulticast mode
[  504.909351][ T2321] bridge0: port 2(bridge_slave_1) entered disabled state
[  504.916674][ T2321] bridge0: port 1(bridge_slave_0) entered disabled state
[  504.966935][ T2321] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  504.979051][ T2321] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  505.014956][ T2321] ip6gre1: left allmulticast mode
[  505.021488][ T2321] ip6gre2: left allmulticast mode
[  505.033023][T30937] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  505.042921][T30937] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  505.052101][T30937] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  505.082178][T30937] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  505.939723][ T2339] random: crng reseeded on system resumption
[  506.028472][ T2360] bridge0: entered promiscuous mode
[  506.033943][ T2360] macsec1: entered promiscuous mode
[  506.040170][ T2360] bridge0: port 3(macsec1) entered blocking state
[  506.046626][ T2360] bridge0: port 3(macsec1) entered disabled state
[  506.053483][ T2360] macsec1: entered allmulticast mode
[  506.058785][ T2360] bridge0: entered allmulticast mode
[  506.065191][ T2360] macsec1: left allmulticast mode
[  506.070468][ T2360] bridge0: left allmulticast mode
[  506.076228][ T2360] bridge0: left promiscuous mode
[  506.092161][ T2361] random: crng reseeded on system resumption
[  506.161788][ T2367] __nla_validate_parse: 4 callbacks suppressed
[  506.161806][ T2367] netlink: 36 bytes leftover after parsing attributes in process `syz.4.10750'.
[  506.398043][ T2391] netlink: 5 bytes leftover after parsing attributes in process `syz.5.10760'.
[  506.407328][ T2391] 1ªî{X¹¦: renamed from 
30ªî{X¹¦ (while UP)
[  506.417310][ T2391] A link change request failed with some changes committed already. Interface 
31ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  506.774680][ T2437] netlink: 'syz.4.10779': attribute type 21 has an invalid length.
[  506.784395][ T2437] netlink: 132 bytes leftover after parsing attributes in process `syz.4.10779'.
[  506.793546][ T2437] netlink: 20 bytes leftover after parsing attributes in process `syz.4.10779'.
[  506.856101][ T2449] FAULT_INJECTION: forcing a failure.
[  506.856101][ T2449] name failslab, interval 1, probability 0, space 0, times 0
[  506.868827][ T2449] CPU: 0 UID: 0 PID: 2449 Comm: syz.4.10783 Tainted: G        W           6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(voluntary) 
[  506.868875][ T2449] Tainted: [W]=WARN
[  506.868883][ T2449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  506.868895][ T2449] Call Trace:
[  506.868902][ T2449]  <TASK>
[  506.868910][ T2449]  __dump_stack+0x1d/0x30
[  506.868931][ T2449]  dump_stack_lvl+0xe8/0x140
[  506.868950][ T2449]  dump_stack+0x15/0x1b
[  506.869039][ T2449]  should_fail_ex+0x265/0x280
[  506.869141][ T2449]  should_failslab+0x8c/0xb0
[  506.869187][ T2449]  kmem_cache_alloc_node_noprof+0x57/0x320
[  506.869217][ T2449]  ? alloc_vmap_area+0x231/0xe50
[  506.869317][ T2449]  alloc_vmap_area+0x231/0xe50
[  506.869397][ T2449]  ? should_failslab+0x8c/0xb0
[  506.869423][ T2449]  ? __kmalloc_cache_node_noprof+0x18a/0x320
[  506.869454][ T2449]  __get_vm_area_node+0x173/0x1d0
[  506.869484][ T2449]  __vmalloc_node_range_noprof+0x273/0xe00
[  506.869533][ T2449]  ? bpf_prog_alloc_no_stats+0x47/0x3a0
[  506.869639][ T2449]  ? fixup_exception+0x741/0xd50
[  506.869664][ T2449]  ? avc_has_perm_noaudit+0x1b1/0x200
[  506.869687][ T2449]  ? cred_has_capability+0x210/0x280
[  506.869751][ T2449]  ? bpf_prog_alloc_no_stats+0x47/0x3a0
[  506.869766][ T2449]  __vmalloc_noprof+0x83/0xc0
[  506.869842][ T2449]  ? bpf_prog_alloc_no_stats+0x47/0x3a0
[  506.869857][ T2449]  bpf_prog_alloc_no_stats+0x47/0x3a0
[  506.869872][ T2449]  ? bpf_prog_alloc+0x2a/0x150
[  506.869887][ T2449]  bpf_prog_alloc+0x3c/0x150
[  506.869958][ T2449]  bpf_prog_load+0x514/0x1070
[  506.869980][ T2449]  ? security_bpf+0x2b/0x90
[  506.870051][ T2449]  __sys_bpf+0x462/0x7b0
[  506.870070][ T2449]  __x64_sys_bpf+0x41/0x50
[  506.870088][ T2449]  x64_sys_call+0x2aea/0x2ff0
[  506.870101][ T2449]  do_syscall_64+0xd2/0x200
[  506.870133][ T2449]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  506.870147][ T2449]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  506.870160][ T2449]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  506.870258][ T2449] RIP: 0033:0x7f67873febe9
[  506.870268][ T2449] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  506.870280][ T2449] RSP: 002b:00007f6785a67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  506.870291][ T2449] RAX: ffffffffffffffda RBX: 00007f6787625fa0 RCX: 00007f67873febe9
[  506.870299][ T2449] RDX: 0000000000000048 RSI: 00002000000017c0 RDI: 0000000000000005
[  506.870307][ T2449] RBP: 00007f6785a67090 R08: 0000000000000000 R09: 0000000000000000
[  506.870344][ T2449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  506.870351][ T2449] R13: 00007f6787626038 R14: 00007f6787625fa0 R15: 00007ffe43b151e8
[  506.870363][ T2449]  </TASK>
[  506.870377][ T2449] syz.4.10783: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0
[  507.152703][ T2449] CPU: 0 UID: 0 PID: 2449 Comm: syz.4.10783 Tainted: G        W           6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(voluntary) 
[  507.152726][ T2449] Tainted: [W]=WARN
[  507.152730][ T2449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  507.152805][ T2449] Call Trace:
[  507.152811][ T2449]  <TASK>
[  507.152819][ T2449]  __dump_stack+0x1d/0x30
[  507.152911][ T2449]  dump_stack_lvl+0xe8/0x140
[  507.153011][ T2449]  dump_stack+0x15/0x1b
[  507.153021][ T2449]  warn_alloc+0x12b/0x1a0
[  507.153089][ T2449]  __vmalloc_node_range_noprof+0x297/0xe00
[  507.153108][ T2449]  ? fixup_exception+0x741/0xd50
[  507.153122][ T2449]  ? avc_has_perm_noaudit+0x1b1/0x200
[  507.153142][ T2449]  ? cred_has_capability+0x210/0x280
[  507.153191][ T2449]  ? bpf_prog_alloc_no_stats+0x47/0x3a0
[  507.153207][ T2449]  __vmalloc_noprof+0x83/0xc0
[  507.153298][ T2449]  ? bpf_prog_alloc_no_stats+0x47/0x3a0
[  507.153314][ T2449]  bpf_prog_alloc_no_stats+0x47/0x3a0
[  507.153353][ T2449]  ? bpf_prog_alloc+0x2a/0x150
[  507.153368][ T2449]  bpf_prog_alloc+0x3c/0x150
[  507.153382][ T2449]  bpf_prog_load+0x514/0x1070
[  507.153463][ T2449]  ? security_bpf+0x2b/0x90
[  507.153546][ T2449]  __sys_bpf+0x462/0x7b0
[  507.153565][ T2449]  __x64_sys_bpf+0x41/0x50
[  507.153579][ T2449]  x64_sys_call+0x2aea/0x2ff0
[  507.153623][ T2449]  do_syscall_64+0xd2/0x200
[  507.153637][ T2449]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  507.153652][ T2449]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  507.153669][ T2449]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  507.153744][ T2449] RIP: 0033:0x7f67873febe9
[  507.153814][ T2449] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  507.153825][ T2449] RSP: 002b:00007f6785a67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  507.153836][ T2449] RAX: ffffffffffffffda RBX: 00007f6787625fa0 RCX: 00007f67873febe9
[  507.153844][ T2449] RDX: 0000000000000048 RSI: 00002000000017c0 RDI: 0000000000000005
[  507.153851][ T2449] RBP: 00007f6785a67090 R08: 0000000000000000 R09: 0000000000000000
[  507.153859][ T2449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  507.153866][ T2449] R13: 00007f6787626038 R14: 00007f6787625fa0 R15: 00007ffe43b151e8
[  507.153954][ T2449]  </TASK>
[  507.153961][ T2449] Mem-Info:
[  507.381619][ T2449] active_anon:3189 inactive_anon:12 isolated_anon:0
[  507.381619][ T2449]  active_file:12742 inactive_file:15266 isolated_file:0
[  507.381619][ T2449]  unevictable:0 dirty:571 writeback:0
[  507.381619][ T2449]  slab_reclaimable:3325 slab_unreclaimable:30253
[  507.381619][ T2449]  mapped:29861 shmem:203 pagetables:1552
[  507.381619][ T2449]  sec_pagetables:0 bounce:0
[  507.381619][ T2449]  kernel_misc_reclaimable:0
[  507.381619][ T2449]  free:1871301 free_pcp:7631 free_cma:0
[  507.427042][ T2449] Node 0 active_anon:12756kB inactive_anon:48kB active_file:50968kB inactive_file:61064kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:119444kB dirty:2284kB writeback:0kB shmem:812kB kernel_stack:5664kB pagetables:6208kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  507.454691][ T2449] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  507.483477][ T2449] lowmem_reserve[]: 0 2883 7862 7862
[  507.488974][ T2449] Node 0 DMA32 free:2949328kB boost:0kB min:4132kB low:7064kB high:9996kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2952860kB mlocked:0kB bounce:0kB free_pcp:3532kB local_pcp:3532kB free_cma:0kB
[  507.519298][ T2449] lowmem_reserve[]: 0 0 4978 4978
[  507.524401][ T2449] Node 0 Normal free:4520516kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB free_highatomic:0KB active_anon:12688kB inactive_anon:48kB active_file:50968kB inactive_file:61064kB unevictable:0kB writepending:2292kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:26876kB local_pcp:20364kB free_cma:0kB
[  507.556749][ T2449] lowmem_reserve[]: 0 0 0 0
[  507.561330][ T2449] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  507.574173][ T2449] Node 0 DMA32: 4*4kB (M) 4*8kB (M) 4*16kB (M) 5*32kB (M) 3*64kB (M) 4*128kB (M) 3*256kB (M) 3*512kB (M) 3*1024kB (M) 3*2048kB (M) 717*4096kB (M) = 2949328kB
[  507.590751][ T2449] Node 0 Normal: 1497*4kB (UME) 1846*8kB (UME) 699*16kB (UM) 712*32kB (UME) 450*64kB (UME) 326*128kB (UME) 573*256kB (UME) 462*512kB (UME) 424*1024kB (UME) 285*2048kB (UM) 731*4096kB (UM) = 4520516kB
[  507.610566][ T2449] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  507.619905][ T2449] 28194 total pagecache pages
[  507.624673][ T2449] 14 pages in swap cache
[  507.628897][ T2449] Free swap  = 124940kB
[  507.633048][ T2449] Total swap = 124996kB
[  507.637375][ T2449] 2097051 pages RAM
[  507.641259][ T2449] 0 pages HighMem/MovableOnly
[  507.645911][ T2449] 80436 pages reserved
[  507.664724][   T29] kauditd_printk_skb: 374 callbacks suppressed
[  507.664741][   T29] audit: type=1400 audit(1754449816.695:29245): avc:  denied  { block_suspend } for  pid=2451 comm="syz.2.10784" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  507.706048][ T2459] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10788'.
[  507.715198][ T2459] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10788'.
[  507.758617][   T29] audit: type=1400 audit(1754449816.785:29246): avc:  denied  { watch watch_reads } for  pid=2468 comm="syz.5.10791" path="/proc/577/task" dev="proc" ino=135725 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  507.765360][ T2470] FAULT_INJECTION: forcing a failure.
[  507.765360][ T2470] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  507.795457][ T2470] CPU: 0 UID: 0 PID: 2470 Comm: syz.5.10791 Tainted: G        W           6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(voluntary) 
[  507.795494][ T2470] Tainted: [W]=WARN
[  507.795519][ T2470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  507.795531][ T2470] Call Trace:
[  507.795538][ T2470]  <TASK>
[  507.795546][ T2470]  __dump_stack+0x1d/0x30
[  507.795566][ T2470]  dump_stack_lvl+0xe8/0x140
[  507.795584][ T2470]  dump_stack+0x15/0x1b
[  507.795603][ T2470]  should_fail_ex+0x265/0x280
[  507.795645][ T2470]  should_fail+0xb/0x20
[  507.795677][ T2470]  should_fail_usercopy+0x1a/0x20
[  507.795698][ T2470]  strncpy_from_user+0x25/0x230
[  507.795789][ T2470]  ? kmem_cache_alloc_noprof+0x186/0x310
[  507.795820][ T2470]  ? getname_flags+0x80/0x3b0
[  507.795874][ T2470]  getname_flags+0xae/0x3b0
[  507.795900][ T2470]  __x64_sys_unlinkat+0x70/0xb0
[  507.795998][ T2470]  x64_sys_call+0x2ede/0x2ff0
[  507.796067][ T2470]  do_syscall_64+0xd2/0x200
[  507.796090][ T2470]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  507.796114][ T2470]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  507.796134][ T2470]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  507.796211][ T2470] RIP: 0033:0x7fe9bdceebe9
[  507.796288][ T2470] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  507.796305][ T2470] RSP: 002b:00007fe9bc357038 EFLAGS: 00000246 ORIG_RAX: 0000000000000107
[  507.796324][ T2470] RAX: ffffffffffffffda RBX: 00007fe9bdf15fa0 RCX: 00007fe9bdceebe9
[  507.796338][ T2470] RDX: 0000000000000200 RSI: 0000200000000080 RDI: 0000000000000005
[  507.796353][ T2470] RBP: 00007fe9bc357090 R08: 0000000000000000 R09: 0000000000000000
[  507.796366][ T2470] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  507.796377][ T2470] R13: 00007fe9bdf16038 R14: 00007fe9bdf15fa0 R15: 00007ffc13970848
[  507.796417][ T2470]  </TASK>
[  507.833327][ T2464] cgroup2: Unknown parameter 'pts'
[  507.996851][ T2475] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10789'.
[  508.011655][   T29] audit: type=1326 audit(1754449817.045:29247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2474 comm="syz.4.10793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67873febe9 code=0x7ffc0000
[  508.035565][   T29] audit: type=1326 audit(1754449817.045:29248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2474 comm="syz.4.10793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67873febe9 code=0x7ffc0000
[  508.059245][   T29] audit: type=1326 audit(1754449817.045:29249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2474 comm="syz.4.10793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f67873febe9 code=0x7ffc0000
[  508.082906][   T29] audit: type=1326 audit(1754449817.045:29250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2474 comm="syz.4.10793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67873febe9 code=0x7ffc0000
[  508.106610][   T29] audit: type=1326 audit(1754449817.045:29251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2474 comm="syz.4.10793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67873febe9 code=0x7ffc0000
[  508.130478][   T29] audit: type=1326 audit(1754449817.045:29252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2474 comm="syz.4.10793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f67873febe9 code=0x7ffc0000
[  508.154185][   T29] audit: type=1326 audit(1754449817.045:29253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2474 comm="syz.4.10793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67873febe9 code=0x7ffc0000
[  508.177780][   T29] audit: type=1326 audit(1754449817.045:29254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2474 comm="syz.4.10793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67873febe9 code=0x7ffc0000
[  508.233889][ T2483] netlink: 24 bytes leftover after parsing attributes in process `syz.4.10795'.
[  508.293396][ T2490] ------------[ cut here ]------------
[  508.299003][ T2490] verifier bug: REG INVARIANTS VIOLATION (false_reg1): range bounds violation u64=[0xfffffffefffff630, 0xffffffff00000000] s64=[0xfffffffefffff630, 0xffffffff00000000] u32=[0x30, 0x8000050] s32=[0x30, 0x0] var_off=(0xfffffffe00000030, 0x10fffffc0)(1)
[  508.323367][ T2490] WARNING: CPU: 0 PID: 2490 at kernel/bpf/verifier.c:2728 reg_bounds_sanity_check+0x673/0x680
[  508.328488][ T2499] netlink: 24 bytes leftover after parsing attributes in process `syz.0.10803'.
[  508.333925][ T2490] Modules linked in:
[  508.346879][ T2490] CPU: 0 UID: 0 PID: 2490 Comm: syz.3.10798 Tainted: G        W           6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(voluntary) 
[  508.360832][ T2490] Tainted: [W]=WARN
[  508.364669][ T2490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  508.374754][ T2490] RIP: 0010:reg_bounds_sanity_check+0x673/0x680
[  508.381072][ T2490] Code: 7c 24 18 41 ff 74 24 20 55 41 56 4d 89 ee 53 48 8b 5c 24 30 ff 74 24 40 ff 74 24 50 ff 74 24 30 e8 a2 80 ba ff 48 83 c4 38 90 <0f> 0b 90 90 e9 02 fb ff ff 0f 1f 40 00 90 90 90 90 90 90 90 90 90
[  508.400834][ T2490] RSP: 0018:ffffc90005a3b440 EFLAGS: 00010292
[  508.406909][ T2490] RAX: e4166dad2732e000 RBX: ffff888118aab1a8 RCX: ffff88810ae4e300
[  508.414986][ T2490] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000002
[  508.423024][ T2490] RBP: fffffffe00000030 R08: 00000000000165de R09: 0000000000400000
[  508.431018][ T2490] R10: 00000000002cbbc8 R11: ffffc9000915d000 R12: ffff888118aab168
[  508.439012][ T2490] R13: ffff888104460000 R14: ffff888104460000 R15: ffff888118aab1a0
[  508.447003][ T2490] FS:  00007f4551edf6c0(0000) GS:ffff8882aee47000(0000) knlGS:0000000000000000
[  508.455967][ T2490] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  508.462578][ T2490] CR2: 0000200000004000 CR3: 00000001581ac000 CR4: 00000000003506f0
[  508.470559][ T2490] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  508.478694][ T2490] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  508.486873][ T2490] Call Trace:
[  508.490148][ T2490]  <TASK>
[  508.493129][ T2490]  reg_set_min_max+0x215/0x260
[  508.497902][ T2490]  check_cond_jmp_op+0x1080/0x16e0
[  508.503048][ T2490]  do_check+0x332a/0x7a10
[  508.507391][ T2490]  do_check_common+0xc3a/0x1290
[  508.512307][ T2490]  bpf_check+0x942b/0xd9e0
[  508.516797][ T2490]  ? __rcu_read_unlock+0x4f/0x70
[  508.521815][ T2490]  ? __alloc_frozen_pages_noprof+0x188/0x360
[  508.527804][ T2490]  ? alloc_pages_bulk_noprof+0x4b8/0x540
[  508.533582][ T2490]  ? __vmap_pages_range_noflush+0xbb3/0xbd0
[  508.539547][ T2490]  ? css_rstat_updated+0xb7/0x240
[  508.544733][ T2490]  ? pcpu_block_update+0x24e/0x3b0
[  508.549894][ T2490]  ? _find_next_zero_bit+0x64/0xa0
[  508.555048][ T2490]  ? pcpu_block_refresh_hint+0x157/0x170
[  508.560708][ T2490]  ? pcpu_block_update_hint_alloc+0x63d/0x660
[  508.567023][ T2490]  ? css_rstat_updated+0xb7/0x240
[  508.572065][ T2490]  ? __rcu_read_unlock+0x4f/0x70
[  508.576996][ T2490]  ? pcpu_memcg_post_alloc_hook+0xf1/0x150
[  508.582904][ T2490]  ? should_fail_ex+0x30/0x280
[  508.587717][ T2490]  ? selinux_bpf_prog_load+0x36/0xf0
[  508.593034][ T2490]  ? should_failslab+0x8c/0xb0
[  508.597873][ T2490]  ? __kmalloc_cache_noprof+0x189/0x320
[  508.603501][ T2490]  ? selinux_bpf_prog_load+0xbf/0xf0
[  508.608841][ T2490]  ? security_bpf_prog_load+0x2c/0xa0
[  508.614240][ T2490]  bpf_prog_load+0xedd/0x1070
[  508.618936][ T2490]  ? security_bpf+0x2b/0x90
[  508.623561][ T2490]  __sys_bpf+0x462/0x7b0
[  508.627866][ T2490]  __x64_sys_bpf+0x41/0x50
[  508.632297][ T2490]  x64_sys_call+0x2aea/0x2ff0
[  508.636973][ T2490]  do_syscall_64+0xd2/0x200
[  508.641602][ T2490]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  508.647697][ T2490]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  508.653462][ T2490]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  508.659490][ T2490] RIP: 0033:0x7f455387ebe9
[  508.664007][ T2490] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  508.683791][ T2490] RSP: 002b:00007f4551edf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  508.692353][ T2490] RAX: ffffffffffffffda RBX: 00007f4553aa5fa0 RCX: 00007f455387ebe9
[  508.700336][ T2490] RDX: 0000000000000048 RSI: 00002000000017c0 RDI: 0000000000000005
[  508.708519][ T2490] RBP: 00007f4553901e19 R08: 0000000000000000 R09: 0000000000000000
[  508.716528][ T2490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  508.724505][ T2490] R13: 00007f4553aa6038 R14: 00007f4553aa5fa0 R15: 00007fff6200b788
[  508.732494][ T2490]  </TASK>
[  508.735548][ T2490] ---[ end trace 0000000000000000 ]---
[  509.209744][ T2518] cgroup2: Unknown parameter 'pts'
[  509.227109][ T2518] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10809'.
[  509.351937][ T2526] hub 9-0:1.0: USB hub found
[  509.375899][ T2526] hub 9-0:1.0: 8 ports detected
[  510.551988][T30910] bridge_slave_1: left allmulticast mode
[  510.557757][T30910] bridge_slave_1: left promiscuous mode
[  510.563500][T30910] bridge0: port 2(bridge_slave_1) entered disabled state
[  510.609507][T30910] bridge_slave_0: left allmulticast mode
[  510.615509][T30910] bridge_slave_0: left promiscuous mode
[  510.621217][T30910] bridge0: port 1(bridge_slave_0) entered disabled state
[  510.681671][ T6634] SELinux: failure in sel_netif_sid_slow(), invalid network interface (13)
[  510.704609][T30910] dvmrp0 (unregistering): left allmulticast mode
[  510.846631][T30910] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  510.858051][T30910] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  510.873284][T30910] bond0 (unregistering): Released all slaves
[  510.892129][ T2601] 0ªî{X¹¦: renamed from gretap0
[  510.899779][ T2601] 0ªî{X¹¦: entered allmulticast mode
[  510.906194][ T2601] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  510.944227][T30910] hsr_slave_1: left promiscuous mode
[  511.102717][ T2620] FAULT_INJECTION: forcing a failure.
[  511.102717][ T2620] name failslab, interval 1, probability 0, space 0, times 0
[  511.115506][ T2620] CPU: 1 UID: 0 PID: 2620 Comm: syz.4.10843 Tainted: G        W           6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(voluntary) 
[  511.115601][ T2620] Tainted: [W]=WARN
[  511.115608][ T2620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  511.115621][ T2620] Call Trace:
[  511.115628][ T2620]  <TASK>
[  511.115636][ T2620]  __dump_stack+0x1d/0x30
[  511.115659][ T2620]  dump_stack_lvl+0xe8/0x140
[  511.115710][ T2620]  dump_stack+0x15/0x1b
[  511.115729][ T2620]  should_fail_ex+0x265/0x280
[  511.115765][ T2620]  ? snd_seq_prioq_new+0x2c/0x60
[  511.115843][ T2620]  should_failslab+0x8c/0xb0
[  511.115866][ T2620]  __kmalloc_cache_noprof+0x4c/0x320
[  511.115922][ T2620]  ? __kmalloc_cache_noprof+0x189/0x320
[  511.115955][ T2620]  snd_seq_prioq_new+0x2c/0x60
[  511.115985][ T2620]  snd_seq_queue_alloc+0xbf/0x450
[  511.116014][ T2620]  ? should_fail_ex+0xdb/0x280
[  511.116063][ T2620]  snd_seq_ioctl_create_queue+0x4d/0x1b0
[  511.116103][ T2620]  snd_seq_ioctl+0x17d/0x2e0
[  511.116133][ T2620]  ? __pfx_snd_seq_ioctl+0x10/0x10
[  511.116206][ T2620]  __se_sys_ioctl+0xce/0x140
[  511.116297][ T2620]  __x64_sys_ioctl+0x43/0x50
[  511.116333][ T2620]  x64_sys_call+0x1816/0x2ff0
[  511.116357][ T2620]  do_syscall_64+0xd2/0x200
[  511.116399][ T2620]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  511.116422][ T2620]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  511.116486][ T2620]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  511.116509][ T2620] RIP: 0033:0x7f67873febe9
[  511.116525][ T2620] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  511.116610][ T2620] RSP: 002b:00007f6785a67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  511.116632][ T2620] RAX: ffffffffffffffda RBX: 00007f6787625fa0 RCX: 00007f67873febe9
[  511.116646][ T2620] RDX: 00002000000001c0 RSI: 00000000c08c5332 RDI: 0000000000000003
[  511.116661][ T2620] RBP: 00007f6785a67090 R08: 0000000000000000 R09: 0000000000000000
[  511.116672][ T2620] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  511.116684][ T2620] R13: 00007f6787626038 R14: 00007f6787625fa0 R15: 00007ffe43b151e8
[  511.116793][ T2620]  </TASK>
[  511.528020][ T2633] team0 (unregistering): Port device team_slave_0 removed
[  511.544887][ T2633] team0 (unregistering): Port device team_slave_1 removed
[  511.720531][ T2651] __nla_validate_parse: 3 callbacks suppressed
[  511.720544][ T2651] netlink: 24 bytes leftover after parsing attributes in process `syz.4.10855'.
[  512.705989][   T29] kauditd_printk_skb: 449 callbacks suppressed
[  512.706006][   T29] audit: type=1326 audit(1754449821.735:29704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2660 comm="syz.0.10859" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1fd47ebe9 code=0x7ffc0000
[  512.735889][   T29] audit: type=1326 audit(1754449821.735:29705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2660 comm="syz.0.10859" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1fd47ebe9 code=0x7ffc0000
[  512.804989][   T29] audit: type=1326 audit(1754449821.815:29706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2667 comm="syz.3.10861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f455387ebe9 code=0x7ffc0000
[  512.828749][   T29] audit: type=1326 audit(1754449821.815:29707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2667 comm="syz.3.10861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f455387ebe9 code=0x7ffc0000
[  512.852481][   T29] audit: type=1326 audit(1754449821.815:29708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2667 comm="syz.3.10861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f455387ebe9 code=0x7ffc0000
[  512.876339][   T29] audit: type=1326 audit(1754449821.815:29709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2667 comm="syz.3.10861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f455387ebe9 code=0x7ffc0000
[  512.900018][   T29] audit: type=1326 audit(1754449821.815:29710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2667 comm="syz.3.10861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f455387ebe9 code=0x7ffc0000
[  512.924669][   T29] audit: type=1326 audit(1754449821.825:29711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2667 comm="syz.3.10861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f455387ebe9 code=0x7ffc0000
[  512.948470][   T29] audit: type=1326 audit(1754449821.825:29712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2667 comm="syz.3.10861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f455387ebe9 code=0x7ffc0000
[  512.972455][   T29] audit: type=1326 audit(1754449821.825:29713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2667 comm="syz.3.10861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f455387ebe9 code=0x7ffc0000
[  513.045815][ T2682] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10867'.
[  513.137476][ T2690] SELinux: failed to load policy
[  513.851268][ T2715] ==================================================================
[  513.859469][ T2715] BUG: KCSAN: data-race in touch_atime / touch_atime
[  513.866173][ T2715] 
[  513.868486][ T2715] write to 0xffff8881023fc3d8 of 4 bytes by task 2716 on cpu 0:
[  513.876106][ T2715]  touch_atime+0x1e8/0x340
[  513.880531][ T2715]  shmem_file_splice_read+0x5b1/0x600
[  513.885990][ T2715]  splice_direct_to_actor+0x26c/0x680
[  513.891361][ T2715]  do_splice_direct+0xda/0x150
[  513.896300][ T2715]  do_sendfile+0x380/0x650
[  513.900725][ T2715]  __x64_sys_sendfile64+0x105/0x150
[  513.905951][ T2715]  x64_sys_call+0x2bb0/0x2ff0
[  513.910627][ T2715]  do_syscall_64+0xd2/0x200
[  513.915131][ T2715]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  513.921019][ T2715] 
[  513.923328][ T2715] read to 0xffff8881023fc3d8 of 4 bytes by task 2715 on cpu 1:
[  513.930873][ T2715]  touch_atime+0x194/0x340
[  513.935298][ T2715]  shmem_file_splice_read+0x5b1/0x600
[  513.940666][ T2715]  splice_direct_to_actor+0x26c/0x680
[  513.946032][ T2715]  do_splice_direct+0xda/0x150
[  513.950788][ T2715]  do_sendfile+0x380/0x650
[  513.955204][ T2715]  __x64_sys_sendfile64+0x105/0x150
[  513.960413][ T2715]  x64_sys_call+0x2bb0/0x2ff0
[  513.965091][ T2715]  do_syscall_64+0xd2/0x200
[  513.969596][ T2715]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  513.975485][ T2715] 
[  513.977791][ T2715] value changed: 0x3430f4b7 -> 0x34c98b37
[  513.983493][ T2715] 
[  513.985802][ T2715] Reported by Kernel Concurrency Sanitizer on:
[  513.991942][ T2715] CPU: 1 UID: 0 PID: 2715 Comm: syz.5.10880 Tainted: G        W           6.16.0-syzkaller-11743-g6bcdbd62bd56 #0 PREEMPT(voluntary) 
[  514.005664][ T2715] Tainted: [W]=WARN
[  514.009449][ T2715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  514.019494][ T2715] ==================================================================