last executing test programs:

1m40.370256563s ago: executing program 4 (id=2741):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x9}, 0x2400, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
mlockall(0x2)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x841e, 0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_bp={0x0, 0x8}, 0x2, 0x4, 0x4, 0x5, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = dup(r0)
fsetxattr$security_selinux(r1, &(0x7f0000000000), &(0x7f0000000040)='unconfined\x00', 0xb, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f0000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000130000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3000000"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000001f40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='kfree\x00', r3}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000011c0)={&(0x7f0000001180)='kfree\x00', r4, 0x0, 0x4}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x1, 0x2, &(0x7f0000000100)=@raw=[@ldst={0x1, 0x2, 0x4, 0x0, 0x1, 0x4c}, @jmp={0x5, 0x0, 0x9, 0x0, 0x6, 0xffffffffffffffe0, 0xfffffffffffffff0}], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
close(0x3)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a000007090001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDSETLED(r5, 0x4b32, 0x91)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x8, &(0x7f0000000140)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
socket$netlink(0x10, 0x3, 0x0)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, &(0x7f0000001b80)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f0000001ac0)=ANY=[@ANYBLOB="200000001114010028bd7000fcdbdf2508000300012000000800010001000000"], 0x20}, 0x1, 0x0, 0x0, 0x408c}, 0x40040)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mount$tmpfs(0x0, 0x0, 0x0, 0x84022, &(0x7f0000000300)=ANY=[@ANYBLOB="6e725f696e6f6465733d6508005ce0b8dcc11daa1935c8131eb919a05f5e4a000b73e61904d0c13962ac271fb65b07a21725e6bc76a00e80d4dd069155daeddb36ab71837199733691b22875c810"])
r6 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001200)={0x0, 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x8844)
socket$kcm(0x1e, 0x8, 0x0)
socket(0x1, 0x5, 0x0)

1m40.311405299s ago: executing program 4 (id=2745):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x2a, 0x1, 0x0, 0x0, 0x0, 0x5464fadc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x8}, 0x11ae6a, 0x9, 0x0, 0x2, 0x7, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000005}, 0x0, 0x1, 0xffffffffffffffff, 0x1)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200, 0x10221, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x6}, 0x0, 0x7, 0x0, 0x9, 0x20000004, 0x0, 0x996, 0x0, 0x0, 0x0, 0x8000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003b40)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRES16=0x0, @ANYBLOB="b022fd84099290ab8ebe39cfc17f80bc2926131e9437a1dea9ca1756900531c14b67f7a9edd0d80c7c73649053153a8d8db6d3c0d3b3fa951f57d14071b61a27d968a0ae7bd580d2d9fd9034451c3ecffae80b234e72fb11e3a60c1208bd5262c5009e3e45582ed4203850292ed682fc5e26f5c2af47718ee5b4f2ed68f0b21b813ec22c4c61d3f22f5a01ebea6c484d8ef4ca90180b4587e0bee2f782fef574aa1e0ebc5d9e42452910d03c12feff7848f72ac5430476b9dc2457a09efdc6f181c408abe7b30cccd2c8fb85389e1cacd4f4b29a3d4a55941bf1bb416203732d6712d5a89470876ae6daec66f3fe1b39982c2781b115e20af7ce0a0c7c77db1073adc6e11597bd9f540f90f60b92dc84a5c764379c0b9426ff4f547182502633aa754dcfc63e46c7cef8e3a0c29bf5184ac150e90d884c59cba3dae7c531fb114534292629d8532c0f67ee37f2c349ea8f28199aff2aa335df5db411287a73adfbfff212cf7b6d277a361c55af160d98b5c3db84da37d80e07269c33f60f111ec3c09d8843e1f5499e71de9b48882b9415d45b20393888ec49f307d535580947b5a5b40b465382aa4a579f317d91792f8ed70e9401863bc0a21d7e15f828ae8f13c673a30cba6f10f89c8a018cc8bbe7072ffe1c5d4ef11f0f82cf967faef8608f8b289245f87607917b0c2578dbbe5186ac78b8cd9a5aff567aebe8a73dd547fdc503885a2df4953f3497688b7b1ede6a2e529b25ecc246a7bcb00077059d7e0100aa20cb4d1dbac6eec0a9f803601c799eddb9b271f0530842291167abffb982fe47a496e884ee3c17850f970cb3ac3342b832b8b984e2eb4836afb7727f7310a347add2a1094cfff7b44516593bbf15f3a9e0e2a788e99bdec6706ae9a39b4f8983ae38d4cdf866d9670de91036ea86646f195ec4b4ce462ea624b8875825262a301f9235496b935506109287bbcf4754e3fa637428a2e39a80cd07ffafd756839abddc721421754fcae705ab432fcdd6f3c004dfad9e6bfa87746dd41649dcd2bf1728a3d6d2ddf27a52957422a27f9e478530873d9f1861b71f2378540648b171bcbd44533723ae1a89e56e2f570c0571eb3c66fac65e3abad003a828f2d21cc990e57b80dd3762fe1204eb320591d6a93f9052b80494b2f52ad89d6374cf33040e2484c3384946450bb65835d65bebb4a91c0f82e598e5aa7ff9ba79f27bbd46240287721d2759fa24cec97658d8f17b3f424293f7253b74dae4b966c8089c546936953d8ce63463c26f1e296f56e17e7f890b6001ed5d9f739036842e989b40c02d3fe5227b1fb08a98f1b1f0c336346698e70171e74e40c5304a356b29c947672f8a0535b7ce3a66b276d09ca3d9fff030e41598649a310875f5b5801c471182c1f617c907f06b5f36a1f9294b0f4a95d0fc98682b1e38f2f94fb08f20c5e5c7afaa9fbbd84734a98dd9b33188f6b79334b09ca8e2de56457242f904b114a2c313b193fe421d7fa97da5ab77f363e83b4698bf903022d13826ded79a905f07f97dc0fc4cc290b969ee37075a4a80a0d86d0696eeea2048ebd1a97f8319b3342e515ae5c9e25ee933d926ae0f31af55aeb07da6508756ac9549ba8bbc0095a17cb647df12f926e595a531d7208ef75cfd6239f65a0584121c75e00f7c77990b90e6350b1a84eba4430979bb726ab02050573af29156bed8e243527593dc0c6de41d0b6775818a96ee97d153826a217e8d7e88c6c44baa781a495afeba3882a06f5b1a87b1e8ee1edf404ac3ade6f5af1f6cd22c01506b5f84befb55c86f79b56e4d5754be8f564f57852f991c2275cbf55937666e022c2b2f0d020156152377859b345f74fe66791421e5571a7900df89c9bef5c3cb19113fae5d524ae2edea5ca91baf096c02e1e860c9b5a97882da598ef1e39fcb61d83f997675a772ac37c0fbe65a9d379b9204a915fdb6a7c7cdbd14c0893cd5e8cfd56f4021756d6c6a25b258a69922a41f3c7bc43b69f46293b381a27ae5a3cfcf2526f8eadcb540ec87d6009d6a2939882140f9a447c5be4328a0681aa3002f6a9dfd836b362fb1d423d7c9571aeb50e2a6acb9ab4e85574baf27b1028db0f6647aa7fe995c1fbf8ab422bb15acf9ae6de73972c9549cb601297bbb1c740e8761af16c4785c4827b5dc5e52f4a82000f6f87670ec19fea4e04e564fc83c0ccf1b7fa2bb9ac3e56addfa7f5f6d1d3d3c92dea5de9fa42f1414a769b0cdc40e306fee0ad66573628b83a07fe087fcb3377848e1a7869e592c83bb594284da28a4f5db381059d56e5d4989042dadbbe6000b66184ca8fe9d293f6c70988f3d7b8ee00546a21aaeca498ae06fa7becc5a55914c7a1ab714d955a8b0bd72e8d6bbf4dd451b525fcbc9fb5c10747dee3c755d39be5c2d52345c56185a8d6cee878b72255acabf7dbefafaed94838532fd01ea6244c4ac929de6846084a07d19de7098e62b613775abe326d402f707c4fbb3968b0aac7f1f27537cbdecee19151b310bcbe2c848ef41eea747e85f87d5a160b2cb6b28d137e30c69770c1651e44a66f8e3394bec03c8256b89fd59bec449c6a2bdb351f53d05e463f75b834624b8c7b557dc38a398d726d0846fc2f062b5b32d10af38ce844c6811aaef73ace1d86813bc37433670f6180f9bd112ae00133077fc7a0bd12d7b4b3a53a3c16a9cb0e8112f18691aa3bd2215afdaa1d00c8ea4f4a302ea9ebc94afaad2549f646a8ae66b953fa9cd649a02c4b152cc6c7b55d99ddc3d0fd1fcd84da355eb02581dba9e4d9dd235d2d4c4e094161440e70926221d76ce70c8762485c8b801550cc208e5d1bfd184e622ff0950a912dd47163c838fd562f09ca1690e76da55a471ec67cb83bbb103975bd4683f0393ec8b843f55ba2c0bdc6c90b50031cfe751792bd5d0cb50c8ee93086794e18c4ed66d6bd09b499f8ff2f63a8920701ab0af5b4b75402b1d65b1eb515dc46e181a1699f21e67349c904f02f8358e28faff2ade65703d14dc2774b02acc731eee0941675502d95e0c32a7304f6e9af85ef220daea0de24cf79e35a59412e62835d3032f88d9ed7befd4f708bfd2d236bd188b6f951bbe13e3add84f111e20324a523426611ec15fb376e7306cbec6867f0b945047a4facf78154e68a66a36972d5a18af1403baa9b4b51fddd072ee1f0087add02485b40323bd708b76406e10a927a913d91c5d771d3aeb3cfafb54b1016785c61ed13060d5f1b550676a656b874fd392ae61c5044218df55cbb72b819990ffdb130fb17a14f7cb5a2a8aafedc6526d83762dbf320f15758030eeecf5652dccf04cdc68827400c768a21daff47212b87357ff0bcb36cae4d113a5d9815b07332cb42329321664d93e43e6dcd6115987007fc623088004f8ac943736eb2a045a25b1bbfbbc97571eabf875d924f6b7b0e524b1afa0ff499473aa7976de83b91928e84f8e445728778fe0e5a356a57f09ed254848cec31b7c5c9c7a2fca21befe15ffc9317e96f7ad582684ce625791b99563781bf64983e77be4f1a5893beec4b560fc15e9c21dd0c29bf2879dfaa257ba5ec97957050d5b2c1f25eb4064488c139dbf88f3b7c70850d6fdbf0603cdd4011bf76e0d9ee5c2b128b50dba5689a8f04d4caf62d777eab31aab4b4195da780901352d284885bf417eb05367ee1b5f2f8c5cfe7f0394fb977f3a3f96084375e22ccf6c3ee4659d68d2b1948a4a1783a4db2282c67d39613fa67be4dd144793b76c09dd563ef3d169f34318acbd62d3b2d64f9173d16e9801132918c3390172c6f64d049b4c894d593419e5f4d5a513fc5a64ddcd05b034e6d16fe88ff89a520c464f842ad5a62a6fc46f0e9d56d05d6f5e625d25f537cca62910981dd463255318d8273db13d27fdc6c17c2c54776ba3a246c413957f297b8ecb1adb5c3f1d4d8e4d7705bdb9268f956d2845b68511edd51cdc5d05de5d6d4b3f573592986fed325f1f3c6a9ef7740f9d843e11981d1ca515c7e722ec4d691c5e4d3a146e39bcf407f66418f754bb2508cb4cc843aa9d8eb63850e5b9103682ecc1fc8f972f394be9d31cb9efd0f693d4ec41fe8d0993b45d2f422f9ab604d3371c1bda1daa3206a027c4de5c8f2cf6d1fc7e6d1423a6c71e84f24e0a4dfbf4a331deff2ae649df9681a08846efc9f0001e7ef106f1bfa25ee2799b13f1f076e30e58078d186afb65301497e982478babf143972cc7072f70829b8faee46e56a1451ff7ddd0dd35816bfa29eee361de60fbc3222e89d70f1495be94d0e82072a0e572e3055c905552e6c45d2af3d4f505a99d947667059c1c92ce2d3549077539c4cec4c07337361eeb9f78813bf9e77b0a79f391ae6eb663deb53317f61ef8ddffdbd0ca2d8095c10c106b0968325bc1e88829d92399b809f1b881e9b9f0aeada5c5ee20fd0866070e3d5d41e62f5b6d2d25441babcdf9d3dc8ae3c140a6f352daf00ed38e248b236acd27f24bdebae0f272a5820ef77fb603fe3cc910a9d842129259e61d25dcf546cd770e4cccab470b20fa5f5972a6dd15853483de6e032f9726c166e81e8e0f9db4df397cc4a10b6e58708a31f48d7d2bae4ef92828c37088068b2ae433110dc7c08e6017d8b26e4e0382ca8fa62dc6f53c4cc2f0f78af72335c494f57f2414afe247e2291c395895bb18f701b6f4331feb759110c543dd94a238e782ad552047677558a50e7683d71a9e222fd19a9343e1d64528640a8099dedd19e4c747dda18ff25b15bddf750a54533b6ecfc75ad4a2909485f7fd759d45c74727b2e7300eae71a8784f5dd7f25b4b000ed3254264131cbbae316fb3a3bfbeb309dd2d18104629db354f447791eb882bf0333a520b8dba745b673d071b07e1de3e02fe751a1cf5908435b1a38edbd60483abdb15452c868844ceb96c449ab72999a55c79f9ce7405797142ef7095b4caf99d7bbe51cd4e963e4ffbbd2648761abd3894b5420a0add261ff9c0eff61aafd1ac5195ff15cadb5b0c7ce34d4d2d68146f3dae677e833b8be0f8a876153bb65398def38e4bf539d3a00047b19c483062fc1c2547b7d4f7d99b7035212ccfffeeb21ed7bbd6165ac7fbafbca3cef86fff655305706dd0baa607c50543bb0d66f0f4dbdd9c365fdb7b875dc5e7ee59afccc321ad1e31cc84687afda71231bb2e4dc3ce79ff3ce4bbafed8821a5b71bbf3844f110e2dd9557b596ac792d97506d22c0410bce435e20fa2e2d435361b5b6ac85f44763769723a7b629258f45e10578f70bef2e9c05af8032e357697dfcd30de9b3e953a36d6cb7a03ce69288b663f692793904dd8fb4ab6dc31ddf7f6942ef84c1e68c78bf9974f830ee2fccca84113cee98b47ed41a87fe610c5348dc38d4ada19862772317a70754870347ad87dbbb4c52349b0261aa8e108fcf387b24d4e2a77ba76e8472fd74ab6fa021277a24ef7a48d395b0fd1f9c0cf83bac56b433ffbfe5984a362e337969febf259988162c2b4842bd2fc0b230fee93a085003e615088abfe41889f7b5e0f380ffe55b66c1f7419993c3dd4aac5891494a183ddca2e415e1749489c925715f3c44d94b90d2d735f2b923bdbbbf1646580ab135356a9ee29bc19e73ded9a33798a69d248574e0c9e9f40a1c1ba52bc66a578d08b75f271a9e9f447efede09d6b3b57e0aa6322c18fd6f5e1c9d2753e0a6513cc04124ab89802eb9c504f0e5550868ab597629d7cc7447ed1b01b2ff4cf511aa098710b208b5aa0f595039a2f0e7294c5fe3b0c3e6c40000000000000000000000000000000002588beb10115f4b22f4ac997c86c49201ee9dceb2142ae61555bbbc4ef8cdd468a8ffbe6cbfc8877dd87292c70e10669bc99d8d5710f7719cc2cffc86cd529b6da2511d07aef4a1d9533ab58a76f80ad7fe91a17397d3c83481", @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163be4b2b9a5bd521d185cfbee555b27608594beba6325923aaf5db74cff01000053db92c6c5fcbba0abd975fc76bea49b00513afc856ed89d3fadeda307ca587354322803b0983cc65725ae7f45fb95e7cdb28c6b886959b7dde2c87c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d392833ecd02443320b60131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d71a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a039eb5673792cae80335732030f9aeabaf3bb3cc4ca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b99408275e2b4b4477c6fcf4806134e839e13533ec000000000000006a1c000000000000000000000000000000000000000000000000000069c3288311b7414705e975eb3f1b77a120", @ANYRES64], 0x8, 0x2eb, &(0x7f00000004c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN")
syz_mount_image$msdos(&(0x7f0000000340), &(0x7f00000001c0)='./file2\x00', 0x2010410, &(0x7f0000000a80)=ANY=[@ANYBLOB='nodots,dmask=00000000000000000000003,usefree,nodots,flush,dots,dots,gid=', @ANYBLOB="9d52a8b718e4e05f7bc50417a2be7401e70cad58d9d69cc9bfa90c2e20f8bd023ea6d263ba5af0be1f0f8320979a8741cd5ebf3b794f509827167494aad334ed5ae71b661246941bbc2a1d7bc6930393c910b60d59327a5637009607c2513cea528ca857d86962f50f378117a794060d4266c460b1af1014a419b16d3148d372e4b0b374c189f6b9cb4ade2b825db5fe32096b1c802e61b43a33b219eede58196dfab8140ddbdfb698fb1e9b4ec7ac92ed9c2a3f8f30060b2598e7de6214f6a7f4ab70d437ce4053550e107742ba713a0c46aa5e736b210a28d9ec36de62bee79aff315c731e", @ANYBLOB], 0x1, 0x214, &(0x7f0000000840)="$eJzs3D1rW1cYB/AjWa6tlhZPhXbpoV3a5bb10qVDS3GhVNCSRCEv0zWWEyFFAl8NksmgOVM+RwhkCWQL+QL+DFmymYDx5Ck3OJKs2NixE0dy4vx+ix6e/z1X5+jARVy9bP5+91ZjNUtW004ozRdC8Y/QDzuFsBCKYaQffnpwZfvOxavX/v2zUlm6MDvsx/jVd4+v377//ZPOF5cf7nYKIYStxWcbX298s/ni0s16FutZbLU7MY3L7XYnXW7W4ko9ayQx/t+spVkt1ltZbW1fvtpsj5861LIspq1ebNR6sdOOnbVeTG+k9VZMkiTOB06lem8nz8NWnuf5XD/kef62JyhMZl5Myyn3n4/c3kU97l5Nn/e71W518DjI//6nsvRLfGVhPGq7263O7OW/DvK4P58Nnw/zxUPzz8KPPwzy3eyv/yoH8nJYmfzyAQAAAADgXErinkPv7yfJUfmgeu3zgQP370vh29K4MzP5pQAAAABHyHrrjbS5Mrs2KJq1Myvmwv7Ob4+GUzxu+M9Pjz9mQsWXwyK843nKIYSjjymGM9+U6RSj75EPO6PfF5xseOl9TaP8gbwao2I+HBaVw3pjbjqbAgAAnC/jN/0nHlKc6IQAAAAAAAAAAAAAAAAAAADgEzSNPzM76zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALzJywAAAP//ixdW4w==")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x4, 0x0, &(0x7f0000048000), 0xfffffffc)
futex(0x0, 0xc, 0x1, 0x0, &(0x7f0000048000), 0x0)
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000040), 0x208e24b)
fdatasync(r1)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
ftruncate(r1, 0x5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={0x0}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='jbd2_handle_stats\x00', r0, 0x0, 0x1}, 0x18)
mount_setattr(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x1100, &(0x7f0000000300)={0x80, 0x2, 0x80000}, 0x20)
socket(0x10, 0x2, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000080)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
r3 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_TIOCINQ(r3, 0x541b, &(0x7f0000000000))
syz_clone(0x6801800, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)

1m38.984208281s ago: executing program 4 (id=2773):
connect$netlink(0xffffffffffffffff, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x25dfdbfb}, 0xc)
syz_genetlink_get_family_id$batadv(&(0x7f0000000200), 0xffffffffffffffff)
setsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, &(0x7f00000000c0)=0x1, 0x4)
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
read$hidraw(r0, &(0x7f0000002380)=""/93, 0xfdef)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b80)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00'}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e0000000400000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r4}, 0x18)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@link_local={0x3}, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @rand_addr=0x64010102}, @time_exceeded={0x3, 0x4, 0x0, 0x12, 0xfe, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x68, 0x0, 0x0, 0x1, 0x2, @loopback, @loopback}}}}}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x4000, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
socket$inet(0x2, 0x1, 0x0)
socket$kcm(0x29, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r5 = semget$private(0x0, 0x7, 0x180)
semop(r5, &(0x7f0000000200)=[{0x4, 0xa7dd, 0x3000}], 0x1)
semtimedop(r5, &(0x7f0000000140)=[{0x4, 0x6000}], 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_RX_RING(r6, 0x11b, 0x2, &(0x7f0000000200)=0x1000000, 0x4)
getsockopt$XDP_STATISTICS(r6, 0x11b, 0x7, &(0x7f00000001c0), &(0x7f0000000180)=0x30)
r7 = socket$pptp(0x18, 0x1, 0x2)
fsopen(&(0x7f0000000240)='tmpfs\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r1, 0x2, &(0x7f0000000300)='seclabel', &(0x7f0000000440)="3cde9b9b5eb7b5916a44840cd9874001c56f6fff140fa5c8582828ea98dfceb2cd8ffad965f775c555ab4c6c06194b015527852ee6baadf0914eb2de7a4e832d60c2880bd7ee33c234fd26e917227438079e377326be9d65baf90d8e12e2cd0428b10f5b215eaafec4dcd56c3fa257d7c65e3ca7ef58f51c0400634c49e4d022a4c99fd57d3b1e33a32933ceded36ca9bc92b4bd31b0695933ed90b015dc4a297e81ca352a1cbf2fd139c9f19426f696c9ca87fc4cbd3d277cbab51dfad2", 0xbe)
close_range(r7, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000140), 0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f00000005c0)='ext4\x00', &(0x7f0000000600)='./file0\x00', 0x0, &(0x7f0000000640), 0x1, 0x5bc, &(0x7f0000001440)="$eJzs3V2IXGcdB+D/md1N87E1H7Zqa2xWQ20gdGez2YREvLDEj1qTWlG8CIWwZKe7IbM7a3YD3algizeiIII3IggVe2FFNJCbSqntRYs3Ckr9oKIxoIIIRSsFEdSRdz620+akCe7uHJrzPHBm3/Oe2X3f2eE355w57zkngNIaSw9ZxGhEXIyI7Z3Z1z9hrPOjefDCXJqyaLU+/bes/byZgxfmek/t/d629DAcsTkidh3LYu/Ile0urTTPTtfrtXPd+ery/GJ1aaV595n56dnabG3h0JGpo5OHp45Mrd9rnfjZ1lv/fOf9l594/p///tZvDv8g9Xe0u6z/dayXsRjr/k9GYmdf/XAWcd96N1aQoc5bHXf21WXDBXaI69Zq7fp+ev/eHhF72/nfHkPRefNeevrBf2yPX91bdB+BjdPqyV/8Sgu4YVXa28BZZTwiOuVKZXy8sw1/S2yt1BtLy/sfapxfmOlsK++IkcpDZ+q1ie6+wo4YydL8gXb5tfnJN8wfjGhvA39paEt7fvx0oz4z6A87oG004tLFz53etO0N+f/LUCf/wI0r5f+XLzz1bCq/OlR0b4BBSvn/3qvznwj5h9KRfygv+Yfykn8oL/mH8pJ/KC/5h/KSfygv+Yfykn8or17+HzhxIh44caLV7J7/vtCYPXN2bvHo5MT4/PnT46cb5xbHZxuN2fYZO/PX/rv1RmPxwGScf7i6XFtari6tNE/NN84vLJ9qn9d/qpZzKQCgACcvb75v557nXsoi4tEPbGlPyabuclmFG1urlUXR5yADxbDrD+XlUm1QXvbxgewayzdfbUF9/fsCDEal6A4AhbnrNsf/oKx8/w/l5ft/KC/b+IDv/6F8fP8P5TV6lft/3dx3766JiHhbRPx0aOSm3r2+gLeU1+3qj0ZcuvSdz1ZX78OtoKCgsFoo7oMKGIzXQl90T4CizBy8MNebBtXmM7ODagnI8/I9nUFAKffN7tRZMrx6bGBkg8YJ7bwjPf7o94/vmxtKU3Q/hzagKSDHo49FxLvy1v9Z+9jAju7zdnWeFrdExK0R8Y6IeOca2/7GpyLG4oVaf538w+Bcb/5vi4i0ur49It4dEbsj4j1rbPsXF1P+f72lv07+oRw+/3zRPQCK8vGniu4BUJSTxhhAaX33kaJ7ABTl6R8W3QOgKF99segeQLk9d09ETOQd/6u0j/f3jHSvC3hT91oAWyJia0Rs655DeHP3HMHtfccMr+XUJyPG4o4f99c5/geD0xv/17xi/F9ldfzfUETsWUMbz3xw9Ct59dO7U/6feKQ3/i9Nqf3eWEBgY738WMTtufnPVsf8ZpFyGvHe/7ONsS9cfjKv/sX7098d+bn8QzFa3454f+TnvyeVqsvzi9Wllebd7ft4z9YWDh2ZOjp5eOrIVLV9iZBq70IhOY7//ZX9efW/m0z5/+Yh+YdipPX/1qvkv3/7/31raOPY1798Mq9+9I8p/7ufffP8V/66KftMe753X4KHp5eXzx2I2JQdv7J+cg0dhRtcLyO9DKX879ubv/+/q/s7af1/LCI+nLYXIuI/EfHfiPhIRHw0Ij4WEfe+SZtfu2v2cl79H55M+X/8rPU/FCPlf+Ya6//0819raGP/vp98Ma/+Q3tS/sd/+6fjDw6nSf4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1t/SSvPsdL1eO7eBhaJfIwAAAAAAAJTF/wIAAP//d8Uzog==")
chown(&(0x7f00000003c0)='./file0\x00', 0x0, 0xee01)

1m38.085836534s ago: executing program 4 (id=2787):
bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
open_tree(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='block_bio_remap\x00', r0}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

1m38.068088066s ago: executing program 4 (id=2788):
syz_io_uring_setup(0x233, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x210000, &(0x7f00000001c0)={[{@data_err_ignore}, {@bsdgroups}, {@usrjquota}, {@journal_dev={'journal_dev', 0x3d, 0x6}}]}, 0x1, 0x4e7, &(0x7f0000000680)="$eJzs3M9vVNUeAPDvnc60BR7v9fF4KIhSQGNjYgsFhYUbTExcaGKEhSybthKkgKFNFNLIkBj2JC5NjEvjThO3ujSu/ANw4cLEkBDDBnA15s7c206n85OWljKfTzKdc+6ce885995z5/ScuTeAvjWa/kki/hURtyPiP7XoygSjtbcH9xanH95bnI5ypXL6r6Sa7n4az+Tr7cgiY4WIwudJwwZr5q9euzA1Nzd7JYtPLFz8eGL+6rVXz1+cOjd7bvbS5MmTx48dPfH65Gu9V6pJfmm97u/77PL+vW+fvfXudDFfPpy919ejpWJvxRht89lLvW3qibezLpys3k/XN7QwdG04O61LaftfnDt0drMLBGyYSqVSGWr9cbnS6MaqJcCWlcRmlwDYHEvf9PcWp+9nr43peTwZ7p6q/QOU1vtB9qp9UoxClqbU8P/tehqNiA/Kf3+VvqLFOMQnZyLi98dUAACg7/x0Ku8JNvb/CrGnLt2/szmUkYj4b0Tsioj/RcTuiPh/RDXtMxHxbGMGSUSlTf67G+LL+X+fzSIU7qy5km2k/b83srmtlf2/vPcXIwNZbGdE3mGePZLtk7EoDX14fm72aIvtD3bIv77/l77S/PO+YFaOO8WGAbqZqYWpR6vtandvROwrNtY/KaYHLp/GSSJib0Ts62G7I3Xh8698s38pUsrev6y9da5/VaXJlF7P83HNVL6OeLl2/MtRf/yT5RyT9vOTE8MxN3tkIj0LjjTN45dfb77XKv+O9f/hj8ZV3jrx4+k11zt3dzBie935H/n87fIk6kgSkSzN185HVAZ6y+Pmb61XyOdIyz2e/4PJmWo4b1+fTi0sXDkaMZi8s3r55PK6eTxPn57/Y4ebt/9d2TrpnnguItKT+PmIeCEiDmRlPxgRhyLicJv6//zmix+1q38X5/9jk9Z/pun1b8XxX56v7zKQr5wuGbhw8PbDFheP7q5/x6uhsWxJ8+tfsuIS0W1J17b3AAAAYGsoRPW3/4XxpXChMD5eGwPaHdsLc5fnFw5ExKWZ2j0CI1Eq5CNdtfHgUpKPf47UxScb4seyceMvBrZV4+PTl+dmNrvy0Od2VNt8sqr9p/7scZwX2ILWYR4N2KI6tf89tzaoIMCG8/0P/auu/ZdbJCn7pQw8nXz/Q/9q1v6vx7dt711wzYCtr6ItQ1/T/qF/FeP9pXD1tuemd9sCTyPf/9CXer2vv5tA/riGaxcqQ83TDEeTJwYMr3MxssC2JnltSiDtWa3jBksR0V3ibY+SRd4FbP2Eh0JvGxyK1R8NRLu1kh6e45AH0r3SMfG5Pet+8ufPROmcON+x3W35u+V2Wqo7FsVOR2ftgQ27BAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADxW/wQAAP//xYbIvg==")
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x2a, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x60, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001080)={0x4, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000440)='kfree\x00', r2}, 0x18)
r3 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000180)={'vxcan1\x00', <r4=>0x0})
bind$can_raw(r3, &(0x7f0000000200)={0x1d, r4}, 0x10)
bind$can_raw(r3, &(0x7f0000000040), 0x10)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000340)='kfree\x00', r5}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000480))
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, 0x0, &(0x7f0000000100))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x11, 0x0, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x45}, 0x94)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
socket$netlink(0x10, 0x3, 0x10)
r7 = socket$netlink(0x10, 0x3, 0x10)
setsockopt$sock_int(r7, 0x1, 0x8, &(0x7f0000000300), 0x4)
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2040}, 0xc, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="50040000", @ANYRESOCT, @ANYRES16=r4], 0x450}, 0x1, 0x0, 0x0, 0x20004005}, 0x2000c811)
r8 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)={0x3c, r8, 0x917, 0x0, 0x0, {}, [@L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x2}, @L2TP_ATTR_PEER_CONN_ID={0x8}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_FD={0x8, 0x17, @l2tp6}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x3}]}, 0x3c}}, 0x0)

1m38.043023299s ago: executing program 4 (id=2790):
socket$nl_route(0x10, 0x3, 0x0) (async)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet(0x2, 0x1, 0x6)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000001040)={'gre0\x00', &(0x7f0000000380)={'syztnl2\x00', <r2=>0x0, 0x2100, 0x700, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x60, 0x0, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @initdev={0xac, 0x1e, 0xfe, 0x0}}}}})
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000300)={'syztnl2\x00', &(0x7f0000000000)={'tunl0\x00', r2, 0x20, 0x40, 0x1001000, 0x6, {{0x5, 0x4, 0x2, 0x6, 0x14, 0x67, 0x0, 0xf9, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @initdev={0xac, 0x1e, 0xfe, 0x0}}}}})
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="1675692019a92c72878a0000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90)
pipe2$9p(&(0x7f0000001900), 0x0) (async)
pipe2$9p(&(0x7f0000001900)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000500)='9p_client_req\x00', r7}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000500)='9p_client_req\x00', r7}, 0x10)
dup(r6) (async)
r8 = dup(r6)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r8}, 0x2c, {[], [], 0x6b}}) (async)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r8}, 0x2c, {[], [], 0x6b}})
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r10}, 0x10)
mkdir(0x0, 0x5)
syz_read_part_table(0x59d, &(0x7f0000000000)="$eJzs0r1Le1cYB/CTgIRCJSKCgx0Eg0ujQhx0SAYrMWQxIlYcnAUHHQQHB0mJzr78A4pvIC5iZ0cxgijESTKKc0FxyZTS9hZq7dIWU/rj81ku55znuc89fG/gfy0efmo2m7EQQjPx97u/P8tPFHunxqZnQoiF+RBC/puvfz2JRRW/v/UiWpeidTGRqR3cjr+eddz1PVRTR/Ho/DIewg8hhKWn4+S/vRtfvvPcdXJjc6WwtZZbfCysPw8vDOR7tvPLuyOH2fJsd3Yu+rEu462Zn6qNntw3Sy977YNt1VojcxPVpWOfM5//1p/z3++q1CuNyf7T1aF0Z/2qvBPl/iZ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgk53nrpMbmyuFrbXc4mNh/Xl4YSDfs51f3h05zJZnu7Nz8d/qLuOtmZ+qjZ7cN0sve+2DbdVaI3MT1aVjH1q/+/FzPokW+ja8z3+/q1KvNCb7T1eH0p31q/JOlPvbx/wBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5SfqLYOzU2PRNCLMyHEMbjHce/7DcT7+suomcp2i8mMrWD2/HXs467vodq6mgqEcIfW5aejpNfteoS/GM/BwAA//8394ZP")
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'veth0\x00', <r11=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="440000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r11, @ANYBLOB="080003"], 0x44}}, 0x0)
unlink(&(0x7f00000005c0)='./file0\x00')

1m23.009554409s ago: executing program 32 (id=2790):
socket$nl_route(0x10, 0x3, 0x0) (async)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet(0x2, 0x1, 0x6)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000001040)={'gre0\x00', &(0x7f0000000380)={'syztnl2\x00', <r2=>0x0, 0x2100, 0x700, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x60, 0x0, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @initdev={0xac, 0x1e, 0xfe, 0x0}}}}})
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000300)={'syztnl2\x00', &(0x7f0000000000)={'tunl0\x00', r2, 0x20, 0x40, 0x1001000, 0x6, {{0x5, 0x4, 0x2, 0x6, 0x14, 0x67, 0x0, 0xf9, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @initdev={0xac, 0x1e, 0xfe, 0x0}}}}})
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="1675692019a92c72878a0000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90)
pipe2$9p(&(0x7f0000001900), 0x0) (async)
pipe2$9p(&(0x7f0000001900)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000500)='9p_client_req\x00', r7}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000500)='9p_client_req\x00', r7}, 0x10)
dup(r6) (async)
r8 = dup(r6)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r8}, 0x2c, {[], [], 0x6b}}) (async)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r8}, 0x2c, {[], [], 0x6b}})
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r10}, 0x10)
mkdir(0x0, 0x5)
syz_read_part_table(0x59d, &(0x7f0000000000)="$eJzs0r1Le1cYB/CTgIRCJSKCgx0Eg0ujQhx0SAYrMWQxIlYcnAUHHQQHB0mJzr78A4pvIC5iZ0cxgijESTKKc0FxyZTS9hZq7dIWU/rj81ku55znuc89fG/gfy0efmo2m7EQQjPx97u/P8tPFHunxqZnQoiF+RBC/puvfz2JRRW/v/UiWpeidTGRqR3cjr+eddz1PVRTR/Ho/DIewg8hhKWn4+S/vRtfvvPcdXJjc6WwtZZbfCysPw8vDOR7tvPLuyOH2fJsd3Yu+rEu462Zn6qNntw3Sy977YNt1VojcxPVpWOfM5//1p/z3++q1CuNyf7T1aF0Z/2qvBPl/iZ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgk53nrpMbmyuFrbXc4mNh/Xl4YSDfs51f3h05zJZnu7Nz8d/qLuOtmZ+qjZ7cN0sve+2DbdVaI3MT1aVjH1q/+/FzPokW+ja8z3+/q1KvNCb7T1eH0p31q/JOlPvbx/wBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5SfqLYOzU2PRNCLMyHEMbjHce/7DcT7+suomcp2i8mMrWD2/HXs467vodq6mgqEcIfW5aejpNfteoS/GM/BwAA//8394ZP")
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'veth0\x00', <r11=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="440000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r11, @ANYBLOB="080003"], 0x44}}, 0x0)
unlink(&(0x7f00000005c0)='./file0\x00')

3.002066801s ago: executing program 2 (id=4864):
r0 = socket(0x2, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r1=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000004679100000000000000000095"], &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x40f00, 0x40, '\x00', r1, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xff}, 0x94)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r3, &(0x7f0000000500)={0xa, 0x4e20, 0xffffffff, @empty, 0x4}, 0x1c)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000280)={0x1, &(0x7f00000000c0)=[{0x6, 0x9, 0xc, 0xb6}]}, 0x10)
syz_emit_ethernet(0xbe, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaffff000000000000000800450000b0000000000011907864010101ac14142100004e20009c907801000000000000007b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82ab05584cbf2649a50f2dbc43efa8698dfa871c51852e4451b5c045942824251d7d17b5191584cdd4fbe40a27424dbcfd56f1373669ca4745a8f762b9649a3bfbc1f39cb307b3472eb9cdb0c3366abfcbb2c5a57df67d544af6e8dafe0900"/190], 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18"], 0x0, 0x4}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3}, 0x94)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x40f00, 0x5, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00', <r6=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0x9, 0xb}}}, 0x24}}, 0x800)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r5, 0x8933, &(0x7f0000000080)={'wg0\x00'})
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000300)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x2, '\x00', r6, 0xffffffffffffffff, 0x0, 0x5, 0x1}, 0x50)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/cgroup.procs\x00', 0xa02, 0xc1)
syz_io_uring_setup(0x4e0, &(0x7f00000000c0)={0x0, 0x79af, 0x3180, 0x8000, 0x400252}, 0x0, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
ptrace(0x10, 0x0)
ptrace$setregset(0x4205, 0x0, 0x202, &(0x7f00000000c0)={0x0})

2.890547431s ago: executing program 2 (id=4869):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r2}, 0x10)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000008c0)=ANY=[@ANYBLOB="54000000000801010000ffffe00000000a000000050003002f0000000600024000000000240004800800024000000000080001400000fcff07000140800000010800014080000001090001"], 0x54}, 0x1, 0x0, 0x0, 0x4004}, 0x28040000)

2.869354783s ago: executing program 2 (id=4871):
r0 = syz_io_uring_setup(0x5c6, &(0x7f0000000140)={0x0, 0x1001, 0x0, 0x6}, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000580)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x18, 0x0, 0x0, 0x4, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x40, 0x1})
io_uring_enter(r0, 0x6e2, 0x3900, 0x1, 0x0, 0xe00)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040))
openat$dir(0xffffffffffffff9c, 0x0, 0x40000, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)

2.821708437s ago: executing program 2 (id=4872):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0x10, &(0x7f0000000580)=ANY=[], 0x0, 0x6, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000008c0)=ANY=[@ANYBLOB="54000000000801010000ffffe00000000a000000050003002f0000000600024000000000240004800800024000000000080001400000fcff07000140800000010800014080000001090001"], 0x54}, 0x1, 0x0, 0x0, 0x4004}, 0x28040000)

2.820815338s ago: executing program 2 (id=4873):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x12, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1, 0x0, 0x1}, 0x18)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0)
r2 = socket(0x2, 0x80805, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r3, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000200)={<r4=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x1f, 0x4, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x80}, [@call={0x85, 0x0, 0x0, 0x8f}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r3, 0x84, 0x7a, &(0x7f0000000340)={r4, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
sendmmsg$inet_sctp(r2, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30}], 0x1, 0x0)
setsockopt(r2, 0x84, 0x7d, &(0x7f0000000440)='\a\x00\x00\x00\x00\x00\x00\x00', 0x8)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000080000000b"], 0x48)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000001a00000a8500000007000000c500"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r6}, 0x18)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r7, &(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10)
setsockopt$sock_int(r7, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
sendto$inet(r7, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @multicast1}, 0x10)
sendto$inet(r7, &(0x7f0000000100)='J', 0xfdbe, 0x4004084, 0x0, 0x11000a00)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000000400000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0xe, 0x7fff0000}]})
socket$tipc(0x1e, 0x2, 0x0)
r9 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r9, 0x10f, 0x87, &(0x7f0000000000)={0x40000042}, 0x10)
close_range(r8, 0xffffffffffffffff, 0x0)

2.79947555s ago: executing program 2 (id=4874):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip6_mr_cache\x00')
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
r1 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000940), 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000ac0)=@base={0x20, 0x7f, 0x9, 0x1, 0x10024, r0, 0x9, '\x00', 0x0, r1, 0x1, 0x5}, 0x50)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r3, 0x0, 0x20000ffffffff}, 0x18)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r4, 0x400455c8, 0x0)
syz_usb_connect(0x2, 0xfffffffffffffe86, 0x0, 0x0)
open(&(0x7f0000000080)='.\x00', 0x518282, 0x78e22799f4a46e8e)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r5 = timerfd_create(0x0, 0x0)
timerfd_settime(r5, 0x3, &(0x7f0000000440)={{0x0, 0x3938700}}, 0x0)
r6 = memfd_create(&(0x7f00000005c0)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10`\xee\xa9\x8b\x06%\xb8G\xd1c\xe1$\xff\x97k\xde\xc5\xa96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xd9Ux\xaa\x8f~\xb94a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x05\x1d\xa1\xce\x8b\x19\xea\xef\xe3\xd6m\xf7@]iNP\xf1\x1d\xb9\x13\xce\x152s\xb8\x85\x98\x84\xbf\x8c\x80{\x16\t\xd6\x17P3\xe9\xebGKL\xd3\x88\xd2\rLG\x8e\xd6\xa72\xf4\x92\xeb&\xa5\xcc\x14FZN\x98%[p\x989\xf6\xf5\xb6\xedk\xe6\xb0\xa1\x8f\x90\xdb\xd6h)\x0f6\x88\x03P\x8ak\xf9\xc9\x82`\xa7Ku\x99\xab\xd4\xb2\xaa1\x99O\x8b\x99-\xe3', 0x7)
dup(r6)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
ioctl$TIOCVHANGUP(r4, 0x5437, 0x0)

2.041015991s ago: executing program 1 (id=4894):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000002300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x20000}, 0x94)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000001c0)}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004140)=[{&(0x7f0000000240)=""/212, 0xd4}], 0x1}, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000001080)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000040)=ANY=[], 0x10}], 0x1}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4c030000160001000000000000000000fc010000000000000000000000000000fe88000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac141400000000000000000000000000000000006c000000ac14140000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000025bd7000000000000000000000000000000000000300000006"], 0x34c}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000c80)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000001240)=@newqdisc={0x860, 0x24, 0x4ee4e6a52ff56541, 0x30bd27, 0x4000005, {0x0, 0x0, 0x42c, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x834, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x4, 0x0, 0x101, 0x3, 0xc, 0x13}, {0x17, 0x0, 0x8001, 0x200, 0x2, 0x7}, 0xffffff80, 0x947, 0xe03}}, @TCA_TBF_RTAB={0x404, 0x2, [0x6, 0x6, 0x6b16, 0x7, 0xfffffffd, 0x8, 0x8, 0x3, 0x7, 0x7, 0x5, 0x40000, 0x80, 0x9, 0x30, 0x4, 0x81, 0x9, 0x2, 0x8, 0x40, 0x8, 0x80000001, 0x80, 0x10000403, 0x7a2, 0x2, 0x400, 0x3, 0xfffffffa, 0x6, 0x6, 0xaf8, 0x1, 0x3, 0x3ff, 0xfff, 0x2, 0x3, 0x10001, 0x1, 0x5, 0x10001, 0x3, 0x59, 0x3, 0xd54e, 0x40, 0x6, 0xd, 0x0, 0x28, 0x9, 0xa4800000, 0x1, 0xa0, 0x1, 0x7, 0x4, 0x1, 0x7, 0x4, 0xff, 0x5, 0x7, 0x3ff, 0x3, 0xf6a5, 0x7, 0x8, 0x2, 0xcff, 0xfffffacf, 0x0, 0x4, 0x100, 0xa, 0x1, 0x2, 0x8002, 0x5, 0x5, 0x800005, 0xbffffffb, 0x5, 0x0, 0x8, 0x6, 0x2, 0xe, 0xe, 0x7, 0x4, 0x496c01fc, 0x4, 0x7fffffff, 0x9, 0x8, 0x12, 0x9, 0x80000001, 0x325b, 0x7, 0x0, 0x80000006, 0x2, 0x3, 0x5, 0x1, 0x18001, 0x5, 0x94, 0x2, 0x9, 0x5, 0x3, 0x5, 0x80, 0x1, 0xffffffff, 0x4, 0x0, 0x6e4b03e5, 0x3, 0x4, 0x5, 0xa993, 0x200, 0x6847adf1, 0xfffffffc, 0x9, 0x81, 0x7, 0x5, 0x5, 0x7fffffff, 0x8, 0xc, 0xd, 0x8, 0x1, 0x7fffffff, 0x8, 0x0, 0x8, 0x5, 0x2, 0x4, 0xe, 0x8001, 0x8, 0x40000, 0x0, 0x9, 0xd, 0x5, 0x8, 0x100, 0x8, 0x0, 0x1, 0x2, 0x9, 0x6, 0x3ff, 0x5, 0x1, 0xf682, 0x40, 0x3, 0x8, 0xffffffff, 0x1fffe, 0xfffdfffe, 0x5, 0x1, 0xfffffff8, 0xa608, 0x23972b48, 0x407, 0x0, 0x40, 0xd, 0x4, 0xa, 0x5, 0x6, 0x10, 0x5, 0x5, 0x10, 0x41, 0x42, 0x76, 0x3, 0xfffffffa, 0x7, 0x2, 0x20004, 0x40, 0x9, 0x6, 0x2ef, 0xfffffffb, 0xcf30, 0x8, 0x4, 0xffffff8a, 0xfffffffe, 0x4, 0x80000000, 0x4, 0x0, 0x0, 0x2, 0x1, 0xfff, 0x4, 0x2, 0x9, 0x5, 0x9, 0x5, 0x8, 0x80000000, 0x0, 0x3, 0xeff, 0x6, 0x8001, 0x8, 0xc, 0x3, 0x1, 0x24, 0x0, 0x8, 0x6c67, 0x800, 0xffffff59, 0x9, 0x0, 0x303, 0x7, 0x1, 0x2, 0x6, 0x6561, 0x800007, 0x4, 0xc, 0x42, 0x3c04, 0x5f, 0x5fa, 0x1]}, @TCA_TBF_PTAB={0x404, 0x3, [0x6, 0x4, 0x4, 0x180, 0xe9eb, 0x5, 0x4, 0x6, 0x8, 0xc, 0x0, 0x10, 0x0, 0xff, 0x4, 0x1, 0x2, 0x4, 0x5, 0xfff, 0x80000000, 0xfffffff8, 0x400, 0x6, 0x0, 0x4, 0x7d1, 0x5, 0x2, 0xfff, 0x7, 0xf20, 0x7, 0x37, 0x8, 0x57a8148c, 0xec6e, 0x7, 0xa757, 0x6, 0x2, 0x6, 0x9, 0x8, 0x4, 0x5, 0x8aa7, 0x8000, 0x7fffffff, 0x2, 0x8, 0x6, 0x9, 0x2, 0x8, 0x731, 0x7f, 0x5, 0x9, 0x1, 0x11, 0x9, 0x8, 0x10, 0x8000, 0xe, 0xfffffff8, 0x9, 0x3803, 0x0, 0x3, 0x3, 0x4, 0x6e9, 0x6, 0x7, 0xfffffff8, 0x1, 0xff, 0x6, 0x7, 0x3, 0x6, 0x8, 0x80000000, 0x3, 0xf408, 0x8, 0x4, 0x8, 0x93, 0x94c, 0x1, 0x8, 0x406b, 0xa, 0x3, 0x0, 0xb85f, 0x4, 0xb, 0x293, 0x8, 0x6, 0xda, 0x9, 0xf, 0x9, 0x4, 0x1, 0x4, 0x0, 0x4, 0x30000, 0xba6, 0x4342, 0x3, 0xfffffffd, 0x2, 0x0, 0x3, 0x6, 0xa, 0x200, 0xc, 0x4, 0x2, 0x6, 0x400, 0x400, 0x10000, 0x9, 0x6, 0x0, 0x7, 0x8, 0x4, 0x4, 0x0, 0x9, 0x10, 0xfffffffe, 0x5, 0x9, 0x7, 0x7, 0x400, 0x5, 0x3, 0x0, 0x275c, 0x0, 0xb29, 0x9, 0x3ff, 0x537, 0x3, 0x4, 0x6, 0xe3075b53, 0x4, 0x9, 0x8, 0x0, 0x2, 0x4, 0x3, 0xfffffffa, 0x6, 0x6, 0x1000, 0x7, 0x8, 0x10000, 0x8, 0x200, 0x5, 0xfffffffc, 0x7fffffff, 0x2471, 0xe5, 0xffffffff, 0x1, 0x40, 0x7fff, 0x3202, 0x7fffffff, 0x9, 0xfffffff7, 0x8000, 0x3, 0x8001, 0x20004, 0x4000, 0xb318, 0x9, 0x8, 0x9, 0x1, 0x5, 0x9, 0x80000000, 0x49, 0x5, 0x800, 0x3, 0x7fffffff, 0x1, 0x5, 0x4, 0x8, 0xc97b, 0x3, 0x9, 0x5, 0x0, 0x4, 0x9, 0x9, 0xfc, 0x7, 0xffffffff, 0xf, 0xa52, 0x3, 0x8, 0x9, 0xf9, 0x7, 0x7, 0x3, 0x10, 0x8, 0xe9, 0x47ae00c4, 0x54a4, 0x3, 0xf6, 0x4, 0x6a43, 0x6, 0x400, 0x5, 0x5, 0x5, 0x5, 0x2, 0x81, 0x745, 0x8, 0xe, 0x1, 0x8, 0x200, 0x4, 0x2]}]}}]}, 0x860}}, 0x8000)

1.224471426s ago: executing program 5 (id=4908):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1], 0x0, 0x6, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r2}, 0x10)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000008c0)=ANY=[@ANYBLOB="54000000000801010000ffffe00000000a000000050003002f0000000600024000000000240004800800024000000000080001400000fcff07000140800000010800014080000001090001"], 0x54}, 0x1, 0x0, 0x0, 0x4004}, 0x28040000)

1.201439878s ago: executing program 5 (id=4910):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x12, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1, 0x0, 0x1}, 0x18)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0)
r2 = socket(0x2, 0x80805, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r3, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000200)={<r4=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x1f, 0x4, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x80}, [@call={0x85, 0x0, 0x0, 0x8f}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r3, 0x84, 0x7a, &(0x7f0000000340)={r4, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
sendmmsg$inet_sctp(r2, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30}], 0x1, 0x0)
setsockopt(r2, 0x84, 0x7d, &(0x7f0000000440)='\a\x00\x00\x00\x00\x00\x00\x00', 0x8)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000080000000b"], 0x48)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000001a00000a8500000007000000c500"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r6}, 0x18)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r7, 0x0, 0x0)
setsockopt$sock_int(r7, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
sendto$inet(r7, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @multicast1}, 0x10)
sendto$inet(r7, &(0x7f0000000100)='J', 0xfdbe, 0x4004084, 0x0, 0x11000a00)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000000400000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0xe, 0x7fff0000}]})
socket$tipc(0x1e, 0x2, 0x0)
r9 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r9, 0x10f, 0x87, &(0x7f0000000000)={0x40000042}, 0x10)
close_range(r8, 0xffffffffffffffff, 0x0)

1.18204041s ago: executing program 1 (id=4913):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000e3479af100000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r0, 0x0, 0x4}, 0x18)
add_key(&(0x7f0000000280)='rxrpc\x00', 0x0, &(0x7f0000000100)="01000000020000000000006bb55a2a630bf7c045f94cd977", 0x18, 0xffffffffffffffff)

1.171281841s ago: executing program 5 (id=4914):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080), 0x20100, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYRES8, @ANYRES16=r0, @ANYBLOB="95551b2ac1e5f4de066581376705f51272966cfbba5bafd544031c54a599e2af5fa39e7f22f81555caae93011580bf8b10603048fb101cb70fd7d87f6afe145cca97c6d1a2858e53c59379589c3b6a21cb7ed1613868ddbae25486c672510fd27b2e5a281378d3242f824c3986f8570114c69752a1f5fe3db1d1515d3650a95927cad6bbc5ad52f84ec6751cc48bb219b99f57d4a30467238fb1b1708a08545acb85494f66ead8ac61cdad4ce5", @ANYRES32=r0, @ANYRESDEC], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0)
write$binfmt_aout(r3, &(0x7f0000000080)=ANY=[], 0xff2e)
ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "0040001e1d113c812e5d6000"})
r4 = syz_open_pts(r3, 0x0)
r5 = dup3(r4, r3, 0x0)
read$watch_queue(r5, &(0x7f0000000240)=""/173, 0xad)
ppoll(&(0x7f0000000140)=[{r3}], 0x1, 0x0, 0x0, 0x0)
ioctl$TCSETSF(r4, 0x5404, &(0x7f0000000180)={0x80000001, 0x2, 0x81e6b76d, 0x3, 0x9, "aa32b73986bbee6b9231334cbfa0b748261a13"})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
io_setup(0x2, &(0x7f0000000000))
eventfd2(0xc, 0x800)
open(&(0x7f0000000140)='./file1\x00', 0x64042, 0x1e9)
r6 = openat(r5, &(0x7f00000001c0)='./file1\x00', 0x0, 0x12a)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x8003}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x94, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x6c, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x22}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x7}]}}}, {0x34, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_BITWISE_XOR={0x4}, @NFTA_BITWISE_MASK={0x4}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x108}}, 0x0)
signalfd(0xffffffffffffffff, &(0x7f0000000000)={[0x5]}, 0x8)
mount$9p_fd(0x0, &(0x7f0000000200)='./file1\x00', &(0x7f0000000240), 0x10, &(0x7f0000000700)=ANY=[@ANYBLOB="7132f0b7d4fc834f7098b069a5e76a9676e54e2a0cc93a13d8c0fef1c4a309ca1a477a986c3b4f762866903266e85b73120126de3540f2fa1ecfdfbd2ada4137b835bb71a787f28dfd7fced631b6bbde3c3b37099600f356c2a2217c5c54326317be574aaa4cf6dd719c012f313e86fb29bd1b892d6a5574473770c5add097a549397b230de79c13dd2db189deebda45358e08150b61c253f8a95143a0ef250d42f136ab9e73fc", @ANYRESHEX=r6, @ANYBLOB=',wfdno=', @ANYRESHEX=r0])
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020047b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000020000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000006c0)='kfree\x00', r9}, 0x18)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r10, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x8042, 0x21)
eventfd2(0x40, 0x1)

1.123553936s ago: executing program 1 (id=4915):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000540)='syzkaller\x00', 0x3, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18)
perf_event_open(&(0x7f0000000fc0)={0x2, 0x80, 0x2, 0x1, 0x0, 0x0, 0x0, 0xb, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}, 0x100004, 0x0, 0x2000005, 0x4, 0x0, 0x4}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x9)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'veth0\x00', <r3=>0x0})
setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f00000004c0)={r3, 0x3, 0x6, @remote}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_sock_diag(0x10, 0x3, 0x4)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
epoll_create1(0x80000)
sendmsg$SOCK_DIAG_BY_FAMILY(r5, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000580)={0x368, 0x14, 0x10, 0x70bd29, 0x25dfdbff, {0xf, 0x2}, [@INET_DIAG_REQ_BYTECODE={0x87, 0x1, "9f3ed0ffb208092ad489bfeeabcc42fffd902a49674aaf8240fea0f6cc7d74ed99dfe072b563eec63159531177a5a4bb23d38995dcf0776d66d52e6b0ec66d975f056a7eb413248c069a805ed5a73d6d84b729b2a5284114fc2e6fadc2e509c1fbda6906fdf172c953a136729d50eebad1fe3a4cd637cde93a30f3ce7da71923a52490"}, @INET_DIAG_REQ_BYTECODE={0xd8, 0x1, "a2499804e29cd87987da69e25aee19cef0bf80fb211e115ec039fce8262b86f53cf874769f05edc9d210b54231dd035245accb53165fbab621d0afd318a3b15388e812b43fa548ab74386c38a0fdda5de728ce4ed70459fb4b2ae936ee25900cae4cd6a01fa199f457f33f546291eef0466b7a5fc9a9754b610780705d855168dcfa7cfe2777ec59f1bb080f30bef11540b4ab247eeb1651107f7466ad9f9125029da38cf7ffe9d0eb6c14103aa28c81f0c92a6f5d9f222bddfcb51f69c3ef196428f5317412e8fa46585e53590efca72826399c"}, @INET_DIAG_REQ_BYTECODE={0x3d, 0x1, "e345e34bdc2e1ba4e9a7a78c792673c016dda7e752e8f084d98f10288439884cd4f03e856ee578cd7e8a7be426e62af5f06737eb2124f29e92"}, @INET_DIAG_REQ_BYTECODE={0x65, 0x1, "ab93f31a40ac0923651e504c6cc4114df907c03578dae56b28f57e138dd6c02b1e672b26e5423e85890c7583ea85d3a9ffc3ece9c707c2530d3a322f0d2716c005f6cdbe757334b637024bb0c8b988230bf18c5f506f7c5febb7749474b8db6c25"}, @INET_DIAG_REQ_BYTECODE={0x42, 0x1, "12cf2e919c1cd6b4caf63e4de2c3cf6f79433d50d77cecd3dfc243743f298a55a29026c4f52b8b5ea4587333c447ef101430b6a6116daea5675769e641a3"}, @INET_DIAG_REQ_BYTECODE={0xe8, 0x1, "ed8c2cc83832d5fc5d5a95e064f3d37971f7b227ca460b665d84e3856716d206def598e5a939a02ef4668cdbce1271661c94265807e67579cb6d18ac3c02fc7e33cc4c58c31d29c568aceb4314e4dc44f712442b50a9aa048cc3f2bca5507439a2680761911450bc342f3cda79d028035a0e689e7a54f7f933fecb7b1bddc5466ccd5ed4fa78f49ff9101f72315406b38ea68fa9644b9663aa499ba90ceb121dce0786aef029e851bbd84363f33632236ac12779c220f418b7e545ac74d3625679813e8aeb2268855d5ea43aeade2244f156d3f78479ca56f0941757578cf77df61f2760"}, @INET_DIAG_REQ_BYTECODE={0x1d, 0x1, "86727d70dffec84f26d6898e8f625954549e5debd1d548aa62"}]}, 0x368}, 0x1, 0x0, 0x0, 0x24008040}, 0x880)
setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000000)={r3, 0x1, 0x6, @random="790c7edd3d8d"}, 0x10)
sendmsg$nl_route_sched(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000440)=@getchain={0x24, 0x11, 0x1, 0x0, 0x1ffffff, {0x0, 0x0, 0x0, r3, {0x7, 0x9}, {0xd, 0xc}, {0x8}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x20048054)

1.047906582s ago: executing program 1 (id=4916):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00'}, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_io_uring_setup(0x4e4, &(0x7f00000000c0)={0x0, 0x79af, 0x3180, 0x4001, 0x400252}, &(0x7f0000000640), &(0x7f00000004c0))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup(r1)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
writev(r0, &(0x7f0000000080)=[{&(0x7f0000000100)="2e9b3d0007e03dd65193df163e75963f86ddf06712e9001c2f8db0049d90491c3248040000f858dbb8a1", 0x2a}, {&(0x7f0000000200)="c159691df9ff", 0x6}, {&(0x7f00000002c0)="9972d8f141059a38f129", 0xa}], 0x3)

939.492473ms ago: executing program 1 (id=4917):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x4, 0x28}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41002, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18)
sendmsg$key(0xffffffffffffffff, 0x0, 0x4000000)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x40)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000240)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x2e, 0x7fff0000}]})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0)
pipe(&(0x7f0000000400))
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000480)='/sys/kernel/rcu_normal', 0x1, 0x20)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001100)=@newsa={0x194, 0x10, 0x831, 0x870bd2b, 0x0, {{@in6=@private1, @in=@private, 0x0, 0xecdf, 0x0, 0x0, 0xa}, {@in=@broadcast, 0x0, 0x32}, @in=@local, {0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x7f}, {0x0, 0x400800}, {}, 0x0, 0x0, 0x2, 0x4, 0x3, 0x2c}, [@algo_crypt={0x58, 0x2, {{'cbc(aes)\x00'}, 0x80, "e0fad3f10cd3a506627800000000074f"}}, @algo_auth_trunc={0x4c, 0x14, {{'hmac(sha256)\x00'}, 0x0, 0x80}}]}, 0x194}}, 0x4050)

919.471425ms ago: executing program 1 (id=4918):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip6_mr_cache\x00')
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000900)={0xffffffffffffffff, 0xe0, &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000600)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x5, 0x4, &(0x7f0000000640)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x3e, &(0x7f00000007c0)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x10, &(0x7f0000000840), &(0x7f0000000880), 0x8, 0xda, 0x8, 0x0, 0x0}}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000ac0)=@base={0x20, 0x7f, 0x9, 0x1, 0x10024, r0, 0x9, '\x00', r1, 0xffffffffffffffff, 0x1, 0x5}, 0x50)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r3, 0x0, 0x20000ffffffff}, 0x18)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r4, 0x400455c8, 0x0)
syz_usb_connect(0x2, 0xfffffffffffffe86, 0x0, 0x0)
open(&(0x7f0000000080)='.\x00', 0x518282, 0x78e22799f4a46e8e)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r5 = timerfd_create(0x0, 0x0)
timerfd_settime(r5, 0x3, &(0x7f0000000440)={{0x0, 0x3938700}}, 0x0)
ioctl$TIOCVHANGUP(r4, 0x5437, 0x0)

881.107558ms ago: executing program 5 (id=4920):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x4, 0x28}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41002, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18)
sendmsg$key(0xffffffffffffffff, 0x0, 0x4000000)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x40)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000240)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x2e, 0x7fff0000}]})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0)
pipe(&(0x7f0000000400))
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000480)='/sys/kernel/rcu_normal', 0x1, 0x20)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001100)=@newsa={0x194, 0x10, 0x831, 0x870bd2b, 0x0, {{@in6=@private1, @in=@private, 0x0, 0xecdf, 0x0, 0x0, 0xa}, {@in=@broadcast, 0x0, 0x32}, @in=@local, {0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x7f}, {0x0, 0x400800}, {}, 0x0, 0x0, 0x2, 0x4, 0x3, 0x2c}, [@algo_crypt={0x58, 0x2, {{'cbc(aes)\x00'}, 0x80, "e0fad3f10cd3a506627800000000074f"}}, @algo_auth_trunc={0x4c, 0x14, {{'hmac(sha256)\x00'}, 0x0, 0x80}}]}, 0x194}}, 0x4050)

852.694881ms ago: executing program 5 (id=4922):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x6, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000f00)=ANY=[@ANYBLOB="a00000002100010027bd7000fbdbdf25ff010000000000000000000000000001fe8000000000000000000000000000bb4e2100004e219ffd070080201d000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="a86b6e00b300000050001100fc00000000000000000000000000000100000000000000000000000000000001ffffffff000000000000000000000000000000000000000000000000000000006c010000000000000a008801"], 0xa0}, 0x1, 0x0, 0x0, 0x4000840}, 0x20004040)
io_uring_enter(0xffffffffffffffff, 0x627, 0x4c1, 0x43, 0x0, 0x0)
writev(r0, &(0x7f0000000080)=[{&(0x7f0000000100)="2e9b3d0007e03dd65193df163e75963f86ddf06712e9001c2f8db0049d90491c3248040000f858dbb8a1", 0x2a}, {&(0x7f0000000200)="c159691df9ff", 0x6}, {&(0x7f00000002c0)="9972d8f141059a38f129", 0xa}], 0x3)

844.892622ms ago: executing program 0 (id=4923):
renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x3, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000200)={0x0, @loopback, @multicast2}, &(0x7f0000000580)=0xc)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000001940)={@local, @multicast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x2, 0x2, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x8}}}}}, 0x0)
syz_emit_ethernet(0x32, &(0x7f0000000000)={@link_local, @local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0xe000, 0xff, 0x11, 0x0, @empty, @empty}, {0xfffc, 0x4620, 0x10, 0x0, @gue={{0x1, 0x1, 0x1, 0x2, 0x100, @void}, "5ca1652c"}}}}}}, 0x0)

831.096773ms ago: executing program 0 (id=4924):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x12, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1, 0x0, 0x1}, 0x18)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0)
r2 = socket(0x2, 0x80805, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r3, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000200)={<r4=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x1f, 0x4, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x80}, [@call={0x85, 0x0, 0x0, 0x8f}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r3, 0x84, 0x7a, &(0x7f0000000340)={r4, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
sendmmsg$inet_sctp(r2, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30}], 0x1, 0x0)
setsockopt(r2, 0x84, 0x7d, &(0x7f0000000440)='\a\x00\x00\x00\x00\x00\x00\x00', 0x8)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000080000000b"], 0x48)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000001a00000a8500000007000000c500"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r6}, 0x18)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r7, 0x0, 0x0)
setsockopt$sock_int(r7, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
sendto$inet(r7, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @multicast1}, 0x10)
sendto$inet(r7, &(0x7f0000000100)='J', 0xfdbe, 0x4004084, 0x0, 0x11000a00)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000000400000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0xe, 0x7fff0000}]})
socket$tipc(0x1e, 0x2, 0x0)
r9 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r9, 0x10f, 0x87, &(0x7f0000000000)={0x40000042}, 0x10)
close_range(r8, 0xffffffffffffffff, 0x0)

810.133965ms ago: executing program 0 (id=4925):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x6}, 0x18)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000600)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$inet(r2, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffda1, 0x0}}], 0x40001b6, 0x0)
close(r3)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r4}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000400), r5)
r6 = socket(0x10, 0x803, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100))
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x40, 0x0, 0x0, r8}, [@IFA_FLAGS={0x8, 0x8, 0x702}, @IFA_ADDRESS={0x14, 0x1, @loopback}]}, 0x34}}, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r10}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0xfffffffd}, 0x50)

764.467619ms ago: executing program 5 (id=4937):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES16=r1, @ANYBLOB="31832abd70000000000019"], 0x2c}, 0x1, 0x0, 0x0, 0x50}, 0x4886)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={&(0x7f0000000100), 0x4}, 0x0, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xfffffffffffffffb, 0xffffffffffffffff, 0x2)
socket$kcm(0x10, 0x2, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000a00)={0x400007f, {{0xa, 0x4e23, 0x130e25a2, @local, 0x7}}}, 0x88)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
setrlimit(0x9, &(0x7f0000000800)={0x5838, 0x2})
shmctl$IPC_RMID(0x0, 0x0)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ptrace$getsig(0x4202, r3, 0x6, &(0x7f00000000c0))
ioctl$KDGKBDIACR(r6, 0x4b4a, &(0x7f0000000840)=""/242)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000400)=@raw={'raw\x00', 0x8, 0x3, 0x370, 0x238, 0x11, 0x148, 0x238, 0x0, 0x2d8, 0x2a8, 0x2a8, 0x2d8, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x8800, 0x1f0, 0x238, 0x0, {}, [@common=@inet=@socket2={{0x28}}, @common=@inet=@hashlimit3={{0x158}, {'bridge0\x00', {0x6, 0x6, 0x40, 0x6, 0x0, 0x3, 0x5, 0x8, 0x0, 0x20}, {0x5}}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0xfffffffe}}}, {{@ip={@multicast2, @remote, 0x0, 0x0, 'vlan0\x00', 'macvlan1\x00', {}, {0xff}}, 0x0, 0x70, 0xa0}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3d0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x10042, 0xa2)
ioctl$FS_IOC_RESVSP(r8, 0x40305828, 0x0)
bind$unix(r7, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)

699.840435ms ago: executing program 0 (id=4929):
prctl$PR_SET_NAME(0xf, &(0x7f0000000980)='\xff\x00\x00\x00\x00\x00\x000`\x14\x99\x06\xc0\x7fs\x00\t\x14\x17\xc3\xf5\xc9\v\x85\xe7\x00\x00\x18\x88\x06\x94\x98\xa9\xe7\x1c\x8a\x89\xdc\xcc\xf7L\xbd%\xc3!\x0e\x91S\xb2~8\"\xe2\xed\xbf\x12\x1a\\6p\'p\xef\x1a\n\x99\x12\xe8\'\x1c\x97M\xa5N\xd9\xbeV&\x1c2K?\x95\xd9\"\xbe\x050+\xca\xea\'\xe9)\xfe\xeb\x9c\xb5\xa0F`\xe4D\x10F\x831\xec\\v\xf0\xab_M\b\x03\xc3\n\x89\x01E`\xd35Q2\xecZz\xdc\x065p\x1c\x8f\x9b\x99IGXO\x00\x00\v\xed\xb0\xc5\xd4\xc7,\x1a\xb3}CMOO\x8a\xa8kh\x7f\x05c\xfc\xebb\xc8\xa2\xa9\xbf\xb3\x9b\xafE\xbd\xc5\xdc\xde\xbe_')
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020732600000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000a40)='kfree\x00', r0, 0x0, 0x80000001}, 0x18)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat(0xffffffffffffff9c, 0x0, 0x183341, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='9p_protocol_dump\x00', r1}, 0x18)
pipe2$9p(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@version_9p2000}]}})

686.857896ms ago: executing program 0 (id=4930):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000e3479af1000000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r0, 0x0, 0x4}, 0x18)
add_key(&(0x7f0000000280)='rxrpc\x00', 0x0, &(0x7f0000000100)="01000000020000000000006bb55a2a630bf7c045f94cd977", 0x18, 0xffffffffffffffff)

668.655558ms ago: executing program 0 (id=4932):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000080), 0x20100, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0)
write$binfmt_aout(r0, 0x0, 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "0040001e1d113c812e5d6000"})
r1 = syz_open_pts(r0, 0x0)
r2 = dup3(r1, r0, 0x0)
read$watch_queue(r2, &(0x7f0000000240)=""/173, 0xad)
ppoll(&(0x7f0000000140)=[{r0}], 0x1, 0x0, 0x0, 0x0)

266.705435ms ago: executing program 3 (id=4940):
r0 = socket(0x2, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r1=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000004679100000000000000000095"], &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x40f00, 0x40, '\x00', r1, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xff}, 0x94)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r3, &(0x7f0000000500)={0xa, 0x4e20, 0xffffffff, @empty, 0x4}, 0x1c)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000280)={0x1, &(0x7f00000000c0)=[{0x6, 0x9, 0xc, 0xb6}]}, 0x10)
syz_emit_ethernet(0xbe, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaffff000000000000000800450000b0000000000011907864010101ac14142100004e20009c907801000000000000007b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82ab05584cbf2649a50f2dbc43efa8698dfa871c51852e4451b5c045942824251d7d17b5191584cdd4fbe40a27424dbcfd56f1373669ca4745a8f762b9649a3bfbc1f39cb307b3472eb9cdb0c3366abfcbb2c5a57df67d544af6e8dafe0900"/190], 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18"], 0x0, 0x4}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3}, 0x94)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x40f00, 0x5, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00', <r6=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0x9, 0xb}}}, 0x24}}, 0x800)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r5, 0x8933, &(0x7f0000000080)={'wg0\x00'})
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000300)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x2, '\x00', r6, 0xffffffffffffffff, 0x0, 0x5, 0x1}, 0x50)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/cgroup.procs\x00', 0xa02, 0xc1)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r7 = syz_clone(0x100000, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r7)
ptrace$setregset(0x4205, r7, 0x202, &(0x7f00000000c0)={0x0})

133.445168ms ago: executing program 3 (id=4941):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x6}, 0x18)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000600)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$inet(r2, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffda1, 0x0}}], 0x40001b6, 0x0)
close(r3)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r4}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000400), r5)
r6 = socket(0x10, 0x803, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100))
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x40, 0x0, 0x0, r8}, [@IFA_FLAGS={0x8, 0x8, 0x702}, @IFA_ADDRESS={0x14, 0x1, @loopback}]}, 0x34}}, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r10}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0xfffffffd}, 0x50)

85.860742ms ago: executing program 3 (id=4942):
getgroups(0x2, &(0x7f0000000180)=[0xffffffffffffffff, 0xffffffffffffffff])
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xffffff7a, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="4c000000020603000000000000000000000000001400078008001240000000000500150002000000050001000600000005000500020000000500040000000000090002"], 0x4c}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)

74.407113ms ago: executing program 3 (id=4943):
prctl$PR_SET_NAME(0xf, &(0x7f0000000980)='\xff\x00\x00\x00\x00\x00\x000`\x14\x99\x06\xc0\x7fs\x00\t\x14\x17\xc3\xf5\xc9\v\x85\xe7\x00\x00\x18\x88\x06\x94\x98\xa9\xe7\x1c\x8a\x89\xdc\xcc\xf7L\xbd%\xc3!\x0e\x91S\xb2~8\"\xe2\xed\xbf\x12\x1a\\6p\'p\xef\x1a\n\x99\x12\xe8\'\x1c\x97M\xa5N\xd9\xbeV&\x1c2K?\x95\xd9\"\xbe\x050+\xca\xea\'\xe9)\xfe\xeb\x9c\xb5\xa0F`\xe4D\x10F\x831\xec\\v\xf0\xab_M\b\x03\xc3\n\x89\x01E`\xd35Q2\xecZz\xdc\x065p\x1c\x8f\x9b\x99IGXO\x00\x00\v\xed\xb0\xc5\xd4\xc7,\x1a\xb3}CMOO\x8a\xa8kh\x7f\x05c\xfc\xebb\xc8\xa2\xa9\xbf\xb3\x9b\xafE\xbd\xc5\xdc\xde\xbe_')
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020732600000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000a40)='kfree\x00', r0, 0x0, 0x80000001}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
pipe2$9p(&(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@version_9p2000}]}})

20.316748ms ago: executing program 3 (id=4944):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1c, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0700000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b700000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x18)
sync_file_range(0xffffffffffffffff, 0x7, 0x7, 0x6)

0s ago: executing program 3 (id=4945):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000004000000850000002300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10)
fdatasync(r0)
creat(&(0x7f00000001c0)='./file0\x00', 0x0)
r1 = syz_io_uring_setup(0x10e, &(0x7f0000001cc0)={0x0, 0xf07d, 0x400, 0x40000, 0x101}, &(0x7f0000000400)=<r2=>0x0, &(0x7f0000000380))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r6=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB="6800000010000104fafffffffcdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="0315000000000000140012800b0001006970766c616e00000400028008000500", @ANYRES32=r6, @ANYBLOB='\t\x00\n\x00', @ANYRES32=r6], 0x68}, 0x1, 0x0, 0x0, 0x24000891}, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x30000, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1400000010ef5ef7e0ecc36f570000000500000a44000000090a016608b343d5467f5c5ebaca203a562632641a06b8e40400000000000000000a0000040900010073797a31020900020073797a310000000008000a40fffffffc0800034000000014400000000c0a0101882258cd5474f7bb0a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001000000"], 0xac}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r7 = getpid()
r8 = syz_pidfd_open(r7, 0x0)
r9 = pidfd_getfd(r8, r8, 0x0)
setns(r9, 0x66020000)
setresuid(0xee00, 0xee00, 0x0)
syz_clone(0x498144ee5f62e149, 0x0, 0x17, 0x0, 0x0, 0x0)
io_uring_enter(r1, 0x8aa, 0x0, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

loc_pipe_info+0x1c9/0x340
[  192.950636][T13946]  ? alloc_pipe_info+0xae/0x340
[  192.950653][T13946]  alloc_pipe_info+0x1c9/0x340
[  192.950669][T13946]  splice_direct_to_actor+0x592/0x680
[  192.950717][T13946]  ? kstrtouint_from_user+0x9f/0xf0
[  192.950735][T13946]  ? __pfx_direct_splice_actor+0x10/0x10
[  192.950773][T13946]  ? __rcu_read_unlock+0x4f/0x70
[  192.950789][T13946]  ? get_pid_task+0x96/0xd0
[  192.950812][T13946]  ? avc_policy_seqno+0x15/0x30
[  192.950827][T13946]  ? selinux_file_permission+0x1e2/0x320
[  192.950894][T13946]  do_splice_direct+0xda/0x150
[  192.950910][T13946]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  192.950980][T13946]  do_sendfile+0x380/0x650
[  192.951003][T13946]  __x64_sys_sendfile64+0x105/0x150
[  192.951023][T13946]  x64_sys_call+0x2db1/0x3000
[  192.951042][T13946]  do_syscall_64+0xca/0x2b0
[  192.951107][T13946]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.951124][T13946] RIP: 0033:0x7f4aaecef749
[  192.951137][T13946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  192.951151][T13946] RSP: 002b:00007f4aad757038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  192.951168][T13946] RAX: ffffffffffffffda RBX: 00007f4aaef45fa0 RCX: 00007f4aaecef749
[  192.951192][T13946] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000007
[  192.951202][T13946] RBP: 00007f4aad757090 R08: 0000000000000000 R09: 0000000000000000
[  192.951213][T13946] R10: 0000000800000009 R11: 0000000000000246 R12: 0000000000000001
[  192.951223][T13946] R13: 00007f4aaef46038 R14: 00007f4aaef45fa0 R15: 00007fff72d61048
[  192.951307][T13946]  </TASK>
[  193.225929][T11394] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.386297][T13968] 9p: Unknown Cache mode or invalid value non¾9'Ársion}9p2000.u
[  193.460482][T13976] FAULT_INJECTION: forcing a failure.
[  193.460482][T13976] name failslab, interval 1, probability 0, space 0, times 0
[  193.473260][T13976] CPU: 0 UID: 0 PID: 13976 Comm: syz.0.3874 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  193.473291][T13976] Tainted: [W]=WARN
[  193.473298][T13976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  193.473310][T13976] Call Trace:
[  193.473317][T13976]  <TASK>
[  193.473326][T13976]  __dump_stack+0x1d/0x30
[  193.473352][T13976]  dump_stack_lvl+0x95/0xd0
[  193.473452][T13976]  dump_stack+0x15/0x1b
[  193.473469][T13976]  should_fail_ex+0x265/0x280
[  193.473548][T13976]  should_failslab+0x8c/0xb0
[  193.473600][T13976]  __kmalloc_cache_noprof+0x65/0x4c0
[  193.473644][T13976]  ? _request_firmware+0x1a0/0xb40
[  193.473749][T13976]  _request_firmware+0x1a0/0xb40
[  193.473781][T13976]  ? cred_has_capability+0x210/0x280
[  193.473810][T13976]  ? __rcu_read_unlock+0x4f/0x70
[  193.473911][T13976]  request_firmware+0x36/0x50
[  193.473940][T13976]  devlink_compat_flash_update+0xb2/0x1b0
[  193.474047][T13976]  dev_ethtool+0x14ac/0x1670
[  193.474069][T13976]  ? full_name_hash+0x92/0xe0
[  193.474163][T13976]  dev_ioctl+0x2e0/0x960
[  193.474196][T13976]  sock_do_ioctl+0x197/0x220
[  193.474315][T13976]  sock_ioctl+0x41b/0x610
[  193.474345][T13976]  ? __pfx_sock_ioctl+0x10/0x10
[  193.474373][T13976]  __se_sys_ioctl+0xce/0x140
[  193.474464][T13976]  __x64_sys_ioctl+0x43/0x50
[  193.474509][T13976]  x64_sys_call+0x14b0/0x3000
[  193.474534][T13976]  do_syscall_64+0xca/0x2b0
[  193.474568][T13976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  193.474591][T13976] RIP: 0033:0x7f067e94f749
[  193.474648][T13976] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  193.474668][T13976] RSP: 002b:00007f067d3af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  193.474690][T13976] RAX: ffffffffffffffda RBX: 00007f067eba5fa0 RCX: 00007f067e94f749
[  193.474704][T13976] RDX: 0000200000000340 RSI: 0000000000008946 RDI: 0000000000000009
[  193.474747][T13976] RBP: 00007f067d3af090 R08: 0000000000000000 R09: 0000000000000000
[  193.474760][T13976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  193.474774][T13976] R13: 00007f067eba6038 R14: 00007f067eba5fa0 R15: 00007ffd21757be8
[  193.474793][T13976]  </TASK>
[  193.474804][T13976] netdevsim netdevsim0: _request_firmware_prepare: kmalloc(struct firmware) failed
[  193.728651][T13979] netlink: 'syz.2.3875': attribute type 1 has an invalid length.
[  193.738638][T13985] netlink: 'syz.0.3876': attribute type 11 has an invalid length.
[  193.751274][T13979] 8021q: adding VLAN 0 to HW filter on device bond1
[  193.771078][T13979] bond1: (slave dummy0): making interface the new active one
[  193.780122][T13979] bond1: (slave dummy0): Enslaving as an active interface with an up link
[  193.822657][T13989] __nla_validate_parse: 5 callbacks suppressed
[  193.822675][T13989] netlink: 48 bytes leftover after parsing attributes in process `syz.0.3876'.
[  193.866572][T13922] lo speed is unknown, defaulting to 1000
[  193.883438][T13985] 9p: Bad value for 'wfdno'
[  194.042581][T13998] netlink: 144 bytes leftover after parsing attributes in process `syz.3.3879'.
[  194.053451][T14010] netlink: 'syz.1.3885': attribute type 83 has an invalid length.
[  194.261120][T13998] lo speed is unknown, defaulting to 1000
[  194.329534][T14031] veth0: entered promiscuous mode
[  194.335990][T14031] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3892'.
[  194.354173][T14031] veth0 (unregistering): left promiscuous mode
[  194.501862][T14043] netlink: 'syz.5.3896': attribute type 83 has an invalid length.
[  194.558532][T14051] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  194.594846][T14051] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  194.654885][T14051] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  194.704738][T14051] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  194.804816][T14068] netlink: 'syz.5.3904': attribute type 29 has an invalid length.
[  194.814318][T14068] netlink: 'syz.5.3904': attribute type 29 has an invalid length.
[  194.830839][ T2261] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  194.832344][T14068] netlink: 500 bytes leftover after parsing attributes in process `syz.5.3904'.
[  194.852230][ T2261] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  194.862076][T14068] sch_tbf: peakrate 7 is lower than or equals to rate 19 !
[  194.885903][ T2261] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  194.897805][T14070] veth0: entered promiscuous mode
[  194.911702][ T2261] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  194.935136][T14070] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3905'.
[  194.980574][T14076] set_capacity_and_notify: 1 callbacks suppressed
[  194.980644][T14076] loop2: detected capacity change from 0 to 1024
[  195.006202][T14076] EXT4-fs: Ignoring removed orlov option
[  195.025913][T14076] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  195.066341][T14076] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.068292][T14093] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3915'.
[  195.088809][T14093] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0
[  195.109838][T14093] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=14093 comm=syz.1.3915
[  195.122654][T14093] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=6400 sclass=netlink_tcpdiag_socket pid=14093 comm=syz.1.3915
[  195.198220][T14107] netlink: 'syz.3.3921': attribute type 29 has an invalid length.
[  195.210649][T14103] loop2: detected capacity change from 0 to 128
[  195.217767][T14103] EXT4-fs: Ignoring removed nobh option
[  195.219607][T14107] netlink: 'syz.3.3921': attribute type 29 has an invalid length.
[  195.232197][T14103] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  195.233222][T14107] netlink: 500 bytes leftover after parsing attributes in process `syz.3.3921'.
[  195.263751][ T2091] Bluetooth: hci0: Frame reassembly failed (-84)
[  195.268503][T14107] sch_tbf: peakrate 7 is lower than or equals to rate 19 !
[  195.345822][T14119] netlink: 'syz.0.3926': attribute type 1 has an invalid length.
[  195.775560][T11394] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  195.790590][   T29] kauditd_printk_skb: 174 callbacks suppressed
[  195.790606][   T29] audit: type=1326 audit(195.777:34325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14129 comm="syz.2.3931" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1409ff749 code=0x7ffc0000
[  195.820305][   T29] audit: type=1326 audit(195.777:34326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14129 comm="syz.2.3931" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb1409ff749 code=0x7ffc0000
[  195.843458][   T29] audit: type=1326 audit(195.777:34327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14129 comm="syz.2.3931" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1409ff749 code=0x7ffc0000
[  195.866461][   T29] audit: type=1326 audit(195.777:34328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14129 comm="syz.2.3931" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb1409ff749 code=0x7ffc0000
[  195.889637][   T29] audit: type=1326 audit(195.807:34329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14129 comm="syz.2.3931" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1409ff749 code=0x7ffc0000
[  195.931772][   T29] audit: type=1326 audit(195.807:34330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14129 comm="syz.2.3931" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1409ff749 code=0x7ffc0000
[  195.954878][   T29] audit: type=1326 audit(195.807:34331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14129 comm="syz.2.3931" exe="/root/syz-executor" sig=0 arch=c000003e syscall=160 compat=0 ip=0x7fb1409ff749 code=0x7ffc0000
[  195.978033][   T29] audit: type=1326 audit(195.807:34332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14129 comm="syz.2.3931" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1409ff749 code=0x7ffc0000
[  196.001036][   T29] audit: type=1326 audit(195.807:34333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14129 comm="syz.2.3931" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1409ff749 code=0x7ffc0000
[  196.096212][ T2261] Bluetooth: hci1: Frame reassembly failed (-84)
[  196.103620][T14147] netlink: 'syz.0.3939': attribute type 1 has an invalid length.
[  196.178912][   T29] audit: type=1400 audit(196.167:34334): avc:  denied  { listen } for  pid=14155 comm="syz.0.3942" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[  196.214138][T14161] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3943'.
[  196.258672][T14163] FAULT_INJECTION: forcing a failure.
[  196.258672][T14163] name failslab, interval 1, probability 0, space 0, times 0
[  196.271352][T14163] CPU: 0 UID: 0 PID: 14163 Comm: syz.5.3944 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  196.271404][T14163] Tainted: [W]=WARN
[  196.271410][T14163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  196.271421][T14163] Call Trace:
[  196.271428][T14163]  <TASK>
[  196.271436][T14163]  __dump_stack+0x1d/0x30
[  196.271461][T14163]  dump_stack_lvl+0x95/0xd0
[  196.271478][T14163]  dump_stack+0x15/0x1b
[  196.271512][T14163]  should_fail_ex+0x265/0x280
[  196.271533][T14163]  should_failslab+0x8c/0xb0
[  196.271553][T14163]  __kmalloc_cache_node_noprof+0x6a/0x4d0
[  196.271655][T14163]  ? __get_vm_area_node+0x106/0x1d0
[  196.271677][T14163]  __get_vm_area_node+0x106/0x1d0
[  196.271699][T14163]  __vmalloc_node_range_noprof+0x28e/0x1310
[  196.271781][T14163]  ? sel_write_load+0x157/0x380
[  196.271797][T14163]  ? bpf_bprintf_prepare+0xbe0/0xd90
[  196.271827][T14163]  ? _parse_integer_limit+0x170/0x190
[  196.271848][T14163]  ? _parse_integer+0x27/0x40
[  196.271863][T14163]  ? __rcu_read_unlock+0x4f/0x70
[  196.271880][T14163]  ? avc_has_perm_noaudit+0xab/0x130
[  196.271897][T14163]  ? sel_write_load+0x157/0x380
[  196.271922][T14163]  vmalloc_noprof+0x82/0xc0
[  196.271941][T14163]  ? sel_write_load+0x157/0x380
[  196.271965][T14163]  sel_write_load+0x157/0x380
[  196.271980][T14163]  ? __pfx_sel_write_load+0x10/0x10
[  196.272017][T14163]  vfs_write+0x269/0x960
[  196.272068][T14163]  ? __rcu_read_unlock+0x4f/0x70
[  196.272130][T14163]  ? __fget_files+0x184/0x1c0
[  196.272198][T14163]  ? mutex_lock+0x58/0x90
[  196.272220][T14163]  ksys_write+0xda/0x1a0
[  196.272237][T14163]  __x64_sys_write+0x40/0x50
[  196.272258][T14163]  x64_sys_call+0x2847/0x3000
[  196.272323][T14163]  do_syscall_64+0xca/0x2b0
[  196.272353][T14163]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.272371][T14163] RIP: 0033:0x7f9af34bf749
[  196.272385][T14163] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  196.272465][T14163] RSP: 002b:00007f9af1f1f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  196.272482][T14163] RAX: ffffffffffffffda RBX: 00007f9af3715fa0 RCX: 00007f9af34bf749
[  196.272493][T14163] RDX: 00000000000190da RSI: 0000200000000000 RDI: 0000000000000005
[  196.272579][T14163] RBP: 00007f9af1f1f090 R08: 0000000000000000 R09: 0000000000000000
[  196.272590][T14163] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  196.272601][T14163] R13: 00007f9af3716038 R14: 00007f9af3715fa0 R15: 00007fff1b853808
[  196.272617][T14163]  </TASK>
[  196.519840][T14163] syz.5.3944: vmalloc error: size 102618, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=syz5,mems_allowed=0
[  196.534185][T14163] CPU: 0 UID: 0 PID: 14163 Comm: syz.5.3944 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  196.534230][T14163] Tainted: [W]=WARN
[  196.534236][T14163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  196.534248][T14163] Call Trace:
[  196.534255][T14163]  <TASK>
[  196.534265][T14163]  __dump_stack+0x1d/0x30
[  196.534305][T14163]  dump_stack_lvl+0x95/0xd0
[  196.534327][T14163]  dump_stack+0x15/0x1b
[  196.534342][T14163]  warn_alloc+0x12b/0x1a0
[  196.534368][T14163]  __vmalloc_node_range_noprof+0x2b3/0x1310
[  196.534396][T14163]  ? bpf_bprintf_prepare+0xbe0/0xd90
[  196.534473][T14163]  ? _parse_integer_limit+0x170/0x190
[  196.534534][T14163]  ? _parse_integer+0x27/0x40
[  196.534550][T14163]  ? __rcu_read_unlock+0x4f/0x70
[  196.534569][T14163]  ? avc_has_perm_noaudit+0xab/0x130
[  196.534589][T14163]  ? sel_write_load+0x157/0x380
[  196.534676][T14163]  vmalloc_noprof+0x82/0xc0
[  196.534695][T14163]  ? sel_write_load+0x157/0x380
[  196.534710][T14163]  sel_write_load+0x157/0x380
[  196.534761][T14163]  ? __pfx_sel_write_load+0x10/0x10
[  196.534776][T14163]  vfs_write+0x269/0x960
[  196.534858][T14163]  ? __rcu_read_unlock+0x4f/0x70
[  196.534874][T14163]  ? __fget_files+0x184/0x1c0
[  196.534893][T14163]  ? mutex_lock+0x58/0x90
[  196.534947][T14163]  ksys_write+0xda/0x1a0
[  196.534963][T14163]  __x64_sys_write+0x40/0x50
[  196.534979][T14163]  x64_sys_call+0x2847/0x3000
[  196.534998][T14163]  do_syscall_64+0xca/0x2b0
[  196.535071][T14163]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.535090][T14163] RIP: 0033:0x7f9af34bf749
[  196.535116][T14163] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  196.535131][T14163] RSP: 002b:00007f9af1f1f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  196.535284][T14163] RAX: ffffffffffffffda RBX: 00007f9af3715fa0 RCX: 00007f9af34bf749
[  196.535295][T14163] RDX: 00000000000190da RSI: 0000200000000000 RDI: 0000000000000005
[  196.535344][T14163] RBP: 00007f9af1f1f090 R08: 0000000000000000 R09: 0000000000000000
[  196.535355][T14163] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  196.535366][T14163] R13: 00007f9af3716038 R14: 00007f9af3715fa0 R15: 00007fff1b853808
[  196.535382][T14163]  </TASK>
[  196.535446][T14163] Mem-Info:
[  196.632026][T14166] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3945'.
[  196.635310][T14163] active_anon:4024 inactive_anon:2 isolated_anon:0
[  196.635310][T14163]  active_file:17653 inactive_file:10788 isolated_file:0
[  196.635310][T14163]  unevictable:0 dirty:60 writeback:0
[  196.635310][T14163]  slab_reclaimable:3568 slab_unreclaimable:102661
[  196.635310][T14163]  mapped:35531 shmem:319 pagetables:1208
[  196.635310][T14163]  sec_pagetables:0 bounce:0
[  196.635310][T14163]  kernel_misc_reclaimable:0
[  196.635310][T14163]  free:1771803 free_pcp:14988 free_cma:0
[  196.635364][T14163] Node 0 active_anon:16096kB inactive_anon:8kB active_file:70612kB inactive_file:43152kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:142124kB dirty:240kB writeback:0kB shmem:1276kB kernel_stack:4672kB pagetables:4832kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  196.842370][T14163] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  196.872134][T14163] lowmem_reserve[]: 0 2880 7859 7859
[  196.877743][T14163] Node 0 DMA32 free:2945988kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:3129332kB managed:2949516kB mlocked:0kB bounce:0kB free_pcp:3528kB local_pcp:3528kB free_cma:0kB
[  196.909397][T14163] lowmem_reserve[]: 0 0 4978 4978
[  196.914668][T14163] Node 0 Normal free:4125864kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:15980kB inactive_anon:8kB active_file:70612kB inactive_file:43152kB unevictable:0kB writepending:240kB zspages:0kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:56332kB local_pcp:17124kB free_cma:0kB
[  196.947939][T14163] lowmem_reserve[]: 0 0 0 0
[  196.952607][T14163] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  196.965364][T14163] Node 0 DMA32: 3*4kB (M) 3*8kB (M) 4*16kB (M) 3*32kB (M) 4*64kB (M) 2*128kB (M) 3*256kB (M) 3*512kB (M) 4*1024kB (M) 3*2048kB (M) 716*4096kB (M) = 2945988kB
[  196.981526][T14163] Node 0 Normal: 1228*4kB (UME) 1151*8kB (UME) 1488*16kB (UME) 868*32kB (UME) 1000*64kB (UME) 594*128kB (UM) 463*256kB (UME) 325*512kB (UM) 210*1024kB (UME) 88*2048kB (UM) 791*4096kB (UM) = 4125864kB
[  197.001500][T14163] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  197.010851][T14163] 28770 total pagecache pages
[  197.015574][T14163] 15 pages in swap cache
[  197.019802][T14163] Free swap  = 124880kB
[  197.023976][T14163] Total swap = 124996kB
[  197.028125][T14163] 2097051 pages RAM
[  197.031941][T14163] 0 pages HighMem/MovableOnly
[  197.036643][T14163] 81272 pages reserved
[  197.089715][T14177] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  197.098466][T14177] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  197.156913][T14181] FAULT_INJECTION: forcing a failure.
[  197.156913][T14181] name failslab, interval 1, probability 0, space 0, times 0
[  197.169624][T14181] CPU: 0 UID: 0 PID: 14181 Comm: syz.3.3950 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  197.169658][T14181] Tainted: [W]=WARN
[  197.169734][T14181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  197.169747][T14181] Call Trace:
[  197.169754][T14181]  <TASK>
[  197.169782][T14181]  __dump_stack+0x1d/0x30
[  197.169807][T14181]  dump_stack_lvl+0x95/0xd0
[  197.169824][T14181]  dump_stack+0x15/0x1b
[  197.169840][T14181]  should_fail_ex+0x265/0x280
[  197.169894][T14181]  should_failslab+0x8c/0xb0
[  197.169914][T14181]  __kmalloc_cache_noprof+0x65/0x4c0
[  197.169936][T14181]  ? security_load_policy+0x90/0x890
[  197.170024][T14181]  security_load_policy+0x90/0x890
[  197.170051][T14181]  ? rep_movs_alternative+0x4a/0x90
[  197.170133][T14181]  sel_write_load+0x1d3/0x380
[  197.170148][T14181]  ? __pfx_sel_write_load+0x10/0x10
[  197.170164][T14181]  vfs_write+0x269/0x960
[  197.170179][T14181]  ? __rcu_read_unlock+0x4f/0x70
[  197.170196][T14181]  ? __fget_files+0x184/0x1c0
[  197.170226][T14181]  ? mutex_lock+0x58/0x90
[  197.170321][T14181]  ksys_write+0xda/0x1a0
[  197.170338][T14181]  __x64_sys_write+0x40/0x50
[  197.170408][T14181]  x64_sys_call+0x2847/0x3000
[  197.170427][T14181]  do_syscall_64+0xca/0x2b0
[  197.170507][T14181]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  197.170527][T14181] RIP: 0033:0x7f4aaecef749
[  197.170541][T14181] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  197.170556][T14181] RSP: 002b:00007f4aad757038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  197.170574][T14181] RAX: ffffffffffffffda RBX: 00007f4aaef45fa0 RCX: 00007f4aaecef749
[  197.170585][T14181] RDX: 00000000000190da RSI: 0000200000000000 RDI: 0000000000000003
[  197.170596][T14181] RBP: 00007f4aad757090 R08: 0000000000000000 R09: 0000000000000000
[  197.170639][T14181] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  197.170650][T14181] R13: 00007f4aaef46038 R14: 00007f4aaef45fa0 R15: 00007fff72d61048
[  197.170713][T14181]  </TASK>
[  197.170723][T14181] SELinux: failed to load policy
[  197.204860][T14183] loop5: detected capacity change from 0 to 1024
[  197.253815][T14185] netlink: 500 bytes leftover after parsing attributes in process `syz.3.3952'.
[  197.256032][T14183] EXT4-fs: Ignoring removed nobh option
[  197.261449][T14185] sch_tbf: peakrate 7 is lower than or equals to rate 19 !
[  197.277089][T14183] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  197.354756][ T3837] Bluetooth: hci0: command 0x1003 tx timeout
[  197.373709][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  197.422679][T14183] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  197.438486][T14183] EXT4-fs (loop5): filesystem has both journal inode and journal device!
[  197.673240][T14199] sch_tbf: peakrate 7 is lower than or equals to rate 19 !
[  197.928598][T14217] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  197.936176][T14217] batman_adv: batadv0: Removing interface: batadv_slave_0
[  197.944344][T14217] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  197.951730][T14217] batman_adv: batadv0: Removing interface: batadv_slave_1
[  198.142503][   T44] Bluetooth: hci1: command 0x1003 tx timeout
[  198.148576][ T4068] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  198.158261][T14233] batman_adv: batadv0: Removing interface: batadv_slave_1
[  198.754798][T14281] bridge0: entered promiscuous mode
[  198.760675][T14281] macsec1: entered promiscuous mode
[  198.769600][T14281] bridge0: port 3(macsec1) entered blocking state
[  198.776221][T14281] bridge0: port 3(macsec1) entered disabled state
[  198.783253][T14281] macsec1: entered allmulticast mode
[  198.788803][T14281] bridge0: entered allmulticast mode
[  198.795050][T14281] macsec1: left allmulticast mode
[  198.800131][T14281] bridge0: left allmulticast mode
[  198.808913][T14281] bridge0: left promiscuous mode
[  198.817172][T14287] validate_nla: 6 callbacks suppressed
[  198.817181][T14287] netlink: 'syz.5.3993': attribute type 10 has an invalid length.
[  198.836241][T14287] ipvlan2: entered promiscuous mode
[  198.842684][T14287] bridge0: port 3(ipvlan2) entered blocking state
[  198.849134][T14287] bridge0: port 3(ipvlan2) entered disabled state
[  198.855985][T14287] ipvlan2: entered allmulticast mode
[  198.861384][T14287] bridge0: entered allmulticast mode
[  198.867163][T14287] ipvlan2: left allmulticast mode
[  198.872203][T14287] bridge0: left allmulticast mode
[  198.879457][T14290] __nla_validate_parse: 7 callbacks suppressed
[  198.879472][T14290] netlink: 48 bytes leftover after parsing attributes in process `syz.5.3993'.
[  199.020609][T14290] lo speed is unknown, defaulting to 1000
[  199.105440][T14298] netlink: 60 bytes leftover after parsing attributes in process `syz.5.3995'.
[  199.120185][T14298] netlink: 60 bytes leftover after parsing attributes in process `syz.5.3995'.
[  199.429119][T14316] netlink: 'syz.1.4004': attribute type 1 has an invalid length.
[  199.468244][T14318] FAULT_INJECTION: forcing a failure.
[  199.468244][T14318] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  199.481390][T14318] CPU: 1 UID: 0 PID: 14318 Comm: syz.5.4005 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  199.481494][T14318] Tainted: [W]=WARN
[  199.481501][T14318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  199.481514][T14318] Call Trace:
[  199.481521][T14318]  <TASK>
[  199.481530][T14318]  __dump_stack+0x1d/0x30
[  199.481555][T14318]  dump_stack_lvl+0x95/0xd0
[  199.481597][T14318]  dump_stack+0x15/0x1b
[  199.481616][T14318]  should_fail_ex+0x265/0x280
[  199.481639][T14318]  should_fail+0xb/0x20
[  199.481657][T14318]  should_fail_usercopy+0x1a/0x20
[  199.481680][T14318]  _copy_from_user+0x1c/0xb0
[  199.481756][T14318]  ____sys_sendmsg+0x1c5/0x4a0
[  199.481855][T14318]  __sys_sendmsg_sock+0x28/0x40
[  199.481892][T14318]  io_sendmsg+0x163/0x490
[  199.481913][T14318]  __io_issue_sqe+0xfe/0x2e0
[  199.481937][T14318]  ? io_wq_submit_work+0x569/0x5f0
[  199.482039][T14318]  io_issue_sqe+0x56/0xa80
[  199.482067][T14318]  ? refill_obj_stock+0x254/0x2e0
[  199.482151][T14318]  ? __slab_free+0x288/0x2a0
[  199.482200][T14318]  io_req_task_submit+0x46/0xa0
[  199.482225][T14318]  io_poll_task_func+0x5b0/0x760
[  199.482246][T14318]  ? __pfx_io_poll_task_func+0x10/0x10
[  199.482265][T14318]  io_handle_tw_list+0x122/0x230
[  199.482366][T14318]  tctx_task_work_run+0x42/0x160
[  199.482398][T14318]  tctx_task_work+0x3f/0x80
[  199.482423][T14318]  task_work_run+0x131/0x1a0
[  199.482441][T14318]  exit_to_user_mode_loop+0x1fe/0x740
[  199.482514][T14318]  do_syscall_64+0x1e1/0x2b0
[  199.482540][T14318]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.482559][T14318] RIP: 0033:0x7f9af34bf749
[  199.482574][T14318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  199.482592][T14318] RSP: 002b:00007f9af1f1f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  199.482690][T14318] RAX: 0000000000000000 RBX: 00007f9af3715fa0 RCX: 00007f9af34bf749
[  199.482702][T14318] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  199.482712][T14318] RBP: 00007f9af1f1f090 R08: 0000000000000000 R09: 0000000000000000
[  199.482723][T14318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  199.482736][T14318] R13: 00007f9af3716038 R14: 00007f9af3715fa0 R15: 00007fff1b853808
[  199.482816][T14318]  </TASK>
[  199.905803][T14343] netlink: 'syz.1.4017': attribute type 1 has an invalid length.
[  199.943865][T14347] loop5: detected capacity change from 0 to 1024
[  199.959203][T14353] FAULT_INJECTION: forcing a failure.
[  199.959203][T14353] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  199.959615][T14347] EXT4-fs: Ignoring removed mblk_io_submit option
[  199.972401][T14353] CPU: 1 UID: 0 PID: 14353 Comm: syz.1.4022 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  199.972433][T14353] Tainted: [W]=WARN
[  199.972440][T14353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  199.972453][T14353] Call Trace:
[  199.972460][T14353]  <TASK>
[  199.972469][T14353]  __dump_stack+0x1d/0x30
[  199.972538][T14353]  dump_stack_lvl+0x95/0xd0
[  199.972559][T14353]  dump_stack+0x15/0x1b
[  199.972578][T14353]  should_fail_ex+0x265/0x280
[  199.972601][T14353]  should_fail+0xb/0x20
[  199.972620][T14353]  should_fail_usercopy+0x1a/0x20
[  199.972686][T14353]  _copy_from_iter+0xcf/0xe70
[  199.972710][T14353]  ? __alloc_skb+0x396/0x4b0
[  199.972733][T14353]  ? __alloc_skb+0x228/0x4b0
[  199.972829][T14353]  netlink_sendmsg+0x471/0x6b0
[  199.972916][T14353]  ? __pfx_netlink_sendmsg+0x10/0x10
[  199.973004][T14353]  __sock_sendmsg+0x145/0x180
[  199.973024][T14353]  ____sys_sendmsg+0x31e/0x4a0
[  199.973052][T14353]  ___sys_sendmsg+0x17b/0x1d0
[  199.973125][T14353]  __x64_sys_sendmsg+0xd4/0x160
[  199.973154][T14353]  x64_sys_call+0x17ba/0x3000
[  199.973257][T14353]  do_syscall_64+0xca/0x2b0
[  199.973367][T14353]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.973388][T14353] RIP: 0033:0x7f0e24e0f749
[  199.973404][T14353] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  199.973422][T14353] RSP: 002b:00007f0e23877038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  199.973501][T14353] RAX: ffffffffffffffda RBX: 00007f0e25065fa0 RCX: 00007f0e24e0f749
[  199.973514][T14353] RDX: 0000000004000880 RSI: 0000200000000080 RDI: 0000000000000003
[  199.973527][T14353] RBP: 00007f0e23877090 R08: 0000000000000000 R09: 0000000000000000
[  199.973539][T14353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  199.973551][T14353] R13: 00007f0e25066038 R14: 00007f0e25065fa0 R15: 00007ffe75ab9998
[  199.973646][T14353]  </TASK>
[  200.059834][T14357] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4023'.
[  200.062723][T14347] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  200.066842][T14357] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4023'.
[  200.094703][T14347] EXT4-fs error (device loop5): ext4_ext_check_inode:523: inode #11: comm syz.5.4019: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  200.096290][T14357] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4023'.
[  200.100817][T14347] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.4019: couldn't read orphan inode 11 (err -117)
[  200.136956][T14357] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4023'.
[  200.213400][T14347] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  200.218691][T14357] netlink: 'syz.0.4023': attribute type 6 has an invalid length.
[  200.231563][T14347] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.561746][T14403] netlink: 'syz.1.4039': attribute type 1 has an invalid length.
[  200.575021][T14403] bond1: entered promiscuous mode
[  200.580367][T14403] 8021q: adding VLAN 0 to HW filter on device bond1
[  200.591651][T14403] 8021q: adding VLAN 0 to HW filter on device bond1
[  200.598867][T14403] bond1: (slave wireguard0): The slave device specified does not support setting the MAC address
[  200.609556][T14403] bond1: (slave wireguard0): Setting fail_over_mac to active for active-backup mode
[  200.620996][T14403] bond1: (slave wireguard0): making interface the new active one
[  200.628763][T14403] wireguard0: entered promiscuous mode
[  200.636127][T14403] bond1: (slave wireguard0): Enslaving as an active interface with an up link
[  200.646778][T14406] bond1: entered allmulticast mode
[  200.651969][T14406] wireguard0: entered allmulticast mode
[  200.663919][T14403] syz_tun: refused to change device tx_queue_len
[  200.837799][T14430] netlink: 'syz.1.4050': attribute type 29 has an invalid length.
[  200.846689][T14430] netlink: 'syz.1.4050': attribute type 29 has an invalid length.
[  200.855359][T14430] netlink: 500 bytes leftover after parsing attributes in process `syz.1.4050'.
[  200.865239][T14430] sch_tbf: peakrate 7 is lower than or equals to rate 19 !
[  200.918037][   T29] kauditd_printk_skb: 360 callbacks suppressed
[  200.918054][   T29] audit: type=1400 audit(200.907:34695): avc:  denied  { bind } for  pid=14439 comm="syz.1.4055" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  200.970155][T14444] FAULT_INJECTION: forcing a failure.
[  200.970155][T14444] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  200.971964][   T29] audit: type=1326 audit(200.957:34696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14445 comm="syz.1.4058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e24e0f749 code=0x7ffc0000
[  200.983323][T14444] CPU: 0 UID: 0 PID: 14444 Comm: syz.3.4057 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  200.983431][T14444] Tainted: [W]=WARN
[  200.983438][T14444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  200.983451][T14444] Call Trace:
[  200.983458][T14444]  <TASK>
[  200.983466][T14444]  __dump_stack+0x1d/0x30
[  200.983489][T14444]  dump_stack_lvl+0x95/0xd0
[  200.983536][T14444]  dump_stack+0x15/0x1b
[  200.983554][T14444]  should_fail_ex+0x265/0x280
[  200.983612][T14444]  should_fail+0xb/0x20
[  200.983631][T14444]  should_fail_usercopy+0x1a/0x20
[  200.983654][T14444]  _copy_from_user+0x1c/0xb0
[  200.983728][T14444]  __sys_bind+0x106/0x2a0
[  200.983755][T14444]  __x64_sys_bind+0x3f/0x50
[  200.983776][T14444]  x64_sys_call+0x2ceb/0x3000
[  200.983799][T14444]  do_syscall_64+0xca/0x2b0
[  200.983831][T14444]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  200.983851][T14444] RIP: 0033:0x7f4aaecef749
[  200.983871][T14444] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  200.983889][T14444] RSP: 002b:00007f4aad757038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  200.983915][T14444] RAX: ffffffffffffffda RBX: 00007f4aaef45fa0 RCX: 00007f4aaecef749
[  200.984005][T14444] RDX: 000000000000001c RSI: 0000200000000080 RDI: 0000000000000003
[  200.984018][T14444] RBP: 00007f4aad757090 R08: 0000000000000000 R09: 0000000000000000
[  200.984030][T14444] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  200.984042][T14444] R13: 00007f4aaef46038 R14: 00007f4aaef45fa0 R15: 00007fff72d61048
[  200.984062][T14444]  </TASK>
[  201.133398][T14451] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4059'.
[  201.134185][   T29] audit: type=1326 audit(200.987:34697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14445 comm="syz.1.4058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e24e0f749 code=0x7ffc0000
[  201.142212][T14451] batman_adv: batadv0: Removing interface: batadv_slave_0
[  201.150077][   T29] audit: type=1326 audit(200.987:34698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14445 comm="syz.1.4058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0e24e0f749 code=0x7ffc0000
[  201.231153][   T29] audit: type=1326 audit(200.987:34699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14445 comm="syz.1.4058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e24e0f749 code=0x7ffc0000
[  201.254187][   T29] audit: type=1326 audit(200.987:34700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14445 comm="syz.1.4058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0e24e0f749 code=0x7ffc0000
[  201.277351][   T29] audit: type=1326 audit(200.987:34701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14445 comm="syz.1.4058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e24e0f749 code=0x7ffc0000
[  201.282674][ T4068] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  201.300335][   T29] audit: type=1326 audit(200.987:34702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14445 comm="syz.1.4058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0e24e0f749 code=0x7ffc0000
[  201.329331][   T29] audit: type=1326 audit(200.987:34703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14445 comm="syz.1.4058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e24e0f749 code=0x7ffc0000
[  201.352287][   T29] audit: type=1326 audit(200.987:34704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14445 comm="syz.1.4058" exe="/root/syz-executor" sig=0 arch=c000003e syscall=277 compat=0 ip=0x7f0e24e0f749 code=0x7ffc0000
[  201.573157][T14478] netlink: 'syz.5.4071': attribute type 1 has an invalid length.
[  201.581697][T14479] netlink: 'syz.0.4067': attribute type 4 has an invalid length.
[  201.589526][T14479] netlink: 152 bytes leftover after parsing attributes in process `syz.0.4067'.
[  201.609074][T14479] .`: renamed from bond0 (while UP)
[  201.814755][T14495] lo speed is unknown, defaulting to 1000
[  201.871497][T14499] ipt_REJECT: TCP_RESET invalid for non-tcp
[  201.985845][T14502] bridge0: port 2(bridge_slave_1) entered disabled state
[  201.993220][T14502] bridge0: port 1(bridge_slave_0) entered disabled state
[  202.060164][T14502] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  202.089078][T14502] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  202.130902][ T3487] lo speed is unknown, defaulting to 1000
[  202.136874][ T3487] syz2: Port: 1 Link DOWN
[  202.147849][T14522] : renamed from veth0_to_bond (while UP)
[  202.158743][T13832] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  202.167389][T14527] loop5: detected capacity change from 0 to 164
[  202.175565][T13832] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  202.190834][T13832] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  202.199572][T13832] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  202.208220][T14527] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  202.217664][T14522] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  202.226884][T14522] rock: directory entry would overflow storage
[  202.233310][T14522] rock: sig=0x4f50, size=4, remaining=3
[  202.238957][T14522] iso9660: Corrupted directory entry in block 4 of inode 1792
[  202.450153][T14540] syzkaller1: entered promiscuous mode
[  202.455909][T14540] syzkaller1: entered allmulticast mode
[  202.473474][T14542] loop5: detected capacity change from 0 to 512
[  202.480395][T14542] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  202.491746][T14542] EXT4-fs error (device loop5): ext4_orphan_get:1391: inode #15: comm syz.5.4093: iget: bogus i_mode (3355)
[  202.503676][T14542] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.4093: couldn't read orphan inode 15 (err -117)
[  202.516606][T14542] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  202.549225][T11704] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.822549][T14567] FAULT_INJECTION: forcing a failure.
[  202.822549][T14567] name failslab, interval 1, probability 0, space 0, times 0
[  202.835355][T14567] CPU: 0 UID: 0 PID: 14567 Comm: syz.1.4103 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  202.835389][T14567] Tainted: [W]=WARN
[  202.835427][T14567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  202.835440][T14567] Call Trace:
[  202.835449][T14567]  <TASK>
[  202.835465][T14567]  __dump_stack+0x1d/0x30
[  202.835491][T14567]  dump_stack_lvl+0x95/0xd0
[  202.835554][T14567]  dump_stack+0x15/0x1b
[  202.835573][T14567]  should_fail_ex+0x265/0x280
[  202.835596][T14567]  should_failslab+0x8c/0xb0
[  202.835618][T14567]  __kmalloc_noprof+0xb9/0x5a0
[  202.835638][T14567]  ? taskstats_user_cmd+0x2de/0x8a0
[  202.835739][T14567]  taskstats_user_cmd+0x2de/0x8a0
[  202.835756][T14567]  ? genl_family_rcv_msg_attrs_parse+0x13b/0x190
[  202.835779][T14567]  ? genl_family_rcv_msg_attrs_parse+0x184/0x190
[  202.835800][T14567]  genl_family_rcv_msg_doit+0x143/0x1b0
[  202.835832][T14567]  genl_rcv_msg+0x422/0x460
[  202.835851][T14567]  ? __pfx_taskstats_user_cmd+0x10/0x10
[  202.835912][T14567]  netlink_rcv_skb+0x123/0x220
[  202.835991][T14567]  ? __pfx_genl_rcv_msg+0x10/0x10
[  202.836014][T14567]  genl_rcv+0x28/0x40
[  202.836034][T14567]  netlink_unicast+0x5c0/0x690
[  202.836079][T14567]  netlink_sendmsg+0x58b/0x6b0
[  202.836110][T14567]  ? __pfx_netlink_sendmsg+0x10/0x10
[  202.836134][T14567]  __sock_sendmsg+0x145/0x180
[  202.836236][T14567]  ____sys_sendmsg+0x31e/0x4a0
[  202.836268][T14567]  ___sys_sendmsg+0x17b/0x1d0
[  202.836302][T14567]  __x64_sys_sendmsg+0xd4/0x160
[  202.836330][T14567]  x64_sys_call+0x17ba/0x3000
[  202.836365][T14567]  do_syscall_64+0xca/0x2b0
[  202.836399][T14567]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.836465][T14567] RIP: 0033:0x7f0e24e0f749
[  202.836483][T14567] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  202.836501][T14567] RSP: 002b:00007f0e23877038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  202.836522][T14567] RAX: ffffffffffffffda RBX: 00007f0e25065fa0 RCX: 00007f0e24e0f749
[  202.836533][T14567] RDX: 0000000000008000 RSI: 0000200000001c00 RDI: 0000000000000003
[  202.836544][T14567] RBP: 00007f0e23877090 R08: 0000000000000000 R09: 0000000000000000
[  202.836555][T14567] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  202.836578][T14567] R13: 00007f0e25066038 R14: 00007f0e25065fa0 R15: 00007ffe75ab9998
[  202.836651][T14567]  </TASK>
[  203.159297][T14581] 9p: Bad value for 'rfdno'
[  203.767016][T14638] FAULT_INJECTION: forcing a failure.
[  203.767016][T14638] name failslab, interval 1, probability 0, space 0, times 0
[  203.779721][T14638] CPU: 0 UID: 0 PID: 14638 Comm: syz.3.4128 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  203.779818][T14638] Tainted: [W]=WARN
[  203.779822][T14638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  203.779829][T14638] Call Trace:
[  203.779834][T14638]  <TASK>
[  203.779888][T14638]  __dump_stack+0x1d/0x30
[  203.779906][T14638]  dump_stack_lvl+0x95/0xd0
[  203.779919][T14638]  dump_stack+0x15/0x1b
[  203.779930][T14638]  should_fail_ex+0x265/0x280
[  203.779946][T14638]  should_failslab+0x8c/0xb0
[  203.780023][T14638]  __kmalloc_noprof+0xb9/0x5a0
[  203.780099][T14638]  ? genl_family_rcv_msg_attrs_parse+0x75/0x190
[  203.780127][T14638]  genl_family_rcv_msg_attrs_parse+0x75/0x190
[  203.780153][T14638]  genl_family_rcv_msg_doit+0x48/0x1b0
[  203.780214][T14638]  ? selinux_capable+0x31/0x40
[  203.780230][T14638]  ? security_capable+0x83/0x90
[  203.780258][T14638]  ? ns_capable+0x7d/0xb0
[  203.780275][T14638]  genl_rcv_msg+0x422/0x460
[  203.780288][T14638]  ? __pfx_ethnl_set_features+0x10/0x10
[  203.780305][T14638]  netlink_rcv_skb+0x123/0x220
[  203.780328][T14638]  ? __pfx_genl_rcv_msg+0x10/0x10
[  203.780350][T14638]  genl_rcv+0x28/0x40
[  203.780405][T14638]  netlink_unicast+0x5c0/0x690
[  203.780423][T14638]  netlink_sendmsg+0x58b/0x6b0
[  203.780441][T14638]  ? __pfx_netlink_sendmsg+0x10/0x10
[  203.780541][T14638]  __sock_sendmsg+0x145/0x180
[  203.780554][T14638]  ____sys_sendmsg+0x31e/0x4a0
[  203.780572][T14638]  ___sys_sendmsg+0x17b/0x1d0
[  203.780626][T14638]  __x64_sys_sendmsg+0xd4/0x160
[  203.780643][T14638]  x64_sys_call+0x17ba/0x3000
[  203.780685][T14638]  do_syscall_64+0xca/0x2b0
[  203.780707][T14638]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.780728][T14638] RIP: 0033:0x7f4aaecef749
[  203.780744][T14638] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  203.780759][T14638] RSP: 002b:00007f4aad757038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  203.780798][T14638] RAX: ffffffffffffffda RBX: 00007f4aaef45fa0 RCX: 00007f4aaecef749
[  203.780805][T14638] RDX: 0000000004040400 RSI: 0000200000000440 RDI: 0000000000000003
[  203.780813][T14638] RBP: 00007f4aad757090 R08: 0000000000000000 R09: 0000000000000000
[  203.780820][T14638] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  203.780827][T14638] R13: 00007f4aaef46038 R14: 00007f4aaef45fa0 R15: 00007fff72d61048
[  203.780838][T14638]  </TASK>
[  204.287244][T14649] loop5: detected capacity change from 0 to 260
[  204.289497][T14647] netlink: 'syz.3.4131': attribute type 1 has an invalid length.
[  204.301250][T14647] netlink: 224 bytes leftover after parsing attributes in process `syz.3.4131'.
[  204.431028][T14666] FAULT_INJECTION: forcing a failure.
[  204.431028][T14666] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  204.444281][T14666] CPU: 1 UID: 0 PID: 14666 Comm: syz.5.4138 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  204.444377][T14666] Tainted: [W]=WARN
[  204.444384][T14666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  204.444397][T14666] Call Trace:
[  204.444405][T14666]  <TASK>
[  204.444413][T14666]  __dump_stack+0x1d/0x30
[  204.444447][T14666]  dump_stack_lvl+0x95/0xd0
[  204.444535][T14666]  dump_stack+0x15/0x1b
[  204.444555][T14666]  should_fail_ex+0x265/0x280
[  204.444575][T14666]  should_fail+0xb/0x20
[  204.444591][T14666]  should_fail_usercopy+0x1a/0x20
[  204.444653][T14666]  _copy_from_user+0x1c/0xb0
[  204.444679][T14666]  __copy_msghdr+0x244/0x300
[  204.444706][T14666]  ___sys_sendmsg+0x109/0x1d0
[  204.444804][T14666]  __x64_sys_sendmsg+0xd4/0x160
[  204.444831][T14666]  x64_sys_call+0x17ba/0x3000
[  204.444854][T14666]  do_syscall_64+0xca/0x2b0
[  204.444953][T14666]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  204.444970][T14666] RIP: 0033:0x7f9af34bf749
[  204.444983][T14666] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  204.444999][T14666] RSP: 002b:00007f9af1f1f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  204.445062][T14666] RAX: ffffffffffffffda RBX: 00007f9af3715fa0 RCX: 00007f9af34bf749
[  204.445073][T14666] RDX: 0000000020000000 RSI: 0000200000000600 RDI: 0000000000000003
[  204.445084][T14666] RBP: 00007f9af1f1f090 R08: 0000000000000000 R09: 0000000000000000
[  204.445095][T14666] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  204.445105][T14666] R13: 00007f9af3716038 R14: 00007f9af3715fa0 R15: 00007fff1b853808
[  204.445123][T14666]  </TASK>
[  204.623926][T14668] netlink: 'syz.1.4139': attribute type 29 has an invalid length.
[  204.632382][T14668] netlink: 'syz.1.4139': attribute type 29 has an invalid length.
[  204.641310][T14668] netlink: 500 bytes leftover after parsing attributes in process `syz.1.4139'.
[  204.650893][T14668] sch_tbf: peakrate 7 is lower than or equals to rate 19 !
[  204.920136][T14693] siw: device registration error -23
[  204.956479][T14697] netlink: 'syz.5.4152': attribute type 29 has an invalid length.
[  204.965109][T14697] netlink: 'syz.5.4152': attribute type 29 has an invalid length.
[  204.973742][T14697] netlink: 500 bytes leftover after parsing attributes in process `syz.5.4152'.
[  204.983851][T14697] sch_tbf: peakrate 7 is lower than or equals to rate 19 !
[  204.991727][T14645] delete_channel: no stack
[  205.209040][ T4013] hid (null): unknown global tag 0xcc
[  205.215602][ T4013] hid-generic 0056:0006:10001.0003: unknown main item tag 0x0
[  205.223248][ T4013] hid-generic 0056:0006:10001.0003: unexpected long global item
[  205.232042][ T4013] hid-generic 0056:0006:10001.0003: probe with driver hid-generic failed with error -22
[  205.337480][T14719] FAULT_INJECTION: forcing a failure.
[  205.337480][T14719] name failslab, interval 1, probability 0, space 0, times 0
[  205.350423][T14719] CPU: 1 UID: 0 PID: 14719 Comm: syz.5.4162 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  205.350591][T14719] Tainted: [W]=WARN
[  205.350598][T14719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  205.350609][T14719] Call Trace:
[  205.350616][T14719]  <TASK>
[  205.350623][T14719]  __dump_stack+0x1d/0x30
[  205.350645][T14719]  dump_stack_lvl+0x95/0xd0
[  205.350663][T14719]  dump_stack+0x15/0x1b
[  205.350678][T14719]  should_fail_ex+0x265/0x280
[  205.350779][T14719]  should_failslab+0x8c/0xb0
[  205.350797][T14719]  kmem_cache_alloc_noprof+0x69/0x4b0
[  205.350816][T14719]  ? skb_clone+0x151/0x1f0
[  205.350851][T14719]  skb_clone+0x151/0x1f0
[  205.350876][T14719]  __netlink_deliver_tap+0x2c9/0x500
[  205.350915][T14719]  netlink_unicast+0x66b/0x690
[  205.350941][T14719]  netlink_sendmsg+0x58b/0x6b0
[  205.351069][T14719]  ? __pfx_netlink_sendmsg+0x10/0x10
[  205.351094][T14719]  __sock_sendmsg+0x145/0x180
[  205.351118][T14719]  ____sys_sendmsg+0x31e/0x4a0
[  205.351170][T14719]  ___sys_sendmsg+0x17b/0x1d0
[  205.351206][T14719]  __x64_sys_sendmsg+0xd4/0x160
[  205.351269][T14719]  x64_sys_call+0x17ba/0x3000
[  205.351292][T14719]  do_syscall_64+0xca/0x2b0
[  205.351423][T14719]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.351444][T14719] RIP: 0033:0x7f9af34bf749
[  205.351460][T14719] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  205.351536][T14719] RSP: 002b:00007f9af1f1f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  205.351554][T14719] RAX: ffffffffffffffda RBX: 00007f9af3715fa0 RCX: 00007f9af34bf749
[  205.351567][T14719] RDX: 0000000000004000 RSI: 0000200000000200 RDI: 0000000000000005
[  205.351578][T14719] RBP: 00007f9af1f1f090 R08: 0000000000000000 R09: 0000000000000000
[  205.351590][T14719] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  205.351601][T14719] R13: 00007f9af3716038 R14: 00007f9af3715fa0 R15: 00007fff1b853808
[  205.351617][T14719]  </TASK>
[  205.565745][T14726] netlink: 'syz.3.4164': attribute type 29 has an invalid length.
[  205.586149][T14726] netlink: 'syz.3.4164': attribute type 29 has an invalid length.
[  205.594915][T14726] netlink: 500 bytes leftover after parsing attributes in process `syz.3.4164'.
[  205.604962][T14726] sch_tbf: peakrate 7 is lower than or equals to rate 19 !
[  205.689455][ T3403] hid-generic 0056:0006:10001.0004: unknown main item tag 0x0
[  205.697060][ T3403] hid-generic 0056:0006:10001.0004: item fetching failed at offset 5/25
[  205.725706][ T3403] hid-generic 0056:0006:10001.0004: probe with driver hid-generic failed with error -22
[  205.836462][T14766] netlink: 182 bytes leftover after parsing attributes in process `syz.3.4176'.
[  205.847003][T14766] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4176'.
[  205.877658][T14769] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4178'.
[  206.037116][T14786] loop5: detected capacity change from 0 to 8192
[  206.039742][T14782] lo speed is unknown, defaulting to 1000
[  206.049670][T14792] siw: device registration error -23
[  206.107616][T14804] netlink: 56 bytes leftover after parsing attributes in process `syz.0.4194'.
[  206.145283][   T29] kauditd_printk_skb: 374 callbacks suppressed
[  206.145300][   T29] audit: type=1326 audit(206.137:35077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14811 comm="syz.0.4196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f067e94f749 code=0x7ffc0000
[  206.148427][T14814] loop6: detected capacity change from 0 to 7
[  206.151518][   T29] audit: type=1400 audit(206.137:35078): avc:  denied  { append } for  pid=14813 comm="syz.5.4197" name="loop6" dev="devtmpfs" ino=106 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  206.175285][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  206.186814][   T29] audit: type=1326 audit(206.167:35079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14811 comm="syz.0.4196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f067e94f749 code=0x7ffc0000
[  206.203816][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  206.213716][   T29] audit: type=1326 audit(206.167:35080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14811 comm="syz.0.4196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f067e94f749 code=0x7ffc0000
[  206.259899][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  206.267509][   T29] audit: type=1326 audit(206.167:35081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14811 comm="syz.0.4196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f067e94f749 code=0x7ffc0000
[  206.277046][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  206.300017][   T29] audit: type=1326 audit(206.167:35082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14811 comm="syz.0.4196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f067e94f749 code=0x7ffc0000
[  206.330771][   T29] audit: type=1326 audit(206.167:35083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14811 comm="syz.0.4196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f067e94f749 code=0x7ffc0000
[  206.358422][ T3396] hid-generic 0056:0006:10001.0005: unknown main item tag 0x0
[  206.366134][ T3396] hid-generic 0056:0006:10001.0005: item fetching failed at offset 5/25
[  206.374669][ T3396] hid-generic 0056:0006:10001.0005: probe with driver hid-generic failed with error -22
[  206.384961][T14814]  loop6: unable to read partition table
[  206.414504][T14814] loop_reread_partitions: partition scan of loop6 (úùƒå¡™‰ü�¾CêjÌ–ã¢P=ý?ã}X‹ºÐ	œëÜ%õ«`ÉæÖ€ù…ˆ{í©Ö�˜Èµ4FLQkÝŠ) failed (rc=-5)
[  206.496297][T14823] FAULT_INJECTION: forcing a failure.
[  206.496297][T14823] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  206.509384][T14823] CPU: 1 UID: 0 PID: 14823 Comm: syz.3.4200 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  206.509413][T14823] Tainted: [W]=WARN
[  206.509420][T14823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  206.509432][T14823] Call Trace:
[  206.509508][T14823]  <TASK>
[  206.509591][T14823]  __dump_stack+0x1d/0x30
[  206.509618][T14823]  dump_stack_lvl+0x95/0xd0
[  206.509702][T14823]  dump_stack+0x15/0x1b
[  206.509718][T14823]  should_fail_ex+0x265/0x280
[  206.509737][T14823]  should_fail+0xb/0x20
[  206.509756][T14823]  should_fail_usercopy+0x1a/0x20
[  206.509799][T14823]  _copy_from_user+0x1c/0xb0
[  206.509821][T14823]  ___sys_sendmsg+0xc1/0x1d0
[  206.509874][T14823]  __x64_sys_sendmsg+0xd4/0x160
[  206.509938][T14823]  x64_sys_call+0x17ba/0x3000
[  206.509963][T14823]  do_syscall_64+0xca/0x2b0
[  206.509995][T14823]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  206.510012][T14823] RIP: 0033:0x7f4aaecef749
[  206.510101][T14823] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  206.510149][T14823] RSP: 002b:00007f4aad757038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  206.510221][T14823] RAX: ffffffffffffffda RBX: 00007f4aaef45fa0 RCX: 00007f4aaecef749
[  206.510233][T14823] RDX: 0000000000000010 RSI: 00002000000006c0 RDI: 0000000000000006
[  206.510246][T14823] RBP: 00007f4aad757090 R08: 0000000000000000 R09: 0000000000000000
[  206.510259][T14823] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  206.510270][T14823] R13: 00007f4aaef46038 R14: 00007f4aaef45fa0 R15: 00007fff72d61048
[  206.510287][T14823]  </TASK>
[  206.538559][   T29] audit: type=1326 audit(206.227:35084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14811 comm="syz.0.4196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f067e94f749 code=0x7ffc0000
[  206.654973][T14829] loop2: detected capacity change from 0 to 512
[  206.657587][   T29] audit: type=1326 audit(206.227:35085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14811 comm="syz.0.4196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f067e94f749 code=0x7ffc0000
[  206.683262][T14829] EXT4-fs: Ignoring removed mblk_io_submit option
[  206.699559][   T29] audit: type=1400 audit(206.247:35086): avc:  denied  { setopt } for  pid=14813 comm="syz.5.4197" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  206.735595][T14829] EXT4-fs (loop2): unable to read superblock
[  206.812378][T14841] --map-set only usable from mangle table
[  206.880195][T14849] netlink: 'syz.3.4209': attribute type 29 has an invalid length.
[  206.888455][T14849] netlink: 'syz.3.4209': attribute type 29 has an invalid length.
[  206.897046][T14849] netlink: 500 bytes leftover after parsing attributes in process `syz.3.4209'.
[  206.906832][T14849] sch_tbf: peakrate 7 is lower than or equals to rate 19 !
[  206.926803][ T3487] hid-generic 0056:0006:10001.0006: unknown main item tag 0x0
[  206.934342][ T3487] hid-generic 0056:0006:10001.0006: item fetching failed at offset 5/13
[  206.944354][ T3487] hid-generic 0056:0006:10001.0006: probe with driver hid-generic failed with error -22
[  206.959364][T14852] loop5: detected capacity change from 0 to 512
[  206.990326][T14852] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  207.006477][T14864] rdma_rxe: rxe_newlink: failed to add lo
[  207.014303][T14852] EXT4-fs error (device loop5): ext4_orphan_get:1391: inode #15: comm syz.5.4211: iget: bogus i_mode (3355)
[  207.028743][T14864] syz_tun: entered allmulticast mode
[  207.035269][T14863] syz_tun: left allmulticast mode
[  207.048015][T14852] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.4211: couldn't read orphan inode 15 (err -117)
[  207.060689][T14852] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  207.087239][T11704] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  207.130501][T14874] netlink: 8744 bytes leftover after parsing attributes in process `syz.3.4217'.
[  207.330868][T14889] netlink: 'syz.1.4223': attribute type 13 has an invalid length.
[  207.386732][T14891] sg_write: data in/out 49276/1 bytes for SCSI command 0x1c-- guessing data in;
[  207.386732][T14891]    program syz.1.4223 not setting count and/or reply_len properly
[  207.615802][    T9] hid-generic 0056:0006:10001.0007: unknown main item tag 0x0
[  207.623536][    T9] hid-generic 0056:0006:10001.0007: item fetching failed at offset 5/13
[  207.632523][    T9] hid-generic 0056:0006:10001.0007: probe with driver hid-generic failed with error -22
[  207.742338][T14900] loop5: detected capacity change from 0 to 512
[  207.763885][T14900] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  207.792586][T14900] EXT4-fs error (device loop5): ext4_orphan_get:1391: inode #15: comm syz.5.4227: iget: bogus i_mode (3355)
[  207.815755][T14900] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.4227: couldn't read orphan inode 15 (err -117)
[  207.833293][T14900] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  207.892719][T11704] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  207.972290][T14914] loop2: detected capacity change from 0 to 512
[  207.979266][T14914] EXT4-fs: Ignoring removed orlov option
[  207.986413][T14914] EXT4-fs error (device loop2): ext4_iget_extra_inode:5073: inode #15: comm syz.2.4232: corrupted in-inode xattr: e_value size too large
[  208.000715][T14914] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.4232: couldn't read orphan inode 15 (err -117)
[  208.013479][T14914] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  208.158930][T14924] loop4: detected capacity change from 0 to 7
[  208.167730][T14924] Buffer I/O error on dev loop4, logical block 0, async page read
[  208.176055][T14924] Buffer I/O error on dev loop4, logical block 0, async page read
[  208.184238][T14924]  loop4: unable to read partition table
[  208.229778][T14924] loop_reread_partitions: partition scan of loop4 (úùƒå¡™‰ü�¾SêjÌ–ã¢P=ý?ã}X‹ºÐ	œëÜ%õ«`ÉæÖ€ù…ˆŠ5) failed (rc=-5)
[  208.250895][T11394] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  208.711204][T10455] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  208.722225][T10455] CPU: 1 UID: 0 PID: 10455 Comm: syz-executor Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  208.722328][T10455] Tainted: [W]=WARN
[  208.722336][T10455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  208.722349][T10455] Call Trace:
[  208.722357][T10455]  <TASK>
[  208.722365][T10455]  __dump_stack+0x1d/0x30
[  208.722457][T10455]  dump_stack_lvl+0x95/0xd0
[  208.722479][T10455]  dump_stack+0x15/0x1b
[  208.722499][T10455]  dump_header+0x81/0x240
[  208.722522][T10455]  oom_kill_process+0x295/0x350
[  208.722578][T10455]  out_of_memory+0x97b/0xb80
[  208.722603][T10455]  try_charge_memcg+0x610/0xa10
[  208.722646][T10455]  charge_memcg+0x51/0xc0
[  208.722682][T10455]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  208.722761][T10455]  __read_swap_cache_async+0x17b/0x2d0
[  208.722794][T10455]  swap_cluster_readahead+0x262/0x3c0
[  208.722829][T10455]  swapin_readahead+0xde/0x820
[  208.722870][T10455]  ? next_uptodate_folio+0x81c/0x890
[  208.722972][T10455]  ? percpu_counter_add_batch+0xb6/0x130
[  208.722995][T10455]  ? __rcu_read_unlock+0x4f/0x70
[  208.723016][T10455]  ? swap_cache_get_folio+0x277/0x280
[  208.723086][T10455]  do_swap_page+0x2b4/0x21e0
[  208.723121][T10455]  ? __pfx_default_wake_function+0x10/0x10
[  208.723163][T10455]  handle_mm_fault+0x9d8/0x2c60
[  208.723253][T10455]  do_user_addr_fault+0x630/0x1080
[  208.723350][T10455]  exc_page_fault+0x62/0xa0
[  208.723426][T10455]  asm_exc_page_fault+0x26/0x30
[  208.723447][T10455] RIP: 0033:0x7f4aaebc5fd7
[  208.723464][T10455] Code: 00 00 48 b8 db 34 b6 d7 82 de 1b 43 48 f7 a4 24 98 00 00 00 48 8b 05 c8 f7 ea 00 48 69 8c 24 90 00 00 00 e8 03 00 00 8b 78 08 <48> 8b 44 24 18 48 c1 ea 12 4c 8b 0d d9 f6 ea 00 48 01 d1 39 7c 24
[  208.723527][T10455] RSP: 002b:00007fff72d613d0 EFLAGS: 00010202
[  208.723541][T10455] RAX: 0000001b31e24000 RBX: 0000000000000384 RCX: 0000000000032c80
[  208.723554][T10455] RDX: 000000000a02f386 RSI: 00007fff72d61460 RDI: 000000000000001c
[  208.723566][T10455] RBP: 00007fff72d6140c R08: 000000002630e219 R09: 7fffffffffffffff
[  208.723578][T10455] R10: 3fffffffffffffff R11: 0000000000000202 R12: 0000000000001388
[  208.723592][T10455] R13: 00000000000927c0 R14: 0000000000032d84 R15: 00007fff72d61460
[  208.723613][T10455]  </TASK>
[  208.937681][T10455] memory: usage 307200kB, limit 307200kB, failcnt 769
[  208.944599][T10455] memory+swap: usage 308044kB, limit 9007199254740988kB, failcnt 0
[  208.952576][T10455] kmem: usage 307176kB, limit 9007199254740988kB, failcnt 0
[  208.959849][T10455] Memory cgroup stats for /syz3:
[  208.968585][T10455] cache 8192
[  208.976840][T10455] rss 0
[  208.979606][T10455] shmem 0
[  208.982546][T10455] mapped_file 0
[  208.985987][T10455] dirty 0
[  208.988906][T10455] writeback 0
[  208.992176][T10455] workingset_refault_anon 1139
[  208.996993][T10455] workingset_refault_file 1012
[  209.001772][T10455] swap 872448
[  209.005080][T10455] swapcached 0
[  209.008469][T10455] pgpgin 391797
[  209.011927][T10455] pgpgout 391793
[  209.015488][T10455] pgfault 316567
[  209.019089][T10455] pgmajfault 187
[  209.022737][T10455] inactive_anon 0
[  209.026365][T10455] active_anon 0
[  209.029818][T10455] inactive_file 12288
[  209.033851][T10455] active_file 4096
[  209.037594][T10455] unevictable 0
[  209.041114][T10455] hierarchical_memory_limit 314572800
[  209.046497][T10455] hierarchical_memsw_limit 9223372036854771712
[  209.052664][T10455] total_cache 8192
[  209.056399][T10455] total_rss 0
[  209.059673][T10455] total_shmem 0
[  209.063164][T10455] total_mapped_file 0
[  209.067146][T10455] total_dirty 0
[  209.070612][T10455] total_writeback 0
[  209.074433][T10455] total_workingset_refault_anon 1139
[  209.079712][T10455] total_workingset_refault_file 1012
[  209.085078][T10455] total_swap 872448
[  209.088889][T10455] total_swapcached 0
[  209.092811][T10455] total_pgpgin 391797
[  209.096824][T10455] total_pgpgout 391793
[  209.100886][T10455] total_pgfault 316567
[  209.104972][T10455] total_pgmajfault 187
[  209.109040][T10455] total_inactive_anon 0
[  209.113197][T10455] total_active_anon 0
[  209.117163][T10455] total_inactive_file 12288
[  209.121671][T10455] total_active_file 4096
[  209.126077][T10455] total_unevictable 0
[  209.130033][T10455] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.4234,pid=14920,uid=0
[  209.145007][T10455] Memory cgroup out of memory: Killed process 14920 (syz.3.4234) total-vm:93968kB, anon-rss:1264kB, file-rss:22440kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  209.176555][T14921] syz.3.4234 (14921) used greatest stack depth: 6216 bytes left
[  209.236801][    T9] hid-generic 0056:0006:10001.0008: unknown main item tag 0x0
[  209.244492][    T9] hid-generic 0056:0006:10001.0008: item fetching failed at offset 5/19
[  209.270259][    T9] hid-generic 0056:0006:10001.0008: probe with driver hid-generic failed with error -22
[  209.342456][T14969] loop2: detected capacity change from 0 to 512
[  209.353310][T14969] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  209.364126][T14969] EXT4-fs error (device loop2): ext4_orphan_get:1391: inode #15: comm syz.2.4254: iget: bogus i_mode (3355)
[  209.376441][T14969] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.4254: couldn't read orphan inode 15 (err -117)
[  209.389499][T14969] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  209.415146][T11394] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  209.454088][T14978] tipc: Failed to remove unknown binding: 66,0,0/0:3713242504/3713242505
[  209.462791][T14978] tipc: Failed to remove unknown binding: 66,0,0/0:3713242504/3713242505
[  209.489746][T14980] __nla_validate_parse: 5 callbacks suppressed
[  209.489762][T14980] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4258'.
[  209.523470][T14980] loop2: detected capacity change from 0 to 2048
[  209.577172][T14980]  loop2: p2 p3 p7
[  209.586928][T14980] tmpfs: Bad value for 'mpol'
[  209.895387][T14989] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  209.901949][T14989] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  209.909419][T14989] vhci_hcd vhci_hcd.0: Device attached
[  209.919477][T14990] vhci_hcd: connection closed
[  209.921048][ T2091] vhci_hcd vhci_hcd.3: stop threads
[  209.931184][ T2091] vhci_hcd vhci_hcd.3: release socket
[  209.936686][ T2091] vhci_hcd vhci_hcd.3: disconnect device
[  209.978453][T14999] netlink: 'syz.1.4264': attribute type 29 has an invalid length.
[  209.986998][T14999] netlink: 'syz.1.4264': attribute type 29 has an invalid length.
[  209.996717][T14999] netlink: 500 bytes leftover after parsing attributes in process `syz.1.4264'.
[  210.006717][T14999] sch_tbf: peakrate 7 is lower than or equals to rate 19 !
[  210.081016][ T3487] hid-generic 0056:0006:10001.0009: unknown main item tag 0x0
[  210.088607][ T3487] hid-generic 0056:0006:10001.0009: item fetching failed at offset 5/19
[  210.116722][ T3487] hid-generic 0056:0006:10001.0009: probe with driver hid-generic failed with error -22
[  210.203138][T15015] SELinux:  Context system_u:object_r:groupadd_exec_t:s0 is not valid (left unmapped).
[  210.274030][T15024] loop5: detected capacity change from 0 to 8192
[  210.453412][T15036] netlink: 2 bytes leftover after parsing attributes in process `syz.5.4278'.
[  210.508334][T15036] bridge0: port 2(bridge_slave_1) entered disabled state
[  210.515745][T15036] bridge0: port 1(bridge_slave_0) entered disabled state
[  210.590740][T15036] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  210.600814][T15036] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  210.633620][T15036] geneve2: left promiscuous mode
[  210.638610][T15036] geneve2: left allmulticast mode
[  210.645212][ T5410] netdevsim netdevsim5 eth0: unset [1, 0] type 2 family 0 port 20000 - 0
[  210.653684][ T5410] netdevsim netdevsim5 eth0: unset [1, 1] type 2 family 0 port 6081 - 0
[  210.669881][ T5410] netdevsim netdevsim5 eth1: unset [1, 0] type 2 family 0 port 20000 - 0
[  210.678497][ T5410] netdevsim netdevsim5 eth1: unset [1, 1] type 2 family 0 port 6081 - 0
[  210.687076][ T5410] netdevsim netdevsim5 eth2: unset [1, 0] type 2 family 0 port 20000 - 0
[  210.695585][ T5410] netdevsim netdevsim5 eth2: unset [1, 1] type 2 family 0 port 6081 - 0
[  210.704475][ T5410] netdevsim netdevsim5 eth3: unset [1, 0] type 2 family 0 port 20000 - 0
[  210.713023][ T5410] netdevsim netdevsim5 eth3: unset [1, 1] type 2 family 0 port 6081 - 0
[  210.781181][T15054] loop5: detected capacity change from 0 to 8192
[  211.086801][T15063] FAULT_INJECTION: forcing a failure.
[  211.086801][T15063] name failslab, interval 1, probability 0, space 0, times 0
[  211.099638][T15063] CPU: 0 UID: 0 PID: 15063 Comm: syz.5.4289 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  211.099659][T15063] Tainted: [W]=WARN
[  211.099663][T15063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  211.099698][T15063] Call Trace:
[  211.099702][T15063]  <TASK>
[  211.099708][T15063]  __dump_stack+0x1d/0x30
[  211.099726][T15063]  dump_stack_lvl+0x95/0xd0
[  211.099804][T15063]  dump_stack+0x15/0x1b
[  211.099815][T15063]  should_fail_ex+0x265/0x280
[  211.099831][T15063]  should_failslab+0x8c/0xb0
[  211.099905][T15063]  __kmalloc_node_track_caller_noprof+0xb9/0x5b0
[  211.099931][T15063]  ? sidtab_sid2str_get+0xa0/0x130
[  211.099996][T15063]  kmemdup_noprof+0x2b/0x70
[  211.100007][T15063]  sidtab_sid2str_get+0xa0/0x130
[  211.100075][T15063]  security_sid_to_context_core+0x1eb/0x2e0
[  211.100093][T15063]  security_sid_to_context+0x27/0x40
[  211.100182][T15063]  selinux_lsmprop_to_secctx+0x67/0xf0
[  211.100199][T15063]  security_lsmprop_to_secctx+0x1a3/0x1c0
[  211.100276][T15063]  audit_log_subj_ctx+0xa4/0x3e0
[  211.100290][T15063]  ? skb_put+0xa9/0xf0
[  211.100315][T15063]  audit_log_task_context+0x48/0x70
[  211.100336][T15063]  audit_log_task+0xf4/0x250
[  211.100384][T15063]  ? kstrtouint+0x76/0xc0
[  211.100455][T15063]  audit_seccomp+0x61/0x100
[  211.100471][T15063]  ? __seccomp_filter+0x832/0x1260
[  211.100493][T15063]  __seccomp_filter+0x843/0x1260
[  211.100510][T15063]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  211.100528][T15063]  ? vfs_write+0x7e8/0x960
[  211.100538][T15063]  ? __rcu_read_unlock+0x4f/0x70
[  211.100606][T15063]  ? __fget_files+0x184/0x1c0
[  211.100621][T15063]  __secure_computing+0x82/0x150
[  211.100636][T15063]  syscall_trace_enter+0xcf/0x1e0
[  211.100728][T15063]  do_syscall_64+0xa4/0x2b0
[  211.100750][T15063]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.100762][T15063] RIP: 0033:0x7f9af34bf749
[  211.100808][T15063] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  211.100844][T15063] RSP: 002b:00007f9af1f1f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  211.100857][T15063] RAX: ffffffffffffffda RBX: 00007f9af3715fa0 RCX: 00007f9af34bf749
[  211.100864][T15063] RDX: 000000000001001a RSI: 0000200000000000 RDI: 0000000000000003
[  211.100871][T15063] RBP: 00007f9af1f1f090 R08: 0000000000000000 R09: 0000000000000000
[  211.100878][T15063] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  211.100932][T15063] R13: 00007f9af3716038 R14: 00007f9af3715fa0 R15: 00007fff1b853808
[  211.100950][T15063]  </TASK>
[  211.433590][   T29] kauditd_printk_skb: 520 callbacks suppressed
[  211.433605][   T29] audit: type=1400 audit(211.427:35606): avc:  denied  { create } for  pid=15065 comm="syz.2.4290" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  211.434193][ T3487] hid-generic 0056:0006:10001.000A: unknown main item tag 0x0
[  211.466678][ T3487] hid-generic 0056:0006:10001.000A: item fetching failed at offset 5/16
[  211.475773][ T3487] hid-generic 0056:0006:10001.000A: probe with driver hid-generic failed with error -22
[  211.486671][   T29] audit: type=1400 audit(211.427:35607): avc:  denied  { connect } for  pid=15065 comm="syz.2.4290" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  211.570572][T15083] FAULT_INJECTION: forcing a failure.
[  211.570572][T15083] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  211.583692][T15083] CPU: 0 UID: 0 PID: 15083 Comm: syz.2.4298 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  211.583728][T15083] Tainted: [W]=WARN
[  211.583801][T15083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  211.583815][T15083] Call Trace:
[  211.583823][T15083]  <TASK>
[  211.583832][T15083]  __dump_stack+0x1d/0x30
[  211.583884][T15083]  dump_stack_lvl+0x95/0xd0
[  211.583969][T15083]  dump_stack+0x15/0x1b
[  211.583990][T15083]  should_fail_ex+0x265/0x280
[  211.584018][T15083]  should_fail+0xb/0x20
[  211.584090][T15083]  should_fail_usercopy+0x1a/0x20
[  211.584115][T15083]  strncpy_from_user+0x27/0x260
[  211.584146][T15083]  ? __fget_files+0x184/0x1c0
[  211.584214][T15083]  __se_sys_add_key+0x86/0x350
[  211.584250][T15083]  __x64_sys_add_key+0x67/0x80
[  211.584281][T15083]  x64_sys_call+0x2ea3/0x3000
[  211.584370][T15083]  do_syscall_64+0xca/0x2b0
[  211.584443][T15083]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.584466][T15083] RIP: 0033:0x7fb1409ff749
[  211.584484][T15083] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  211.584504][T15083] RSP: 002b:00007fb13f467038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8
[  211.584525][T15083] RAX: ffffffffffffffda RBX: 00007fb140c55fa0 RCX: 00007fb1409ff749
[  211.584567][T15083] RDX: 00002000000009c0 RSI: 0000000000000000 RDI: 0000200000000040
[  211.584581][T15083] RBP: 00007fb13f467090 R08: 000000003d6b794f R09: 0000000000000000
[  211.584596][T15083] R10: 000000000000002b R11: 0000000000000246 R12: 0000000000000001
[  211.584610][T15083] R13: 00007fb140c56038 R14: 00007fb140c55fa0 R15: 00007ffc60397fe8
[  211.584674][T15083]  </TASK>
[  211.797861][   T29] audit: type=1400 audit(211.787:35608): avc:  denied  { getopt } for  pid=15092 comm="syz.2.4301" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  211.853326][T15096] loop2: detected capacity change from 0 to 2048
[  211.895538][T15096] Alternate GPT is invalid, using primary GPT.
[  211.902716][T15096]  loop2: p2 p3 p7
[  211.921384][T15102] netlink: 'syz.3.4303': attribute type 39 has an invalid length.
[  211.974086][   T29] audit: type=1400 audit(211.967:35609): avc:  denied  { ioctl } for  pid=15100 comm="syz.3.4303" path="socket:[44834]" dev="sockfs" ino=44834 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  211.998521][   T29] audit: type=1326 audit(211.967:35610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15100 comm="syz.3.4303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4aaecef749 code=0x7ffc0000
[  212.021535][   T29] audit: type=1326 audit(211.967:35611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15100 comm="syz.3.4303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4aaecef749 code=0x7ffc0000
[  212.044528][   T29] audit: type=1326 audit(211.967:35612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15100 comm="syz.3.4303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=38 compat=0 ip=0x7f4aaecef749 code=0x7ffc0000
[  212.067397][   T29] audit: type=1326 audit(211.967:35613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15100 comm="syz.3.4303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4aaecef749 code=0x7ffc0000
[  212.090369][   T29] audit: type=1326 audit(211.967:35614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15100 comm="syz.3.4303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4aaecef749 code=0x7ffc0000
[  212.215093][ T3487] hid-generic 0056:0006:10001.000B: unknown main item tag 0x0
[  212.222734][ T3487] hid-generic 0056:0006:10001.000B: item fetching failed at offset 5/15
[  212.231498][ T3487] hid-generic 0056:0006:10001.000B: probe with driver hid-generic failed with error -22
[  212.291999][T15115] loop5: detected capacity change from 0 to 512
[  212.299209][T15115] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  212.308859][T15115] EXT4-fs error (device loop5): ext4_orphan_get:1391: inode #15: comm syz.5.4308: iget: bogus i_mode (3355)
[  212.320517][T15115] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.4308: couldn't read orphan inode 15 (err -117)
[  212.332988][T15115] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  212.356791][T11704] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  212.378776][   T29] audit: type=1400 audit(212.367:35615): avc:  denied  { write } for  pid=15122 comm="syz.5.4310" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  212.397966][T15123] loop5: detected capacity change from 0 to 512
[  212.434740][T15123] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  212.447229][T15125] FAULT_INJECTION: forcing a failure.
[  212.447229][T15125] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  212.460417][T15125] CPU: 0 UID: 0 PID: 15125 Comm: syz.2.4311 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  212.460448][T15125] Tainted: [W]=WARN
[  212.460455][T15125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  212.460466][T15125] Call Trace:
[  212.460474][T15125]  <TASK>
[  212.460483][T15125]  __dump_stack+0x1d/0x30
[  212.460573][T15125]  dump_stack_lvl+0x95/0xd0
[  212.460591][T15125]  dump_stack+0x15/0x1b
[  212.460608][T15125]  should_fail_ex+0x265/0x280
[  212.460630][T15125]  should_fail+0xb/0x20
[  212.460659][T15125]  should_fail_usercopy+0x1a/0x20
[  212.460683][T15125]  fpu__restore_sig+0x12d/0xaa0
[  212.460771][T15125]  ? x86_task_fpu+0x36/0x60
[  212.460905][T15125]  ? should_fail_ex+0xdb/0x280
[  212.460970][T15125]  __ia32_sys_rt_sigreturn+0x29f/0x350
[  212.461049][T15125]  x64_sys_call+0x274a/0x3000
[  212.461069][T15125]  do_syscall_64+0xca/0x2b0
[  212.461100][T15125]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.461124][T15125] RIP: 0033:0x7fb1409ff747
[  212.461140][T15125] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[  212.461190][T15125] RSP: 002b:00007fb13f446038 EFLAGS: 00000246
[  212.461211][T15125] RAX: 0000000000000010 RBX: 00007fb140c56090 RCX: 00007fb1409ff749
[  212.461267][T15125] RDX: 0000000000000002 RSI: 000000000000540a RDI: 0000000000000003
[  212.461281][T15125] RBP: 00007fb13f446090 R08: 0000000000000000 R09: 0000000000000000
[  212.461292][T15125] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  212.461303][T15125] R13: 00007fb140c56128 R14: 00007fb140c56090 R15: 00007ffc60397fe8
[  212.461326][T15125]  </TASK>
[  212.633159][T15123] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.4310: bg 0: block 360: padding at end of block bitmap is not set
[  212.666017][T11704] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  213.224762][T15152] loop2: detected capacity change from 0 to 512
[  213.231921][T15152] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  213.242022][T15152] EXT4-fs error (device loop2): ext4_orphan_get:1391: inode #15: comm syz.2.4321: iget: bogus i_mode (3355)
[  213.254205][T15152] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.4321: couldn't read orphan inode 15 (err -117)
[  213.267353][T15152] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  213.294539][T11394] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  213.315187][T15160] IPv6: NLM_F_CREATE should be specified when creating new route
[  213.323513][T15159] loop2: detected capacity change from 0 to 512
[  213.330725][T15159] ext4: Unknown parameter 'À'
[  213.333830][T15162] FAULT_INJECTION: forcing a failure.
[  213.333830][T15162] name failslab, interval 1, probability 0, space 0, times 0
[  213.348120][T15162] CPU: 0 UID: 0 PID: 15162 Comm: syz.5.4325 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  213.348162][T15162] Tainted: [W]=WARN
[  213.348166][T15162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  213.348174][T15162] Call Trace:
[  213.348179][T15162]  <TASK>
[  213.348185][T15162]  __dump_stack+0x1d/0x30
[  213.348203][T15162]  dump_stack_lvl+0x95/0xd0
[  213.348215][T15162]  dump_stack+0x15/0x1b
[  213.348261][T15162]  should_fail_ex+0x265/0x280
[  213.348277][T15162]  should_failslab+0x8c/0xb0
[  213.348291][T15162]  __kmalloc_cache_noprof+0x65/0x4c0
[  213.348371][T15162]  ? alloc_pipe_info+0xae/0x340
[  213.348384][T15162]  alloc_pipe_info+0xae/0x340
[  213.348396][T15162]  splice_direct_to_actor+0x592/0x680
[  213.348409][T15162]  ? __pfx_direct_splice_actor+0x10/0x10
[  213.348435][T15162]  ? __seccomp_filter+0x843/0x1260
[  213.348452][T15162]  ? avc_policy_seqno+0x15/0x30
[  213.348463][T15162]  ? selinux_file_permission+0x1e2/0x320
[  213.348493][T15162]  do_splice_direct+0xda/0x150
[  213.348505][T15162]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  213.348545][T15162]  do_sendfile+0x380/0x650
[  213.348569][T15162]  __x64_sys_sendfile64+0x105/0x150
[  213.348594][T15162]  x64_sys_call+0x2db1/0x3000
[  213.348626][T15162]  do_syscall_64+0xca/0x2b0
[  213.348721][T15162]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.348734][T15162] RIP: 0033:0x7f9af34bf749
[  213.348812][T15162] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  213.348823][T15162] RSP: 002b:00007f9af1f1f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  213.348835][T15162] RAX: ffffffffffffffda RBX: 00007f9af3715fa0 RCX: 00007f9af34bf749
[  213.348842][T15162] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000004
[  213.348851][T15162] RBP: 00007f9af1f1f090 R08: 0000000000000000 R09: 0000000000000000
[  213.348859][T15162] R10: 0000000800000009 R11: 0000000000000246 R12: 0000000000000001
[  213.348866][T15162] R13: 00007f9af3716038 R14: 00007f9af3715fa0 R15: 00007fff1b853808
[  213.348877][T15162]  </TASK>
[  213.371868][T15164] netlink: 'syz.2.4326': attribute type 29 has an invalid length.
[  213.514892][T15171] netlink: 596 bytes leftover after parsing attributes in process `syz.2.4326'.
[  213.517266][T15169] netlink: 'syz.2.4326': attribute type 29 has an invalid length.
[  213.601873][T15164] sch_tbf: peakrate 7 is lower than or equals to rate 19 !
[  213.722207][T15191] FAULT_INJECTION: forcing a failure.
[  213.722207][T15191] name failslab, interval 1, probability 0, space 0, times 0
[  213.735077][T15191] CPU: 0 UID: 0 PID: 15191 Comm: syz.3.4337 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  213.735104][T15191] Tainted: [W]=WARN
[  213.735131][T15191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  213.735139][T15191] Call Trace:
[  213.735144][T15191]  <TASK>
[  213.735149][T15191]  __dump_stack+0x1d/0x30
[  213.735169][T15191]  dump_stack_lvl+0x95/0xd0
[  213.735182][T15191]  dump_stack+0x15/0x1b
[  213.735229][T15191]  should_fail_ex+0x265/0x280
[  213.735244][T15191]  should_failslab+0x8c/0xb0
[  213.735259][T15191]  kmem_cache_alloc_noprof+0x69/0x4b0
[  213.735273][T15191]  ? getname_kernel+0x3c/0x1f0
[  213.735356][T15191]  getname_kernel+0x3c/0x1f0
[  213.735369][T15191]  kern_path+0x23/0x130
[  213.735414][T15191]  create_local_trace_uprobe+0x53/0x2c0
[  213.735433][T15191]  perf_uprobe_init+0xc0/0x150
[  213.735448][T15191]  perf_uprobe_event_init+0xc4/0x140
[  213.735510][T15191]  perf_try_init_event+0xd9/0x540
[  213.735586][T15191]  ? perf_event_alloc+0xb2f/0x18d0
[  213.735604][T15191]  perf_event_alloc+0xb3a/0x18d0
[  213.735662][T15191]  ? __fget_files+0x184/0x1c0
[  213.735677][T15191]  __se_sys_perf_event_open+0x603/0x1210
[  213.735695][T15191]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  213.735759][T15191]  __x64_sys_perf_event_open+0x67/0x80
[  213.735790][T15191]  x64_sys_call+0x78c/0x3000
[  213.735828][T15191]  do_syscall_64+0xca/0x2b0
[  213.735900][T15191]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.735913][T15191] RIP: 0033:0x7f4aaecef749
[  213.736019][T15191] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  213.736029][T15191] RSP: 002b:00007f4aad757038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  213.736041][T15191] RAX: ffffffffffffffda RBX: 00007f4aaef45fa0 RCX: 00007f4aaecef749
[  213.736048][T15191] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000
[  213.736056][T15191] RBP: 00007f4aad757090 R08: 0000000000000000 R09: 0000000000000000
[  213.736139][T15191] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[  213.736146][T15191] R13: 00007f4aaef46038 R14: 00007f4aaef45fa0 R15: 00007fff72d61048
[  213.736159][T15191]  </TASK>
[  214.011380][T15204] loop2: detected capacity change from 0 to 1024
[  214.018525][T15204] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  214.029583][T15204] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  214.037670][T15204] EXT4-fs (loop2): orphan cleanup on readonly fs
[  214.045244][T15204] EXT4-fs error (device loop2): ext4_acquire_dquot:6986: comm syz.2.4342: Failed to acquire dquot type 0
[  214.056713][T15204] EXT4-fs error (device loop2): ext4_acquire_dquot:6986: comm syz.2.4342: Failed to acquire dquot type 0
[  214.068326][T15204] EXT4-fs error (device loop2): ext4_free_blocks:6728: comm syz.2.4342: Freeing blocks not in datazone - block = 0, count = 4096
[  214.081977][T15204] EXT4-fs error (device loop2): ext4_acquire_dquot:6986: comm syz.2.4342: Failed to acquire dquot type 0
[  214.093604][T15204] EXT4-fs (loop2): 1 orphan inode deleted
[  214.100190][T15204] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  214.114855][T15204] EXT4-fs error (device loop2): ext4_lookup:1785: inode #15: comm syz.2.4342: iget: bad extended attribute block 6
[  214.128771][T15204] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.152072][T15208] netlink: 'syz.2.4343': attribute type 29 has an invalid length.
[  214.160614][T15208] netlink: 'syz.2.4343': attribute type 29 has an invalid length.
[  214.169100][T15208] netlink: 500 bytes leftover after parsing attributes in process `syz.2.4343'.
[  214.179641][T15208] sch_tbf: peakrate 7 is lower than or equals to rate 19 !
[  214.311974][T15220] netlink: 'syz.0.4350': attribute type 3 has an invalid length.
[  214.519791][T15183] FAULT_INJECTION: forcing a failure.
[  214.519791][T15183] name fail_futex, interval 1, probability 0, space 0, times 1
[  214.532793][T15183] CPU: 0 UID: 0 PID: 15183 Comm: syz.1.4333 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  214.532827][T15183] Tainted: [W]=WARN
[  214.532835][T15183] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  214.532849][T15183] Call Trace:
[  214.532865][T15183]  <TASK>
[  214.532874][T15183]  __dump_stack+0x1d/0x30
[  214.532901][T15183]  dump_stack_lvl+0x95/0xd0
[  214.532922][T15183]  dump_stack+0x15/0x1b
[  214.532938][T15183]  should_fail_ex+0x265/0x280
[  214.533042][T15183]  should_fail+0xb/0x20
[  214.533061][T15183]  get_futex_key+0x907/0xc00
[  214.533090][T15183]  futex_wake+0x7d/0x360
[  214.533124][T15183]  do_futex+0x323/0x380
[  214.533186][T15183]  mm_release+0xa1/0x190
[  214.533248][T15183]  exit_mm_release+0x25/0x30
[  214.533265][T15183]  exit_mm+0x38/0x180
[  214.533286][T15183]  do_exit+0x3fb/0x1590
[  214.533308][T15183]  do_group_exit+0xff/0x140
[  214.533345][T15183]  ? get_signal+0xe50/0xf70
[  214.533441][T15183]  get_signal+0xe58/0xf70
[  214.533513][T15183]  ? do_recvmmsg+0x4e6/0x540
[  214.533633][T15183]  arch_do_signal_or_restart+0x96/0x450
[  214.533678][T15183]  exit_to_user_mode_loop+0x6a/0x740
[  214.533700][T15183]  ? __x64_sys_recvmmsg+0xe5/0x170
[  214.533730][T15183]  do_syscall_64+0x1e1/0x2b0
[  214.533765][T15183]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.533788][T15183] RIP: 0033:0x7f0e24e0f749
[  214.533801][T15183] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  214.533817][T15183] RSP: 002b:00007f0e23877038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  214.533862][T15183] RAX: fffffffffffffe00 RBX: 00007f0e25065fa0 RCX: 00007f0e24e0f749
[  214.533875][T15183] RDX: 0000000000000048 RSI: 00002000000004c0 RDI: 0000000000000003
[  214.533886][T15183] RBP: 00007f0e23877090 R08: 0000000000000000 R09: 0000000000000000
[  214.533897][T15183] R10: 000000000000820b R11: 0000000000000246 R12: 0000000000000001
[  214.533909][T15183] R13: 00007f0e25066038 R14: 00007f0e25065fa0 R15: 00007ffe75ab9998
[  214.533929][T15183]  </TASK>
[  215.222284][T15263] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  215.232524][T15263] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  215.253598][T15263] syzkaller0: entered promiscuous mode
[  215.259329][T15263] syzkaller0: entered allmulticast mode
[  215.265604][ T5421] syzkaller0: tun_net_xmit 48
[  215.271101][T15263] syzkaller0: tun_chr_ioctl cmd 1074025677
[  215.276983][T15263] syzkaller0: Linktype set failed because interface is up
[  215.712719][T15272] lo speed is unknown, defaulting to 1000
[  216.143644][T15301] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4377'.
[  216.168451][T15286] netlink: 84 bytes leftover after parsing attributes in process `syz.2.4371'.
[  216.238097][T15312] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4382'.
[  216.444760][T15328] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4388'.
[  216.510366][T15328] lo speed is unknown, defaulting to 1000
[  216.615162][T15336] loop5: detected capacity change from 0 to 512
[  216.622044][T15336] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  216.631910][T15336] EXT4-fs error (device loop5): ext4_orphan_get:1391: inode #15: comm syz.5.4390: iget: bogus i_mode (3355)
[  216.644052][T15336] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.4390: couldn't read orphan inode 15 (err -117)
[  216.656708][T15336] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  216.680363][T11704] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  217.077227][T15352] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4394'.
[  217.092484][T15352] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4394'.
[  217.221114][T15361] FAULT_INJECTION: forcing a failure.
[  217.221114][T15361] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  217.234309][T15361] CPU: 0 UID: 0 PID: 15361 Comm: syz.1.4399 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  217.234343][T15361] Tainted: [W]=WARN
[  217.234349][T15361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  217.234381][T15361] Call Trace:
[  217.234388][T15361]  <TASK>
[  217.234397][T15361]  __dump_stack+0x1d/0x30
[  217.234424][T15361]  dump_stack_lvl+0x95/0xd0
[  217.234451][T15361]  dump_stack+0x15/0x1b
[  217.234466][T15361]  should_fail_ex+0x265/0x280
[  217.234488][T15361]  should_fail+0xb/0x20
[  217.234505][T15361]  should_fail_usercopy+0x1a/0x20
[  217.234607][T15361]  strncpy_from_user+0x27/0x260
[  217.234674][T15361]  getname_flags+0xae/0x3b0
[  217.234698][T15361]  path_setxattrat+0x223/0x310
[  217.234780][T15361]  __x64_sys_lsetxattr+0x71/0x90
[  217.234801][T15361]  x64_sys_call+0x2ef0/0x3000
[  217.234972][T15361]  do_syscall_64+0xca/0x2b0
[  217.235006][T15361]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.235029][T15361] RIP: 0033:0x7f0e24e0f749
[  217.235096][T15361] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  217.235171][T15361] RSP: 002b:00007f0e23877038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[  217.235191][T15361] RAX: ffffffffffffffda RBX: 00007f0e25065fa0 RCX: 00007f0e24e0f749
[  217.235205][T15361] RDX: 0000200000000100 RSI: 00002000000000c0 RDI: 0000200000000280
[  217.235219][T15361] RBP: 00007f0e23877090 R08: 0000000000000000 R09: 0000000000000000
[  217.235247][T15361] R10: 000000000000fe37 R11: 0000000000000246 R12: 0000000000000001
[  217.235260][T15361] R13: 00007f0e25066038 R14: 00007f0e25065fa0 R15: 00007ffe75ab9998
[  217.235281][T15361]  </TASK>
[  217.422929][   T29] kauditd_printk_skb: 981 callbacks suppressed
[  217.422977][   T29] audit: type=1326 audit(217.417:36591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15363 comm="syz.3.4400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4aaecef749 code=0x7ffc0000
[  217.457915][   T29] audit: type=1326 audit(217.447:36592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15363 comm="syz.3.4400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4aaecef749 code=0x7ffc0000
[  217.477890][T15362] lo speed is unknown, defaulting to 1000
[  217.481033][   T29] audit: type=1326 audit(217.447:36593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15363 comm="syz.3.4400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4aaecef749 code=0x7ffc0000
[  217.509637][   T29] audit: type=1326 audit(217.447:36594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15363 comm="syz.3.4400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4aaecef749 code=0x7ffc0000
[  217.532905][   T29] audit: type=1326 audit(217.447:36595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15363 comm="syz.3.4400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4aaecef749 code=0x7ffc0000
[  217.555896][   T29] audit: type=1326 audit(217.447:36596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15363 comm="syz.3.4400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4aaecef749 code=0x7ffc0000
[  217.578919][   T29] audit: type=1326 audit(217.447:36597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15363 comm="syz.3.4400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4aaecef749 code=0x7ffc0000
[  217.602009][   T29] audit: type=1326 audit(217.447:36598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15363 comm="syz.3.4400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7f4aaecef749 code=0x7ffc0000
[  217.625090][   T29] audit: type=1326 audit(217.447:36599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15363 comm="syz.3.4400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4aaecef749 code=0x7ffc0000
[  217.648273][   T29] audit: type=1326 audit(217.447:36600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15363 comm="syz.3.4400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7f4aaecef749 code=0x7ffc0000
[  218.147398][T15398] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  218.253214][T15400] lo speed is unknown, defaulting to 1000
[  218.277202][T15403] FAULT_INJECTION: forcing a failure.
[  218.277202][T15403] name failslab, interval 1, probability 0, space 0, times 0
[  218.289980][T15403] CPU: 0 UID: 0 PID: 15403 Comm: syz.3.4415 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  218.290014][T15403] Tainted: [W]=WARN
[  218.290021][T15403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  218.290034][T15403] Call Trace:
[  218.290042][T15403]  <TASK>
[  218.290053][T15403]  __dump_stack+0x1d/0x30
[  218.290094][T15403]  dump_stack_lvl+0x95/0xd0
[  218.290112][T15403]  dump_stack+0x15/0x1b
[  218.290128][T15403]  should_fail_ex+0x265/0x280
[  218.290153][T15403]  should_failslab+0x8c/0xb0
[  218.290268][T15403]  __kmalloc_noprof+0xb9/0x5a0
[  218.290292][T15403]  ? genl_family_rcv_msg_attrs_parse+0x75/0x190
[  218.290321][T15403]  genl_family_rcv_msg_attrs_parse+0x75/0x190
[  218.290347][T15403]  genl_family_rcv_msg_doit+0x48/0x1b0
[  218.290393][T15403]  ? selinux_capable+0x31/0x40
[  218.290417][T15403]  ? security_capable+0x83/0x90
[  218.290447][T15403]  ? ns_capable+0x7d/0xb0
[  218.290475][T15403]  genl_rcv_msg+0x422/0x460
[  218.290504][T15403]  ? __pfx_ethnl_set_features+0x10/0x10
[  218.290528][T15403]  netlink_rcv_skb+0x123/0x220
[  218.290581][T15403]  ? __pfx_genl_rcv_msg+0x10/0x10
[  218.290609][T15403]  genl_rcv+0x28/0x40
[  218.290628][T15403]  netlink_unicast+0x5c0/0x690
[  218.290678][T15403]  netlink_sendmsg+0x58b/0x6b0
[  218.290705][T15403]  ? __pfx_netlink_sendmsg+0x10/0x10
[  218.290733][T15403]  __sock_sendmsg+0x145/0x180
[  218.290803][T15403]  ____sys_sendmsg+0x31e/0x4a0
[  218.290832][T15403]  ___sys_sendmsg+0x17b/0x1d0
[  218.290888][T15403]  __x64_sys_sendmsg+0xd4/0x160
[  218.291038][T15403]  x64_sys_call+0x17ba/0x3000
[  218.291070][T15403]  do_syscall_64+0xca/0x2b0
[  218.291104][T15403]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.291126][T15403] RIP: 0033:0x7f4aaecef749
[  218.291143][T15403] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  218.291168][T15403] RSP: 002b:00007f4aad757038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  218.291185][T15403] RAX: ffffffffffffffda RBX: 00007f4aaef45fa0 RCX: 00007f4aaecef749
[  218.291197][T15403] RDX: 0000000004040400 RSI: 0000200000000440 RDI: 0000000000000003
[  218.291216][T15403] RBP: 00007f4aad757090 R08: 0000000000000000 R09: 0000000000000000
[  218.291229][T15403] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  218.291263][T15403] R13: 00007f4aaef46038 R14: 00007f4aaef45fa0 R15: 00007fff72d61048
[  218.291283][T15403]  </TASK>
[  218.586275][T15414] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4419'.
[  218.607914][T15414] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4419'.
[  218.617066][T15414] netlink: 'syz.5.4419': attribute type 1 has an invalid length.
[  218.625018][T15414] netlink: 464 bytes leftover after parsing attributes in process `syz.5.4419'.
[  218.631860][T15412] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=8275 sclass=netlink_audit_socket pid=15412 comm=syz.1.4418
[  218.755863][T15432] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4425'.
[  219.054862][T15442] team1: entered promiscuous mode
[  219.059934][T15442] team1: entered allmulticast mode
[  219.066512][T15442] 8021q: adding VLAN 0 to HW filter on device team1
[  219.091214][T15452] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=15452 comm=syz.5.4426
[  219.103986][T15452] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=15452 comm=syz.5.4426
[  219.813384][T15470] bridge0: port 3(bond0) entered blocking state
[  219.819720][T15470] bridge0: port 3(bond0) entered disabled state
[  219.828110][T15470] bond0: entered allmulticast mode
[  219.833273][T15470] bond_slave_0: entered allmulticast mode
[  219.839020][T15470] bond_slave_1: entered allmulticast mode
[  219.845110][T15470] dummy0: entered allmulticast mode
[  219.851196][T15470] bond0: entered promiscuous mode
[  219.856347][T15470] bond_slave_0: entered promiscuous mode
[  219.862182][T15470] bond_slave_1: entered promiscuous mode
[  219.868170][T15470] dummy0: entered promiscuous mode
[  219.880568][T15475] sch_tbf: peakrate 7 is lower than or equals to rate 19 !
[  220.504427][T15520] gtp0: entered promiscuous mode
[  220.509400][T15520] gtp0: entered allmulticast mode
[  220.673222][T15538] loop5: detected capacity change from 0 to 512
[  220.685247][T15538] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  220.712201][T15538] EXT4-fs error (device loop5): ext4_orphan_get:1391: inode #15: comm syz.5.4461: iget: bogus i_mode (3355)
[  220.732841][T15538] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.4461: couldn't read orphan inode 15 (err -117)
[  220.760041][T15538] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  220.797681][T11704] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.078504][T15562] loop5: detected capacity change from 0 to 512
[  221.085703][T15562] EXT4-fs: inline encryption not supported
[  221.093106][T15562] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2
[  221.101420][T15562] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.4468: invalid indirect mapped block 2683928664 (level 1)
[  221.116297][T15562] EXT4-fs (loop5): 1 truncate cleaned up
[  221.136996][T15562] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  221.164433][T15562] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.4468: invalid indirect mapped block 480848489 (level 1)
[  221.190075][T11704] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.276714][T15577] __nla_validate_parse: 5 callbacks suppressed
[  221.276731][T15577] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4472'.
[  221.296377][T15583] netlink: 76 bytes leftover after parsing attributes in process `syz.1.4473'.
[  221.656758][T15621] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4487'.
[  221.685204][T15621] netlink: 'syz.5.4487': attribute type 10 has an invalid length.
[  221.695056][T15621] team0: Failed to send options change via netlink (err -105)
[  221.702607][T15621] team0: Port device dummy0 added
[  221.712269][T15621] netlink: 'syz.5.4487': attribute type 10 has an invalid length.
[  221.731017][T15621] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  221.751177][T15621] team0: Failed to send options change via netlink (err -105)
[  221.759029][T15621] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  221.768084][T15621] team0: Port device dummy0 removed
[  221.775460][T15621] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  221.874141][T15631] SELinux:  Context system_u:object_r:hald_exec_t:s0 is not valid (left unmapped).
[  222.208953][T15663] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=15663 comm=syz.1.4499
[  222.525063][   T29] kauditd_printk_skb: 914 callbacks suppressed
[  222.525078][   T29] audit: type=1326 audit(222.517:37515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15678 comm="syz.0.4505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f067e94f749 code=0x7ffc0000
[  222.555520][   T29] audit: type=1326 audit(222.517:37516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15678 comm="syz.0.4505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f067e94f749 code=0x7ffc0000
[  222.578590][   T29] audit: type=1326 audit(222.517:37517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15678 comm="syz.0.4505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=187 compat=0 ip=0x7f067e94f749 code=0x7ffc0000
[  222.601859][   T29] audit: type=1326 audit(222.517:37518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15678 comm="syz.0.4505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f067e94f749 code=0x7ffc0000
[  222.624847][   T29] audit: type=1326 audit(222.517:37519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15678 comm="syz.0.4505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f067e94f749 code=0x7ffc0000
[  222.647851][   T29] audit: type=1326 audit(222.517:37520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15678 comm="syz.0.4505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f067e94f749 code=0x7ffc0000
[  222.670826][   T29] audit: type=1326 audit(222.517:37521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15678 comm="syz.0.4505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f067e94f749 code=0x7ffc0000
[  222.693599][   T29] audit: type=1326 audit(222.517:37522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15678 comm="syz.0.4505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f067e94f749 code=0x7ffc0000
[  222.716671][   T29] audit: type=1326 audit(222.517:37523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15678 comm="syz.0.4505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f067e94f749 code=0x7ffc0000
[  222.719712][T13845] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  222.739517][   T29] audit: type=1326 audit(222.517:37524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15678 comm="syz.0.4505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f067e94f749 code=0x7ffc0000
[  222.806011][T13845] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  222.815643][T13845] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  222.835759][T13845] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  223.126758][T15737] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4528'.
[  223.132856][T15734] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4527'.
[  223.401251][T15749] FAULT_INJECTION: forcing a failure.
[  223.401251][T15749] name failslab, interval 1, probability 0, space 0, times 0
[  223.414042][T15749] CPU: 0 UID: 0 PID: 15749 Comm: syz.5.4530 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  223.414147][T15749] Tainted: [W]=WARN
[  223.414154][T15749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  223.414190][T15749] Call Trace:
[  223.414198][T15749]  <TASK>
[  223.414207][T15749]  __dump_stack+0x1d/0x30
[  223.414300][T15749]  dump_stack_lvl+0x95/0xd0
[  223.414319][T15749]  dump_stack+0x15/0x1b
[  223.414358][T15749]  should_fail_ex+0x265/0x280
[  223.414378][T15749]  should_failslab+0x8c/0xb0
[  223.414396][T15749]  __kmalloc_noprof+0xb9/0x5a0
[  223.414485][T15749]  ? __register_sysctl_table+0x79c/0xc00
[  223.414514][T15749]  ? find_entry+0x108/0x140
[  223.414618][T15749]  __register_sysctl_table+0x79c/0xc00
[  223.414733][T15749]  ? register_pidns_sysctls+0x4a/0x130
[  223.414762][T15749]  register_pidns_sysctls+0xd4/0x130
[  223.414829][T15749]  copy_pid_ns+0x370/0x580
[  223.414855][T15749]  ? kmem_cache_alloc_noprof+0x2c5/0x4b0
[  223.414873][T15749]  ? copy_utsname+0xb3/0x3c0
[  223.414898][T15749]  create_new_namespaces+0x176/0x400
[  223.414967][T15749]  unshare_nsproxy_namespaces+0xe8/0x120
[  223.414999][T15749]  ksys_unshare+0x3d0/0x6d0
[  223.415022][T15749]  ? ksys_write+0x192/0x1a0
[  223.415044][T15749]  __x64_sys_unshare+0x1f/0x30
[  223.415063][T15749]  x64_sys_call+0x2ae6/0x3000
[  223.415183][T15749]  do_syscall_64+0xca/0x2b0
[  223.415218][T15749]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.415286][T15749] RIP: 0033:0x7f9af34bf749
[  223.415302][T15749] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  223.415322][T15749] RSP: 002b:00007f9af1edd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  223.415343][T15749] RAX: ffffffffffffffda RBX: 00007f9af3716180 RCX: 00007f9af34bf749
[  223.415401][T15749] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000062040200
[  223.415412][T15749] RBP: 00007f9af1edd090 R08: 0000000000000000 R09: 0000000000000000
[  223.415483][T15749] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  223.415496][T15749] R13: 00007f9af3716218 R14: 00007f9af3716180 R15: 00007fff1b853808
[  223.415515][T15749]  </TASK>
[  223.415521][T15749] sysctl could not get directory: /kernel -12
[  224.037861][T15773] netlink: 'syz.3.4542': attribute type 21 has an invalid length.
[  224.118327][T15781] loop5: detected capacity change from 0 to 512
[  224.125543][T15781] EXT4-fs: Mount option(s) incompatible with ext3
[  224.137341][T15781] delete_channel: no stack
[  224.141854][T15781] delete_channel: no stack
[  224.473019][T15798] netlink: 596 bytes leftover after parsing attributes in process `syz.2.4550'.
[  224.497876][T15798] sch_tbf: peakrate 7 is lower than or equals to rate 19 !
[  224.579135][T15812] netlink: 596 bytes leftover after parsing attributes in process `syz.3.4555'.
[  224.589284][T15812] sch_tbf: peakrate 7 is lower than or equals to rate 19 !
[  224.726187][T15808] lo speed is unknown, defaulting to 1000
[  224.811221][T15819] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4558'.
[  224.821715][T15819] netlink: 48 bytes leftover after parsing attributes in process `syz.5.4558'.
[  224.952385][T15838] 9pnet_fd: Insufficient options for proto=fd
[  225.031184][T15857] netlink: 'syz.5.4571': attribute type 1 has an invalid length.
[  225.056729][T15864] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4573'.
[  225.088869][T13845] Bluetooth: hci0: Frame reassembly failed (-84)
[  225.243095][ T5410] Bluetooth: hci1: Frame reassembly failed (-84)
[  225.425454][T15894] netlink: 'syz.2.4585': attribute type 1 has an invalid length.
[  225.904816][T15924] netlink: 'syz.3.4598': attribute type 1 has an invalid length.
[  226.621593][T16000] lo speed is unknown, defaulting to 1000
[  227.102458][ T3837] Bluetooth: hci0: command 0x1003 tx timeout
[  227.102458][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  227.262561][ T4068] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  227.262616][   T44] Bluetooth: hci1: command 0x1003 tx timeout
[  227.437887][T16028] __nla_validate_parse: 2 callbacks suppressed
[  227.437903][T16028] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4643'.
[  227.453137][T16028] hsr_slave_0: left promiscuous mode
[  227.458893][T16028] hsr_slave_1: left promiscuous mode
[  227.582052][T16044] netlink: 596 bytes leftover after parsing attributes in process `syz.0.4648'.
[  227.593150][T16044] sch_tbf: peakrate 7 is lower than or equals to rate 19 !
[  227.684765][T16057] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4653'.
[  227.700439][T16057] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=16057 comm=syz.3.4653
[  227.714031][   T29] kauditd_printk_skb: 186 callbacks suppressed
[  227.714044][   T29] audit: type=1326 audit(227.707:37711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16056 comm="syz.3.4653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4aaecef749 code=0x7ffc0000
[  227.743567][   T29] audit: type=1326 audit(227.707:37712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16056 comm="syz.3.4653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4aaecef749 code=0x7ffc0000
[  227.766712][   T29] audit: type=1326 audit(227.717:37713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16056 comm="syz.3.4653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4aaecef749 code=0x7ffc0000
[  227.789707][   T29] audit: type=1326 audit(227.717:37714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16056 comm="syz.3.4653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=204 compat=0 ip=0x7f4aaecef749 code=0x7ffc0000
[  227.812661][   T29] audit: type=1326 audit(227.717:37715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16056 comm="syz.3.4653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4aaecef749 code=0x7ffc0000
[  227.835737][   T29] audit: type=1326 audit(227.717:37716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16056 comm="syz.3.4653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4aaecef749 code=0x7ffc0000
[  227.858820][   T29] audit: type=1326 audit(227.717:37717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16056 comm="syz.3.4653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4aaecef749 code=0x7ffc0000
[  227.881884][   T29] audit: type=1326 audit(227.717:37718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16056 comm="syz.3.4653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f4aaecef749 code=0x7ffc0000
[  227.904832][   T29] audit: type=1326 audit(227.717:37719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16056 comm="syz.3.4653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f4aaecef749 code=0x7ffc0000
[  228.043494][T16071] FAULT_INJECTION: forcing a failure.
[  228.043494][T16071] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  228.056593][T16071] CPU: 0 UID: 0 PID: 16071 Comm: syz.5.4659 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  228.056665][T16071] Tainted: [W]=WARN
[  228.056670][T16071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  228.056726][T16071] Call Trace:
[  228.056731][T16071]  <TASK>
[  228.056735][T16071]  __dump_stack+0x1d/0x30
[  228.056751][T16071]  dump_stack_lvl+0x95/0xd0
[  228.056836][T16071]  dump_stack+0x15/0x1b
[  228.056860][T16071]  should_fail_ex+0x265/0x280
[  228.056874][T16071]  should_fail+0xb/0x20
[  228.056885][T16071]  should_fail_usercopy+0x1a/0x20
[  228.056966][T16071]  _copy_to_user+0x20/0xa0
[  228.056982][T16071]  simple_read_from_buffer+0xb5/0x130
[  228.056994][T16071]  proc_fail_nth_read+0x10e/0x150
[  228.057070][T16071]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  228.057085][T16071]  vfs_read+0x1a8/0x770
[  228.057175][T16071]  ? __rcu_read_unlock+0x4f/0x70
[  228.057187][T16071]  ? __fget_files+0x184/0x1c0
[  228.057201][T16071]  ? mutex_lock+0x58/0x90
[  228.057286][T16071]  ksys_read+0xda/0x1a0
[  228.057298][T16071]  __x64_sys_read+0x40/0x50
[  228.057309][T16071]  x64_sys_call+0x2889/0x3000
[  228.057334][T16071]  do_syscall_64+0xca/0x2b0
[  228.057359][T16071]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.057371][T16071] RIP: 0033:0x7f9af34be15c
[  228.057381][T16071] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  228.057394][T16071] RSP: 002b:00007f9af1f1f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  228.057406][T16071] RAX: ffffffffffffffda RBX: 00007f9af3715fa0 RCX: 00007f9af34be15c
[  228.057414][T16071] RDX: 000000000000000f RSI: 00007f9af1f1f0a0 RDI: 0000000000000004
[  228.057421][T16071] RBP: 00007f9af1f1f090 R08: 0000000000000000 R09: 0000000000000000
[  228.057428][T16071] R10: 00000000000000be R11: 0000000000000246 R12: 0000000000000001
[  228.057535][T16071] R13: 00007f9af3716038 R14: 00007f9af3715fa0 R15: 00007fff1b853808
[  228.057547][T16071]  </TASK>
[  228.264032][T16069] xt_hashlimit: max too large, truncated to 1048576
[  228.289269][T16076] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4660'.
[  228.303161][T16076] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4660'.
[  228.321760][   T29] audit: type=1326 audit(228.307:37720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16079 comm="syz.1.4663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e24e0f749 code=0x7ffc0000
[  228.351225][T13832] Bluetooth: hci0: Frame reassembly failed (-84)
[  228.388782][T16084] netlink: 'syz.0.4665': attribute type 1 has an invalid length.
[  228.642099][T13832] Bluetooth: hci1: Frame reassembly failed (-84)
[  228.751055][T16124] netlink: 596 bytes leftover after parsing attributes in process `syz.1.4678'.
[  228.761232][T16124] sch_tbf: peakrate 7 is lower than or equals to rate 19 !
[  228.786843][T16126] netlink: 'syz.0.4681': attribute type 1 has an invalid length.
[  229.798222][T16159] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4694'.
[  229.808424][T16159] batman_adv: batadv0: Removing interface: batadv_slave_1
[  229.833440][T16165] netlink: 'syz.0.4697': attribute type 10 has an invalid length.
[  229.841535][T16165] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4697'.
[  229.855852][T16165] ipvlan0: entered promiscuous mode
[  229.862953][T16165] bridge0: port 3(ipvlan0) entered blocking state
[  229.869495][T16165] bridge0: port 3(ipvlan0) entered disabled state
[  229.876501][T16165] ipvlan0: entered allmulticast mode
[  229.881806][T16165] bridge0: entered allmulticast mode
[  229.888041][T16165] ipvlan0: left allmulticast mode
[  229.893145][T16165] bridge0: left allmulticast mode
[  229.929811][T16168] netlink: 48 bytes leftover after parsing attributes in process `syz.0.4697'.
[  230.094324][T16168] lo speed is unknown, defaulting to 1000
[  230.264063][T16201] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4709'.
[  230.382553][ T4068] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  230.409242][T16205] netlink: 'syz.0.4710': attribute type 1 has an invalid length.
[  230.702466][   T44] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  230.702466][ T4068] Bluetooth: hci1: command 0x1003 tx timeout
[  230.754903][T16233] netlink: 'syz.1.4722': attribute type 1 has an invalid length.
[  231.109450][T16268] netlink: 'syz.1.4737': attribute type 13 has an invalid length.
[  231.532904][T16298] sch_tbf: peakrate 7 is lower than or equals to rate 19 !
[  231.957107][T16336] netlink: 'syz.2.4765': attribute type 1 has an invalid length.
[  232.021330][ T2091] Bluetooth: hci0: Frame reassembly failed (-84)
[  232.246768][T16371] netlink: 'syz.2.4780': attribute type 1 has an invalid length.
[  232.676081][T16398] netlink: 'syz.5.4791': attribute type 1 has an invalid length.
[  232.794330][T16404] __nla_validate_parse: 2 callbacks suppressed
[  232.794357][T16404] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4794'.
[  232.810352][T16404] batman_adv: batadv0: Removing interface: batadv_slave_1
[  232.918206][T16409] netlink: 596 bytes leftover after parsing attributes in process `syz.5.4795'.
[  232.928458][T16409] sch_tbf: peakrate 7 is lower than or equals to rate 19 !
[  233.143586][T16429] netlink: 'syz.0.4804': attribute type 1 has an invalid length.
[  233.238794][T16434] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4806'.
[  233.409833][T16453] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4811'.
[  233.815281][T16479] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4823'.
[  233.988386][   T29] kauditd_printk_skb: 119 callbacks suppressed
[  233.988402][   T29] audit: type=1326 audit(233.977:37840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16494 comm="syz.5.4828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9af34bf749 code=0x7ffc0000
[  234.019290][   T29] audit: type=1326 audit(233.977:37841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16494 comm="syz.5.4828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9af34bf749 code=0x7ffc0000
[  234.042485][   T29] audit: type=1326 audit(233.987:37842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16494 comm="syz.5.4828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9af34bf749 code=0x7ffc0000
[  234.065691][   T29] audit: type=1326 audit(233.987:37843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16494 comm="syz.5.4828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9af34bf749 code=0x7ffc0000
[  234.088801][   T29] audit: type=1326 audit(233.987:37844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16494 comm="syz.5.4828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9af34bf749 code=0x7ffc0000
[  234.088911][ T4068] Bluetooth: hci0: command 0x1003 tx timeout
[  234.111824][   T29] audit: type=1326 audit(233.987:37845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16494 comm="syz.5.4828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9af34bf749 code=0x7ffc0000
[  234.140816][   T29] audit: type=1326 audit(233.987:37846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16494 comm="syz.5.4828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9af34bf749 code=0x7ffc0000
[  234.163859][   T29] audit: type=1326 audit(233.987:37847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16494 comm="syz.5.4828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9af34bf749 code=0x7ffc0000
[  234.186869][   T29] audit: type=1326 audit(233.987:37848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16494 comm="syz.5.4828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=277 compat=0 ip=0x7f9af34bf749 code=0x7ffc0000
[  234.186984][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  234.209810][   T29] audit: type=1326 audit(233.987:37849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16494 comm="syz.5.4828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9af34bf749 code=0x7ffc0000
[  234.321033][T16509] netlink: 596 bytes leftover after parsing attributes in process `syz.5.4834'.
[  234.333027][T16509] sch_tbf: peakrate 7 is lower than or equals to rate 19 !
[  234.534913][T16519] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4838'.
[  235.071240][T16543] netlink: 'syz.2.4847': attribute type 1 has an invalid length.
[  235.270427][T16555] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4852'.
[  235.466396][T16571] netlink: 'syz.2.4858': attribute type 1 has an invalid length.
[  235.528993][T16578] netlink: 596 bytes leftover after parsing attributes in process `syz.3.4859'.
[  235.540085][T16578] sch_tbf: peakrate 7 is lower than or equals to rate 19 !
[  235.738636][T16588] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4864'.
[  235.766619][T16603] netlink: 'syz.2.4869': attribute type 1 has an invalid length.
[  235.812916][T16610] netlink: 'syz.2.4872': attribute type 1 has an invalid length.
[  236.322894][T16641] netlink: 'syz.3.4883': attribute type 1 has an invalid length.
[  236.342346][T16643] netlink: 'syz.3.4884': attribute type 1 has an invalid length.
[  236.634293][T16670] batman_adv: batadv0: Removing interface: batadv_slave_1
[  236.648984][T16678] netlink: 'syz.0.4896': attribute type 1 has an invalid length.
[  236.676458][T16681] sch_tbf: peakrate 7 is lower than or equals to rate 19 !
[  236.687873][T16683] netlink: 'syz.0.4898': attribute type 10 has an invalid length.
[  236.698716][T16683] ipvlan0: entered promiscuous mode
[  236.706212][T16683] bridge0: port 3(ipvlan0) entered blocking state
[  236.712688][T16683] bridge0: port 3(ipvlan0) entered disabled state
[  236.719304][T16683] ipvlan0: entered allmulticast mode
[  236.724642][T16683] bridge0: entered allmulticast mode
[  236.730261][T16683] ipvlan0: left allmulticast mode
[  236.735390][T16683] bridge0: left allmulticast mode
[  236.842657][T16688] lo speed is unknown, defaulting to 1000
[  236.931336][T16700] veth0: entered promiscuous mode
[  236.937706][T16700] veth0 (unregistering): left promiscuous mode
[  237.433599][T16711] netlink: 'syz.5.4908': attribute type 1 has an invalid length.
[  237.486089][T16720] netlink: 'syz.0.4912': attribute type 10 has an invalid length.
[  237.496489][T16720] ipvlan0: entered promiscuous mode
[  237.503134][T16720] bridge0: port 3(ipvlan0) entered blocking state
[  237.509570][T16720] bridge0: port 3(ipvlan0) entered disabled state
[  237.516500][T16720] ipvlan0: entered allmulticast mode
[  237.521804][T16720] bridge0: entered allmulticast mode
[  237.527611][T16720] ipvlan0: left allmulticast mode
[  237.532681][T16720] bridge0: left allmulticast mode
[  237.669088][T16726] lo speed is unknown, defaulting to 1000
[  237.741717][ T2065] Bluetooth: hci0: Frame reassembly failed (-84)
[  238.446618][T16786] __nla_validate_parse: 10 callbacks suppressed
[  238.446629][T16786] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4940'.
[  238.654284][T16802] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4945'.
[  238.665294][T16802] ipvlan2: entered promiscuous mode
[  238.665335][ T2091] ==================================================================
[  238.665359][ T2091] BUG: KCSAN: data-race in ipvlan_open / is_upper_ndev_bond_master_filter
[  238.670809][T16802] bridge0: port 3(ipvlan2) entered blocking state
[  238.678602][ T2091] 
[  238.678611][ T2091] read-write to 0xffff88811b6960b0 of 4 bytes by task 16802 on cpu 0:
[  238.678627][ T2091]  ipvlan_open+0x72/0xf0
[  238.687154][T16802] bridge0: port 3(ipvlan2) entered disabled state
[  238.693497][ T2091]  __dev_open+0x317/0x560
[  238.693519][ T2091]  __dev_change_flags+0x147/0x3c0
[  238.696056][T16802] ipvlan2: entered allmulticast mode
[  238.704120][ T2091]  rtnl_newlink_create+0x36b/0x620
[  238.704141][ T2091]  rtnl_newlink+0xf5b/0x1360
[  238.704156][ T2091]  rtnetlink_rcv_msg+0x5fe/0x6d0
[  238.708465][T16802] bridge0: entered allmulticast mode
[  238.714768][ T2091]  netlink_rcv_skb+0x123/0x220
[  238.714795][ T2091]  rtnetlink_rcv+0x1c/0x30
[  238.714820][ T2091]  netlink_unicast+0x5c0/0x690
[  238.714840][ T2091]  netlink_sendmsg+0x58b/0x6b0
[  238.714863][ T2091]  __sock_sendmsg+0x145/0x180
[  238.714878][ T2091]  ____sys_sendmsg+0x31e/0x4a0
[  238.714900][ T2091]  ___sys_sendmsg+0x17b/0x1d0
[  238.714921][ T2091]  __x64_sys_sendmsg+0xd4/0x160
[  238.714941][ T2091]  x64_sys_call+0x17ba/0x3000
[  238.714959][ T2091]  do_syscall_64+0xca/0x2b0
[  238.714983][ T2091]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  238.720248][T16802] ipvlan2: left allmulticast mode
[  238.724286][ T2091] 
[  238.724293][ T2091] read to 0xffff88811b6960b0 of 4 bytes by task 2091 on cpu 1:
[  238.724309][ T2091]  is_upper_ndev_bond_master_filter+0x2b/0xb0
[  238.729586][T16802] bridge0: left allmulticast mode
[  238.734667][ T2091]  ib_enum_roce_netdev+0x122/0x1d0
[  238.734693][ T2091]  ib_enum_all_roce_netdevs+0x89/0x100
[  238.734712][ T2091]  netdevice_event_work_handler+0x67/0x3d0
[  238.734729][ T2091]  process_scheduled_works+0x4ce/0x9d0
[  238.849654][ T2091]  worker_thread+0x582/0x770
[  238.854227][ T2091]  kthread+0x489/0x510
[  238.858277][ T2091]  ret_from_fork+0x149/0x290
[  238.862852][ T2091]  ret_from_fork_asm+0x1a/0x30
[  238.867598][ T2091] 
[  238.869898][ T2091] value changed: 0x00001002 -> 0x00001083
[  238.875588][ T2091] 
[  238.877889][ T2091] Reported by Kernel Concurrency Sanitizer on:
[  238.884018][ T2091] CPU: 1 UID: 0 PID: 2091 Comm: kworker/u8:14 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  238.895629][ T2091] Tainted: [W]=WARN
[  238.899407][ T2091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  238.909562][ T2091] Workqueue: gid-cache-wq netdevice_event_work_handler
[  238.916401][ T2091] ==================================================================
[  238.936722][T16803] netlink: 48 bytes leftover after parsing attributes in process `syz.3.4945'.
[  239.009494][T16803] lo speed is unknown, defaulting to 1000
[  239.742474][ T4068] Bluetooth: hci0: command 0x1003 tx timeout
[  239.742471][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110