last executing test programs:

10.00757514s ago: executing program 1 (id=2049):
r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r0, 0x2007ffc)
sendfile(r0, r0, 0x0, 0x800000009)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYRES64=r0], &(0x7f00000001c0)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0xc982c05f9c19bae6, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @value=r0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r4, &(0x7f0000000000)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x24)
listen(r4, 0x4)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000000080)={'erspan0\x00', &(0x7f0000000000)=@ethtool_cmd={0x14, 0x7, 0x1, 0x6bfc, 0x40, 0x72, 0xce, 0x3, 0xf9, 0xe7, 0xe, 0x1, 0x8, 0xff, 0x0, 0x7fff, [0x7ff, 0x2]}})
recvmmsg(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f000000}}], 0x1, 0x140, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x21c91c, &(0x7f0000000300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2000000}}, {@noblock_validity}, {@mblk_io_submit}, {@delalloc}, {@init_itable}, {@nomblk_io_submit}, {@usrjquota}, {@minixdf}, {@resgid, 0x32}]}, 0x1e, 0x4ea, &(0x7f00000009c0)="$eJzs3VFrW9cdAPD/la3MSZzZYXvIAsvCkmGHLZIdL4nZQ7bB2J4C27L3zLNlYyxbxpKT2ITNYR9gMMY22NOe9jLoByiUfIRSCLTvpS0tpU3ah0LbqOhKShxHip1GllLr94MjnXt0r/7nXKGje+49XAXQt05HxJmIeFitVs9FxEijPNNIsVVPtfUe3L89W0tJVKvXPkoiknpZbbXxbe95tLHZUET8/jcRf0qejlve2FyaKRYLa43lfGV5NV/e2Dy/uDyzUFgorExNTV6avjx9cXqiI+0cjogrv3rvn3/736+vvPaTm29f/2D8z0mjPOJxOzqt3vRsui+aBiNibT+C9chg2kIAAL4Jmsf5P4yIczESA+nRHAAAAHCQVH8+HF8kEVUAAADgwMqkc2CTTK4xD2A4Mplcrj6H97txJFMslSs/ni+tr8zV58qORjYzv1gsTDTmCo9GNqktT6b5x8sXdixPRcTxiPjHyOF0OTdbKs71+uQHAAAA9ImjO8b/n47Ux//bfN6zygEAAACdM9rrCgAAAAD7zvgfAAAADj7jfwAAADjQfnv1ai1Vm/9/PXdjY32pdOP8XKG8lFten83NltZWcwul0kJ6z77l3d6vWCqt/jRW1m/lK4VyJV/e2Ly+XFpfqVxffOIvsAEAAIAuOv6Du28lEbH1s8NpqjnU60oBXTH4PCu/u3/1ALpvoNcVAHrmuX7/gQMl2+sKAD2X7PJ628k7r3e+LgAAwP4Y+17r6/8Du54b2Mp0qYrAPnH+D/qX6//Qv1z/h/6VjYEwkIf+ttstQIfajRX2fP2/Wn3uSgEAAB01nKYkk4tIzwMMRyaTy0UcS8cE2WR+sViYiIhvR8SbI9lv1ZYn0y2TXecMAwAAAAAAAAAAAAAAAAAAAAAAAAB11WoSVQAAAOBAi8i8n6R3848YGzk7vPP8wKHks5H0OSJu/ufav27NVCprk7Xyjx+VV/7dKL/QizMYAAAAwE7NcXpzHA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnfTg/u3ZZupm3A9/GRGjreIPxlD6PBTZiDjySRKD27ZLImKgA/G37kTEiVbxk1q1YrRRi1bxD/c4/tEOxId+drfW//yi1fcvE6fT59bfv0tpD/Xi2vd/mUf930CL+LWyY3uMcfLeK/m28e9EnBxs3f804ydt+p8ze4z/xz9sbrZ7rfrfiLGWvz/JE7HyleXVfHlj8/zi8sxCYaGwMjU1eWn68vTF6Yn8/GKx0HhsGePv33/14bPaf6RN/NFd2n92j+3/8t6t+9+pZ7OPNk8exx8/0/rzP9Emfqbx+f+oka+9PtbMb9Xz2536/xunntX+uTbt3+3zH99j+8/97q/v7HFVAKALyhubSzPFYmGtrzMvtDdqh0UvRStezkxtv379zYf2tYZ/2V6SdObrUDsyfzn2/ItletotAQAA++DpMTAAAAAAAAAAAAAAAAAAAADQbd24nVh2R8yt9LETd88HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOicrwIAAP///B/QPg==")
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080000000800000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="100000000000000000000000000000000000000000000000000000f7"], 0x48)
openat$rfkill(0xffffff9c, &(0x7f0000000040), 0x182, 0x0)
r6 = syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0x0, 0x400, 0x0, 0x379}, &(0x7f0000000040)=<r7=>0x0, &(0x7f0000000080)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}})
io_uring_enter(r6, 0x47ba, 0x3e82, 0x60, 0x0, 0xa7ff)
r9 = socket$rds(0x15, 0x5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0xc, 0x0, &(0x7f0000001480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
sync_file_range(0xffffffffffffffff, 0xffffffffffff0000, 0x3, 0x0)
bind$rds(r9, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r9, &(0x7f0000000000)={&(0x7f0000000040)={0x2, 0x4, @private=0xa010100}, 0x10, 0x0, 0x0, &(0x7f0000000780)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f0000000300)=[{&(0x7f0000002640)=""/102389, 0x18ff5}], 0x1, 0x1903d}}], 0x48}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r1}, 0x18)
r10 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000007c0)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="05072bbd7000ffdbdf250100000018000180140002006c6f00000000000000000000000000001800028014000180080001803e0000000800010000000000040003"], 0x48}, 0x1, 0x0, 0x0, 0x4000890}, 0x90)

6.488149199s ago: executing program 2 (id=2106):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206010100000000000000000000000005000100070000000900020073797a300000000014000780050015000000000008001240000000000d000300686173683a6e657400000000050005000a000000050004"], 0x5c}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="1c000000030605000000000000000000000000060500010007"], 0x1c}, 0x1, 0x0, 0x0, 0x24040800}, 0x8d0)
getsockopt(r0, 0x5, 0xe, &(0x7f0000000400)=""/34, &(0x7f0000000740)=0x22)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080000000800000000000000", @ANYRES32, @ANYBLOB="0000000000000000000000000000b80000200000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x5, 0x1ff003, 0x81, 0x7f, 0x1}, 0x50)
unshare(0x2c040600)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x3, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0xc, 0x14, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018150000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000028500000015000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000003000000850000000600000095"], &(0x7f0000000780)='syzkaller\x00', 0x6, 0x0, 0x0, 0x1f00, 0x18, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0xe, 0xfeff, &(0x7f0000000100)="e0857f9f582f0300000000000000", 0x0, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800"], 0x48)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000005c0)={0xc, <r4=>0x0}, 0x8)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0x8, &(0x7f0000000600)=ANY=[@ANYBLOB="186b8d9700800000000000000f5f714200004e9b08003a120f3946586cfe0122ae7ab900cad3f0403ebd39dad08d568211085385cd078b10ab79fade93d5e46f1e2f000039ef9494c42f87fe12d0882d151ab59590dc8b5c6f10bdd60350ba402b169202000000d9f8a9e73d3935ef2848fc9e8f64e8d256562fa038b9998ce0d2e058c4467067cd7a03bb5eb10cf3da381d24dfc15151267b861186ddc2bb43f53c3d83c28ea65d6839feb6163d49c47a489c33ab10dc6fd6f4d008a64cc61f91a27a19100dff037d6073b5c7a7088979aa40a49bfc4af911bf4c4d00e5d02e98e501f8884f11183e00b107381e753ca47a4a489be6b8b5bebec374e646a100", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x1f, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x38, 0x0, 0x0, 0x0}, 0xfffffffffffffc73)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000200)='kmem_cache_free\x00', r5}, 0x18)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
r7 = socket(0xa, 0x3, 0xff)
syz_emit_ethernet(0x3e, &(0x7f0000000080)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x39}, @void, {@ipv6={0x86dd, @generic={0xc, 0x6, "370c89", 0x8, 0x2c, 0x1, @rand_addr=' \x01\x00', @local, {[@hopopts={0xff}]}}}}}, 0x0)
setsockopt$inet6_int(r7, 0x29, 0x4a, &(0x7f0000000000)=0x9, 0x4)
recvmmsg(r7, &(0x7f0000002680)=[{{0x0, 0x0, 0x0}, 0x6}], 0x1, 0x0, 0x0)
bind$inet(r6, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x47)
setsockopt$inet_tcp_int(r6, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
r8 = syz_clone(0x0, &(0x7f0000000440)="e7ff1d08267f3ca327b53d9456e5eb79118cffc506b03265e0081751c9a77298b26d848a3b64e0225bc41084d85319f52c3c57433d53cff47b745736664e4de5be96d97b8e746c82739c8f3a60bca63d84b15f1460c7903fb20cc045103f84f80d7508e9baf536ea100e805e3c4d6a1071c87be49b6b1723c836929333e7b732b2c86c4bc2faca1b2a721d5069063d1fa82d1c63b9365ea6228d1bb00f011f73c329daba782ef3878986a6ecf9ebd066b6fece5932c2043dde1a09bb30ccd2996368c35aa95550ca19e0ac066b2717eed765068797eb4904e158811b70a1a2047da5d196e9", 0xe5, &(0x7f00000002c0), &(0x7f0000000300), &(0x7f0000000540)="42842ab0e13910ee93cabde2190a037d33f7536f18ae53a9e46fb4cedab765356ef92d8d91d8aea1f5cd8f0bf1b07cc36e300b90e8767144ecfd16b7cc2ce959d5cc8f247eec69e59ec9c9eb5b128143f64efb42b4e9a7135f245f16792dd158168b8866b17be708e7")
fcntl$setownex(r6, 0xf, &(0x7f0000000380)={0x1, r8})
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r6, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet(r6, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r6, 0x6, 0x16, &(0x7f0000000340)=[@sack_perm, @window={0x3, 0x6, 0x7}, @mss={0x2, 0x7}, @mss={0x2, 0x1ff80}, @window={0x3, 0xa, 0x6}, @sack_perm, @window={0x3, 0xfffe}, @sack_perm], 0x8)
sendto$inet(r6, &(0x7f0000000000)='%', 0x1, 0x4008805, 0x0, 0x0)
r9 = openat$cgroup(r6, &(0x7f0000000100)='syz0\x00', 0x200002, 0x0)
openat$cgroup_ro(r9, &(0x7f0000000240)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0)

5.957575941s ago: executing program 1 (id=2116):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206010100000000000000000000000005000100070000000900020073797a300000000014000780050015000000000008001240000000000d000300686173683a6e657400000000050005000a000000050004"], 0x5c}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="1c000000030605000000000000000000000000060500010007"], 0x1c}, 0x1, 0x0, 0x0, 0x24040800}, 0x8d0)
getsockopt(r0, 0x5, 0xe, &(0x7f0000000400)=""/34, &(0x7f0000000740)=0x22)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080000000800000000000000", @ANYRES32, @ANYBLOB="0000000000000000000000000000b80000200000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x5, 0x1ff003, 0x81, 0x7f, 0x1}, 0x50)
unshare(0x2c040600)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x3, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0xc, 0x14, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018150000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000028500000015000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000003000000850000000600000095"], &(0x7f0000000780)='syzkaller\x00', 0x6, 0x0, 0x0, 0x1f00, 0x18, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0xe, 0xfeff, &(0x7f0000000100)="e0857f9f582f0300000000000000", 0x0, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008000000"], 0x48)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000005c0)={0xc, <r4=>0x0}, 0x8)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0x8, &(0x7f0000000600)=ANY=[@ANYBLOB="186b8d9700800000000000000f5f714200004e9b08003a120f3946586cfe0122ae7ab900cad3f0403ebd39dad08d568211085385cd078b10ab79fade93d5e46f1e2f000039ef9494c42f87fe12d0882d151ab59590dc8b5c6f10bdd60350ba402b169202000000d9f8a9e73d3935ef2848fc9e8f64e8d256562fa038b9998ce0d2e058c4467067cd7a03bb5eb10cf3da381d24dfc15151267b861186ddc2bb43f53c3d83c28ea65d6839feb6163d49c47a489c33ab10dc6fd6f4d008a64cc61f91a27a19100dff037d6073b5c7a7088979aa40a49bfc4af911bf4c4d00e5d02e98e501f8884f11183e00b107381e753ca47a4a489be6b8b5bebec374e646a100", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x1f, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x38, 0x0, 0x0, 0x0}, 0xfffffffffffffc73)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000200)='kmem_cache_free\x00', r5}, 0x18)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
r7 = socket(0xa, 0x3, 0xff)
syz_emit_ethernet(0x3e, &(0x7f0000000080)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x39}, @void, {@ipv6={0x86dd, @generic={0xc, 0x6, "370c89", 0x8, 0x2c, 0x1, @rand_addr=' \x01\x00', @local, {[@hopopts={0xff}]}}}}}, 0x0)
setsockopt$inet6_int(r7, 0x29, 0x4a, &(0x7f0000000000)=0x9, 0x4)
recvmmsg(r7, &(0x7f0000002680)=[{{0x0, 0x0, 0x0}, 0x6}], 0x1, 0x0, 0x0)
bind$inet(r6, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x47)
setsockopt$inet_tcp_int(r6, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
r8 = syz_clone(0x0, &(0x7f0000000440)="e7ff1d08267f3ca327b53d9456e5eb79118cffc506b03265e0081751c9a77298b26d848a3b64e0225bc41084d85319f52c3c57433d53cff47b745736664e4de5be96d97b8e746c82739c8f3a60bca63d84b15f1460c7903fb20cc045103f84f80d7508e9baf536ea100e805e3c4d6a1071c87be49b6b1723c836929333e7b732b2c86c4bc2faca1b2a721d5069063d1fa82d1c63b9365ea6228d1bb00f011f73c329daba782ef3878986a6ecf9ebd066b6fece5932c2043dde1a09bb30ccd2996368c35aa95550ca19e0ac066b2717eed765068797eb4904e158811b70a1a2047da5d196e9", 0xe5, &(0x7f00000002c0), &(0x7f0000000300), &(0x7f0000000540)="42842ab0e13910ee93cabde2190a037d33f7536f18ae53a9e46fb4cedab765356ef92d8d91d8aea1f5cd8f0bf1b07cc36e300b90e8767144ecfd16b7cc2ce959d5cc8f247eec69e59ec9c9eb5b128143f64efb42b4e9a7135f245f16792dd158168b8866b17be708e7")
fcntl$setownex(r6, 0xf, &(0x7f0000000380)={0x1, r8})
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r6, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet(r6, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r6, 0x6, 0x16, &(0x7f0000000340)=[@sack_perm, @window={0x3, 0x6, 0x7}, @mss={0x2, 0x7}, @mss={0x2, 0x1ff80}, @window={0x3, 0xa, 0x6}, @sack_perm, @window={0x3, 0xfffe}, @sack_perm], 0x8)
sendto$inet(r6, &(0x7f0000000000)='%', 0x1, 0x4008805, 0x0, 0x0)
openat$cgroup(r6, &(0x7f0000000100)='syz0\x00', 0x200002, 0x0)

5.537219772s ago: executing program 2 (id=2121):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b0000000500000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r1, &(0x7f0000000080), &(0x7f0000000300)=""/180}, 0x20)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0x4}, 0x10)
write(r2, &(0x7f00000001c0)="130000001a005f0214f9f507000904ff8000fc", 0x13)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x61980, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000200)='kfree\x00', r3, 0x0, 0x80}, 0x18)
mount$9p_rdma(0x0, &(0x7f0000001400)='.\x00', &(0x7f0000001440), 0x800, &(0x7f0000000080)=ANY=[])
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='rss_stat\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

5.411791835s ago: executing program 1 (id=2122):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r1=>r0, {0x7cf}}, './file0\x00'})
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000380)={r1, 0x20, &(0x7f0000000180)={&(0x7f0000000200)=""/235, 0xeb, <r2=>0x0, &(0x7f0000000300)=""/104, 0x68}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1d, 0x20000000000001fe, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @lsm=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = fsopen(&(0x7f0000000040)='sysfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r5, 0x0, 0x0)
fsconfig$FSCONFIG_SET_PATH_EMPTY(r5, 0x4, &(0x7f0000000080)='dirsync\x00', &(0x7f00000000c0)='./file0\x00', r6)
ioctl$VT_RESIZEX(r4, 0x4bfa, 0x0)

5.251860031s ago: executing program 1 (id=2123):
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000080)=0x25b6, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x80000, 0x0, 0x0, 0x41100}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
sendmmsg$inet(r0, &(0x7f0000003240)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, 0x0}}], 0x1, 0x4000800)
recvfrom(r0, &(0x7f0000000200)=""/131, 0xf92e58a67d38802c, 0x2101, 0x0, 0x0)

5.024673753s ago: executing program 1 (id=2125):
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
socket$inet6_sctp(0xa, 0x5, 0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140))
socket(0x2, 0x80805, 0x0)
timerfd_create(0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$inet(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48)
socket$netlink(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x9)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r3 = syz_io_uring_setup(0x24f6, &(0x7f00000006c0)={0x0, 0x0, 0x10100, 0x0, 0x1c5}, &(0x7f0000000100)=<r4=>0x0, &(0x7f0000000180)=<r5=>0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r6, &(0x7f0000000040)=ANY=[@ANYRES64=r3], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r6, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SEND={0x1a, 0x4, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x24844})
io_uring_enter(r3, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
r7 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000002540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r7, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r8=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r7, &(0x7f00000002c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000080), r8}}, 0x18)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000380)="5025cfa5d68bedf20f0c739d2f6389abe17552de516f3b254be9436a4d83fcac82523e9150a7baaa41b912460e92a7a4384050c7a233040f7b7a0950586b2d53b25e928b1034b405bff73ce9622dc5449b65765172113b0bd6460b2d571a6c0e614d62494746a67fecc0b7f98fda430000000000000000", &(0x7f0000000400)="0d9cf07e6f901ab967cabb50bf1a14371d4844d7a0e9933b1c17ac9b81926d21f9c7efd3c8364109b78d258d6cd4033f02968e02cf9fd3e3655b727cf12e6a1fcc6fdb1b07a07e53eee65006ec1d1f207253042863c5251a9df41682bccc3084f2f6e6a2a6a4a9354fd52f2339fcecc8ddbc99492ff293f9254c743623156094de13844d5e26", 0x80000001, r2}, 0x38)
syz_open_procfs(0x0, &(0x7f0000000000)='statm\x00')

4.716265374s ago: executing program 1 (id=2126):
r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r0, 0x2007ffc)
sendfile(r0, r0, 0x0, 0x800000009)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYRES64=r0], &(0x7f00000001c0)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0xc982c05f9c19bae6, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @value=r0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r3, &(0x7f0000000000)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x24)
listen(r3, 0x4)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000080)={'erspan0\x00', &(0x7f0000000000)=@ethtool_cmd={0x14, 0x7, 0x1, 0x6bfc, 0x40, 0x72, 0xce, 0x3, 0xf9, 0xe7, 0xe, 0x1, 0x8, 0xff, 0x0, 0x7fff, [0x7ff, 0x2]}})
recvmmsg(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f000000}}], 0x1, 0x140, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x21c91c, &(0x7f0000000300)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2000000}}, {@noblock_validity}, {@mblk_io_submit}, {@delalloc}, {@init_itable}, {@nomblk_io_submit}, {@usrjquota}, {@minixdf}, {@resgid, 0x32}]}, 0x1e, 0x4ea, &(0x7f00000009c0)="$eJzs3VFrW9cdAPD/la3MSZzZYXvIAsvCkmGHLZIdL4nZQ7bB2J4C27L3zLNlYyxbxpKT2ITNYR9gMMY22NOe9jLoByiUfIRSCLTvpS0tpU3ah0LbqOhKShxHip1GllLr94MjnXt0r/7nXKGje+49XAXQt05HxJmIeFitVs9FxEijPNNIsVVPtfUe3L89W0tJVKvXPkoiknpZbbXxbe95tLHZUET8/jcRf0qejlve2FyaKRYLa43lfGV5NV/e2Dy/uDyzUFgorExNTV6avjx9cXqiI+0cjogrv3rvn3/736+vvPaTm29f/2D8z0mjPOJxOzqt3vRsui+aBiNibT+C9chg2kIAAL4Jmsf5P4yIczESA+nRHAAAAHCQVH8+HF8kEVUAAADgwMqkc2CTTK4xD2A4Mplcrj6H97txJFMslSs/ni+tr8zV58qORjYzv1gsTDTmCo9GNqktT6b5x8sXdixPRcTxiPjHyOF0OTdbKs71+uQHAAAA9ImjO8b/n47Ux//bfN6zygEAAACdM9rrCgAAAAD7zvgfAAAADj7jfwAAADjQfnv1ai1Vm/9/PXdjY32pdOP8XKG8lFten83NltZWcwul0kJ6z77l3d6vWCqt/jRW1m/lK4VyJV/e2Ly+XFpfqVxffOIvsAEAAIAuOv6Du28lEbH1s8NpqjnU60oBXTH4PCu/u3/1ALpvoNcVAHrmuX7/gQMl2+sKAD2X7PJ628k7r3e+LgAAwP4Y+17r6/8Du54b2Mp0qYrAPnH+D/qX6//Qv1z/h/6VjYEwkIf+ttstQIfajRX2fP2/Wn3uSgEAAB01nKYkk4tIzwMMRyaTy0UcS8cE2WR+sViYiIhvR8SbI9lv1ZYn0y2TXecMAwAAAAAAAAAAAAAAAAAAAAAAAAB11WoSVQAAAOBAi8i8n6R3848YGzk7vPP8wKHks5H0OSJu/ufav27NVCprk7Xyjx+VV/7dKL/QizMYAAAAwE7NcXpzHA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnfTg/u3ZZupm3A9/GRGjreIPxlD6PBTZiDjySRKD27ZLImKgA/G37kTEiVbxk1q1YrRRi1bxD/c4/tEOxId+drfW//yi1fcvE6fT59bfv0tpD/Xi2vd/mUf930CL+LWyY3uMcfLeK/m28e9EnBxs3f804ydt+p8ze4z/xz9sbrZ7rfrfiLGWvz/JE7HyleXVfHlj8/zi8sxCYaGwMjU1eWn68vTF6Yn8/GKx0HhsGePv33/14bPaf6RN/NFd2n92j+3/8t6t+9+pZ7OPNk8exx8/0/rzP9Emfqbx+f+oka+9PtbMb9Xz2536/xunntX+uTbt3+3zH99j+8/97q/v7HFVAKALyhubSzPFYmGtrzMvtDdqh0UvRStezkxtv379zYf2tYZ/2V6SdObrUDsyfzn2/ItletotAQAA++DpMTAAAAAAAAAAAAAAAAAAAADQbd24nVh2R8yt9LETd88HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOicrwIAAP///B/QPg==")
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080000000800000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="100000000000000000000000000000000000000000000000000000f7"], 0x48)
openat$rfkill(0xffffff9c, &(0x7f0000000040), 0x182, 0x0)
r5 = syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0x0, 0x400, 0x0, 0x379}, &(0x7f0000000040)=<r6=>0x0, &(0x7f0000000080)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}})
io_uring_enter(r5, 0x47ba, 0x3e82, 0x60, 0x0, 0xa7ff)
r8 = socket$rds(0x15, 0x5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0xc, 0x0, &(0x7f0000001480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
sync_file_range(0xffffffffffffffff, 0xffffffffffff0000, 0x3, 0x0)
bind$rds(r8, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r8, &(0x7f0000000000)={&(0x7f0000000040)={0x2, 0x4, @private=0xa010100}, 0x10, 0x0, 0x0, &(0x7f0000000780)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f0000000300)=[{&(0x7f0000002640)=""/102389, 0x18ff5}], 0x1, 0x1903d}}], 0x48}, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000007c0)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="05072bbd7000ffdbdf250100000018000180140002006c6f00000000000000000000000000001800028014000180080001803e0000000800010000000000040003"], 0x48}, 0x1, 0x0, 0x0, 0x4000890}, 0x90)

4.050776349s ago: executing program 2 (id=2127):
r0 = syz_clone(0x4202300, 0x0, 0x0, 0x0, 0x0, 0x0)
open(&(0x7f0000000300)='./file2\x00', 0x101042, 0xa3)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0a000000050000000200000007"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000640), &(0x7f00000003c0), 0x20075, r1}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0xfffffffffffffe8b, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$packet(0x11, 0xa, 0x300)
r2 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r2, &(0x7f0000000240)={&(0x7f00000000c0)=@id, 0x10, 0x0}, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@id={0x1e, 0x3, 0x3, {0x4e20, 0x1}}, 0x10)
socket$packet(0x11, 0xa, 0x300)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="219a53f271a76d2608004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r5, 0x0, 0xffffffff}, 0x18)
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
io_setup(0x9, &(0x7f0000000240)=<r7=>0x0)
connect$can_bcm(r6, &(0x7f0000000000), 0x10)
io_submit(r7, 0x1, &(0x7f0000000700)=[&(0x7f00000000c0)={0x400000, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000200)="0500000093c21faf16da39de706f646800580f02000000003f420f000000000000580f02000000003f420f00000000000029ffffff000000", 0x38}])
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r8}, 0x10)
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f0000000000)={0x0, 0x1b, &(0x7f0000000140)={&(0x7f0000000180)=@newtaction={0x18, 0x30, 0x1, 0x0, 0x0, {0x7a}, [{0x4}]}, 0x18}}, 0x0)
r10 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000380)="d8000000180081054eb904021d080406038609e8fe55a165b97bf32f44030b650ac73c640a0015400400142603600e122f00160006000600a800060b200006400700027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb50bb6d08034cb4cac034eb27a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f2146b45465578151be43d55ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6ebc37da91e3736c19bd33e4382aed3a2969977e3d10e604839cb8ecaf04d8590726ec219d050219373df0946cb90c7bdefc8eb9e05465c0619fdaa4b8d923fbc5d778a53962c366d952793", 0x12b}], 0x1, 0x0, 0x0, 0x4a0f0000}, 0x80)
r11 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r11, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000140)={0x2, 0x1, 0x0, 0x2, 0xe, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private2}}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @broadcast}}}, @sadb_x_sa2={0x2, 0x13, 0x2}]}, 0x70}, 0x1, 0x7}, 0x0)
getpriority(0x1, r0)

3.056301337s ago: executing program 4 (id=2134):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, 0x0)
r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$selinux_load(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="8cff7cf9080000005345204c696e7578"], 0x65)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r2}, 0x18)
unshare(0xa000200)
semget$private(0x0, 0x4000, 0x0)
semtimedop(0x0, &(0x7f0000000040)=[{0x4, 0x6, 0x1000}], 0x1, 0x0)
unshare(0x20060400)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x4, &(0x7f0000000180)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000e}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kfree\x00', r3, 0x0, 0x101}, 0x18)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r4)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e61, 0x7ffffffd, @empty, 0x9}, 0x1c)
setfsgid(0xee00)
r5 = syz_clone3(&(0x7f0000001000)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r6 = syz_pidfd_open(r5, 0x0)
process_madvise(r6, 0x0, 0x0, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'ipvlan0\x00'})

2.812650772s ago: executing program 4 (id=2135):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0x88b, &(0x7f0000000140)={0x0, 0xaee2, 0x2, 0x2, 0x8b6}, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000300)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r2, 0x0, 0x0, 0x64, 0x183000, 0x23456})
io_uring_enter(r2, 0x47f6, 0x0, 0x0, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x78)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f0000000400)})
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r6, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r6, &(0x7f0000000380)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r6, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1d}}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r6, 0x6, 0xd, &(0x7f0000000280)='htcp', 0x4)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r6, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window={0x3, 0x7}, @mss={0x2, 0xfff}, @window={0x3, 0x0, 0x401}, @window], 0x20000000000000e4)
setsockopt$inet_tcp_TCP_REPAIR(r6, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r6, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
recvfrom$inet(r6, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000100)={0x9, &(0x7f0000000040)=[{0x629d, 0x5, 0x3a, 0xfffffffd}, {0x1, 0x3, 0x8, 0xa}, {0xc, 0x0, 0x5, 0x7}, {0x8000, 0x8, 0x3, 0x4}, {0xffff, 0x10, 0x0, 0x4}, {0x9, 0xb9, 0x8, 0x100}, {0x6fc, 0x5, 0x8, 0x6}, {0x7a, 0x5, 0xb, 0x10003}, {0x2, 0x7, 0x10, 0x9}]})
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080), 0xc02, 0x0)

1.863047566s ago: executing program 4 (id=2138):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000100)=ANY=[@ANYBLOB="020300030f000000000700000000000005000900e000000001d78771b90bd8a3b4914783c587c7ab18285f7a55d53e6e9bfdac550000000003000600000000000200000000000000000000000000000002000100000000000000020d00000000030005000000000002"], 0x78}, 0x1, 0x7}, 0x0)

1.805363572s ago: executing program 4 (id=2139):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000200), 0x802, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000001580)={0xb, {'syz1\x00', 'syz0\x00', 'syz0\x00', 0x1, 0xcd, 0x9, 0x70000, 0xfffffffb, 0x3ff, "c5"}}, 0x119)

1.387684093s ago: executing program 0 (id=2141):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000d00000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='tcp_cong_state_set\x00', r1, 0x0, 0x9}, 0x18)
r2 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r2, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x300060c1)

1.386865683s ago: executing program 4 (id=2142):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000200)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @range={{0xa}, @val={0x18, 0x2, 0x0, 0x1, [@NFTA_RANGE_FROM_DATA={0x4}, @NFTA_RANGE_SREG={0x8, 0x1, 0x1, 0x0, 0x13}, @NFTA_RANGE_OP={0x8}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x80}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000040), 0x8)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000780), 0xffffffffffffffff)
sendmsg$NLBL_CALIPSO_C_LISTALL(r2, &(0x7f0000000880)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000840)={&(0x7f00000007c0)={0x5c, r3, 0x400, 0x70bd2d, 0x25dfdbfe, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x5c}, 0x1, 0x0, 0x0, 0x400c004}, 0x24040044)
r4 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
tee(r4, r4, 0x6, 0x1)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r6 = socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r8, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x87f}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8080}, 0x40020)
sendmsg$nl_route_sched(r6, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001300)=@newtfilter={0x894, 0x2c, 0xd27, 0x70bd25, 0x5, {0x0, 0x0, 0x0, r8, {0x0, 0xfffc}, {}, {0x4, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x860, 0x2, [@TCA_BPF_POLICE={0x850, 0x2, [@TCA_POLICE_TBF={0x3c, 0x1, {0xe, 0x7, 0x4, 0xc, 0x9, {0xd, 0x2, 0x4, 0x4, 0x7, 0x401}, {0x4, 0x1, 0x5, 0x10, 0xfff7, 0x4b2}, 0x6, 0x14ff, 0x3ff}}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x3}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x38, 0x1, 0x1, 0x8, 0x7f, 0x6, 0x3, 0x6, 0x10000, 0x86, 0x9, 0x6, 0x5, 0x9, 0x5f, 0x0, 0x0, 0x13f, 0xfffffffe, 0x0, 0xd31, 0xf54, 0x9, 0x7ff, 0x4, 0x6, 0x9, 0x7fffffff, 0xfffffffd, 0x7fffffff, 0x8, 0x0, 0xfffffffe, 0x5, 0x5dbd0fd8, 0x8, 0x1887, 0x2, 0x95f, 0x7, 0x6, 0xa, 0x7f, 0xfffffffe, 0x8, 0x2, 0x6, 0x4, 0x6, 0x402f, 0xd, 0x5, 0x6f9d, 0x0, 0x800, 0x3ff, 0x8, 0xa, 0x9, 0x4, 0xd, 0x3, 0xb8f, 0x6, 0x0, 0xffffffff, 0x8000, 0xffffffff, 0x8, 0xfffffffc, 0xee, 0x4, 0x9, 0x2, 0x54eef174, 0xc, 0x9, 0x5, 0xe2, 0x20004, 0x1, 0xffff, 0x5, 0x5, 0x7, 0x5, 0x7, 0x4, 0x4, 0x7, 0x100, 0x8, 0x2, 0x9, 0x0, 0x0, 0xe32, 0x6, 0x8, 0x6, 0x66, 0x7, 0x7, 0x8, 0x5b, 0x7625, 0x51, 0x6, 0xfffffffe, 0x0, 0xa4d, 0x2, 0x10001, 0x7, 0x8, 0x3, 0x8, 0x3, 0x6, 0x6, 0xffffffff, 0x3, 0x0, 0x400000, 0xc55b, 0x8000, 0xf943, 0x4, 0x3000000, 0x100002, 0x10000, 0xd, 0xffffffff, 0x9, 0xd3, 0xfffffffb, 0x4, 0x9, 0x401, 0x82baa23, 0xd, 0x0, 0x6, 0x21a, 0xe, 0x1, 0x1430, 0x8, 0x4, 0x7, 0xe, 0x7dab, 0x4, 0x5, 0x4, 0x3, 0xfffffffe, 0x7, 0x6, 0x8ef6, 0x7239, 0x80000001, 0x0, 0xd41, 0x6, 0x2, 0x4, 0x200, 0x8, 0x5, 0xc14, 0x7324, 0x4, 0x50f6, 0x5, 0x4, 0x3, 0x2, 0x7, 0x4, 0x6, 0x5, 0x3, 0x7767, 0x8, 0xe0ba, 0x4f, 0x3, 0x4, 0x7, 0x7fffffff, 0x3, 0x3, 0x5, 0x8, 0x4, 0x80, 0x401, 0x7, 0x1, 0x0, 0x8, 0x7c4, 0x3, 0x6, 0x6, 0xe8, 0x0, 0x6, 0x6, 0x3, 0x8a4, 0x1, 0x9, 0x9, 0x9, 0x200, 0x2, 0xd235, 0x9, 0x7fffffff, 0xf7d, 0x8001, 0x2, 0x7fff, 0x9f7c, 0x7, 0x4, 0xf, 0x1, 0x2, 0x6, 0x400, 0x5, 0x80, 0x400, 0x5, 0xc, 0xff, 0xffff7002, 0x63c, 0x9, 0x1ff, 0xfff, 0x8, 0x8c, 0x40, 0x8, 0xed6, 0xf6, 0x0, 0x3, 0x9, 0x10, 0x9, 0x6]}, @TCA_POLICE_RATE={0x404, 0x2, [0x8, 0x6, 0x8, 0x8000, 0x8, 0x2, 0x9, 0x5, 0xfff, 0x3, 0x101, 0xbf7, 0x8, 0xff, 0x6, 0x113, 0xffff, 0x1, 0x8, 0x7fffffff, 0x6, 0x9, 0x33, 0x5, 0x2f7, 0x100, 0x21, 0x4, 0x7, 0xff, 0x6, 0xfffffffe, 0x7, 0x8, 0x1, 0x8, 0xf33c, 0x3, 0x1, 0x80000000, 0x62e, 0x3, 0xdb2, 0x0, 0xe00, 0x1, 0x2, 0x3, 0x2, 0xfffffff6, 0x5, 0x3, 0x7, 0x8, 0x1, 0x7f, 0x8, 0x6, 0x4, 0x3, 0x0, 0x803, 0x1, 0x5, 0x0, 0x8000, 0xfffffffa, 0xb7, 0xc8b6f5a2, 0x6, 0x2f, 0x7ff, 0x9, 0x8, 0x6, 0x0, 0x8, 0x9, 0x0, 0x5, 0x8b34, 0x2, 0x7e, 0x4, 0x4, 0xfeffffff, 0x1, 0xa, 0xfffffffb, 0x3, 0xffffffff, 0x4, 0x4, 0xd6, 0x7, 0x4, 0x3, 0x8, 0x9, 0x8, 0x2de0, 0x5191, 0x6, 0x401, 0x7, 0x9, 0x7, 0x3, 0x6, 0x1, 0xfffffffb, 0xb839, 0xfffffffa, 0x4, 0x768, 0x7, 0x7f, 0x6, 0x7, 0x4, 0x8b, 0x4, 0x0, 0x5, 0xf0, 0x42490, 0xd, 0x3, 0x5c, 0x80, 0x2, 0x800, 0x8, 0x6, 0xff, 0xffff0000, 0x3, 0x10000, 0x80000001, 0x5, 0xffffffff, 0x4be24694, 0x2, 0x2, 0x100, 0x5, 0x1, 0x5, 0x4, 0xffffff95, 0x5, 0x0, 0xc, 0x6, 0x1000, 0xa, 0x7, 0x4, 0x340, 0x2, 0x0, 0x7, 0x101, 0x2, 0x7ce2352, 0x7fffffff, 0x5e, 0x8e5b, 0x3, 0x8, 0x9, 0x1, 0x80000000, 0x7, 0x301, 0x91, 0x3, 0x80000001, 0x5, 0x1, 0x3e79, 0xffffffff, 0x8, 0x525, 0x7, 0x6, 0x2470a614, 0xe, 0x8, 0x5, 0x7, 0x0, 0x5, 0x4, 0x1, 0x1, 0xfffffc1f, 0x6, 0x2, 0x1, 0x9, 0x7fff, 0xffffffff, 0x4, 0xffff2b7d, 0x4, 0xcdff, 0x9, 0x0, 0x49, 0x6, 0x0, 0x5, 0x9, 0x7, 0x8, 0x7, 0xea, 0x7, 0x7, 0x2, 0x5, 0xff, 0x6, 0xffff, 0x4cd, 0x7, 0x3, 0x3, 0x10001, 0x0, 0x6, 0x7, 0xffffffff, 0xe000000, 0x1, 0x4, 0x7, 0x8, 0xb, 0x7, 0x0, 0xcb65, 0x6, 0xe, 0x240000, 0x9, 0x8, 0x8, 0xfffffff8, 0x9, 0xf, 0x8, 0x5, 0x9, 0x100]}]}, @TCA_BPF_OPS={{0x6}, {0x4}}]}}, @TCA_RATE={0x6, 0x5, {0x2, 0x10}}]}, 0x894}, 0x1, 0x0, 0x0, 0xc004884}, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000000c0)='./file2\x00', 0x280888f, &(0x7f0000000080), 0x0, 0x4fd, &(0x7f0000000100)="$eJzs3dFrW18dAPDvvW1+v3XrTKc+zIFzuEk3dGm7uq34MB2IPg3U+T5rm5XStBltuq1luA7/AEFEBUH0RV8E/4CB7E8QYaDvoqKIbvrgw/RKkpu6ZUlbXdor7ecDp/ecw7n5npM0J/fce0kCOLLORcTNiMjSLLsUEeW8Ps1TbLVTs93LF4/mmimJLLv9l5FI8rpms2b+/XzfE/luxyLiK1+M+Hrydty1jc2l2VqtupqXJxrLyass27y8uDy7UF2orkxPT12buT5zdWZyIOMci4gbn//Dd7/10y/c+MWnHvz2zp8ufqM9wLbOOAYtiZG36oYjYnU/ghWkOZ5Snr+6W+Mn+98fAAD6ax7vfzAiPh4Rl6IcQ62jOQAAAOAwyT47Gq+SiAwAAAA4tNKIGI0kreT3+45GmlYq7Xt4PxzH01p9rfHJrLx9vmAsSundxVp1Mr93YCxKSbM8ld9j2ylf6SpPR8SpiPhOeaRVrszVa/OFnvkAAACAo+NE1/r/7+X2+h8AAAA4ZMaK7gAAAACw76z/AQAA4PCz/gcAAIBD7Uu3bjVT1vn96/n7G+tL9fuX56trS5Xl9bnKXH31XmWhXl9ofWff8m6PV6vX7306VtYfTjSqa42JtY3NO8v19ZXGncXWz4EDAAAABTj1sWe/SSJi6zMjaafuvXxbisiG8vzTn/zwdDE9BPZL+t80/v3+9QM4eENFdwAozHDRHQAKUyq6A0Dh3p4H3jwy6Hvzzi93f+zkVZb9j90CAAAGaPwj29f/Wyleu/6fPC60a8A+y6//J0nRHQEOnOv/cHS5/gdHV2mnIwCLAjj00j281d/l+n+bewAAAKBoo62UpJV8HTAaaVqpRJxs/SxAKbm7WKtORsQHIuLX5dL7zfJUa8/E6QEAAAAAAAAAAAAAAAAAAAAAAAAA2KMsSyIDAAAADrWI9I9J6zzAUIyXL4x2nx94L/lHubWNiAc/uP29h7ONxupUs/6v2/WN7+f1V4o4gwEAAAB066zTO+t4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABikly8ezXXSQcb9882IGOsVfziOtbbHohQRx/+WxPBr+yURMTSA+FtPIuJ0r/hJs1sxlveiO34aESMFxz8xgPhwlD1rzj+f6/X+S+Nca9v7/Tecp3fVf/5Lt+e/oT7z38k9xjjz/OcTfeM/iTgz3Hv+6cRP+sQ/v3PYUifzta9ubvZrlP04Yrzn50/yRqyJxvK9ibWNzcuLy7ML1YXqyvT01LWZ6zNXZyYn7i7WqvnfnjG+/dGn/9pp/Mf7xB/bZfwXdh7/tn8+f/jiQ13PSXTKP8qyi+d7v/6nW9ty1h2/89n3ifxzoFke7+S32vnXnf3Zr87uNP75PuPf7fW/uMfxX/ryN3+3x6YAwAFY29hcmq3VqqsyRyYzssfG2eP2/8i7Bx2JAxzgbPyfPM/503eQYx9gpshZCQAA2A//OegvuicAAAAAAAAAAAAAAAAAAABwdO32NWAxgK8T6465VcxQAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB29O8AAAD//7fE3E8=")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
pipe(0x0)
ioctl$FS_IOC_FIEMAP(r4, 0xc020660b, &(0x7f00000006c0)={0x803, 0x8, 0x7, 0x1, 0x1, 0x0, [{0x6a, 0x7, 0x4, '\x00', 0x1c06}]})
kexec_load(0x0, 0x1, &(0x7f0000000140)=[{0x0, 0x3e00, 0x116094000, 0x41000000}], 0x0)

1.296163502s ago: executing program 3 (id=2143):
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000200), 0x4)
flistxattr(r1, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000080)=0x9, 0x8, 0x0)
mbind(&(0x7f0000312000/0x1000)=nil, 0x1000, 0x8000, 0x0, 0x0, 0x2)
mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000486000/0x1000)=nil)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x0)

1.263558415s ago: executing program 2 (id=2144):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000008500000007", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x64, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x2}, 0x18)
r2 = syz_io_uring_setup(0x10e, &(0x7f0000001cc0)={0x0, 0xf07d, 0x400, 0x40000, 0x105}, &(0x7f0000000400)=<r3=>0x0, &(0x7f0000000380)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x1, 0x4004, @fd_index=0x1, 0x8, &(0x7f0000002a40)=[{&(0x7f0000000280)=""/221, 0xdd}, {&(0x7f0000000840)=""/4096, 0x1000}, {&(0x7f0000002b00)=""/4099, 0x1000}, {&(0x7f0000000440)=""/107}, {&(0x7f0000000500)=""/193}, {&(0x7f00000003c0)=""/18}, {&(0x7f0000000700)=""/148}, {&(0x7f0000002840)=""/245}, {&(0x7f0000002940)=""/226}], 0x11b, 0x1d})
io_uring_enter(r2, 0x8aa, 0x0, 0x0, 0x0, 0x0)

1.262871225s ago: executing program 0 (id=2145):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000540)=@filter={'filter\x00', 0x42, 0x4, 0x410, 0xffffffff, 0x0, 0x2a8, 0x0, 0xffffffff, 0xffffffff, 0x378, 0x378, 0x378, 0xffffffff, 0x4, 0x0, {[{{@ip={@rand_addr, @local, 0x0, 0x0, 'veth0_to_batadv\x00', 'wlan0\x00', {}, {0xff}, 0x84, 0x2, 0x2}, 0x0, 0x1e8, 0x210, 0x0, {0x100000000000000}, [@common=@inet=@sctp={{0x148}, {[0x4e20, 0x4e20], [0x4e21, 0x4e24], [0x4, 0x8, 0x7f, 0x7, 0x1, 0x7, 0x1ff, 0x9, 0xab2, 0x2, 0x300000, 0x5, 0x9, 0x1, 0x9, 0xcd4, 0x7, 0xc5a, 0x4, 0x7, 0xffffffff, 0xb87d, 0x5b000000, 0x6, 0x1, 0x6c7f, 0x9, 0x0, 0x9, 0x9, 0x8, 0x0, 0x80000001, 0x9, 0x200, 0x71e5e785, 0xfffffbff, 0x19, 0xf6b, 0xab19, 0x81, 0x9, 0xf4, 0x9, 0x2, 0x2, 0x3, 0x1, 0x7, 0x5, 0xcd, 0x6, 0x8f, 0x9, 0x5, 0x4b7d, 0x9, 0x1, 0x7, 0x6, 0x4, 0x6, 0x2, 0xfaa0], 0x6, [{0x5, 0x2, 0xf8}, {0x9, 0x7f, 0x1}, {0x4, 0x9, 0x10}, {0xf, 0x5, 0x1}], 0x0, 0x7, 0x1}}, @common=@unspec=@connmark={{0x30}}]}, @REJECT={0x28}}, {{@ip={@loopback, @rand_addr=0x64010101, 0xffffff00, 0xff000000, 'geneve0\x00', 'macvlan0\x00', {0xff}, {}, 0x2e, 0x0, 0x4}, 0x0, 0x70, 0x98}, @common=@inet=@SYNPROXY={0x28, 'SYNPROXY\x00', 0x0, {0x10, 0x9, 0x2}}}, {{@ip={@private=0xa010101, @loopback, 0xff, 0xff000000, 'bond0\x00', 'dvmrp0\x00', {}, {}, 0x2f, 0x0, 0x21}, 0x0, 0x70, 0xd0}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, 0xd, 0x8, [0x8, 0x27, 0x3d, 0x16, 0x13, 0xe, 0x2d, 0x21, 0x2d, 0x32, 0x3f, 0x20, 0x28, 0x18, 0x22, 0x12], 0x0, 0x0, 0x6}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x470)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x6}]}, 0x10)
writev(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000200)="a10100001400add427323b470c45b45602067fffffff81004e22000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee00000000000000000200000000", 0x1a1}], 0x1)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f00000005c0)='kmem_cache_free\x00', r4}, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000003c0)=ANY=[@ANYBLOB="3c000000100005ff00000000000000000000004a", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b00010062617461647600000400028008000a0048"], 0x3c}}, 0x0)
r6 = syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)
r7 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000500)='./file0\x00', &(0x7f0000000580), &(0x7f0000000600)={0x0, 0xfb, 0xe6, 0x6, 0x1, "0447e4c4b30cb562e7ccf2d94d8ec6ca", "be1fa6e75118970f435af4afa31ffc3a8ed5a2137a1b1501ef7e1d1c9d42cd859db146e1ced25ea1f291e6ac92d581f30993f2ea9a4b524e02def13814ca0fa7c89666c0337020aa9300e14cdffc972d6e6f539b5e90a15818326cd3e41b4ffa5b87a59413e10aca3cbdd9a75cbe8d3aa2570dd165f32095a75a9f39fc71dc5510fa7cda39b164401fbe08d09fe97784f83d4fa248e538146851bf68fdbc81788c5d753f36628bdc3730e6ab2728fedf852822ba711615cacd3d0495bbe3b970af8b5846a3982af2f504c27bfd6f5c96bc"}, 0xe6, 0x3)
r8 = fcntl$dupfd(r6, 0x406, r6)
ioctl$MON_IOCX_GETX(r7, 0x4018920a, &(0x7f00000000c0)={&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @iso}, &(0x7f0000000940)=""/4096, 0x1000})
ioctl$USBDEVFS_SUBMITURB(r8, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x2, 0x3, 0x0, 0x0, 0x7995}, 0xfcb5, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})

1.191038722s ago: executing program 2 (id=2146):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0xbd, 0x0, 0xfffffffc, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x26)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x18)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x8, 0x3, 0x290, 0x128, 0x43, 0xa0, 0x128, 0x98, 0x1f8, 0x178, 0x178, 0x1f8, 0x178, 0x49, 0x0, {[{{@ip={@loopback, @local, 0x0, 0x0, 'veth0_to_bond\x00', 'ip6erspan0\x00', {0xff}}, 0x12a, 0xc0, 0x128, 0x0, {0x0, 0x7a010000}, [@common=@inet=@socket3={{0x28}, 0x5}, @inet=@rpfilter={{0x28}, {0xd}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x8, 0x5, 0x2, 0x20, 'snmp\x00', 'syz0\x00', {0x101}}}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv4=@multicast1, [0x0, 0xff], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x2f0)

1.183874413s ago: executing program 3 (id=2147):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x3804402, &(0x7f00000009c0)={[{@norecovery}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x400}}, {@resuid}, {@usrquota}, {@discard}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7b1}}, {@nolazytime}, {@delalloc}, {@nolazytime}, {@nodelalloc}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40000}}]}, 0x1, 0x55f, &(0x7f0000000c80)="$eJzs3d9rW+UbAPDnpO1+77sOxvgqIoVdOJlL19YfE7yYl6LDgd7PkmRlNFlGk461Dtwu3I03MgQRB+K1eu/l8B/wrxjoYMgoingTOelJl7VJm3XZmpnPB077vuec9D1Pznnevm9OQgIYWhPpj1zECxHxZRJxqG3baGQbJ1b3W3lwrZAuSTQaH/2RRJKta+2fZL/3Z5X/R8Qvn0ecyG1st7a0PD9bLpcWsvpkvXJ5sra0fPJiZXauNFe6ND0zc/qNmem333qzb7G+eu6vbz68897pL46tfP3TvcO3kjgTB7Jt7XE8gevtlYmYyJ6TsTizbsepPjQ2SJKdPgC2ZSTL87FI+4BDMZJlPfDf91lENIAhlch/GFKtcUBrbt+nefBz4/67qxOgjfGPrr42Enuac6N9K8kjM6N0vjveh/bTNn7+/fatdIn+vQ4BsKXrNyLi1Ojoxv4vyfq/7TvVwz7r29D/wbNzJx3/vNZp/JNbG/9Eh/HP/g65ux1b53/uXh+a6Sod/73Tcfy7dtNqfCSrHWyO+caSCxfLpbRv+19EHI+x3Wl9s/s5p1fuNrptax//pUvafmssmB3HvdHdjz6mOFuffZKY292/EfFix/Fvsnb+kw7nP30+zvXYxtHS7Ze7bds6/qer8X3EKx3P/8M7Wsnm9ycnm9fDZOuq2OjPm0d/7db+Tsefnv99q/H/nU0J18c/nrTfr609fhvf7fmn1G3bdq//XcnHzfKubN3V2Xp9YSpiV/LBxvXTDx/bqrf2T+M/fmzz/q/T9b83Ij7pMf6bR358afvxP11p/MXNr/915//xC3ff//Tbbu33dv5fb5aOZ2t66f96PcAnee4AAAAAAABg0OQi4kAkufxaOZfL51ff33Ek9uXK1Vr9xIXq4qViND8rOx5judad7kNt74eYyt4P26pPr6vPRMThiPhqZG+zni9Uy8WdDh4AAAAAAAAAAAAAAAAAAAAGxP4un/9P/Tay00cHPHW+8huG15b5349vegIGkv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX507ezZdGisPrhXSevHK0uJ89crJYqk2n68sFvKF6sLl/Fy1Olcu5QvVylZ/r1ytXp6ajsWrk/VSrT5ZW1o+X6kuXqqfv1j54WBEaeyZRAUAAAAAAAAAAAAAAAAAAADPl9rS8vxsuVxaUGgWdsdAHMZzVBgdjMNQ6HNhp3smAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHjo3wAAAP//waw5Ug==")
r1 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20)
fallocate(r1, 0x0, 0x0, 0x1001f0)
copy_file_range(r1, 0x0, r1, &(0x7f00000000c0)=0xc615, 0x101, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70300001c000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kfree\x00', r3, 0x0, 0x200}, 0x18)
r4 = add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
r5 = add_key$user(&(0x7f0000000080), &(0x7f0000000100)={'syz', 0x1}, &(0x7f00000003c0)="ae", 0x1, r4)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r4, &(0x7f0000000200)='asymmetric\x00', &(0x7f0000000000)=@keyring={'key_or_keyring:', r5})
add_key$keyring(&(0x7f0000000140), &(0x7f0000000240)={'syz', 0x1}, 0x0, 0x0, r4)
r6 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r6, 0x84, 0x7b, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
r7 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r7, 0x0, 0xfffffffffffffffc}, 0x18)
syz_emit_ethernet(0x42, &(0x7f00000006c0)=ANY=[@ANYBLOB], 0x0)
sendto$inet6(r6, &(0x7f00000005c0), 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0xfffffffc, @rand_addr=' \x01\x00'}, 0x1c)
r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000000082295"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x1e00, 0x21}, 0x94)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r9, 0x0, 0x1ffffffffffffffd}, 0x18)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
chroot(&(0x7f0000000000)='./file0/../file0\x00')
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x34, 0x10, 0x801, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x54811, 0x10000}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8, 0x1, r8}]}, @IFLA_GROUP={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000040}, 0x0)
r10 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r10, 0x8922, &(0x7f0000000180)={'netdevsim0\x00', 0x7fff})

1.124730949s ago: executing program 4 (id=2148):
r0 = open(&(0x7f0000000000)='./file0\x00', 0x2003, 0x22)
flock(r0, 0x2)
r1 = open(&(0x7f0000000300)='.\x00', 0x100000, 0x0)
flock(r1, 0x1)
flock(r0, 0x5)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r2, 0x11b, 0x3, &(0x7f0000000380)=0x20000, 0x4)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f0000000100)={&(0x7f0000000280)=""/5, 0x204000, 0x1000}, 0x20)
r3 = socket$phonet(0x23, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', <r4=>0x0})
setsockopt$XDP_UMEM_COMPLETION_RING(r2, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f0000000040)=0x4000, 0x4)
bind$xdp(r2, &(0x7f00000002c0)={0x2c, 0x4, r4, 0x30, r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1b0000000000dbc43f9300", @ANYRESOCT=r1], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000f0000000000000c00000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000014000200b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r9}, 0x10)
add_key$fscrypt_v1(0x0, &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x48, 0xffffffffffffffff)
unshare(0x64000600)
socket$inet_tcp(0x2, 0x1, 0x0)
newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000000300), 0x0)

1.003790721s ago: executing program 0 (id=2149):
unshare(0x8040480)
unshare(0x2a020480)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x4)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r1, 0x0, 0x27, &(0x7f00000019c0)="06a0ff1ee4f373a4b568a37f2810a0e7af7b8ac14a2b5efac35794132d3ed48cbf9cac11338adc5c01cd89a437fe6266eede2c4c7da4486c10b00e3c56abb054b21999a9c3fbefa73b60c94498cf798769b3809785d1645b93b3dc477a1f1ba917a2f270ba", 0x65)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{0xffffffffffffffff, <r2=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000080)}, 0x20)
r3 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000100)={0xffffffffffffffff, 0x4}, 0xc)
sync()
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000013c0)={&(0x7f0000001240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x9f, 0x9f, 0x8, [@func={0x1, 0x0, 0x0, 0xc, 0x20002}, @datasec={0x1, 0x3, 0x0, 0xf, 0x3, [{0x1, 0x2, 0xe}, {0x1, 0xfee, 0x925e}, {0x3, 0x7fffffff, 0x1000}], "0caf36"}, @fwd={0xb}, @fwd={0x8}, @struct={0x0, 0x5, 0x0, 0x4, 0x1, 0xfff, [{0x8, 0x5, 0x5}, {0xe, 0x2}, {0x6, 0x3, 0x5}, {0x7, 0x1, 0x9}, {0xd, 0x3, 0x4}]}]}, {0x0, [0x2e, 0x5f, 0x61, 0x5f, 0x5f, 0x2e]}}, &(0x7f0000001300)=""/192, 0xc0, 0xc0, 0x1, 0x80}, 0x28)
r5 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000001480), 0x1, 0x0)
sendto(r5, &(0x7f00000018c0)="4b0296f8d6b8c1454c52e935d390817eb12b9e46838d51ffb0ac85ea842746c78171d50d18b60e94c5f6a3fd3472030ca6d57985392b9baafb249de1da2778de122e3a9addbd226ee3ccfb48cd88689d8add9e4911a10874e4e53c4b038d96b3961abb202f72ebaa097d7b8f133e9464cde02c273728a27d30322b02fb", 0x7d, 0x0, &(0x7f0000001940)=@llc={0x1a, 0x0, 0x8, 0x1, 0x9, 0x3, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xe}}, 0x80)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001800)={0x11, 0x16, &(0x7f0000001600)=@raw=[@printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x80000000}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x162e}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}}, @exit], &(0x7f00000016c0)='syzkaller\x00', 0xffff, 0x8, &(0x7f0000001700)=""/8, 0x41100, 0x40, '\x00', 0x0, 0x0, r5, 0x8, &(0x7f0000001740)={0x6, 0x5}, 0x8, 0x10, &(0x7f0000001780)={0x0, 0x5, 0x1, 0x10}, 0x10, 0x0, 0x0, 0x2, 0x0, &(0x7f00000017c0)=[{0x2, 0x2, 0x7, 0x5}, {0x3, 0x2, 0xa, 0x7}], 0x10, 0x80000001}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001540)={0x6, 0x18, &(0x7f0000000140)=@raw=[@map_idx={0x18, 0x1, 0x5, 0x0, 0x3}, @ldst={0x3, 0x0, 0x4, 0x5, 0x1, 0xfffffffffffffff8, 0xffffffffffffffff}, @cb_func={0x18, 0xa, 0x4, 0x0, 0x8}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}, @map_val={0x18, 0x5, 0x2, 0x0, r2, 0x0, 0x0, 0x0, 0x5446}, @map_fd={0x18, 0x4, 0x1, 0x0, r3}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff8}], &(0x7f0000000200)='GPL\x00', 0x5, 0x1000, &(0x7f0000000240)=""/4096, 0x40f00, 0xa, '\x00', 0x0, 0x25, r4, 0x8, &(0x7f0000001400)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000001440)={0x0, 0x3, 0x4, 0x4}, 0x10, 0x0, 0x0, 0x3, &(0x7f00000014c0)=[r5], &(0x7f0000001500)=[{0x4, 0x1, 0x10}, {0x0, 0x2, 0xe, 0x4}, {0x2, 0x4, 0x5, 0x7}], 0x10, 0xc}, 0x94)

999.835791ms ago: executing program 2 (id=2150):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d0000008500000050"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18)
r1 = openat$sysfs(0xffffff9c, &(0x7f0000000040)='/sys/kernel/notes', 0x40001, 0x7)
r2 = perf_event_open(&(0x7f0000001480)={0x2, 0x80, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x20000000, 0x8000}, 0x11112, 0x0, 0x0, 0x0, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[], &(0x7f0000000100)='GPL\x00'}, 0x94)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r4, &(0x7f00000000c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r4, 0x40045431, 0x0)
syz_open_pts(r4, 0x0)
ioctl$TCSETSW2(r4, 0x402c542c, &(0x7f0000000000)={0x9, 0xc151, 0x3, 0xfff, 0x9, "0e04b9ef47507712e7fecccf1bd3efe3664b89", 0x8, 0x7})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
r5 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001240)={&(0x7f0000000840)=ANY=[@ANYBLOB="640000001800010000000000000000001d"], 0x64}}, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000180)='cpu~=0||!')
r6 = socket$netlink(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000), 0xffffffffffffffff)
sendfile(r6, r1, 0x0, 0x7ffff088)

646.091216ms ago: executing program 3 (id=2151):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000080)='kmem_cache_free\x00', r1, 0x0, 0x100000000}, 0x18)
r2 = memfd_create(&(0x7f0000000280)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
write$binfmt_script(r2, &(0x7f0000000340)={'#! ', './file0', [{0x20, '[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec'}, {}, {}, {0x20, '\xb5\"b\xa0\x03s\x11\x90\xc5\xb5\xbe\x8aj\xdc\xac\x06\x12\x9a[.\x9a\xccn\xd1c\az\x1a\xbe \x8c(Ws\xccq\xbe\xb0\xc1\xdbT\xa8H\xe2\xab1\x93\xf0\xb6\x10\x18\xc3\xf5\xf1\x80\xf7q \xb9\xf90'}, {0x20, '[-\')&}&$*+%^*#'}, {0x20, '*.+/%\'+-'}]}, 0xed)
r3 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb)
close(r3)
execveat(r2, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

592.803821ms ago: executing program 0 (id=2152):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000200), 0x802, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000001580)={0xb, {'syz1\x00', 'syz0\x00', 'syz0\x00', 0x1, 0xcd, 0x9, 0x70000, 0xfffffffb, 0x3ff, "c5"}}, 0x119)

429.707717ms ago: executing program 0 (id=2153):
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000080)=0x25b6, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x80000, 0x0, 0x0, 0x41100}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
sendmmsg$inet(r0, &(0x7f0000003240)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, 0x0}}], 0x1, 0x4000800)
recvfrom(r0, &(0x7f0000000200)=""/131, 0xf92e58a67d38802c, 0x2101, 0x0, 0x0)

258.665054ms ago: executing program 3 (id=2154):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, 0x0)
r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$selinux_load(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="8cff7cf9080000005345204c696e7578"], 0x65)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r2}, 0x18)
unshare(0xa000200)
semget$private(0x0, 0x4000, 0x0)
semtimedop(0x0, &(0x7f0000000040)=[{0x4, 0x6, 0x1000}], 0x1, 0x0)
unshare(0x20060400)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000e}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kfree\x00', r3, 0x0, 0x101}, 0x18)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r4)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e61, 0x7ffffffd, @empty, 0x9}, 0x1c)
setfsgid(0xee00)
r5 = syz_clone3(&(0x7f0000001000)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r6 = syz_pidfd_open(r5, 0x0)
process_madvise(r6, 0x0, 0x0, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'ipvlan0\x00'})

200.85676ms ago: executing program 0 (id=2155):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000005c0)={{r0}, &(0x7f0000000540), &(0x7f0000000580)='%pS    \x00'}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
creat(&(0x7f00000003c0)='./file0\x00', 0x11)
pipe2$9p(&(0x7f0000001900)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x800008, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',cache=fscache,aname=@'])

32.079256ms ago: executing program 3 (id=2156):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0xfffd}, 0x18)
r1 = socket$packet(0x11, 0x2, 0x300)
bind$packet(r1, &(0x7f0000000300)={0x11, 0x1b, 0x0, 0x1, 0xfc, 0x6, @local}, 0x14)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r2}, &(0x7f0000000200), &(0x7f0000000240)=r3}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000240)='kfree\x00', r4}, 0x18)
bind$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x14)

0s ago: executing program 3 (id=2157):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x11, 0x13, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f00000009c0))
ioctl$BTRFS_IOC_LOGICAL_INO(0xffffffffffffffff, 0xc0389424, &(0x7f0000000180)={0x6, 0x10, '\x00', 0x0, &(0x7f0000000a00)=[0x0, 0x0]})
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$P9_RMKDIR(0xffffffffffffffff, &(0x7f0000000240)={0x14, 0x49, 0x2, {0x4, 0x3}}, 0x2e)
write$char_usb(0xffffffffffffffff, &(0x7f0000002600)="b56511e72c6cba780ce701ed0b2db27a336692892a6491e2488652ff00c468d353d809d5b20d8ee0f9fefa6cd7bd1036ed25f0e37053d291887c707a892884c2b4aa2ebac156ef8288264449eea05c4f51c3bb4355eb108744fe34e5d0e851d51a855854135f04dd5d854459226f090b6f0d6135e8f2824eed7469236cad2251116a381d8cd30bae59c1fe71e028a667cb910d523aa5d7208286755075ee8be937304cca20e234303df72ad4e2bdc71219456229460a7c6a2df61e8b21b4a4941dcba5c257b90bbf0a976a73973319258ad7f738c04dfbdee4ea0e1b77a909a154fd934f791ebea03db6f06c8f14bc40924e46cbb9b343f25d63f332f9b3f176601f842a4e40401cbc62ee7803c3a2d71f3878f61d8fb8cb5ee90a696b22fb97bbdfd36af05c2e34dfb3d380ae7bc701053b9009d654d84f04c851b311341efcec16ef3d5c8a7e8af494068dbad55bfa7b7bf4475ceb03a6f4ef11ce14652dc36f279671b7184586c7aab57d50ca23deaeeeaebc2ed024d91f399c84834e7802ad28b6ffec7ed089e8af35d15f2713e70ce55b3f60b9c002496e110c3a68e4c01faf901df4e39d007bf99f3a2d2e33c58b92b961937060a92ab6347995c09eb6a363092e3a45b68bd5e734d43b0bc98070d66c8d03490897a7d05e894da6d92c46cb1d961d11a7d1cd9d3c437c07e9f090690d2b344a93fdc5d7276b74231f1ad050024359e7a73ee913e9a7eba72f23482de94c572d07491328ca363762c44ddcdb1623ec6d639b368d407ffafbb265de19bd5e52ec86c12167dfe2a3de629af1d66612c3f313e07a301d8378fc6eb551196b51680d1194d682ff6cdbb0f811608d6321b41664108ef6dd1dfcc7df602901b0c0d549fb8d0c1aa9b542b99d76b6b8c360c9bcb01ed819a57441948465279d0b2652be1058065929bffae3e9c8923ba01c954f3c49298db8ffad96b73684daf2e608046be2ffb0de70237e044d4be3e6ccc1984ebd2f6e0f57e99fcb0ec30598f121bd93a4003e0ba0815e5ddbeba9f3f8600ef86258a5423fb1f30da5be531e573bf5322a5842eeb23107f02021dc332e0e687bd1f4f0ac09293c3638603279484dd552d534089e0b5b903c4ceeedef410662ec12e17e9b616950874e24d313d770e84b488544a8b829039d06637269367c108dc37712d46ef6601ef4e937a120c607e570446d6216366a72ced5d543ba92a929cef7c4fb03307e88174ad88381b16de1c3f9985f483ff75e9b40fc6ba11d037dda41df9a583009baa3b246c19ab5a20cb4e62accb7a86090717c17db68b0d14905ed0ce6e49555de65448782fc0899f631393b5ccd65da59265d1b4ba9ff4d8a328cb42d2e3a465db23cfa9f159ce5716df7ccf393a561a1783679048570f2467c5336106bc8954569c047e854b2211141d169b27ca796b42c544f70123bd9f6ae23f87d1be164cd7bb2da3dc79e6f12a687296942c9c8f2d99b6961b48e046028bd69dcda162510ad235b7bf28a0ff994e23f08e807437dcd1a426a31e818b918e5c28725bf12f42d6f719d9d81100e529b9f7e4891167aef44ec7afa086e46cf832d144ebe668dbafcbf229be799f33df6c1fb3365f4cb64f360fb70ee140818503a185a44f15d3db5fd5abe8ea3c59f4120c23d3792a4ac791959858dc88286e403ad45b31716e28be7684375c2651f88ed78c2948d673ef2a8a937136ca9842717585894453a83280edc21f3fadb974c36696fe7d8bd136a005a69d14d034a869c4035282ac7c91642a05743814b4cd57df50a4eb15dd7a561637ea4ef6b3bcf89695f125fcd390746357917a6bcf55e0268a09ae5b1195f99a7fe5fec2d4115978052e195d7b5df345b827121a86166c9095e387301fc561654db0183715239247eb9dc15e83c20389aa6271b42125bd475b82db032150aa39fab06fde1034347a8a884c74edb21be34c8cf5b437ad7223970defbb27ca8eb0029fdd4acd4bc92236584ed42f03706376c583a5c8e5cf9f2415ee1f8c1b01f34d7cf1b673db2158eb99d55878ee41b391f8d7339c6f3471ae4af25e5ecb8cea2fbed9f915ce483f1a9411ca5b21776295aa4f52fa31d875f9850f3e07b8093b0f92570d41d77e68e9a79a27b6f5a2c9a100cde02ea745353e996b99b43e0f1aa51288d863859bc618a602c17a15e285e6c189a21a4762b57ce396c852a5453f035c7a2d849a98c30a2e7f797ed13ffae44e4d15a240d092a25b4820e0d2fe3b9cb74b89efc977634d1f37eddc1433f6b06fd13c543bceca1254f91413d8b914bd67f1dca660ad8ef561dfb2ce5f0486b3e1a19a3682dad8a727177a1ea448273c3cd308300e3b4fc4f96efa8d6d723de8b38f7688e13c47b2aa801ba5c33a138208412524250e41eb253520f68324dbdb5e7de6e02dc315e20cf1844cc7a5f15428dd342bcf40895d94b3de0e1acdb698a94e0dd881edfb7569d0c81981213e7186eac0d80dd35e1a48aad319678db523e9cea10163e3924c52d1d4ff589b3b228d98e64e6ee22990600ac9b272b483520148dac0e26d27ef618c86b0a49075f71d8c21e49bbcf83eb1374f0ad393074e32fa33a257f13fb187ba40b02ee6e688092e81ce0c04e3e53507b4b244fcf3afd4dbf05747a8c81828351558223a7bd0ff6684e94cd264bb3841cca4983c10b627c3c13286872798a3bce148b7f9847cb2b485bb900ad006b08482c801e9f05e5e57591e9c9ed1235c397ebffec2bffdf0eaa4aa2b3927e583f913edb95ce47603bc725ad16c59c4b638668190bd1f9c4b2c9e1b14a85d9e3e81ef3668baf27e59dd14d1ade2d7873d4feb989cdac04675f40b59a1a41453b44e0fdb89f4a7f3f52cb3a6a79d0763f85826fe1b5acb3215a0328c32ccdf2c21bb4ab3310c2d33f9b1255582e0807492ce59953f6cd4422bfa5ea9192177bbf13bd7a83807362036708653bd01b67d3def4ef7041ea299954", 0x845)
r1 = syz_open_dev$mouse(&(0x7f0000000b40), 0x401, 0x62601)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x0)
fsconfig$FSCONFIG_SET_BINARY(r2, 0x2, &(0x7f0000000140)='\x00', &(0x7f00000008c0)="9462b8d839736ea552fda61d06a4fff20dc502ca3463cd24764a8f7af5157465c36c77e46c565b24fbda22b8c3d817fa2ccfc1b2a8a2da93586468947ea50f67496f03e64b21f88b4ec995ce5a8c5933479d8c340cde5abb9b0e4013bd8598cb24cdf0b9b5f97bbb58", 0x69)
fstat(r2, &(0x7f00000002c0))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x26)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r3, 0xc0185879, &(0x7f0000000040)={@desc={0x1, 0x0, @desc2}})
sendmsg$RDMA_NLDEV_CMD_SET(0xffffffffffffffff, &(0x7f0000000c40)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000c00)={&(0x7f0000000d40)=ANY=[@ANYBLOB="58000000021400042abd7000fcdbdf25050054000100000008000100010000000500540001000000050054000100000008004400", @ANYRES32, @ANYBLOB='\b\x00D\x00', @ANYRES32=r1, @ANYBLOB="050054000100000008004400", @ANYRES32=r2, @ANYBLOB="0800440061df873d84eeadc4b20224f126a458bdeb07f720c605865944a591b4dd88a2d23a0d7c748aa40ec01fa9c03e2471bcc34f27f85ed23a525eff0578131b7b1ce827e17999dd9d7f437961d4dc0c061e79a821c993d6d77a5fad18", @ANYRES32=r3, @ANYBLOB], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x4085)
msgrcv(0x0, 0x0, 0x0, 0x2, 0x3000)
syslog(0x3, 0x0, 0x0)
r4 = socket(0xa, 0x1, 0x0)
setsockopt$inet6_group_source_req(r4, 0x29, 0x2e, &(0x7f00000001c0)={0x4, {{0xa, 0x4e24, 0x2, @mcast1, 0xdf7ffffd}}, {{0xa, 0x4e08, 0x4a3, @local, 0x200}}}, 0x108)
setsockopt$inet6_group_source_req(r4, 0x29, 0x2e, &(0x7f0000000380)={0x2, {{0xa, 0x4e20, 0x1, @mcast1, 0x1000}}, {{0xa, 0x4e22, 0x7, @empty, 0x3ff}}}, 0x108)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f00000006c0)={'bridge0\x00', &(0x7f00000007c0)=@ethtool_drvinfo={0x3, "1740a3b346e0672f235b8f49c3df93ff70c959e163ca80cdd8fdd788535cbb38", "fa9522514bf2aa8d27faa1ce74820240be3def2fdddf3f89a520545eb6bfcff3", "2e537e3e108c19a5ef4b466fe6a8c9ca5618849b148430ec41975956e734bac5", "2b9a4bd6908a0ff807b1437bbf1d798f52ec0714b273b97129ce4b56791fcb2b", "8faebe3b9e1ff30b94aca9504d0cfbcc9a12f9c6691d0d679fcc56bee5d38c8e", "ca2560216c1ee2f3b76277bc", 0x9, 0xc, 0x7, 0x3, 0x70}})
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000980)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kfree\x00', r6, 0x0, 0x401}, 0x11)
r7 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000040)={'sit0\x00', <r8=>0x0})
sendmsg$nl_route(r7, &(0x7f0000000100)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000b00)=ANY=[@ANYBLOB="280000008b0000022bbd0000020018000000060000000000000008000500", @ANYRES32=r8, @ANYBLOB], 0x28}}, 0x0)
getsockopt$inet6_tcp_int(r4, 0x6, 0x18, &(0x7f0000000780), &(0x7f0000000940)=0x4)
r9 = creat(&(0x7f0000000000)='./file0\x00', 0x100)
ioctl$TIOCSTI(r9, 0x5412, &(0x7f0000000700)=0x3)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x6, 0x9, &(0x7f0000000a80)=ANY=[@ANYBLOB="18000000600000000000000005000000948706000400000018120000", @ANYRES32=r9, @ANYBLOB="0000000000000000b403000000000000850000000c00000071a8d86b9d64f42cb7000000000000009500000000000000"], &(0x7f0000000300)='syzkaller\x00', 0x7, 0x5c, &(0x7f00000004c0)=""/92, 0x41000, 0x9, '\x00', 0x0, 0x25, r9, 0x8, &(0x7f0000000340)={0x7, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000540)=[r9, r9, r9], &(0x7f0000000580)=[{0x3, 0x5, 0xc, 0x7}], 0x10, 0x5}, 0x94)

kernel console output (not intermixed with test programs):

uid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7025 comm="syz.3.1285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7fc43c93eec9 code=0x7ffc0000
[  137.551434][   T29] audit: type=1400 audit(2000000072.140:7011): avc:  denied  { read } for  pid=7038 comm="syz.1.1291" dev="nsfs" ino=4026532510 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  137.572789][   T29] audit: type=1400 audit(2000000072.140:7012): avc:  denied  { open } for  pid=7038 comm="syz.1.1291" path="net:[4026532510]" dev="nsfs" ino=4026532510 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  137.601393][ T7041] FAULT_INJECTION: forcing a failure.
[  137.601393][ T7041] name failslab, interval 1, probability 0, space 0, times 0
[  137.614186][ T7041] CPU: 1 UID: 0 PID: 7041 Comm: syz.3.1292 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  137.614287][ T7041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  137.614304][ T7041] Call Trace:
[  137.614313][ T7041]  <TASK>
[  137.614324][ T7041]  __dump_stack+0x1d/0x30
[  137.614351][ T7041]  dump_stack_lvl+0xe8/0x140
[  137.614377][ T7041]  dump_stack+0x15/0x1b
[  137.614432][ T7041]  should_fail_ex+0x265/0x280
[  137.614551][ T7041]  should_failslab+0x8c/0xb0
[  137.614631][ T7041]  __kmalloc_noprof+0xa5/0x570
[  137.614701][ T7041]  ? unregister_netdevice_many_notify+0x4c9/0x15d0
[  137.614743][ T7041]  ? unlist_netdevice+0x2cc/0x320
[  137.614817][ T7041]  unregister_netdevice_many_notify+0x4c9/0x15d0
[  137.614860][ T7041]  ? skb_queue_purge_reason+0x151/0x250
[  137.614893][ T7041]  unregister_netdevice_queue+0x1f5/0x220
[  137.614936][ T7041]  __tun_detach+0x82c/0xb30
[  137.614972][ T7041]  ? __pfx_tun_chr_close+0x10/0x10
[  137.615003][ T7041]  tun_chr_close+0x5a/0x100
[  137.615062][ T7041]  __fput+0x29b/0x650
[  137.615110][ T7041]  fput_close_sync+0x6e/0x120
[  137.615180][ T7041]  __x64_sys_close+0x56/0xf0
[  137.615243][ T7041]  x64_sys_call+0x273c/0x3000
[  137.615273][ T7041]  do_syscall_64+0xd2/0x200
[  137.615306][ T7041]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  137.615336][ T7041]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  137.615421][ T7041]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.615451][ T7041] RIP: 0033:0x7fc43c93eec9
[  137.615471][ T7041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  137.615496][ T7041] RSP: 002b:00007fc43b3a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  137.615519][ T7041] RAX: ffffffffffffffda RBX: 00007fc43cb95fa0 RCX: 00007fc43c93eec9
[  137.615535][ T7041] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006
[  137.615581][ T7041] RBP: 00007fc43b3a7090 R08: 0000000000000000 R09: 0000000000000000
[  137.615597][ T7041] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  137.615613][ T7041] R13: 00007fc43cb96038 R14: 00007fc43cb95fa0 R15: 00007ffc8a12fee8
[  137.615642][ T7041]  </TASK>
[  137.620137][   T29] audit: type=1400 audit(2000000072.190:7013): avc:  denied  { read } for  pid=7038 comm="syz.1.1291" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  137.859695][   T29] audit: type=1400 audit(2000000072.450:7014): avc:  denied  { allowed } for  pid=7044 comm="syz.1.1294" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  137.899438][   T29] audit: type=1400 audit(2000000072.450:7015): avc:  denied  { sqpoll } for  pid=7044 comm="syz.1.1294" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  137.919620][   T29] audit: type=1400 audit(2000000072.450:7016): avc:  denied  { create } for  pid=7044 comm="syz.1.1294" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  137.941079][   T29] audit: type=1400 audit(2000000072.450:7017): avc:  denied  { map } for  pid=7044 comm="syz.1.1294" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=18022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  137.965301][   T29] audit: type=1400 audit(2000000072.450:7018): avc:  denied  { read write } for  pid=7044 comm="syz.1.1294" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=18022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  137.990444][   T29] audit: type=1400 audit(2000000072.460:7019): avc:  denied  { mounton } for  pid=7044 comm="syz.1.1294" path="/262/bus" dev="tmpfs" ino=1421 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  138.093186][ T7061] FAULT_INJECTION: forcing a failure.
[  138.093186][ T7061] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  138.106403][ T7061] CPU: 1 UID: 0 PID: 7061 Comm: syz.3.1300 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  138.106435][ T7061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  138.106449][ T7061] Call Trace:
[  138.106484][ T7061]  <TASK>
[  138.106491][ T7061]  __dump_stack+0x1d/0x30
[  138.106627][ T7061]  dump_stack_lvl+0xe8/0x140
[  138.106647][ T7061]  dump_stack+0x15/0x1b
[  138.106736][ T7061]  should_fail_ex+0x265/0x280
[  138.106773][ T7061]  should_fail+0xb/0x20
[  138.106808][ T7061]  should_fail_usercopy+0x1a/0x20
[  138.106835][ T7061]  _copy_from_user+0x1c/0xb0
[  138.106861][ T7061]  perf_copy_attr+0x145/0x610
[  138.106886][ T7061]  __se_sys_perf_event_open+0x67/0x11c0
[  138.106916][ T7061]  ? bpf_get_current_comm+0x7c/0xb0
[  138.106948][ T7061]  ? __rcu_read_unlock+0x4f/0x70
[  138.106974][ T7061]  ? bpf_trace_run2+0x124/0x1c0
[  138.107017][ T7061]  __x64_sys_perf_event_open+0x67/0x80
[  138.107125][ T7061]  x64_sys_call+0x7bd/0x3000
[  138.107148][ T7061]  do_syscall_64+0xd2/0x200
[  138.107172][ T7061]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  138.107215][ T7061]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  138.107238][ T7061]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.107261][ T7061] RIP: 0033:0x7fc43c93eec9
[  138.107337][ T7061] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  138.107357][ T7061] RSP: 002b:00007fc43b3a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  138.107377][ T7061] RAX: ffffffffffffffda RBX: 00007fc43cb95fa0 RCX: 00007fc43c93eec9
[  138.107400][ T7061] RDX: bfffffffffffffff RSI: 0000000000000000 RDI: 0000200000000180
[  138.107413][ T7061] RBP: 00007fc43b3a7090 R08: 000000000000000a R09: 0000000000000000
[  138.107450][ T7061] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[  138.107463][ T7061] R13: 00007fc43cb96038 R14: 00007fc43cb95fa0 R15: 00007ffc8a12fee8
[  138.107483][ T7061]  </TASK>
[  138.142493][ T7050] netlink: 'syz.4.1296': attribute type 1 has an invalid length.
[  138.232195][ T7068] FAULT_INJECTION: forcing a failure.
[  138.232195][ T7068] name failslab, interval 1, probability 0, space 0, times 0
[  138.327008][ T7068] CPU: 1 UID: 0 PID: 7068 Comm: syz.0.1303 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  138.327101][ T7068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  138.327119][ T7068] Call Trace:
[  138.327127][ T7068]  <TASK>
[  138.327138][ T7068]  __dump_stack+0x1d/0x30
[  138.327161][ T7068]  dump_stack_lvl+0xe8/0x140
[  138.327203][ T7068]  dump_stack+0x15/0x1b
[  138.327224][ T7068]  should_fail_ex+0x265/0x280
[  138.327260][ T7068]  should_failslab+0x8c/0xb0
[  138.327416][ T7068]  kmem_cache_alloc_noprof+0x50/0x480
[  138.327486][ T7068]  ? getname_flags+0x80/0x3b0
[  138.327527][ T7068]  getname_flags+0x80/0x3b0
[  138.327564][ T7068]  __x64_sys_renameat2+0x5f/0x90
[  138.327590][ T7068]  x64_sys_call+0x3f9/0x3000
[  138.327623][ T7068]  do_syscall_64+0xd2/0x200
[  138.327648][ T7068]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  138.327733][ T7068]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  138.327755][ T7068]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.327784][ T7068] RIP: 0033:0x7f85bd04eec9
[  138.327830][ T7068] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  138.327855][ T7068] RSP: 002b:00007f85bbab7038 EFLAGS: 00000246 ORIG_RAX: 000000000000013c
[  138.327944][ T7068] RAX: ffffffffffffffda RBX: 00007f85bd2a5fa0 RCX: 00007f85bd04eec9
[  138.327959][ T7068] RDX: ffffffffffffff9c RSI: 0000200000000600 RDI: ffffffffffffff9c
[  138.327971][ T7068] RBP: 00007f85bbab7090 R08: 0000000000000000 R09: 0000000000000000
[  138.327983][ T7068] R10: 00002000000001c0 R11: 0000000000000246 R12: 0000000000000001
[  138.328039][ T7068] R13: 00007f85bd2a6038 R14: 00007f85bd2a5fa0 R15: 00007fff332ffa48
[  138.328066][ T7068]  </TASK>
[  138.695130][ T7094] serio: Serial port ptm0
[  138.901976][ T7111] netdevsim netdevsim1: Direct firmware load for ./file0/file1 failed with error -2
[  139.014371][ T7115] __nla_validate_parse: 6 callbacks suppressed
[  139.014387][ T7115] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1319'.
[  139.236511][ T7135] program syz.0.1326 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  139.274837][ T7135] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  139.311157][ T7138] program syz.2.1327 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  139.355339][ T7138] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  139.769252][ T7147] FAULT_INJECTION: forcing a failure.
[  139.769252][ T7147] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  139.782401][ T7147] CPU: 1 UID: 0 PID: 7147 Comm: syz.0.1331 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  139.782484][ T7147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  139.782501][ T7147] Call Trace:
[  139.782509][ T7147]  <TASK>
[  139.782519][ T7147]  __dump_stack+0x1d/0x30
[  139.782546][ T7147]  dump_stack_lvl+0xe8/0x140
[  139.782572][ T7147]  dump_stack+0x15/0x1b
[  139.782602][ T7147]  should_fail_ex+0x265/0x280
[  139.782713][ T7147]  should_fail+0xb/0x20
[  139.782754][ T7147]  should_fail_usercopy+0x1a/0x20
[  139.782782][ T7147]  _copy_from_user+0x1c/0xb0
[  139.782812][ T7147]  sock_do_ioctl+0xe6/0x220
[  139.782849][ T7147]  sock_ioctl+0x41b/0x610
[  139.782895][ T7147]  ? __pfx_sock_ioctl+0x10/0x10
[  139.782990][ T7147]  __se_sys_ioctl+0xce/0x140
[  139.783017][ T7147]  __x64_sys_ioctl+0x43/0x50
[  139.783035][ T7147]  x64_sys_call+0x1816/0x3000
[  139.783057][ T7147]  do_syscall_64+0xd2/0x200
[  139.783084][ T7147]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  139.783182][ T7147]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  139.783204][ T7147]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.783226][ T7147] RIP: 0033:0x7f85bd04eec9
[  139.783241][ T7147] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  139.783263][ T7147] RSP: 002b:00007f85bbab7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  139.783365][ T7147] RAX: ffffffffffffffda RBX: 00007f85bd2a5fa0 RCX: 00007f85bd04eec9
[  139.783378][ T7147] RDX: 0000200000000340 RSI: 0000000000008946 RDI: 0000000000000006
[  139.783392][ T7147] RBP: 00007f85bbab7090 R08: 0000000000000000 R09: 0000000000000000
[  139.783404][ T7147] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  139.783417][ T7147] R13: 00007f85bd2a6038 R14: 00007f85bd2a5fa0 R15: 00007fff332ffa48
[  139.783437][ T7147]  </TASK>
[  140.071025][ T7162] xt_CT: You must specify a L4 protocol and not use inversions on it
[  140.099340][ T7163] netdevsim netdevsim1: Direct firmware load for ./file0/file1 failed with error -2
[  140.176856][ T7168] serio: Serial port ptm0
[  140.183847][ T7170] program syz.0.1339 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  140.196291][ T7170] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  140.366760][ T7192] SELinux:  Context system_u:object_r:netutils_exec_t:s0 is not valid (left unmapped).
[  140.484399][ T7207] FAULT_INJECTION: forcing a failure.
[  140.484399][ T7207] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  140.497613][ T7207] CPU: 1 UID: 0 PID: 7207 Comm: syz.4.1354 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  140.497717][ T7207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  140.497732][ T7207] Call Trace:
[  140.497738][ T7207]  <TASK>
[  140.497745][ T7207]  __dump_stack+0x1d/0x30
[  140.497768][ T7207]  dump_stack_lvl+0xe8/0x140
[  140.497863][ T7207]  dump_stack+0x15/0x1b
[  140.497880][ T7207]  should_fail_ex+0x265/0x280
[  140.497927][ T7207]  should_fail+0xb/0x20
[  140.497970][ T7207]  should_fail_usercopy+0x1a/0x20
[  140.498000][ T7207]  copy_folio_from_iter_atomic+0x278/0x11b0
[  140.498099][ T7207]  ? shmem_write_begin+0xa8/0x190
[  140.498140][ T7207]  ? shmem_write_begin+0xe1/0x190
[  140.498227][ T7207]  generic_perform_write+0x2c2/0x490
[  140.498349][ T7207]  shmem_file_write_iter+0xc5/0xf0
[  140.498382][ T7207]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  140.498412][ T7207]  vfs_write+0x52a/0x960
[  140.498450][ T7207]  ksys_write+0xda/0x1a0
[  140.498507][ T7207]  __x64_sys_write+0x40/0x50
[  140.498539][ T7207]  x64_sys_call+0x2802/0x3000
[  140.498568][ T7207]  do_syscall_64+0xd2/0x200
[  140.498646][ T7207]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  140.498682][ T7207]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  140.498711][ T7207]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  140.498869][ T7207] RIP: 0033:0x7f590f89eec9
[  140.498890][ T7207] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  140.498915][ T7207] RSP: 002b:00007f590e2ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  140.498941][ T7207] RAX: ffffffffffffffda RBX: 00007f590faf5fa0 RCX: 00007f590f89eec9
[  140.498959][ T7207] RDX: 000000000208e24b RSI: 0000200000000100 RDI: 0000000000000008
[  140.498975][ T7207] RBP: 00007f590e2ff090 R08: 0000000000000000 R09: 0000000000000000
[  140.498992][ T7207] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  140.499009][ T7207] R13: 00007f590faf6038 R14: 00007f590faf5fa0 R15: 00007ffe09460c28
[  140.499037][ T7207]  </TASK>
[  140.743021][   T10] hid-generic 00CD:0009:70000.002E: item fetching failed at offset 0/1
[  140.751722][   T10] hid-generic 00CD:0009:70000.002E: probe with driver hid-generic failed with error -22
[  140.854094][ T7223] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1362'.
[  140.872955][ T7223] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1362'.
[  140.895779][ T7221] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(13)
[  140.902518][ T7221] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  140.910269][ T7221] vhci_hcd vhci_hcd.0: Device attached
[  140.921989][ T7224] vhci_hcd: connection closed
[  140.923068][ T3639] vhci_hcd: stop threads
[  140.932129][ T3639] vhci_hcd: release socket
[  140.936728][ T3639] vhci_hcd: disconnect device
[  141.003377][ T7234] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1364'.
[  141.022226][ T7234] FAULT_INJECTION: forcing a failure.
[  141.022226][ T7234] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  141.035520][ T7234] CPU: 1 UID: 0 PID: 7234 Comm: syz.2.1364 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  141.035557][ T7234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  141.035574][ T7234] Call Trace:
[  141.035580][ T7234]  <TASK>
[  141.035589][ T7234]  __dump_stack+0x1d/0x30
[  141.035665][ T7234]  dump_stack_lvl+0xe8/0x140
[  141.035685][ T7234]  dump_stack+0x15/0x1b
[  141.035701][ T7234]  should_fail_ex+0x265/0x280
[  141.035799][ T7234]  should_fail+0xb/0x20
[  141.035912][ T7234]  should_fail_usercopy+0x1a/0x20
[  141.035933][ T7234]  _copy_from_user+0x1c/0xb0
[  141.035961][ T7234]  ___sys_sendmsg+0xc1/0x1d0
[  141.036026][ T7234]  __x64_sys_sendmsg+0xd4/0x160
[  141.036061][ T7234]  x64_sys_call+0x191e/0x3000
[  141.036129][ T7234]  do_syscall_64+0xd2/0x200
[  141.036153][ T7234]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  141.036184][ T7234]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  141.036270][ T7234]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.036300][ T7234] RIP: 0033:0x7fade84aeec9
[  141.036320][ T7234] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  141.036395][ T7234] RSP: 002b:00007fade6f0f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  141.036420][ T7234] RAX: ffffffffffffffda RBX: 00007fade8705fa0 RCX: 00007fade84aeec9
[  141.036437][ T7234] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000007
[  141.036454][ T7234] RBP: 00007fade6f0f090 R08: 0000000000000000 R09: 0000000000000000
[  141.036471][ T7234] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  141.036537][ T7234] R13: 00007fade8706038 R14: 00007fade8705fa0 R15: 00007ffc46488708
[  141.036563][ T7234]  </TASK>
[  141.248621][ T7238] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1365'.
[  141.330500][   T36] hid-generic 00CD:0009:70000.002F: item fetching failed at offset 0/1
[  141.341541][   T36] hid-generic 00CD:0009:70000.002F: probe with driver hid-generic failed with error -22
[  141.409710][ T7255] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=22 sclass=netlink_audit_socket pid=7255 comm=syz.4.1373
[  141.433439][ T7255] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=39 sclass=netlink_audit_socket pid=7255 comm=syz.4.1373
[  141.478162][ T7260] xt_CT: You must specify a L4 protocol and not use inversions on it
[  141.488671][ T7257] serio: Serial port ptm0
[  141.681914][ T7282] SELinux:  policydb version 0 does not match my version range 15-35
[  141.690627][ T7282] SELinux: failed to load policy
[  141.804714][ T7289] vhci_hcd: invalid port number 23
[  142.468354][ T7302] FAULT_INJECTION: forcing a failure.
[  142.468354][ T7302] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  142.481605][ T7302] CPU: 0 UID: 0 PID: 7302 Comm: syz.0.1389 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  142.481641][ T7302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  142.481654][ T7302] Call Trace:
[  142.481660][ T7302]  <TASK>
[  142.481676][ T7302]  __dump_stack+0x1d/0x30
[  142.481700][ T7302]  dump_stack_lvl+0xe8/0x140
[  142.481721][ T7302]  dump_stack+0x15/0x1b
[  142.481742][ T7302]  should_fail_ex+0x265/0x280
[  142.481861][ T7302]  should_fail+0xb/0x20
[  142.481896][ T7302]  should_fail_usercopy+0x1a/0x20
[  142.481917][ T7302]  _copy_from_user+0x1c/0xb0
[  142.482026][ T7302]  tls_setsockopt+0x3ec/0xce0
[  142.482054][ T7302]  sock_common_setsockopt+0x69/0x80
[  142.482077][ T7302]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  142.482105][ T7302]  __sys_setsockopt+0x184/0x200
[  142.482278][ T7302]  __x64_sys_setsockopt+0x64/0x80
[  142.482312][ T7302]  x64_sys_call+0x20ec/0x3000
[  142.482370][ T7302]  do_syscall_64+0xd2/0x200
[  142.482420][ T7302]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  142.482456][ T7302]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  142.482484][ T7302]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  142.482510][ T7302] RIP: 0033:0x7f85bd04eec9
[  142.482589][ T7302] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  142.482607][ T7302] RSP: 002b:00007f85bbab7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  142.482631][ T7302] RAX: ffffffffffffffda RBX: 00007f85bd2a5fa0 RCX: 00007f85bd04eec9
[  142.482649][ T7302] RDX: 0000000000000002 RSI: 000000000000011a RDI: 0000000000000004
[  142.482672][ T7302] RBP: 00007f85bbab7090 R08: 0000000000000038 R09: 0000000000000000
[  142.482689][ T7302] R10: 0000200000000280 R11: 0000000000000246 R12: 0000000000000001
[  142.482735][ T7302] R13: 00007f85bd2a6038 R14: 00007f85bd2a5fa0 R15: 00007fff332ffa48
[  142.482754][ T7302]  </TASK>
[  142.915246][   T29] kauditd_printk_skb: 505 callbacks suppressed
[  142.915267][   T29] audit: type=1400 audit(2000000077.420:7523): avc:  denied  { map } for  pid=7303 comm="syz.0.1390" path="/dev/sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  142.945721][   T29] audit: type=1400 audit(2000000077.420:7524): avc:  denied  { execute } for  pid=7303 comm="syz.0.1390" path="/dev/sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  143.221097][ T7311] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  143.296661][   T29] audit: type=1400 audit(2000000077.890:7525): avc:  denied  { setopt } for  pid=7310 comm="syz.0.1392" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  143.335120][ T7314] 8021q: VLANs not supported on sit0
[  143.354925][ T7314] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1393'.
[  143.363906][ T7314] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1393'.
[  143.387004][   T29] audit: type=1400 audit(2000000077.920:7526): avc:  denied  { write } for  pid=7310 comm="syz.0.1392" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  143.406564][   T29] audit: type=1400 audit(2000000077.920:7527): avc:  denied  { ioctl } for  pid=7310 comm="syz.0.1392" path="socket:[19714]" dev="sockfs" ino=19714 ioctlcmd=0x8922 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  143.431468][   T29] audit: type=1400 audit(2000000077.930:7528): avc:  denied  { ioctl } for  pid=7313 comm="syz.1.1393" path="socket:[19710]" dev="sockfs" ino=19710 ioctlcmd=0x8983 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  143.489198][ T7314] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1393'.
[  143.523901][ T7319] 9pnet: Could not find request transport: fdart
[  143.558919][   T29] audit: type=1400 audit(2000000078.070:7529): avc:  denied  { create } for  pid=7315 comm="syz.0.1395" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  143.579224][   T29] audit: type=1400 audit(2000000078.070:7530): avc:  denied  { write } for  pid=7315 comm="syz.0.1395" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  143.599619][   T29] audit: type=1400 audit(2000000078.070:7531): avc:  denied  { ioctl } for  pid=7315 comm="syz.0.1395" path="socket:[19730]" dev="sockfs" ino=19730 ioctlcmd=0x891c scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  143.625174][   T29] audit: type=1400 audit(2000000078.070:7532): avc:  denied  { create } for  pid=7315 comm="syz.0.1395" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  143.690876][ T7323] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1396'.
[  143.713319][ T7314] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1393'.
[  143.731088][ T7318] FAULT_INJECTION: forcing a failure.
[  143.731088][ T7318] name failslab, interval 1, probability 0, space 0, times 0
[  143.743891][ T7318] CPU: 0 UID: 0 PID: 7318 Comm: syz.3.1394 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  143.743970][ T7318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  143.743987][ T7318] Call Trace:
[  143.743993][ T7318]  <TASK>
[  143.744000][ T7318]  __dump_stack+0x1d/0x30
[  143.744022][ T7318]  dump_stack_lvl+0xe8/0x140
[  143.744042][ T7318]  dump_stack+0x15/0x1b
[  143.744061][ T7318]  should_fail_ex+0x265/0x280
[  143.744151][ T7318]  should_failslab+0x8c/0xb0
[  143.744182][ T7318]  __kmalloc_noprof+0xa5/0x570
[  143.744277][ T7318]  ? kobject_get_path+0x92/0x1c0
[  143.744368][ T7318]  kobject_get_path+0x92/0x1c0
[  143.744434][ T7318]  kobject_uevent_env+0x1da/0x570
[  143.744540][ T7318]  kobject_uevent+0x1d/0x30
[  143.744631][ T7318]  __kobject_del+0x88/0x190
[  143.744669][ T7318]  kobject_put+0x127/0x190
[  143.744709][ T7318]  net_rx_queue_update_kobjects+0x49b/0x540
[  143.744755][ T7318]  netdev_unregister_kobject+0xbf/0x270
[  143.744870][ T7318]  unregister_netdevice_many_notify+0x11cc/0x15d0
[  143.744994][ T7318]  unregister_netdevice_queue+0x1f5/0x220
[  143.745036][ T7318]  unregister_netdev+0xb3/0xe0
[  143.745077][ T7318]  slip_close+0xe4/0x100
[  143.745142][ T7318]  ? __pfx_slip_close+0x10/0x10
[  143.745245][ T7318]  tty_ldisc_close+0x74/0xa0
[  143.745275][ T7318]  tty_set_ldisc+0x1b9/0x380
[  143.745299][ T7318]  tiocsetd+0x51/0x60
[  143.745327][ T7318]  tty_ioctl+0xa79/0xb80
[  143.745350][ T7318]  ? __pfx_tty_ioctl+0x10/0x10
[  143.745419][ T7318]  __se_sys_ioctl+0xce/0x140
[  143.745446][ T7318]  __x64_sys_ioctl+0x43/0x50
[  143.745548][ T7318]  x64_sys_call+0x1816/0x3000
[  143.745580][ T7318]  do_syscall_64+0xd2/0x200
[  143.745612][ T7318]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  143.745715][ T7318]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  143.745744][ T7318]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  143.745774][ T7318] RIP: 0033:0x7fc43c93eec9
[  143.745794][ T7318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  143.745974][ T7318] RSP: 002b:00007fc43b3a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  143.746003][ T7318] RAX: ffffffffffffffda RBX: 00007fc43cb95fa0 RCX: 00007fc43c93eec9
[  143.746020][ T7318] RDX: 0000200000000080 RSI: 0000000000005423 RDI: 0000000000000003
[  143.746037][ T7318] RBP: 00007fc43b3a7090 R08: 0000000000000000 R09: 0000000000000000
[  143.746054][ T7318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  143.746071][ T7318] R13: 00007fc43cb96038 R14: 00007fc43cb95fa0 R15: 00007ffc8a12fee8
[  143.746098][ T7318]  </TASK>
[  144.005474][ T7332] serio: Serial port ptm0
[  144.021908][ T7314] __nla_validate_parse: 2 callbacks suppressed
[  144.021927][ T7314] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1393'.
[  144.037354][ T7314] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1393'.
[  144.046573][ T7314] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1393'.
[  144.085473][ T7318] Falling back ldisc for ttyS3.
[  144.349305][ T7374] netlink: 'syz.0.1404': attribute type 1 has an invalid length.
[  144.619445][ T7385] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  145.455422][ T7410] xt_check_match: 23 callbacks suppressed
[  145.455447][ T7410] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  145.601608][ T7421] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1413'.
[  145.666254][ T7423] FAULT_INJECTION: forcing a failure.
[  145.666254][ T7423] name failslab, interval 1, probability 0, space 0, times 0
[  145.678965][ T7423] CPU: 0 UID: 0 PID: 7423 Comm: syz.4.1415 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  145.679062][ T7423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  145.679075][ T7423] Call Trace:
[  145.679083][ T7423]  <TASK>
[  145.679092][ T7423]  __dump_stack+0x1d/0x30
[  145.679142][ T7423]  dump_stack_lvl+0xe8/0x140
[  145.679166][ T7423]  dump_stack+0x15/0x1b
[  145.679188][ T7423]  should_fail_ex+0x265/0x280
[  145.679277][ T7423]  ? audit_log_d_path+0x8d/0x150
[  145.679303][ T7423]  should_failslab+0x8c/0xb0
[  145.679353][ T7423]  __kmalloc_cache_noprof+0x4c/0x4a0
[  145.679453][ T7423]  audit_log_d_path+0x8d/0x150
[  145.679473][ T7423]  audit_log_d_path_exe+0x42/0x70
[  145.679494][ T7423]  audit_log_task+0x1e9/0x250
[  145.679546][ T7423]  ? kstrtouint+0x76/0xc0
[  145.679590][ T7423]  audit_seccomp+0x61/0x100
[  145.679620][ T7423]  ? __seccomp_filter+0x82d/0x1250
[  145.679648][ T7423]  __seccomp_filter+0x83e/0x1250
[  145.679738][ T7423]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  145.679779][ T7423]  ? vfs_write+0x7e8/0x960
[  145.679816][ T7423]  __secure_computing+0x82/0x150
[  145.679917][ T7423]  syscall_trace_enter+0xcf/0x1e0
[  145.679957][ T7423]  do_syscall_64+0xac/0x200
[  145.680020][ T7423]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  145.680056][ T7423]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  145.680081][ T7423]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.680144][ T7423] RIP: 0033:0x7f590f89eec9
[  145.680164][ T7423] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  145.680189][ T7423] RSP: 002b:00007f590e2ff038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e6
[  145.680216][ T7423] RAX: ffffffffffffffda RBX: 00007f590faf5fa0 RCX: 00007f590f89eec9
[  145.680232][ T7423] RDX: 0000000000000000 RSI: 0000000001000000 RDI: 0000000000000002
[  145.680245][ T7423] RBP: 00007f590e2ff090 R08: 0000000000000000 R09: 0000000000000000
[  145.680257][ T7423] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  145.680285][ T7423] R13: 00007f590faf6038 R14: 00007f590faf5fa0 R15: 00007ffe09460c28
[  145.680311][ T7423]  </TASK>
[  145.971939][ T7431] serio: Serial port ptm0
[  146.014103][ T7435] vhci_hcd: invalid port number 23
[  146.096440][ T7434] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  146.347753][ T7454] netlink: 'syz.1.1422': attribute type 25 has an invalid length.
[  146.909641][ T7482] netlink: 'syz.1.1427': attribute type 1 has an invalid length.
[  146.917634][ T7482] netlink: 'syz.1.1427': attribute type 2 has an invalid length.
[  146.987425][ T7489] FAULT_INJECTION: forcing a failure.
[  146.987425][ T7489] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  147.000773][ T7489] CPU: 0 UID: 0 PID: 7489 Comm: syz.4.1429 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  147.000801][ T7489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  147.000827][ T7489] Call Trace:
[  147.000836][ T7489]  <TASK>
[  147.000846][ T7489]  __dump_stack+0x1d/0x30
[  147.000873][ T7489]  dump_stack_lvl+0xe8/0x140
[  147.000897][ T7489]  dump_stack+0x15/0x1b
[  147.000913][ T7489]  should_fail_ex+0x265/0x280
[  147.000960][ T7489]  should_fail+0xb/0x20
[  147.001072][ T7489]  should_fail_usercopy+0x1a/0x20
[  147.001100][ T7489]  strncpy_from_user+0x25/0x230
[  147.001133][ T7489]  strncpy_from_bpfptr+0x43/0x50
[  147.001196][ T7489]  bpf_prog_load+0x883/0x1100
[  147.001248][ T7489]  ? security_bpf+0x2b/0x90
[  147.001274][ T7489]  __sys_bpf+0x469/0x7c0
[  147.001319][ T7489]  __x64_sys_bpf+0x41/0x50
[  147.001376][ T7489]  x64_sys_call+0x2aee/0x3000
[  147.001463][ T7489]  do_syscall_64+0xd2/0x200
[  147.001494][ T7489]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  147.001527][ T7489]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  147.001621][ T7489]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.001677][ T7489] RIP: 0033:0x7f590f89eec9
[  147.001698][ T7489] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  147.001723][ T7489] RSP: 002b:00007f590e2ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  147.001819][ T7489] RAX: ffffffffffffffda RBX: 00007f590faf5fa0 RCX: 00007f590f89eec9
[  147.001908][ T7489] RDX: 0000000000000094 RSI: 0000200000000200 RDI: 0000000000000005
[  147.001924][ T7489] RBP: 00007f590e2ff090 R08: 0000000000000000 R09: 0000000000000000
[  147.001936][ T7489] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  147.001948][ T7489] R13: 00007f590faf6038 R14: 00007f590faf5fa0 R15: 00007ffe09460c28
[  147.001972][ T7489]  </TASK>
[  147.189369][ T7491] tmpfs: Bad value for 'mpol'
[  147.194329][ T7491] netlink: 'syz.0.1428': attribute type 11 has an invalid length.
[  147.202358][ T7491] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1428'.
[  147.425843][ T7501] netlink: 'syz.0.1431': attribute type 1 has an invalid length.
[  147.534052][ T7529] serio: Serial port ptm0
[  148.074761][   T29] kauditd_printk_skb: 387 callbacks suppressed
[  148.074776][   T29] audit: type=1326 audit(2000000082.660:7920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7551 comm="syz.4.1446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f590f89eec9 code=0x7ffc0000
[  148.141192][   T29] audit: type=1326 audit(2000000082.700:7921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7551 comm="syz.4.1446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f590f89eec9 code=0x7ffc0000
[  148.164806][   T29] audit: type=1326 audit(2000000082.700:7922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7551 comm="syz.4.1446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f590f89eec9 code=0x7ffc0000
[  148.189264][   T29] audit: type=1326 audit(2000000082.700:7923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7551 comm="syz.4.1446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f590f89eec9 code=0x7ffc0000
[  148.212835][   T29] audit: type=1326 audit(2000000082.700:7924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7551 comm="syz.4.1446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f590f89eec9 code=0x7ffc0000
[  148.236346][   T29] audit: type=1326 audit(2000000082.700:7925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7551 comm="syz.4.1446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f590f89eec9 code=0x7ffc0000
[  148.260642][   T29] audit: type=1326 audit(2000000082.700:7926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7551 comm="syz.4.1446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f590f89eec9 code=0x7ffc0000
[  148.284181][   T29] audit: type=1326 audit(2000000082.700:7927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7551 comm="syz.4.1446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f590f89eec9 code=0x7ffc0000
[  148.307640][   T29] audit: type=1326 audit(2000000082.700:7928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7551 comm="syz.4.1446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f590f89eec9 code=0x7ffc0000
[  148.331106][   T29] audit: type=1326 audit(2000000082.700:7929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7551 comm="syz.4.1446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f590f89eec9 code=0x7ffc0000
[  148.492462][ T7556] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  149.312654][ T7560] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  149.644952][ T7592] serio: Serial port ptm0
[  149.831574][ T7605] FAULT_INJECTION: forcing a failure.
[  149.831574][ T7605] name failslab, interval 1, probability 0, space 0, times 0
[  149.844374][ T7605] CPU: 1 UID: 0 PID: 7605 Comm: syz.0.1462 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  149.844479][ T7605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  149.844493][ T7605] Call Trace:
[  149.844502][ T7605]  <TASK>
[  149.844512][ T7605]  __dump_stack+0x1d/0x30
[  149.844539][ T7605]  dump_stack_lvl+0xe8/0x140
[  149.844558][ T7605]  dump_stack+0x15/0x1b
[  149.844584][ T7605]  should_fail_ex+0x265/0x280
[  149.844629][ T7605]  should_failslab+0x8c/0xb0
[  149.844665][ T7605]  kmem_cache_alloc_noprof+0x50/0x480
[  149.844748][ T7605]  ? getname_flags+0x80/0x3b0
[  149.844788][ T7605]  getname_flags+0x80/0x3b0
[  149.844826][ T7605]  user_path_at+0x28/0x130
[  149.844888][ T7605]  __se_sys_mount+0x25b/0x2e0
[  149.844915][ T7605]  __x64_sys_mount+0x67/0x80
[  149.844942][ T7605]  x64_sys_call+0x2b51/0x3000
[  149.845025][ T7605]  do_syscall_64+0xd2/0x200
[  149.845056][ T7605]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  149.845119][ T7605]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  149.845146][ T7605]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.845169][ T7605] RIP: 0033:0x7f85bd04eec9
[  149.845184][ T7605] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  149.845206][ T7605] RSP: 002b:00007f85bbab7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  149.845294][ T7605] RAX: ffffffffffffffda RBX: 00007f85bd2a5fa0 RCX: 00007f85bd04eec9
[  149.845307][ T7605] RDX: 00002000000003c0 RSI: 0000200000000000 RDI: 0000000000000000
[  149.845319][ T7605] RBP: 00007f85bbab7090 R08: 0000200000000180 R09: 0000000000000000
[  149.845331][ T7605] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000001
[  149.845343][ T7605] R13: 00007f85bd2a6038 R14: 00007f85bd2a5fa0 R15: 00007fff332ffa48
[  149.845363][ T7605]  </TASK>
[  150.047023][ T7603] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1461'.
[  150.350952][ T7613] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  150.367379][ T7611] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1467'.
[  150.433575][ T7618] program syz.4.1468 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  150.474819][ T7618] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  150.590215][ T7630] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  150.600000][ T7630] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  150.638881][ T7632] FAULT_INJECTION: forcing a failure.
[  150.638881][ T7632] name failslab, interval 1, probability 0, space 0, times 0
[  150.651576][ T7632] CPU: 0 UID: 0 PID: 7632 Comm: syz.2.1466 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  150.651616][ T7632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  150.651630][ T7632] Call Trace:
[  150.651637][ T7632]  <TASK>
[  150.651646][ T7632]  __dump_stack+0x1d/0x30
[  150.651772][ T7632]  dump_stack_lvl+0xe8/0x140
[  150.651799][ T7632]  dump_stack+0x15/0x1b
[  150.651820][ T7632]  should_fail_ex+0x265/0x280
[  150.651906][ T7632]  should_failslab+0x8c/0xb0
[  150.651939][ T7632]  __kmalloc_node_track_caller_noprof+0xa5/0x580
[  150.651971][ T7632]  ? __kthread_create_on_node+0xcb/0x230
[  150.652007][ T7632]  kvasprintf+0x8a/0x110
[  150.652044][ T7632]  ? __kmalloc_cache_noprof+0x249/0x4a0
[  150.652081][ T7632]  ? __pfx_cpu_map_kthread_run+0x10/0x10
[  150.652173][ T7632]  __kthread_create_on_node+0xcb/0x230
[  150.652203][ T7632]  ? __pfx_cpu_map_kthread_run+0x10/0x10
[  150.652308][ T7632]  kthread_create_on_node+0x89/0xc0
[  150.652335][ T7632]  ? should_failslab+0x8c/0xb0
[  150.652369][ T7632]  cpu_map_update_elem+0x68a/0x800
[  150.652403][ T7632]  bpf_map_update_value+0x189/0x570
[  150.652482][ T7632]  map_update_elem+0x41f/0x520
[  150.652519][ T7632]  __sys_bpf+0x57b/0x7c0
[  150.652646][ T7632]  __x64_sys_bpf+0x41/0x50
[  150.652752][ T7632]  x64_sys_call+0x2aee/0x3000
[  150.652774][ T7632]  do_syscall_64+0xd2/0x200
[  150.652804][ T7632]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  150.652832][ T7632]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  150.652863][ T7632]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.652964][ T7632] RIP: 0033:0x7fade84aeec9
[  150.652985][ T7632] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  150.653048][ T7632] RSP: 002b:00007fade6f0f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  150.653068][ T7632] RAX: ffffffffffffffda RBX: 00007fade8705fa0 RCX: 00007fade84aeec9
[  150.653080][ T7632] RDX: 0000000000000020 RSI: 0000200000000a80 RDI: 0000000000000002
[  150.653092][ T7632] RBP: 00007fade6f0f090 R08: 0000000000000000 R09: 0000000000000000
[  150.653108][ T7632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  150.653124][ T7632] R13: 00007fade8706038 R14: 00007fade8705fa0 R15: 00007ffc46488708
[  150.653146][ T7632]  </TASK>
[  151.054165][ T7645] vhci_hcd: invalid port number 23
[  151.825425][ T7665] sctp: [Deprecated]: syz.0.1486 (pid 7665) Use of int in max_burst socket option.
[  151.825425][ T7665] Use struct sctp_assoc_value instead
[  151.931015][ T7670] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1486'.
[  151.956367][ T7670] netlink: 240 bytes leftover after parsing attributes in process `syz.0.1486'.
[  152.022330][ T7676] program syz.2.1491 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  152.044758][ T7676] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  152.991200][ T7713] FAULT_INJECTION: forcing a failure.
[  152.991200][ T7713] name failslab, interval 1, probability 0, space 0, times 0
[  153.003994][ T7713] CPU: 1 UID: 0 PID: 7713 Comm: syz.4.1504 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  153.004084][ T7713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  153.004097][ T7713] Call Trace:
[  153.004103][ T7713]  <TASK>
[  153.004111][ T7713]  __dump_stack+0x1d/0x30
[  153.004138][ T7713]  dump_stack_lvl+0xe8/0x140
[  153.004162][ T7713]  dump_stack+0x15/0x1b
[  153.004186][ T7713]  should_fail_ex+0x265/0x280
[  153.004287][ T7713]  should_failslab+0x8c/0xb0
[  153.004323][ T7713]  __kmalloc_node_track_caller_noprof+0xa5/0x580
[  153.004367][ T7713]  ? v9fs_session_init+0x78/0xde0
[  153.004405][ T7713]  kstrdup+0x3e/0xd0
[  153.004439][ T7713]  v9fs_session_init+0x78/0xde0
[  153.004487][ T7713]  ? __rcu_read_unlock+0x4f/0x70
[  153.004520][ T7713]  ? avc_has_perm_noaudit+0x1b1/0x200
[  153.004593][ T7713]  ? should_fail_ex+0xdb/0x280
[  153.004637][ T7713]  ? v9fs_mount+0x51/0x5c0
[  153.004666][ T7713]  ? should_failslab+0x8c/0xb0
[  153.004698][ T7713]  ? __kmalloc_cache_noprof+0x249/0x4a0
[  153.004739][ T7713]  v9fs_mount+0x67/0x5c0
[  153.004771][ T7713]  ? selinux_capable+0x31/0x40
[  153.004873][ T7713]  ? __pfx_v9fs_mount+0x10/0x10
[  153.004892][ T7713]  legacy_get_tree+0x78/0xd0
[  153.004974][ T7713]  vfs_get_tree+0x57/0x1d0
[  153.005007][ T7713]  do_new_mount+0x24d/0x660
[  153.005039][ T7713]  ? security_capable+0x83/0x90
[  153.005093][ T7713]  path_mount+0x4a5/0xb70
[  153.005115][ T7713]  ? user_path_at+0x109/0x130
[  153.005160][ T7713]  __se_sys_mount+0x28c/0x2e0
[  153.005228][ T7713]  ? __bpf_trace_sys_enter+0x10/0x30
[  153.005276][ T7713]  ? __traceiter_sys_enter+0x5c/0x80
[  153.005315][ T7713]  __x64_sys_mount+0x67/0x80
[  153.005346][ T7713]  x64_sys_call+0x2b51/0x3000
[  153.005390][ T7713]  do_syscall_64+0xd2/0x200
[  153.005422][ T7713]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  153.005452][ T7713]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  153.005483][ T7713]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.005522][ T7713] RIP: 0033:0x7f590f89eec9
[  153.005538][ T7713] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  153.005623][ T7713] RSP: 002b:00007f590e2ff038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  153.005650][ T7713] RAX: ffffffffffffffda RBX: 00007f590faf5fa0 RCX: 00007f590f89eec9
[  153.005669][ T7713] RDX: 0000200000000080 RSI: 0000200000000000 RDI: 0000000000000000
[  153.005719][ T7713] RBP: 00007f590e2ff090 R08: 0000200000000280 R09: 0000000000000000
[  153.005774][ T7713] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  153.005786][ T7713] R13: 00007f590faf6038 R14: 00007f590faf5fa0 R15: 00007ffe09460c28
[  153.005809][ T7713]  </TASK>
[  153.305836][   T29] kauditd_printk_skb: 214 callbacks suppressed
[  153.305853][   T29] audit: type=1326 audit(2000000087.890:8144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7716 comm="syz.0.1506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  153.335808][   T29] audit: type=1326 audit(2000000087.890:8145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7716 comm="syz.0.1506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  153.359317][   T29] audit: type=1326 audit(2000000087.890:8146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7716 comm="syz.0.1506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  153.369846][ T7715] mmap: syz.1.1505 (7715) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  153.382882][   T29] audit: type=1326 audit(2000000087.890:8147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7716 comm="syz.0.1506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  153.382982][   T29] audit: type=1326 audit(2000000087.890:8148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7716 comm="syz.0.1506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  153.383011][   T29] audit: type=1326 audit(2000000087.890:8149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7716 comm="syz.0.1506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  153.465279][   T29] audit: type=1326 audit(2000000087.890:8150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7716 comm="syz.0.1506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  153.489020][   T29] audit: type=1326 audit(2000000087.900:8151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7716 comm="syz.0.1506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  153.512763][   T29] audit: type=1326 audit(2000000087.900:8152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7716 comm="syz.0.1506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  153.536353][   T29] audit: type=1326 audit(2000000087.900:8153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7716 comm="syz.0.1506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  153.857123][ T7736] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1513'.
[  153.887064][ T7736] ipvlan2: entered promiscuous mode
[  153.892610][ T7736] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  153.955317][ T7744] netlink: 'syz.4.1512': attribute type 1 has an invalid length.
[  154.152460][ T7751] sctp: [Deprecated]: syz.3.1515 (pid 7751) Use of int in max_burst socket option.
[  154.152460][ T7751] Use struct sctp_assoc_value instead
[  154.198793][ T3393] hid-generic 00CD:0009:70000.0030: item fetching failed at offset 0/1
[  154.209472][ T3393] hid-generic 00CD:0009:70000.0030: probe with driver hid-generic failed with error -22
[  154.590429][ T7779] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1527'.
[  154.619804][ T3419] hid-generic 00CD:0009:70000.0031: item fetching failed at offset 0/1
[  154.629053][ T3419] hid-generic 00CD:0009:70000.0031: probe with driver hid-generic failed with error -22
[  154.637019][ T7784] netlink: 'syz.4.1524': attribute type 1 has an invalid length.
[  154.777066][ T7796] xt_CT: You must specify a L4 protocol and not use inversions on it
[  154.962663][ T3419] hid-generic 00CD:0009:70000.0032: item fetching failed at offset 0/1
[  154.972453][ T3419] hid-generic 00CD:0009:70000.0032: probe with driver hid-generic failed with error -22
[  154.997044][ T7812] serio: Serial port ptm0
[  155.251191][ T7831] netlink: 'syz.3.1547': attribute type 29 has an invalid length.
[  155.269282][ T7831] netlink: 'syz.3.1547': attribute type 29 has an invalid length.
[  155.643772][ T7847] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  155.924043][ T7849] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  156.095826][ T7860] program syz.2.1558 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  156.157272][ T7860] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  156.263708][ T7863] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1559'.
[  156.322500][ T7863] hsr_slave_0: left promiscuous mode
[  156.351104][ T7863] hsr_slave_1: left promiscuous mode
[  156.398312][ T7873] netlink: 5468 bytes leftover after parsing attributes in process `syz.0.1564'.
[  156.902072][ T7896] netlink: 'syz.0.1567': attribute type 1 has an invalid length.
[  157.248886][ T7904] FAULT_INJECTION: forcing a failure.
[  157.248886][ T7904] name failslab, interval 1, probability 0, space 0, times 0
[  157.261572][ T7904] CPU: 1 UID: 0 PID: 7904 Comm: syz.0.1572 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  157.261641][ T7904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  157.261658][ T7904] Call Trace:
[  157.261667][ T7904]  <TASK>
[  157.261675][ T7904]  __dump_stack+0x1d/0x30
[  157.261696][ T7904]  dump_stack_lvl+0xe8/0x140
[  157.261715][ T7904]  dump_stack+0x15/0x1b
[  157.261780][ T7904]  should_fail_ex+0x265/0x280
[  157.261824][ T7904]  should_failslab+0x8c/0xb0
[  157.261852][ T7904]  kmem_cache_alloc_noprof+0x50/0x480
[  157.261964][ T7904]  ? dst_alloc+0xbd/0x100
[  157.261995][ T7904]  ? __pfx_ip6_dst_gc+0x10/0x10
[  157.262024][ T7904]  dst_alloc+0xbd/0x100
[  157.262129][ T7904]  ip6_pol_route+0x6bf/0xb40
[  157.262171][ T7904]  ? ip6_pol_route+0x389/0xb40
[  157.262266][ T7904]  ip6_pol_route_output+0x40/0x50
[  157.262366][ T7904]  ? __pfx_ip6_pol_route_output+0x10/0x10
[  157.262404][ T7904]  fib6_rule_lookup+0x112/0x470
[  157.262463][ T7904]  ? __pfx_ip6_pol_route_output+0x10/0x10
[  157.262511][ T7904]  ip6_route_output_flags+0x1e0/0x2c0
[  157.262614][ T7904]  ip6_dst_lookup_tail+0xb6/0xab0
[  157.262642][ T7904]  ? avc_has_perm_noaudit+0x1b1/0x200
[  157.262689][ T7904]  ? avc_has_perm+0xf7/0x180
[  157.262752][ T7904]  ? __rcu_read_unlock+0x4f/0x70
[  157.262779][ T7904]  ip6_sk_dst_lookup_flow+0x4a8/0x5b0
[  157.262805][ T7904]  ? search_extable+0x53/0x80
[  157.262909][ T7904]  ? rep_movs_alternative+0x11/0x90
[  157.262991][ T7904]  ? __rcu_read_unlock+0x4f/0x70
[  157.263017][ T7904]  udpv6_sendmsg+0x1263/0x15b0
[  157.263113][ T7904]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  157.263144][ T7904]  ? _raw_spin_unlock_bh+0x36/0x40
[  157.263191][ T7904]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  157.263284][ T7904]  inet6_sendmsg+0xac/0xd0
[  157.263364][ T7904]  __sock_sendmsg+0x8b/0x180
[  157.263388][ T7904]  __sys_sendto+0x268/0x330
[  157.263465][ T7904]  __x64_sys_sendto+0x76/0x90
[  157.263500][ T7904]  x64_sys_call+0x2d14/0x3000
[  157.263608][ T7904]  do_syscall_64+0xd2/0x200
[  157.263684][ T7904]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  157.263721][ T7904]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  157.263794][ T7904]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.263821][ T7904] RIP: 0033:0x7f85bd04eec9
[  157.263841][ T7904] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  157.263874][ T7904] RSP: 002b:00007f85bbab7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  157.263901][ T7904] RAX: ffffffffffffffda RBX: 00007f85bd2a5fa0 RCX: 00007f85bd04eec9
[  157.263989][ T7904] RDX: 0000000000000030 RSI: 0000000000000000 RDI: 0000000000000003
[  157.264006][ T7904] RBP: 00007f85bbab7090 R08: 0000200000000300 R09: 000000000000001c
[  157.264022][ T7904] R10: 0000000000000810 R11: 0000000000000246 R12: 0000000000000001
[  157.264038][ T7904] R13: 00007f85bd2a6038 R14: 00007f85bd2a5fa0 R15: 00007fff332ffa48
[  157.264117][ T7904]  </TASK>
[  157.797903][ T7919] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1573'.
[  158.019926][ T7931] netlink: 'syz.3.1583': attribute type 1 has an invalid length.
[  158.048033][ T7932] serio: Serial port ptm0
[  158.323660][   T29] kauditd_printk_skb: 646 callbacks suppressed
[  158.323682][   T29] audit: type=1326 audit(2000000092.910:8800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7927 comm="syz.1.1582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5dfae25d67 code=0x7ffc0000
[  158.397776][   T29] audit: type=1326 audit(2000000092.910:8801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7927 comm="syz.1.1582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5dfadcaf79 code=0x7ffc0000
[  158.421618][   T29] audit: type=1326 audit(2000000092.910:8802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7927 comm="syz.1.1582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f5dfae2eec9 code=0x7ffc0000
[  158.445114][   T29] audit: type=1326 audit(2000000092.920:8803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7927 comm="syz.1.1582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5dfae25d67 code=0x7ffc0000
[  158.468500][   T29] audit: type=1326 audit(2000000092.920:8804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7927 comm="syz.1.1582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5dfadcaf79 code=0x7ffc0000
[  158.492048][   T29] audit: type=1326 audit(2000000092.920:8805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7927 comm="syz.1.1582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f5dfae2eec9 code=0x7ffc0000
[  158.515523][   T29] audit: type=1326 audit(2000000092.930:8806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7927 comm="syz.1.1582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5dfae25d67 code=0x7ffc0000
[  158.538989][   T29] audit: type=1326 audit(2000000092.930:8807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7927 comm="syz.1.1582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5dfadcaf79 code=0x7ffc0000
[  158.562359][   T29] audit: type=1326 audit(2000000092.930:8808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7927 comm="syz.1.1582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f5dfae2eec9 code=0x7ffc0000
[  158.585849][   T29] audit: type=1326 audit(2000000092.940:8809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7927 comm="syz.1.1582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5dfae25d67 code=0x7ffc0000
[  158.868857][ T7946] FAULT_INJECTION: forcing a failure.
[  158.868857][ T7946] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  158.882104][ T7946] CPU: 1 UID: 0 PID: 7946 Comm: syz.1.1588 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  158.882139][ T7946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  158.882153][ T7946] Call Trace:
[  158.882162][ T7946]  <TASK>
[  158.882172][ T7946]  __dump_stack+0x1d/0x30
[  158.882207][ T7946]  dump_stack_lvl+0xe8/0x140
[  158.882299][ T7946]  dump_stack+0x15/0x1b
[  158.882316][ T7946]  should_fail_ex+0x265/0x280
[  158.882352][ T7946]  should_fail+0xb/0x20
[  158.882390][ T7946]  should_fail_usercopy+0x1a/0x20
[  158.882467][ T7946]  _copy_to_user+0x20/0xa0
[  158.882497][ T7946]  bpf_test_finish+0x106/0x500
[  158.882596][ T7946]  bpf_prog_test_run_xdp+0x649/0x970
[  158.882626][ T7946]  ? __rcu_read_unlock+0x4f/0x70
[  158.882666][ T7946]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  158.882719][ T7946]  bpf_prog_test_run+0x22a/0x390
[  158.882751][ T7946]  __sys_bpf+0x4c0/0x7c0
[  158.882862][ T7946]  __x64_sys_bpf+0x41/0x50
[  158.882902][ T7946]  x64_sys_call+0x2aee/0x3000
[  158.883009][ T7946]  do_syscall_64+0xd2/0x200
[  158.883042][ T7946]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  158.883071][ T7946]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  158.883163][ T7946]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.883199][ T7946] RIP: 0033:0x7f5dfae2eec9
[  158.883220][ T7946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  158.883280][ T7946] RSP: 002b:00007f5df988f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  158.883301][ T7946] RAX: ffffffffffffffda RBX: 00007f5dfb085fa0 RCX: 00007f5dfae2eec9
[  158.883318][ T7946] RDX: 0000000000000050 RSI: 0000200000000600 RDI: 000000000000000a
[  158.883335][ T7946] RBP: 00007f5df988f090 R08: 0000000000000000 R09: 0000000000000000
[  158.883348][ T7946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  158.883369][ T7946] R13: 00007f5dfb086038 R14: 00007f5dfb085fa0 R15: 00007fff9acab9a8
[  158.883396][ T7946]  </TASK>
[  159.291841][ T7955] SELinux:  policydb version 0 does not match my version range 15-35
[  159.310747][ T7955] SELinux: failed to load policy
[  159.340903][ T7960] netlink: 'syz.0.1587': attribute type 1 has an invalid length.
[  159.651551][ T7987] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1604'.
[  160.663860][ T8004] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1608'.
[  160.904470][ T8000] SELinux: failed to load policy
[  161.126243][ T8009] netlink: 332 bytes leftover after parsing attributes in process `syz.2.1610'.
[  161.204695][ T8009] netlink: 'syz.2.1610': attribute type 9 has an invalid length.
[  161.212508][ T8009] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1610'.
[  161.221686][ T8009] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1610'.
[  162.135185][ T8031] xt_CT: You must specify a L4 protocol and not use inversions on it
[  162.383877][ T8041] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1619'.
[  162.487073][ T8045] SELinux:  policydb version 0 does not match my version range 15-35
[  162.584353][ T8045] SELinux: failed to load policy
[  163.374713][   T29] kauditd_printk_skb: 390 callbacks suppressed
[  163.374730][   T29] audit: type=1400 audit(2000000097.920:9200): avc:  denied  { write } for  pid=8062 comm="syz.1.1628" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  163.400020][   T29] audit: type=1400 audit(2000000097.940:9201): avc:  denied  { create } for  pid=8062 comm="syz.1.1628" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  163.686016][ T8074] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  163.716391][ T8077] netlink: 'syz.0.1630': attribute type 29 has an invalid length.
[  163.734592][   T29] audit: type=1400 audit(2000000098.040:9202): avc:  denied  { create } for  pid=8064 comm="syz.2.1629" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  163.754077][   T29] audit: type=1400 audit(2000000098.060:9203): avc:  denied  { write } for  pid=8064 comm="syz.2.1629" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  163.817215][ T8079] netlink: 'syz.0.1630': attribute type 29 has an invalid length.
[  163.954317][   T29] audit: type=1326 audit(2000000098.370:9204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8072 comm="syz.4.1632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f590f89eec9 code=0x7ffc0000
[  163.977885][   T29] audit: type=1326 audit(2000000098.370:9205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8072 comm="syz.4.1632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f590f89eec9 code=0x7ffc0000
[  164.001454][   T29] audit: type=1326 audit(2000000098.380:9206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8072 comm="syz.4.1632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f590f89eec9 code=0x7ffc0000
[  164.024923][   T29] audit: type=1326 audit(2000000098.380:9207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8072 comm="syz.4.1632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f590f89eec9 code=0x7ffc0000
[  164.048423][   T29] audit: type=1326 audit(2000000098.380:9208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8072 comm="syz.4.1632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f590f89eec9 code=0x7ffc0000
[  164.071947][   T29] audit: type=1326 audit(2000000098.380:9209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8072 comm="syz.4.1632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f590f89eec9 code=0x7ffc0000
[  164.279847][ T8085] xt_CT: You must specify a L4 protocol and not use inversions on it
[  165.878121][ T8121] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  166.243296][ T8140] SELinux:  policydb version 0 does not match my version range 15-35
[  166.430692][ T8143] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1656'.
[  166.463493][ T8140] SELinux: failed to load policy
[  167.842799][ T8160] netlink: 'syz.2.1659': attribute type 13 has an invalid length.
[  167.951261][ T8164] netlink: 'syz.0.1663': attribute type 29 has an invalid length.
[  168.207179][ T8169] netlink: 'syz.0.1663': attribute type 29 has an invalid length.
[  168.386352][   T29] kauditd_printk_skb: 275 callbacks suppressed
[  168.386371][   T29] audit: type=1326 audit(2000000102.970:9485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8181 comm="syz.0.1672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  168.417131][   T29] audit: type=1326 audit(2000000102.970:9486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8181 comm="syz.0.1672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  168.440531][   T29] audit: type=1326 audit(2000000102.970:9487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8181 comm="syz.0.1672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  168.463980][   T29] audit: type=1326 audit(2000000102.970:9488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8181 comm="syz.0.1672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  168.487472][   T29] audit: type=1326 audit(2000000102.970:9489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8181 comm="syz.0.1672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  168.511093][   T29] audit: type=1326 audit(2000000102.970:9490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8181 comm="syz.0.1672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  168.567338][ T8175] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  168.583459][ T8180] netlink: 'syz.3.1671': attribute type 29 has an invalid length.
[  168.592905][ T8185] netlink: 'syz.3.1671': attribute type 29 has an invalid length.
[  168.636696][ T8189] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1675'.
[  168.715664][   T29] audit: type=1400 audit(2000000103.300:9491): avc:  denied  { mount } for  pid=8183 comm="syz.2.1673" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  168.737700][   T29] audit: type=1400 audit(2000000103.300:9492): avc:  denied  { create } for  pid=8183 comm="syz.2.1673" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  168.757502][   T29] audit: type=1400 audit(2000000103.300:9493): avc:  denied  { bind } for  pid=8183 comm="syz.2.1673" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  168.895038][   T29] audit: type=1400 audit(2000000103.480:9494): avc:  denied  { bind } for  pid=8200 comm="syz.3.1677" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  169.082029][ T8213] SELinux:  policydb version 0 does not match my version range 15-35
[  169.124842][ T8213] SELinux: failed to load policy
[  169.270781][ T8225] netlink: 'syz.4.1685': attribute type 29 has an invalid length.
[  169.317021][ T8226] netlink: 'syz.4.1685': attribute type 29 has an invalid length.
[  170.258094][ T8244] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  170.468966][ T8253] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1694'.
[  170.660230][ T8263] netlink: 'syz.0.1697': attribute type 29 has an invalid length.
[  170.679014][ T8263] netlink: 'syz.0.1697': attribute type 29 has an invalid length.
[  170.804974][ T8267] cgroup: Need name or subsystem set
[  170.861339][ T8272] program syz.0.1701 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  170.870889][ T8272] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  171.138310][ T8277] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  171.765384][ T8286] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1705'.
[  171.803946][ T8288] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1706'.
[  171.886747][ T8288] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1706'.
[  172.220800][ T8302] program syz.1.1711 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  172.262408][ T8302] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  172.468749][ T8319] xt_CT: You must specify a L4 protocol and not use inversions on it
[  172.875805][ T8336] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1723'.
[  172.886452][ T8336] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1723'.
[  172.905086][ T8336] binfmt_misc: register: failed to install interpreter file ./file0
[  173.114216][ T8347] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  173.295939][ T8352] cgroup: No subsys list or none specified
[  173.500794][ T8326] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  173.588904][ T8359] netlink: 332 bytes leftover after parsing attributes in process `syz.1.1733'.
[  173.598274][ T8359] netlink: 'syz.1.1733': attribute type 9 has an invalid length.
[  173.606145][ T8359] netlink: 108 bytes leftover after parsing attributes in process `syz.1.1733'.
[  173.615351][ T8359] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1733'.
[  173.795957][   T29] kauditd_printk_skb: 103 callbacks suppressed
[  173.795975][   T29] audit: type=1326 audit(2000000108.390:9598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8365 comm="syz.1.1736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dfae2eec9 code=0x7ffc0000
[  173.850747][   T29] audit: type=1326 audit(2000000108.420:9599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8365 comm="syz.1.1736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5dfae2eec9 code=0x7ffc0000
[  173.874301][   T29] audit: type=1326 audit(2000000108.420:9600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8365 comm="syz.1.1736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dfae2eec9 code=0x7ffc0000
[  173.898054][   T29] audit: type=1326 audit(2000000108.420:9601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8365 comm="syz.1.1736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5dfae2eec9 code=0x7ffc0000
[  173.921661][   T29] audit: type=1326 audit(2000000108.420:9602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8365 comm="syz.1.1736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dfae2eec9 code=0x7ffc0000
[  173.945581][   T29] audit: type=1326 audit(2000000108.420:9603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8365 comm="syz.1.1736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5dfae2eec9 code=0x7ffc0000
[  173.969155][   T29] audit: type=1326 audit(2000000108.420:9604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8365 comm="syz.1.1736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dfae2eec9 code=0x7ffc0000
[  173.993900][   T29] audit: type=1326 audit(2000000108.420:9605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8365 comm="syz.1.1736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7f5dfae2eec9 code=0x7ffc0000
[  174.017417][   T29] audit: type=1326 audit(2000000108.420:9606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8365 comm="syz.1.1736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dfae2eec9 code=0x7ffc0000
[  174.041023][   T29] audit: type=1326 audit(2000000108.420:9607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8365 comm="syz.1.1736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7f5dfae2eec9 code=0x7ffc0000
[  174.132559][ T8375] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  174.921390][ T8410] devpts: Bad value for 'gid'
[  174.926175][ T8410] devpts: Bad value for 'gid'
[  175.425726][ T8434] netlink: 'syz.0.1761': attribute type 6 has an invalid length.
[  175.619946][ T8444] SELinux:  policydb version 0 does not match my version range 15-35
[  175.695360][ T8447] netlink: 264 bytes leftover after parsing attributes in process `GPL'.
[  175.704278][ T8444] SELinux: failed to load policy
[  175.997576][ T8467] netlink: 'syz.4.1773': attribute type 29 has an invalid length.
[  176.038437][ T8471] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  176.044996][ T8471] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  176.048147][ T8467] netlink: 'syz.4.1773': attribute type 29 has an invalid length.
[  176.052617][ T8471] vhci_hcd vhci_hcd.0: Device attached
[  176.107055][ T8473] vhci_hcd: connection closed
[  176.107224][  T563] vhci_hcd: stop threads
[  176.116337][  T563] vhci_hcd: release socket
[  176.120773][  T563] vhci_hcd: disconnect device
[  176.142762][ T8479] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1770'.
[  176.153187][ T8479] FAULT_INJECTION: forcing a failure.
[  176.153187][ T8479] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  176.166472][ T8479] CPU: 0 UID: 0 PID: 8479 Comm: syz.2.1770 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  176.166529][ T8479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  176.166546][ T8479] Call Trace:
[  176.166555][ T8479]  <TASK>
[  176.166566][ T8479]  __dump_stack+0x1d/0x30
[  176.166594][ T8479]  dump_stack_lvl+0xe8/0x140
[  176.166620][ T8479]  dump_stack+0x15/0x1b
[  176.166647][ T8479]  should_fail_ex+0x265/0x280
[  176.166758][ T8479]  should_fail+0xb/0x20
[  176.166794][ T8479]  should_fail_usercopy+0x1a/0x20
[  176.166822][ T8479]  _copy_from_iter+0xd2/0xe80
[  176.166852][ T8479]  ? __build_skb_around+0x1ab/0x200
[  176.166901][ T8479]  ? __alloc_skb+0x223/0x320
[  176.166937][ T8479]  netlink_sendmsg+0x471/0x6b0
[  176.166979][ T8479]  ? __pfx_netlink_sendmsg+0x10/0x10
[  176.167009][ T8479]  __sock_sendmsg+0x145/0x180
[  176.167035][ T8479]  __sys_sendto+0x268/0x330
[  176.167145][ T8479]  __x64_sys_sendto+0x76/0x90
[  176.167180][ T8479]  x64_sys_call+0x2d14/0x3000
[  176.167263][ T8479]  do_syscall_64+0xd2/0x200
[  176.167290][ T8479]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  176.167324][ T8479]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  176.167346][ T8479]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.167368][ T8479] RIP: 0033:0x7fade84b0d5c
[  176.167414][ T8479] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b
[  176.167438][ T8479] RSP: 002b:00007fade6f0dec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  176.167464][ T8479] RAX: ffffffffffffffda RBX: 00007fade6f0dfc0 RCX: 00007fade84b0d5c
[  176.167482][ T8479] RDX: 0000000000000028 RSI: 00007fade6f0e010 RDI: 0000000000000004
[  176.167551][ T8479] RBP: 0000000000000000 R08: 00007fade6f0df14 R09: 000000000000000c
[  176.167568][ T8479] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004
[  176.167580][ T8479] R13: 00007fade6f0df68 R14: 00007fade6f0e010 R15: 0000000000000000
[  176.167601][ T8479]  </TASK>
[  176.375913][ T8482] program syz.4.1777 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  176.385509][ T8482] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  176.486148][ T8493] SELinux:  policydb version 0 does not match my version range 15-35
[  176.561792][ T8493] SELinux: failed to load policy
[  176.773352][ T8514] xt_CT: You must specify a L4 protocol and not use inversions on it
[  176.836988][ T8519] tmpfs: Bad value for 'mpol'
[  177.112775][ T8528] netlink: 'syz.2.1792': attribute type 10 has an invalid length.
[  177.141840][ T8528] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  177.188539][ T8528] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1792'.
[  177.514947][ T8543] SELinux:  policydb version 0 does not match my version range 15-35
[  177.534938][ T8543] SELinux: failed to load policy
[  178.052165][ T8580] netlink: 'syz.0.1812': attribute type 29 has an invalid length.
[  178.085248][ T8580] netlink: 'syz.0.1812': attribute type 29 has an invalid length.
[  178.174732][ T8584] netlink: 332 bytes leftover after parsing attributes in process `syz.3.1813'.
[  178.183991][ T8584] netlink: 'syz.3.1813': attribute type 9 has an invalid length.
[  178.191796][ T8584] netlink: 108 bytes leftover after parsing attributes in process `syz.3.1813'.
[  178.201183][ T8584] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1813'.
[  178.273064][ T8586] loop0: detected capacity change from 0 to 512
[  178.318347][ T8586] EXT4-fs: Ignoring removed mblk_io_submit option
[  178.354676][ T8586] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -13
[  178.482954][ T8586] EXT4-fs error (device loop0): ext4_clear_blocks:876: inode #13: comm syz.0.1814: attempt to clear invalid blocks 2 len 1
[  178.506102][ T8597] program syz.1.1817 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  178.542913][ T8586] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  178.564806][ T8597] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  178.581574][ T8586] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.1814: invalid indirect mapped block 1819239214 (level 0)
[  178.635265][ T8586] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.1814: invalid indirect mapped block 1819239214 (level 1)
[  178.694879][ T8586] EXT4-fs (loop0): 1 truncate cleaned up
[  178.740398][ T8586] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  178.788452][ T8606] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=5 sclass=netlink_audit_socket pid=8606 comm=syz.3.1820
[  178.807022][   T29] kauditd_printk_skb: 628 callbacks suppressed
[  178.807039][   T29] audit: type=1326 audit(2000000113.400:10234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8570 comm="syz.2.1809" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fade84a5d67 code=0x7ffc0000
[  178.891660][ T3316] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.893996][   T29] audit: type=1326 audit(2000000113.440:10235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8570 comm="syz.2.1809" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fade844af79 code=0x7ffc0000
[  178.924381][   T29] audit: type=1326 audit(2000000113.440:10236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8570 comm="syz.2.1809" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fade84a5d67 code=0x7ffc0000
[  178.948181][   T29] audit: type=1326 audit(2000000113.440:10237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8570 comm="syz.2.1809" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fade844af79 code=0x7ffc0000
[  178.971669][   T29] audit: type=1326 audit(2000000113.440:10238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8570 comm="syz.2.1809" exe="/root/syz-executor" sig=0 arch=c000003e syscall=19 compat=0 ip=0x7fade84aeec9 code=0x7ffc0000
[  178.995899][   T29] audit: type=1326 audit(2000000113.440:10239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8570 comm="syz.2.1809" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fade84a5d67 code=0x7ffc0000
[  179.019644][   T29] audit: type=1326 audit(2000000113.440:10240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8570 comm="syz.2.1809" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fade844af79 code=0x7ffc0000
[  179.043741][   T29] audit: type=1326 audit(2000000113.440:10241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8570 comm="syz.2.1809" exe="/root/syz-executor" sig=0 arch=c000003e syscall=19 compat=0 ip=0x7fade84aeec9 code=0x7ffc0000
[  179.067204][   T29] audit: type=1326 audit(2000000113.440:10242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8605 comm="syz.3.1820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc43c93eec9 code=0x7ffc0000
[  179.075138][ T8617] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  179.090879][   T29] audit: type=1326 audit(2000000113.440:10243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8605 comm="syz.3.1820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fc43c93ef03 code=0x7ffc0000
[  179.198350][ T8620] program syz.2.1828 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  179.211184][ T8622] netlink: 332 bytes leftover after parsing attributes in process `syz.0.1826'.
[  179.222235][ T8622] netlink: 'syz.0.1826': attribute type 9 has an invalid length.
[  179.230100][ T8622] netlink: 108 bytes leftover after parsing attributes in process `syz.0.1826'.
[  179.239182][ T8622] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1826'.
[  179.329287][ T8633] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1831'.
[  179.514285][ T8646] loop0: detected capacity change from 0 to 1024
[  179.555184][ T8646] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities
[  179.598250][ T8646] loop0: detected capacity change from 0 to 764
[  179.605504][ T8646] iso9660: Unknown parameter '�0xffffffffffffffff01777777777777777777777������|�\F��x@	OȎӔD@�E��u�:���~���
�����h�7s��M��]"���ŃD�
n���@��Yv7�<�.Wo�g����c��7!K�jΥ@^'
[  179.658159][ T8644] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  179.708045][ T8649] SELinux:  Context #! ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  179.797534][ T8659] netlink: 'syz.0.1840': attribute type 30 has an invalid length.
[  179.957781][ T8664] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  179.992232][ T8668] netlink: 'syz.3.1843': attribute type 1 has an invalid length.
[  180.086687][ T8669] netlink: 'syz.3.1843': attribute type 1 has an invalid length.
[  180.098919][ T8664] loop0: detected capacity change from 0 to 2048
[  180.163493][ T8669] 8021q: adding VLAN 0 to HW filter on device bond4
[  180.171884][ T8187] GPT:first_usable_lbas don't match.
[  180.177287][ T8187] GPT:34 != 290
[  180.180943][ T8187] GPT: Use GNU Parted to correct GPT errors.
[  180.187429][ T8187]  loop0: p1 p2 p3
[  180.199078][ T8664] GPT:first_usable_lbas don't match.
[  180.204404][ T8664] GPT:34 != 290
[  180.207947][ T8664] GPT: Use GNU Parted to correct GPT errors.
[  180.214232][ T8664]  loop0: p1 p2 p3
[  180.253199][ T8672] 9pnet_fd: p9_fd_create_tcp (8672): problem connecting socket to 127.0.0.1
[  180.279236][ T8674] bond4 (unregistering): Released all slaves
[  180.545126][ T8693] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=356 sclass=netlink_route_socket pid=8693 comm=syz.0.1848
[  180.557807][ T8693] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8693 comm=syz.0.1848
[  180.788620][ T8703] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=356 sclass=netlink_route_socket pid=8703 comm=syz.4.1852
[  180.801304][ T8703] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8703 comm=syz.4.1852
[  181.011690][ T8708] __nla_validate_parse: 3 callbacks suppressed
[  181.011710][ T8708] netlink: 332 bytes leftover after parsing attributes in process `syz.1.1855'.
[  181.034845][ T8708] netlink: 'syz.1.1855': attribute type 9 has an invalid length.
[  181.042621][ T8708] netlink: 108 bytes leftover after parsing attributes in process `syz.1.1855'.
[  181.051832][ T8708] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1855'.
[  181.294003][ T8714] xt_CT: You must specify a L4 protocol and not use inversions on it
[  181.352539][ T8720] xt_CT: You must specify a L4 protocol and not use inversions on it
[  181.728498][ T8733] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  181.985834][ T8746] netlink: 332 bytes leftover after parsing attributes in process `syz.3.1868'.
[  182.006117][ T8750] xt_CT: You must specify a L4 protocol and not use inversions on it
[  182.037031][ T8746] netlink: 'syz.3.1868': attribute type 9 has an invalid length.
[  182.044907][ T8746] netlink: 108 bytes leftover after parsing attributes in process `syz.3.1868'.
[  182.054031][ T8746] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1868'.
[  182.286270][ T8773] FAULT_INJECTION: forcing a failure.
[  182.286270][ T8773] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  182.299600][ T8773] CPU: 0 UID: 0 PID: 8773 Comm: syz.3.1879 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  182.299761][ T8773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  182.299778][ T8773] Call Trace:
[  182.299787][ T8773]  <TASK>
[  182.299797][ T8773]  __dump_stack+0x1d/0x30
[  182.299829][ T8773]  dump_stack_lvl+0xe8/0x140
[  182.299902][ T8773]  dump_stack+0x15/0x1b
[  182.299939][ T8773]  should_fail_ex+0x265/0x280
[  182.300043][ T8773]  should_fail_alloc_page+0xf2/0x100
[  182.300082][ T8773]  __alloc_frozen_pages_noprof+0xff/0x360
[  182.300131][ T8773]  alloc_pages_mpol+0xb3/0x260
[  182.300158][ T8773]  vma_alloc_folio_noprof+0x1aa/0x300
[  182.300204][ T8773]  handle_mm_fault+0xec2/0x2be0
[  182.300232][ T8773]  ? __rcu_read_lock+0x37/0x50
[  182.300257][ T8773]  ? __pte_offset_map_lock+0x1d4/0x230
[  182.300378][ T8773]  __get_user_pages+0x102a/0x1ed0
[  182.300449][ T8773]  __gup_longterm_locked+0x8ef/0xe60
[  182.300632][ T8773]  ? security_ptrace_access_check+0x69/0x80
[  182.300670][ T8773]  ? __ptrace_may_access+0x2c3/0x340
[  182.300698][ T8773]  pin_user_pages_remote+0x7e/0xb0
[  182.300725][ T8773]  process_vm_rw+0x484/0x960
[  182.300783][ T8773]  ? __bpf_trace_sys_enter+0x10/0x30
[  182.300827][ T8773]  __x64_sys_process_vm_writev+0x78/0x90
[  182.300866][ T8773]  x64_sys_call+0x2a80/0x3000
[  182.300894][ T8773]  do_syscall_64+0xd2/0x200
[  182.300978][ T8773]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  182.301047][ T8773]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  182.301076][ T8773]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  182.301104][ T8773] RIP: 0033:0x7fc43c93eec9
[  182.301122][ T8773] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  182.301160][ T8773] RSP: 002b:00007fc43b3a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000137
[  182.301182][ T8773] RAX: ffffffffffffffda RBX: 00007fc43cb95fa0 RCX: 00007fc43c93eec9
[  182.301198][ T8773] RDX: 0000000000000001 RSI: 0000200000001c80 RDI: 00000000000003b6
[  182.301214][ T8773] RBP: 00007fc43b3a7090 R08: 0000000000000001 R09: 0000000000000000
[  182.301230][ T8773] R10: 0000200000001d80 R11: 0000000000000246 R12: 0000000000000001
[  182.301246][ T8773] R13: 00007fc43cb96038 R14: 00007fc43cb95fa0 R15: 00007ffc8a12fee8
[  182.301280][ T8773]  </TASK>
[  182.673585][ T8783] loop0: detected capacity change from 0 to 1024
[  182.712433][ T8783] EXT4-fs: Ignoring removed mblk_io_submit option
[  182.719065][ T8783] EXT4-fs: Ignoring removed bh option
[  182.747312][ T8783] ext3: Unknown parameter 'subj_type'
[  182.823218][ T8778] loop0: detected capacity change from 0 to 2048
[  182.841954][ T8778] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  182.851142][ T8771] FAULT_INJECTION: forcing a failure.
[  182.851142][ T8771] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  182.864379][ T8771] CPU: 1 UID: 0 PID: 8771 Comm: syz.2.1874 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  182.864408][ T8771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  182.864422][ T8771] Call Trace:
[  182.864430][ T8771]  <TASK>
[  182.864441][ T8771]  __dump_stack+0x1d/0x30
[  182.864502][ T8771]  dump_stack_lvl+0xe8/0x140
[  182.864528][ T8771]  dump_stack+0x15/0x1b
[  182.864551][ T8771]  should_fail_ex+0x265/0x280
[  182.864597][ T8771]  should_fail+0xb/0x20
[  182.864693][ T8771]  should_fail_usercopy+0x1a/0x20
[  182.864716][ T8771]  _copy_to_user+0x20/0xa0
[  182.864758][ T8771]  simple_read_from_buffer+0xb5/0x130
[  182.864790][ T8771]  proc_fail_nth_read+0x10e/0x150
[  182.864845][ T8771]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  182.864879][ T8771]  vfs_read+0x1a8/0x770
[  182.864969][ T8771]  ? __rcu_read_unlock+0x4f/0x70
[  182.865043][ T8771]  ? __fget_files+0x184/0x1c0
[  182.865112][ T8771]  ksys_read+0xda/0x1a0
[  182.865165][ T8771]  __x64_sys_read+0x40/0x50
[  182.865189][ T8771]  x64_sys_call+0x27c0/0x3000
[  182.865228][ T8771]  do_syscall_64+0xd2/0x200
[  182.865335][ T8771]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  182.865372][ T8771]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  182.865402][ T8771]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  182.865432][ T8771] RIP: 0033:0x7fade84ad8dc
[  182.865452][ T8771] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  182.865594][ T8771] RSP: 002b:00007fade6ecd030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  182.865617][ T8771] RAX: ffffffffffffffda RBX: 00007fade8706180 RCX: 00007fade84ad8dc
[  182.865630][ T8771] RDX: 000000000000000f RSI: 00007fade6ecd0a0 RDI: 0000000000000007
[  182.865642][ T8771] RBP: 00007fade6ecd090 R08: 0000000000000000 R09: 0000000000000000
[  182.865659][ T8771] R10: 00002000007c5000 R11: 0000000000000246 R12: 0000000000000001
[  182.865695][ T8771] R13: 00007fade8706218 R14: 00007fade8706180 R15: 00007ffc46488708
[  182.865722][ T8771]  </TASK>
[  182.965653][ T8793] FAULT_INJECTION: forcing a failure.
[  182.965653][ T8793] name failslab, interval 1, probability 0, space 0, times 0
[  183.077347][ T8793] CPU: 0 UID: 0 PID: 8793 Comm: syz.3.1885 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  183.077392][ T8793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  183.077405][ T8793] Call Trace:
[  183.077414][ T8793]  <TASK>
[  183.077424][ T8793]  __dump_stack+0x1d/0x30
[  183.077451][ T8793]  dump_stack_lvl+0xe8/0x140
[  183.077478][ T8793]  dump_stack+0x15/0x1b
[  183.077497][ T8793]  should_fail_ex+0x265/0x280
[  183.077639][ T8793]  ? sctp_auth_asoc_copy_shkeys+0xfa/0x330
[  183.077729][ T8793]  should_failslab+0x8c/0xb0
[  183.077761][ T8793]  __kmalloc_cache_noprof+0x4c/0x4a0
[  183.077797][ T8793]  sctp_auth_asoc_copy_shkeys+0xfa/0x330
[  183.077834][ T8793]  sctp_association_new+0xde5/0x1200
[  183.077890][ T8793]  sctp_connect_new_asoc+0x1a8/0x3a0
[  183.077987][ T8793]  sctp_sendmsg+0xf10/0x18d0
[  183.078026][ T8793]  ? selinux_socket_sendmsg+0xa1/0x1b0
[  183.078059][ T8793]  ? __pfx_sctp_sendmsg+0x10/0x10
[  183.078103][ T8793]  inet_sendmsg+0xc5/0xd0
[  183.078149][ T8793]  __sock_sendmsg+0x102/0x180
[  183.078171][ T8793]  ____sys_sendmsg+0x345/0x4e0
[  183.078204][ T8793]  ___sys_sendmsg+0x17b/0x1d0
[  183.078320][ T8793]  __sys_sendmmsg+0x178/0x300
[  183.078371][ T8793]  __x64_sys_sendmmsg+0x57/0x70
[  183.078415][ T8793]  x64_sys_call+0x1c4a/0x3000
[  183.078469][ T8793]  do_syscall_64+0xd2/0x200
[  183.078497][ T8793]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  183.078532][ T8793]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.078561][ T8793] RIP: 0033:0x7fc43c93eec9
[  183.078580][ T8793] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  183.078601][ T8793] RSP: 002b:00007fc43b3a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  183.078626][ T8793] RAX: ffffffffffffffda RBX: 00007fc43cb95fa0 RCX: 00007fc43c93eec9
[  183.078700][ T8793] RDX: 0000000000000002 RSI: 0000200000000880 RDI: 0000000000000006
[  183.078716][ T8793] RBP: 00007fc43b3a7090 R08: 0000000000000000 R09: 0000000000000000
[  183.078731][ T8793] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  183.078747][ T8793] R13: 00007fc43cb96038 R14: 00007fc43cb95fa0 R15: 00007ffc8a12fee8
[  183.078774][ T8793]  </TASK>
[  183.099068][ T8783] tmpfs: Bad value for 'mpol'
[  183.431651][ T8807] SELinux:  policydb version 0 does not match my version range 15-35
[  183.431702][ T8807] SELinux: failed to load policy
[  183.565117][ T8818] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1894'.
[  183.600365][ T8816] bond0: (slave dummy0): Releasing backup interface
[  183.601642][ T8816] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  183.610391][ T8818] IPVS: Error connecting to the multicast addr
[  184.251136][   T29] kauditd_printk_skb: 367 callbacks suppressed
[  184.251155][   T29] audit: type=1400 audit(2000000118.840:10611): avc:  denied  { read } for  pid=8839 comm="syz.2.1898" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  184.518632][   T29] audit: type=1400 audit(2000000119.110:10612): avc:  denied  { map } for  pid=8844 comm="syz.1.1900" path="socket:[24744]" dev="sockfs" ino=24744 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[  184.754817][   T29] audit: type=1400 audit(2000000119.320:10613): avc:  denied  { write } for  pid=8847 comm="syz.4.1901" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  184.774673][   T29] audit: type=1400 audit(2000000119.330:10614): avc:  denied  { write } for  pid=8847 comm="syz.4.1901" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  184.855640][ T8857] netlink: 332 bytes leftover after parsing attributes in process `syz.2.1904'.
[  184.946135][ T8857] netlink: 'syz.2.1904': attribute type 9 has an invalid length.
[  184.953971][ T8857] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1904'.
[  184.963130][ T8857] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1904'.
[  185.052254][   T29] audit: type=1400 audit(2000000119.640:10615): avc:  denied  { create } for  pid=8865 comm="syz.0.1908" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=tcp_socket permissive=1
[  185.072614][   T29] audit: type=1400 audit(2000000119.640:10616): avc:  denied  { ioctl } for  pid=8865 comm="syz.0.1908" path="socket:[24786]" dev="sockfs" ino=24786 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=tcp_socket permissive=1
[  185.079907][ T8866] loop0: detected capacity change from 0 to 1024
[  185.159776][ T8866] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (46251!=20869)
[  185.202595][ T8866] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a040e11d, mo2=0002]
[  185.205760][ T8869] xt_CT: You must specify a L4 protocol and not use inversions on it
[  185.226002][ T8866] EXT4-fs (loop0): failed to initialize system zone (-117)
[  185.249299][ T8866] EXT4-fs (loop0): mount failed
[  185.280914][   T29] audit: type=1400 audit(2000000119.870:10617): avc:  denied  { create } for  pid=8865 comm="syz.0.1908" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=netlink_netfilter_socket permissive=1
[  185.352748][   T29] audit: type=1400 audit(2000000119.870:10618): avc:  denied  { write } for  pid=8865 comm="syz.0.1908" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=netlink_netfilter_socket permissive=1
[  185.396006][ T8878] netlink: 'syz.2.1912': attribute type 29 has an invalid length.
[  185.397395][ T8879] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=8879 comm=syz.3.1907
[  185.416947][ T8878] netlink: 'syz.2.1912': attribute type 29 has an invalid length.
[  185.441345][   T29] audit: type=1400 audit(2000000120.030:10619): avc:  denied  { create } for  pid=8876 comm="syz.3.1907" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  185.457089][ T8876] delete_channel: no stack
[  185.478982][   T29] audit: type=1326 audit(2000000120.030:10620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8876 comm="syz.3.1907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc43c93eec9 code=0x7ffc0000
[  185.523606][ T8881] program syz.2.1913 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  185.533226][ T8881] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  185.568149][ T8848] syz.4.1901 (8848) used greatest stack depth: 8200 bytes left
[  185.748739][ T8915] netlink: 'syz.2.1923': attribute type 29 has an invalid length.
[  185.749788][ T8890] netlink: 'syz.4.1916': attribute type 2 has an invalid length.
[  185.780069][ T8915] netlink: 'syz.2.1923': attribute type 29 has an invalid length.
[  185.811082][ T8920] syzkaller1: entered promiscuous mode
[  185.816658][ T8920] syzkaller1: entered allmulticast mode
[  185.847708][ T8921] loop0: detected capacity change from 0 to 512
[  185.866784][ T8923] FAULT_INJECTION: forcing a failure.
[  185.866784][ T8923] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  185.879964][ T8923] CPU: 0 UID: 0 PID: 8923 Comm: syz.2.1926 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  185.880021][ T8923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  185.880093][ T8923] Call Trace:
[  185.880099][ T8923]  <TASK>
[  185.880107][ T8923]  __dump_stack+0x1d/0x30
[  185.880140][ T8923]  dump_stack_lvl+0xe8/0x140
[  185.880165][ T8923]  dump_stack+0x15/0x1b
[  185.880181][ T8923]  should_fail_ex+0x265/0x280
[  185.880220][ T8923]  should_fail+0xb/0x20
[  185.880326][ T8923]  should_fail_usercopy+0x1a/0x20
[  185.880351][ T8923]  _copy_to_user+0x20/0xa0
[  185.880444][ T8923]  simple_read_from_buffer+0xb5/0x130
[  185.880471][ T8923]  proc_fail_nth_read+0x10e/0x150
[  185.880553][ T8923]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  185.880601][ T8923]  vfs_read+0x1a8/0x770
[  185.880627][ T8923]  ? __rcu_read_unlock+0x4f/0x70
[  185.880683][ T8923]  ? __fget_files+0x184/0x1c0
[  185.880711][ T8923]  ksys_read+0xda/0x1a0
[  185.880812][ T8923]  __x64_sys_read+0x40/0x50
[  185.880908][ T8923]  x64_sys_call+0x27c0/0x3000
[  185.880936][ T8923]  do_syscall_64+0xd2/0x200
[  185.881003][ T8923]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  185.881031][ T8923]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  185.881054][ T8923]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.881158][ T8923] RIP: 0033:0x7fade84ad8dc
[  185.881183][ T8923] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  185.881201][ T8923] RSP: 002b:00007fade6f0f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  185.881285][ T8923] RAX: ffffffffffffffda RBX: 00007fade8705fa0 RCX: 00007fade84ad8dc
[  185.881298][ T8923] RDX: 000000000000000f RSI: 00007fade6f0f0a0 RDI: 0000000000000003
[  185.881355][ T8923] RBP: 00007fade6f0f090 R08: 0000000000000000 R09: 0000000000000000
[  185.881370][ T8923] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[  185.881383][ T8923] R13: 00007fade8706038 R14: 00007fade8705fa0 R15: 00007ffc46488708
[  185.881403][ T8923]  </TASK>
[  186.138129][ T8930] __nla_validate_parse: 2 callbacks suppressed
[  186.138148][ T8930] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1928'.
[  186.167676][ T8930] netlink: 'syz.3.1928': attribute type 12 has an invalid length.
[  186.175840][ T8927] netlink: 'syz.3.1928': attribute type 12 has an invalid length.
[  186.202015][ T8921] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  186.254727][ T8921] ext4 filesystem being mounted at /437/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  186.290722][ T8942] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1931'.
[  186.469272][ T8953] netlink: 'syz.3.1937': attribute type 29 has an invalid length.
[  186.485287][ T3316] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.487516][ T8953] netlink: 'syz.3.1937': attribute type 29 has an invalid length.
[  187.146558][ T8972] SELinux: security_context_str_to_sid () failed with errno=-22
[  187.330921][ T8974] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  188.025182][ T9002] SELinux:  policydb version 0 does not match my version range 15-35
[  188.072034][ T9002] SELinux: failed to load policy
[  188.144272][ T9005] team0: Device vxcan3 is up. Set it down before adding it as a team port
[  188.306860][ T9017] 8021q: adding VLAN 0 to HW filter on device bond4
[  188.319914][ T9017] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1959'.
[  188.330432][ T9017] bond4 (unregistering): Released all slaves
[  188.346293][ T9008] netlink: 332 bytes leftover after parsing attributes in process `syz.0.1955'.
[  188.445344][ T9008] netlink: 108 bytes leftover after parsing attributes in process `syz.0.1955'.
[  188.454572][ T9008] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1955'.
[  188.536726][ T9017] SELinux:  policydb magic number 0x380 does not match expected magic number 0xf97cff8c
[  188.554722][ T9017] SELinux: failed to load policy
[  188.563389][ T9017] 
��: renamed from veth0_vlan
[  188.676986][ T9040] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1968'.
[  188.686044][ T9040] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1968'.
[  188.727969][ T9040] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1968'.
[  188.737237][ T9040] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1968'.
[  188.854190][ T9047] loop0: detected capacity change from 0 to 4096
[  188.863134][ T9050] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  188.910326][ T9047] EXT4-fs: Ignoring removed nomblk_io_submit option
[  188.976085][ T9047] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  189.216731][ T3316] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.237841][ T9074] vhci_hcd: invalid port number 96
[  189.243049][ T9074] vhci_hcd: default hub control req: 2000 vfffc i0060 l7
[  189.326927][ T9078] bond4: entered promiscuous mode
[  189.332483][ T9078] 8021q: adding VLAN 0 to HW filter on device bond4
[  189.495460][ T9081] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  189.512919][ T9094] netdevsim netdevsim0: Direct firmware load for ./file0/file1 failed with error -2
[  189.618387][   T29] kauditd_printk_skb: 456 callbacks suppressed
[  189.618473][   T29] audit: type=1326 audit(2000000124.210:11077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9100 comm="syz.0.1989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  189.661823][   T29] audit: type=1326 audit(2000000124.240:11078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9100 comm="syz.0.1989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=442 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  189.685490][   T29] audit: type=1326 audit(2000000124.240:11079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9100 comm="syz.0.1989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  189.709015][   T29] audit: type=1326 audit(2000000124.240:11080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9100 comm="syz.0.1989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  189.732969][   T29] audit: type=1326 audit(2000000124.240:11081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9100 comm="syz.0.1989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  189.756529][   T29] audit: type=1326 audit(2000000124.240:11082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9100 comm="syz.0.1989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  189.780087][   T29] audit: type=1326 audit(2000000124.250:11083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9100 comm="syz.0.1989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  189.803662][   T29] audit: type=1326 audit(2000000124.250:11084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9100 comm="syz.0.1989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  189.909728][ T9110] loop0: detected capacity change from 0 to 512
[  189.923660][ T9093] tmpfs: Bad value for 'mpol'
[  189.942753][ T9110] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  189.957231][   T29] audit: type=1326 audit(2000000124.510:11085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9092 comm="syz.2.1988" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fade84aeec9 code=0x7ffc0000
[  189.980927][   T29] audit: type=1326 audit(2000000124.510:11086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9092 comm="syz.2.1988" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7fade84aeec9 code=0x7ffc0000
[  190.125846][ T9120] kernel profiling enabled (shift: 63)
[  190.131367][ T9120] profiling shift: 63 too large
[  190.151884][ T9123] validate_nla: 7 callbacks suppressed
[  190.151902][ T9123] netlink: 'syz.4.1999': attribute type 9 has an invalid length.
[  190.335757][ T3316] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.368419][ T9133] xt_CT: You must specify a L4 protocol and not use inversions on it
[  190.499258][ T9141] FAULT_INJECTION: forcing a failure.
[  190.499258][ T9141] name failslab, interval 1, probability 0, space 0, times 0
[  190.511936][ T9141] CPU: 0 UID: 0 PID: 9141 Comm: syz.1.2006 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  190.512043][ T9141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  190.512060][ T9141] Call Trace:
[  190.512069][ T9141]  <TASK>
[  190.512080][ T9141]  __dump_stack+0x1d/0x30
[  190.512115][ T9141]  dump_stack_lvl+0xe8/0x140
[  190.512142][ T9141]  dump_stack+0x15/0x1b
[  190.512188][ T9141]  should_fail_ex+0x265/0x280
[  190.512233][ T9141]  ? alloc_fs_context+0x44/0x4e0
[  190.512264][ T9141]  should_failslab+0x8c/0xb0
[  190.512332][ T9141]  __kmalloc_cache_noprof+0x4c/0x4a0
[  190.512370][ T9141]  alloc_fs_context+0x44/0x4e0
[  190.512404][ T9141]  fs_context_for_mount+0x22/0x30
[  190.512435][ T9141]  do_new_mount+0xea/0x660
[  190.512458][ T9141]  ? security_capable+0x83/0x90
[  190.512603][ T9141]  path_mount+0x4a5/0xb70
[  190.512632][ T9141]  ? user_path_at+0x109/0x130
[  190.512674][ T9141]  __se_sys_mount+0x28c/0x2e0
[  190.512828][ T9141]  __x64_sys_mount+0x67/0x80
[  190.512903][ T9141]  x64_sys_call+0x2b51/0x3000
[  190.512932][ T9141]  do_syscall_64+0xd2/0x200
[  190.512956][ T9141]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  190.512990][ T9141]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  190.513040][ T9141]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.513066][ T9141] RIP: 0033:0x7f5dfae2eec9
[  190.513084][ T9141] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  190.513114][ T9141] RSP: 002b:00007f5df988f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  190.513166][ T9141] RAX: ffffffffffffffda RBX: 00007f5dfb085fa0 RCX: 00007f5dfae2eec9
[  190.513179][ T9141] RDX: 0000200000000280 RSI: 00002000000002c0 RDI: 0000000000000000
[  190.513192][ T9141] RBP: 00007f5df988f090 R08: 0000200000000540 R09: 0000000000000000
[  190.513205][ T9141] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  190.513217][ T9141] R13: 00007f5dfb086038 R14: 00007f5dfb085fa0 R15: 00007fff9acab9a8
[  190.513238][ T9141]  </TASK>
[  190.912202][ T9154] netlink: 'syz.1.2012': attribute type 9 has an invalid length.
[  191.014480][ T9166] xt_CT: You must specify a L4 protocol and not use inversions on it
[  191.353055][ T9186] 9pnet_fd: Insufficient options for proto=fd
[  191.379713][ T9190] __nla_validate_parse: 16 callbacks suppressed
[  191.379732][ T9190] netlink: 332 bytes leftover after parsing attributes in process `syz.1.2025'.
[  191.440467][ T9190] netlink: 'syz.1.2025': attribute type 9 has an invalid length.
[  191.448329][ T9190] netlink: 108 bytes leftover after parsing attributes in process `syz.1.2025'.
[  191.457472][ T9190] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2025'.
[  191.615620][ T9201] netlink: 76 bytes leftover after parsing attributes in process `syz.0.2028'.
[  191.699268][ T9203] FAULT_INJECTION: forcing a failure.
[  191.699268][ T9203] name failslab, interval 1, probability 0, space 0, times 0
[  191.711984][ T9203] CPU: 0 UID: 0 PID: 9203 Comm: syz.3.2030 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  191.712060][ T9203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  191.712073][ T9203] Call Trace:
[  191.712082][ T9203]  <TASK>
[  191.712092][ T9203]  __dump_stack+0x1d/0x30
[  191.712119][ T9203]  dump_stack_lvl+0xe8/0x140
[  191.712154][ T9203]  dump_stack+0x15/0x1b
[  191.712233][ T9203]  should_fail_ex+0x265/0x280
[  191.712278][ T9203]  ? tcf_proto_create+0x44/0x1a0
[  191.712319][ T9203]  should_failslab+0x8c/0xb0
[  191.712360][ T9203]  __kmalloc_cache_noprof+0x4c/0x4a0
[  191.712397][ T9203]  tcf_proto_create+0x44/0x1a0
[  191.712516][ T9203]  tc_new_tfilter+0x95c/0x10a0
[  191.712624][ T9203]  ? __rcu_read_unlock+0x4f/0x70
[  191.712662][ T9203]  ? ns_capable+0x7d/0xb0
[  191.712690][ T9203]  ? __pfx_tc_new_tfilter+0x10/0x10
[  191.712730][ T9203]  rtnetlink_rcv_msg+0x5fe/0x6d0
[  191.712825][ T9203]  netlink_rcv_skb+0x123/0x220
[  191.712861][ T9203]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  191.712923][ T9203]  rtnetlink_rcv+0x1c/0x30
[  191.713019][ T9203]  netlink_unicast+0x5c0/0x690
[  191.713055][ T9203]  netlink_sendmsg+0x58b/0x6b0
[  191.713151][ T9203]  ? __pfx_netlink_sendmsg+0x10/0x10
[  191.713189][ T9203]  __sock_sendmsg+0x145/0x180
[  191.713210][ T9203]  ____sys_sendmsg+0x31e/0x4e0
[  191.713243][ T9203]  ___sys_sendmsg+0x17b/0x1d0
[  191.713294][ T9203]  __x64_sys_sendmsg+0xd4/0x160
[  191.713335][ T9203]  x64_sys_call+0x191e/0x3000
[  191.713361][ T9203]  do_syscall_64+0xd2/0x200
[  191.713437][ T9203]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  191.713473][ T9203]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  191.713503][ T9203]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  191.713532][ T9203] RIP: 0033:0x7fc43c93eec9
[  191.713553][ T9203] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  191.713607][ T9203] RSP: 002b:00007fc43b3a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  191.713631][ T9203] RAX: ffffffffffffffda RBX: 00007fc43cb95fa0 RCX: 00007fc43c93eec9
[  191.713665][ T9203] RDX: 0000000000000800 RSI: 00002000000001c0 RDI: 0000000000000004
[  191.713682][ T9203] RBP: 00007fc43b3a7090 R08: 0000000000000000 R09: 0000000000000000
[  191.713698][ T9203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  191.713714][ T9203] R13: 00007fc43cb96038 R14: 00007fc43cb95fa0 R15: 00007ffc8a12fee8
[  191.713750][ T9203]  </TASK>
[  192.087643][ T9207] xt_CT: You must specify a L4 protocol and not use inversions on it
[  192.545277][ T3393] hid-generic 00CD:0009:70000.0033: item fetching failed at offset 0/1
[  192.567129][ T9244] netlink: 76 bytes leftover after parsing attributes in process `syz.1.2044'.
[  192.568423][ T3393] hid-generic 00CD:0009:70000.0033: probe with driver hid-generic failed with error -22
[  193.110837][ T9263] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  193.184874][ T9263] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  193.209688][ T9263] loop0: detected capacity change from 0 to 1024
[  193.247032][ T9263] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (58532!=20869)
[  193.304954][ T9263] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a040e11d, mo2=0002]
[  193.313206][ T9263] EXT4-fs (loop0): failed to initialize system zone (-117)
[  193.333269][ T1037] hid-generic 00CD:0009:70000.0034: item fetching failed at offset 0/1
[  193.344659][ T9263] EXT4-fs (loop0): mount failed
[  193.352042][ T1037] hid-generic 00CD:0009:70000.0034: probe with driver hid-generic failed with error -22
[  193.519710][ T9291] FAULT_INJECTION: forcing a failure.
[  193.519710][ T9291] name failslab, interval 1, probability 0, space 0, times 0
[  193.532552][ T9291] CPU: 0 UID: 0 PID: 9291 Comm: syz.0.2061 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  193.532589][ T9291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  193.532606][ T9291] Call Trace:
[  193.532615][ T9291]  <TASK>
[  193.532625][ T9291]  __dump_stack+0x1d/0x30
[  193.532647][ T9291]  dump_stack_lvl+0xe8/0x140
[  193.532734][ T9291]  dump_stack+0x15/0x1b
[  193.532751][ T9291]  should_fail_ex+0x265/0x280
[  193.532808][ T9291]  should_failslab+0x8c/0xb0
[  193.532845][ T9291]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  193.532882][ T9291]  ? __alloc_skb+0x101/0x320
[  193.532962][ T9291]  __alloc_skb+0x101/0x320
[  193.532986][ T9291]  ? audit_log_start+0x342/0x720
[  193.533012][ T9291]  audit_log_start+0x3a0/0x720
[  193.533040][ T9291]  audit_seccomp+0x48/0x100
[  193.533079][ T9291]  ? __seccomp_filter+0x82d/0x1250
[  193.533151][ T9291]  __seccomp_filter+0x83e/0x1250
[  193.533186][ T9291]  ? __list_add_valid_or_report+0x38/0xe0
[  193.533287][ T9291]  ? _raw_spin_unlock+0x26/0x50
[  193.533323][ T9291]  __secure_computing+0x82/0x150
[  193.533348][ T9291]  syscall_trace_enter+0xcf/0x1e0
[  193.533381][ T9291]  do_syscall_64+0xac/0x200
[  193.533410][ T9291]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  193.533524][ T9291]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  193.533549][ T9291]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  193.533621][ T9291] RIP: 0033:0x7f85bd04d8dc
[  193.533639][ T9291] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  193.533658][ T9291] RSP: 002b:00007f85bbab7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  193.533693][ T9291] RAX: ffffffffffffffda RBX: 00007f85bd2a5fa0 RCX: 00007f85bd04d8dc
[  193.533709][ T9291] RDX: 000000000000000f RSI: 00007f85bbab70a0 RDI: 0000000000000005
[  193.533723][ T9291] RBP: 00007f85bbab7090 R08: 0000000000000000 R09: 0000000000000000
[  193.533735][ T9291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  193.533747][ T9291] R13: 00007f85bd2a6038 R14: 00007f85bd2a5fa0 R15: 00007fff332ffa48
[  193.533776][ T9291]  </TASK>
[  193.833676][ T3388] hid-generic 00CD:0009:70000.0035: item fetching failed at offset 0/1
[  193.844757][ T3388] hid-generic 00CD:0009:70000.0035: probe with driver hid-generic failed with error -22
[  193.875783][ T9307] xt_CT: You must specify a L4 protocol and not use inversions on it
[  193.931437][ T9311] loop0: detected capacity change from 0 to 512
[  193.938230][ T9311] EXT4-fs: Ignoring removed mblk_io_submit option
[  193.946796][ T9311] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -13
[  193.980423][ T9311] EXT4-fs error (device loop0): ext4_clear_blocks:876: inode #13: comm syz.0.2071: attempt to clear invalid blocks 2 len 1
[  194.017109][ T9311] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  194.042226][ T9313] netlink: 'syz.4.2072': attribute type 13 has an invalid length.
[  194.092646][ T9311] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.2071: invalid indirect mapped block 1819239214 (level 0)
[  194.115259][ T9311] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.2071: invalid indirect mapped block 1819239214 (level 1)
[  194.160120][ T9313] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  194.185130][ T9311] EXT4-fs (loop0): 1 truncate cleaned up
[  194.195181][ T9311] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  194.238502][ T3316] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.545187][ T3388] hid-generic 00CD:0009:70000.0036: item fetching failed at offset 0/1
[  194.554724][ T3388] hid-generic 00CD:0009:70000.0036: probe with driver hid-generic failed with error -22
[  195.230425][   T29] kauditd_printk_skb: 920 callbacks suppressed
[  195.230443][   T29] audit: type=1326 audit(2000000129.820:12005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9359 comm="syz.0.2089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  195.394673][   T29] audit: type=1326 audit(2000000129.820:12006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9359 comm="syz.0.2089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  195.418213][   T29] audit: type=1326 audit(2000000129.820:12007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9359 comm="syz.0.2089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  195.441860][   T29] audit: type=1326 audit(2000000129.820:12008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9359 comm="syz.0.2089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  195.465594][   T29] audit: type=1326 audit(2000000129.820:12009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9359 comm="syz.0.2089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  195.489181][   T29] audit: type=1326 audit(2000000129.820:12010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9359 comm="syz.0.2089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  195.512890][   T29] audit: type=1326 audit(2000000129.820:12011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9359 comm="syz.0.2089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  195.536506][   T29] audit: type=1326 audit(2000000129.820:12012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9359 comm="syz.0.2089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  195.560092][   T29] audit: type=1326 audit(2000000129.820:12013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9359 comm="syz.0.2089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  195.583657][   T29] audit: type=1326 audit(2000000129.820:12014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9359 comm="syz.0.2089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  195.668496][ T3388] hid-generic 00CD:0009:70000.0037: item fetching failed at offset 0/1
[  195.677598][ T3388] hid-generic 00CD:0009:70000.0037: probe with driver hid-generic failed with error -22
[  196.024652][ T9388] netlink: 332 bytes leftover after parsing attributes in process `syz.0.2100'.
[  196.041890][ T9388] netlink: 'syz.0.2100': attribute type 9 has an invalid length.
[  196.049757][ T9388] netlink: 108 bytes leftover after parsing attributes in process `syz.0.2100'.
[  196.058918][ T9388] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2100'.
[  196.135990][ T9395] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2101'.
[  196.167465][ T9395] hsr_slave_1 (unregistering): left promiscuous mode
[  196.476787][ T9415] netlink: 'syz.3.2110': attribute type 13 has an invalid length.
[  197.126207][ T9437] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  197.356596][ T9437] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  197.390329][ T9445] SELinux:  policydb version 0 does not match my version range 15-35
[  197.442183][ T9445] SELinux: failed to load policy
[  197.895656][ T9459] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2124'.
[  197.977402][ T9460] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2124'.
[  198.085002][ T9461] capability: warning: `syz.4.2124' uses 32-bit capabilities (legacy support in use)
[  198.989010][ T1037] syz1: Port: 1 Link DOWN
[  199.034013][ T3634] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  199.064380][ T3634] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  199.104676][ T3634] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  199.137284][ T3634] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  199.184723][ T3424] hid-generic 00CD:0009:70000.0038: item fetching failed at offset 0/1
[  199.214920][ T3424] hid-generic 00CD:0009:70000.0038: probe with driver hid-generic failed with error -22
[  199.267578][ T9479] xt_CT: You must specify a L4 protocol and not use inversions on it
[  199.747797][ T9491] SELinux:  policydb version 0 does not match my version range 15-35
[  199.869884][ T9491] SELinux: failed to load policy
[  200.321969][ T9501] loop0: detected capacity change from 0 to 1024
[  200.363002][ T9500] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  200.448242][ T9501] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  200.582842][ T3316] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.889307][   T29] kauditd_printk_skb: 349 callbacks suppressed
[  200.889322][   T29] audit: type=1326 audit(2000000135.480:12364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9505 comm="syz.0.2137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  201.027578][ T3393] hid-generic 00CD:0009:70000.0039: item fetching failed at offset 0/1
[  201.038297][ T3393] hid-generic 00CD:0009:70000.0039: probe with driver hid-generic failed with error -22
[  201.048684][   T29] audit: type=1326 audit(2000000135.520:12365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9505 comm="syz.0.2137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  201.072341][   T29] audit: type=1326 audit(2000000135.520:12366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9505 comm="syz.0.2137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  201.096094][   T29] audit: type=1326 audit(2000000135.520:12367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9505 comm="syz.0.2137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  201.120090][   T29] audit: type=1326 audit(2000000135.520:12368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9505 comm="syz.0.2137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  201.143675][   T29] audit: type=1326 audit(2000000135.520:12369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9505 comm="syz.0.2137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  201.167331][   T29] audit: type=1326 audit(2000000135.520:12370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9505 comm="syz.0.2137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  201.190857][   T29] audit: type=1326 audit(2000000135.520:12371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9505 comm="syz.0.2137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  201.214677][   T29] audit: type=1326 audit(2000000135.520:12372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9505 comm="syz.0.2137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  201.238183][   T29] audit: type=1326 audit(2000000135.520:12373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9505 comm="syz.0.2137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85bd04eec9 code=0x7ffc0000
[  201.620708][ T9528] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  201.645920][ T9526] xt_CT: You must specify a L4 protocol and not use inversions on it
[  202.232674][ T3424] hid-generic 00CD:0009:70000.003A: item fetching failed at offset 0/1
[  202.246592][ T3424] hid-generic 00CD:0009:70000.003A: probe with driver hid-generic failed with error -22
[  202.582231][ T9551] SELinux:  policydb version 0 does not match my version range 15-35
[  202.626110][ T9551] SELinux: failed to load policy
[  202.782173][ T3634] ==================================================================
[  202.790513][ T3634] BUG: KCSAN: data-race in n_tty_receive_char_flow_ctrl / tty_set_termios
[  202.799073][ T3634] 
[  202.801414][ T3634] write to 0xffff8881034f3908 of 44 bytes by task 9538 on cpu 1:
[  202.809145][ T3634]  tty_set_termios+0xc0/0x8c0
[  202.813881][ T3634]  set_termios+0x490/0x4d0
[  202.818335][ T3634]  tty_mode_ioctl+0x379/0x5c0
[  202.823045][ T3634]  n_tty_ioctl_helper+0x91/0x210
[  202.828019][ T3634]  n_tty_ioctl+0x101/0x200
[  202.832551][ T3634]  tty_ioctl+0x83f/0xb80
[  202.836824][ T3634]  __se_sys_ioctl+0xce/0x140
[  202.841429][ T3634]  __x64_sys_ioctl+0x43/0x50
[  202.846146][ T3634]  x64_sys_call+0x1816/0x3000
[  202.850842][ T3634]  do_syscall_64+0xd2/0x200
[  202.855365][ T3634]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.861276][ T3634] 
[  202.863616][ T3634] read to 0xffff8881034f3921 of 1 bytes by task 3634 on cpu 0:
[  202.871167][ T3634]  n_tty_receive_char_flow_ctrl+0x23/0x1a0
[  202.877007][ T3634]  n_tty_lookahead_flow_ctrl+0xed/0x130
[  202.882577][ T3634]  tty_port_default_lookahead_buf+0x91/0xc0
[  202.888484][ T3634]  flush_to_ldisc+0x288/0x340
[  202.893179][ T3634]  process_scheduled_works+0x4ce/0x9d0
[  202.898679][ T3634]  worker_thread+0x582/0x770
[  202.903287][ T3634]  kthread+0x489/0x510
[  202.907371][ T3634]  ret_from_fork+0x122/0x1b0
[  202.911973][ T3634]  ret_from_fork_asm+0x1a/0x30
[  202.916758][ T3634] 
[  202.919082][ T3634] value changed: 0x11 -> 0xe7
[  202.923759][ T3634] 
[  202.926451][ T3634] Reported by Kernel Concurrency Sanitizer on:
[  202.932964][ T3634] CPU: 0 UID: 0 PID: 3634 Comm: kworker/u8:8 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  202.943312][ T3634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  202.954090][ T3634] Workqueue: events_unbound flush_to_ldisc
[  202.960029][ T3634] ==================================================================
[  202.984322][ T9557] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=139 sclass=netlink_route_socket pid=9557 comm=syz.3.2157