last executing test programs:

2.203523506s ago: executing program 0 (id=4638):
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
setsockopt$MRT6_ADD_MFC(0xffffffffffffffff, 0x29, 0xcc, &(0x7f00000004c0)={{0xa, 0x4e24, 0x2, @private2, 0x200}, {0xa, 0x4e21, 0x3, @dev={0xfe, 0x80, '\x00', 0x24}, 0xffffff8f}, 0xffffffffffffffff, {[0x7, 0x600, 0x4, 0x3, 0x1, 0x7, 0x8, 0xdd5]}}, 0x5c)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8"], 0x0}, 0x94)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYRES16=r0], 0x60}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
socket$kcm(0x10, 0x2, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18080000000000000000000000000002850000000f000000850000002a00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x18)
r3 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendto$inet6(r3, &(0x7f0000000b80)="be", 0x1, 0x4008014, &(0x7f0000000000)={0xa, 0x4e22, 0x1, @dev={0xfe, 0x80, '\x00', 0x23}, 0x7}, 0x1c)
shutdown(r3, 0x1)

2.141653937s ago: executing program 0 (id=4639):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r2 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000080), 0x8)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000240)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
io_setup(0x1, &(0x7f0000000b80)=<r3=>0x0)
io_destroy(r3)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='rxrpc_local\x00', r5}, 0x10)
r6 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYRES16=r2], 0x10b8}, 0x44090)
close_range(r4, 0xffffffffffffffff, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_NET_SET(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000006c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="0100800000250f00000018"], 0x2c}, 0x1, 0x0, 0x0, 0x2805}, 0x0)
sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000540)=ANY=[@ANYBLOB="68020000", @ANYRES16=r8, @ANYBLOB="00032abd7000fedbdf2504000000540002800800010001800000080001000e0000002c000380080002000000000008000200d203000008000100040000000800010007000000080002000900000008000200030000000400040008000100d2000000"], 0x68}}, 0x4000000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000d0"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x11}, 0x94)
r9 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00'}, 0x10)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r10}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r9, 0x5, 0xb68, 0x11, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
r11 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001480), 0x42002, 0x0)
r12 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r11, r12, 0x0, 0x20000023896)

2.022207189s ago: executing program 2 (id=4643):
r0 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @dev, 0x5}, 0x1c)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000001440)=ANY=[], 0xc0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2c}}, 0x10)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg$inet(r1, &(0x7f0000004540)=[{{&(0x7f0000000040)={0x2, 0x4e22, @multicast1}, 0x10, 0x0}, 0xee0000b0}, {{0x0, 0x0, &(0x7f00000012c0)=[{&(0x7f0000001100)="15b26f226e2966667482d50903b0a8d92ccd9e69d5cc4cb3d467a670b237a9225fb56c0f7ea725dee27c4bb43bb50c6748c83b71d59f0537405dfab648c096607340fac939a2efd31cbe2f8ca29c409e87ea0974b7bceff9afef5d07d691575f5115f2f961ad488e3386036913e98181a6034febaab853a3e928b9035b0e3a8e1cb393c70f6d0448970e0af2476f8b923ee09c19deca55d58f70e8eeff55dda6381cb96afe97196c0af0a8fd450a1447a1a521e2c211fb84cbcf4aebd31298972ec6bea1764fbde5500fa30c5f2459cff4d7f123ab94cfd5762d586ec7a28abc2f8c9e608f8f964b96ecb0883d60d444f317834a3d734cb304051a60d1a084a84da8f9a23a1b9d4951c0a81985c63ae193f40e9deb358b2f08553324fd6086be9e70e5061568abefebcda50e70f4dab2e4dc0cf6d85aced044d7005326922886194895267165f7f592036ebe11dcf1cad98f5cda766eaea90fb4cb5e793525126c7594f8599055192d63a81d3cd26aadd50983f1c3f1d4655c1b5f59e80f733e3abc4792b760729fd26298ef15141cf76cc4", 0x192}, {&(0x7f0000000d80)="7d68e6de85f9b0cbc9d710267f321ec64eab043ecad9af7e01e9463218ec45924a99867163e468d36a682fadd749caa325e685d75559a87139e02fae7271be8f55671cfd32a09896278d1941370174720838039d0989bc3394b8a4c4f4a30f0496be313d6d60fe47966c634a3ee1f659e8ef310647725bda0130d5de5028220a4cf5fc808a75694738ee26cb21302b4bba4265b845a5d5dce706d9820c6936b122f9658446d74a9016b94424971dd443a6907eb5c73b6b200e92b23f2c36a214729b0bc231511e4c", 0xc8}, {&(0x7f0000000380)}], 0x3}}, {{0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000001700)="a6", 0x1}], 0x1}}], 0x3, 0x0)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)

2.021420099s ago: executing program 2 (id=4644):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x0, 0x6, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000c}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, 0x0, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$netlink(0x10, 0x3, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r4, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x44041}, 0x40040)

1.560069896s ago: executing program 1 (id=4645):
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000008000000000000000000004850000006d000000"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
setsockopt$MRT6_ADD_MFC(0xffffffffffffffff, 0x29, 0xcc, &(0x7f00000004c0)={{0xa, 0x4e24, 0x2, @private2, 0x200}, {0xa, 0x4e21, 0x3, @dev={0xfe, 0x80, '\x00', 0x24}, 0xffffff8f}, 0xffffffffffffffff, {[0x7, 0x600, 0x4, 0x3, 0x1, 0x7, 0x8, 0xdd5]}}, 0x5c)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8"], 0x0}, 0x94)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYRES16=r0], 0x60}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
socket$kcm(0x10, 0x2, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18080000000000000000000000000002850000000f000000850000002a00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x18)
r3 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7b, &(0x7f0000000180)={0x0, 0x2}, 0x8)
sendto$inet6(r3, &(0x7f0000000b80)="be", 0x1, 0x4008014, &(0x7f0000000000)={0xa, 0x4e22, 0x1, @dev={0xfe, 0x80, '\x00', 0x23}, 0x7}, 0x1c)
shutdown(r3, 0x1)

1.505354866s ago: executing program 1 (id=4647):
r0 = timerfd_create(0x2, 0x800)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000040)={'team0\x00', <r3=>0x0})
r4 = syz_genetlink_get_family_id$team(0x0, 0xffffffffffffffff)
sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000003ffdbdf250100000008000100", @ANYRES32=r3, @ANYBLOB="44000280400001002400010071756575655f69640000000000000000000000000000000000000000000000000500030026000000080004000400000008000600", @ANYRES32=0x0, @ANYBLOB], 0x98}, 0x1, 0xf000}, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYRES16=r0], &(0x7f0000000500)='GPL\x00', 0xffff0001, 0x0, 0x0, 0x0, 0x0, '\x00', r3, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
prctl$PR_SET_TIMERSLACK(0x1d, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f00000003c0)={0x5, &(0x7f00000005c0)=[{0x800, 0xc, 0x8, 0x4}, {0x7, 0x9, 0xfa, 0x3ff}, {0x2, 0x9, 0x8, 0xc}, {0x9, 0xd, 0xf, 0x1}, {0x2, 0x2, 0x0, 0x5}]})
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r7, 0x0, 0x3}, 0x18)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000240)=ANY=[@ANYBLOB="e80000006c00010029bd7000fcdbdf2500000000", @ANYRES32, @ANYBLOB="001000008000000008000f002000000014003500726f7365300000000000000000000000a40034801400350070696d367265673000000020000000001400350076657468305f6d614176746170000000140035006d61637674617030020000000000000014003500677265300000000000000000000000001400350076657468305f746f5f626174616476001400350001657468315f6d6163767461700000001400350067726530000000000000000000000000140035006261746164765f736c6176655f31000008000f"], 0xe8}}, 0x0)

1.428904068s ago: executing program 1 (id=4650):
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
setsockopt$MRT6_ADD_MFC(0xffffffffffffffff, 0x29, 0xcc, &(0x7f00000004c0)={{0xa, 0x4e24, 0x2, @private2, 0x200}, {0xa, 0x4e21, 0x3, @dev={0xfe, 0x80, '\x00', 0x24}, 0xffffff8f}, 0xffffffffffffffff, {[0x7, 0x600, 0x4, 0x3, 0x1, 0x7, 0x8, 0xdd5]}}, 0x5c)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8"], 0x0}, 0x94)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYRES16=r0], 0x60}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
socket$kcm(0x10, 0x2, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18080000000000000000000000000002850000000f000000850000002a00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x18)
r3 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendto$inet6(r3, &(0x7f0000000b80)="be", 0x1, 0x4008014, &(0x7f0000000000)={0xa, 0x4e22, 0x1, @dev={0xfe, 0x80, '\x00', 0x23}, 0x7}, 0x1c)
shutdown(r3, 0x1)

1.384784179s ago: executing program 1 (id=4652):
r0 = socket$inet(0x2b, 0x801, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000080)=0x5)
poll(0x0, 0x0, 0xff16)
socket$packet(0x11, 0x3, 0x300)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f00000000c0)={0x4, &(0x7f0000000040)=[{0x3, 0x8, 0x4, 0x8}, {0x8, 0x7, 0x0, 0x800}, {0x0, 0x5, 0x68, 0xb372}, {0x6, 0x2c, 0x80, 0x852}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000400)='sched\x00')
writev(r1, &(0x7f0000000200)=[{&(0x7f0000000040)}, {&(0x7f0000000740)="8c4120a080172472b57291a1ef36b81122d80ba664652dd04da6473e01ffbb24cdb47e87e25f4e377bb75ce227f76711832494c59d475938134ec94e0ee06955a590f8a8f2d8152050b2b17cc9c8049dc1426ed28d249cb7464000aa7ed934feed924f43069e509f69c61d919bfd00d94db8905d762c0fcd4633297252ff19054e8877af29a1766f854e9a54a9c8a886071c588332f67552f5bf67346572f9be646b67019f2a28dafe4098667170bd1a4d15d93892fa4e803fc8aa1223c2aa7aea45154b58897c9b1574c07f63fa0659bc", 0xd1}], 0x2)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000080050005000200000011000300686173683a69702c706f7274"], 0x4c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x224e, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="5000000009060102000000ffff000000020000840900020073797a310000ffff0500010007000000280007800c00018008000140fffffff70500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x90)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000180)="e502", 0x2)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB="0000000000000800000000000004000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/27], 0x50)
socket$inet6_sctp(0xa, 0x1, 0x84)
r4 = socket$netlink(0x10, 0x3, 0x10)
bpf$TOKEN_CREATE(0x24, &(0x7f00000003c0), 0x8)
r5 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r5, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r5, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
write$selinux_attr(0xffffffffffffffff, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)
add_key(&(0x7f00000001c0)='id_resolver\x00', &(0x7f00000005c0)={'syz', 0x2}, &(0x7f0000000600)="a6", 0x1, 0xffffffffffffffff)
clock_gettime(0x0, &(0x7f0000000280)={<r6=>0x0, <r7=>0x0})
timer_settime(0x0, 0x1, &(0x7f00000004c0)={{r6, r7+60000000}, {0x77359400}}, &(0x7f0000000500))
r8 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), r4)
sendmsg$DEVLINK_CMD_RATE_NEW(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r8, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)

1.383947999s ago: executing program 0 (id=4653):
bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[], 0x50)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x800)
bpf$MAP_CREATE(0x0, &(0x7f0000000980)=ANY=[@ANYBLOB="09000000173100000a0000004000000042000000bf98a7f65eaf3c96502942e1846674542802cfc2ba7d76a92c7baae55915a1728136bfa40ddf84b250581264ec8270d94e4f22cec1b103a84d236fa414cb9743a795b4d019dbed333a6179db479ab8ef6e295c74a0aa4e3c01e28079d9c400819a53633f66edcd66d4a0133ac000"/140, @ANYRES32=0x1, @ANYBLOB="0500"/18, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50)
r0 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x67, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18)
process_vm_writev(0x0, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)

1.32164625s ago: executing program 0 (id=4654):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000440)='rxrpc_call_reset\x00', r0}, 0x18)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000600), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r1, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=ANY=[@ANYBLOB="59000000ae802831784f0aead21689cc7a8933334dda473d848903abc751bee16286f58b65bca8a9efcfb83d8240fe62a2d6681844c2f6a94120a25fa6ae2496a652b28414bdb66f4ec29b1747961815d3148a312558197a37dc1d9f28f55e299bc7c05e230caaa7", @ANYRES16=r2, @ANYBLOB="010000000000000000000100000024000300a05ca84f6c9c8e3853e2fd7a70ae0fb20fa152600cb00845174f08076f8d78431400020077673100000000000000000000000000040008800800050001000000"], 0x58}, 0x1, 0x0, 0x0, 0x40000}, 0x20000010)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000400)=ANY=[@ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={0x0, r3}, 0x18)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
r4 = syz_open_procfs(0x0, 0x0)
faccessat2(r4, 0x0, 0x1, 0x1300)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180200000020702500000000002020207b1af8ff00000000bfa100000000000007010000dbffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r5, 0x0, 0xfffffffffffffffc}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0x88000f, &(0x7f0000000700)={[{@resuid}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x3}}, {@minixdf}, {@inlinecrypt}]}, 0x3, 0x45e, &(0x7f0000001400)="$eJzs3M9vFFUcAPDvzHaLCNiK+IMfKorGxh8tBVQOHtRo4gETEz3osWkLQRZqaE2EEAVj8GSMiXfj0X/Bk16M8WTiVe+GhBgugKc1sztDd7e7S7vdspX9fJIh78284b1v37zdN/N2N4ChtT/7J4nYHhF/RsRYPdtYYEtWKCt349qF2ZvXLswmUa2++09SK3f92oXZomhx3rY8M5FGpF8ksbdNvYvnzp+aqVTmz+b5qaXTH00tnjv/wsnTMyfmT8yfOXT06JHD0y+/dOjFvsSZten6nk8X9u1+64Nv3j72VVP8LXH0yf5uB5+uVvtc3WDtaEgnIwNsCGtSioisu8q18T8WpVjuvLF48/OBNg7YUNVqtbqt8+GLVeAulkRz3pCHYVG80Wf3v8XWOgl4deOmHwN39bX6DVAW9418qx8ZiTQvU265v+2n/RHx/sV/v8u22JjnEAAATX7K5j/Pt5v/pfFQQ7n78rWh8Yi4PyJ2RsQDEbErIh6MqJV9OCIeWWP9rYskK+c/6ZWeAlulbP73Sr621Tz/K2Z/MV7Kcztq8ZeT4ycr8wfzv8lElLdk+ekudfz8xh9fdzrWOP/Ltqz+Yi6Yt+PKyJbmc+ZmlmbWE3Ojq5ci9oy0iz+5tRKQRMTuiNjTYx0nn/1hX6djt4+/iz6sM1W/j3im3v8XoyX+QtJ9fXLqnqjMH5wqroqVfvv98jud6u8h/tI6wl0h6/97217/t+IfTxrXaxfXXsflv77seE/T6/U/mrxXS4/m+z6ZWVo6Ox0xmhyrN7px/6Hlc4t8UT6Lf+JA+/G/M5b/EnsjIruIH42IxyLi8bztT0TEkxFxoEv8v77+1Ie9x7+xsvjn1tT/y4nRaN3TPlE69cuPTZWOr4j/Zvf+P1JLTeR7VvP6t5p29XY1AwAAwP9PGhHbI0knb6XTdHKy/nn5XRFpZWFx6bnjCx+fmat/R2A8ymnxpGus4XnodH5bX89fioj6RwuK44fz58bflrbW8pOzC5W5QQcPQ25bh/Gf+buvT5qBTcn3tWB4Gf8wvIx/GF7GPwyvNuN/6yDaAdx57d7/PxtAO4A7r2X8W/aDIeL+H4ZXx/F/N//yD1Dj/R+G0uLWuP2X5Lsmiv+px9M3c2JHrOP0KG+SKDokYpW/3lCpJm07N9LNEIXERiUG+7oEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQL/8FAAD//3SN3rA=")

1.31341245s ago: executing program 0 (id=4655):
r0 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @dev, 0x5}, 0x1c)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000001440)=ANY=[], 0xc0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2c}}, 0x10)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg$inet(r1, &(0x7f0000004540)=[{{&(0x7f0000000040)={0x2, 0x4e22, @multicast1}, 0x10, 0x0}, 0xee0000b0}, {{0x0, 0x0, &(0x7f00000012c0)=[{&(0x7f0000001100)="15b26f226e2966667482d50903b0a8d92ccd9e69d5cc4cb3d467a670b237a9225fb56c0f7ea725dee27c4bb43bb50c6748c83b71d59f0537405dfab648c096607340fac939a2efd31cbe2f8ca29c409e87ea0974b7bceff9afef5d07d691575f5115f2f961ad488e3386036913e98181a6034febaab853a3e928b9035b0e3a8e1cb393c70f6d0448970e0af2476f8b923ee09c19deca55d58f70e8eeff55dda6381cb96afe97196c0af0a8fd450a1447a1a521e2c211fb84cbcf4aebd31298972ec6bea1764fbde5500fa30c5f2459cff4d7f123ab94cfd5762d586ec7a28abc2f8c9e608f8f964b96ecb0883d60d444f317834a3d734cb304051a60d1a084a84da8f9a23a1b9d4951c0a81985c63ae193f40e9deb358b2f08553324fd6086be9e70e5061568abefebcda50e70f4dab2e4dc0cf6d85aced044d7005326922886194895267165f7f592036ebe11dcf1cad98f5cda766eaea90fb4cb5e793525126c7594f8599055192d63a81d3cd26aadd50983f1c3f1d4655c1b5f59e80f733e3abc4792b760729fd26298ef15141cf76cc4", 0x192}, {&(0x7f0000000d80)="7d68e6de85f9b0cbc9d710267f321ec64eab043ecad9af7e01e9463218ec45924a99867163e468d36a682fadd749caa325e685d75559a87139e02fae7271be8f55671cfd32a09896278d1941370174720838039d0989bc3394b8a4c4f4a30f0496be313d6d60fe47966c634a3ee1f659e8ef310647725bda0130d5de5028220a4cf5fc808a75694738ee26cb21302b4bba4265b845a5d5dce706d9820c6936b122f9658446d74a9016b94424971dd443a6907eb5c73b6b200e92b23f2c36a214729b0bc231511e4c", 0xc8}, {&(0x7f0000000380)}], 0x3}}, {{0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000001700)="a6", 0x1}], 0x1}}], 0x3, 0x0)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)

1.29347431s ago: executing program 0 (id=4656):
r0 = socket$netlink(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x4c, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x9)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f0000000280)='+}[@\x00')
r6 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r6, 0x11b, 0x3, &(0x7f0000000180)=0x8, 0x4)
socket$inet6_udplite(0xa, 0x2, 0x88)
r7 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r7, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r7, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
setsockopt$XDP_RX_RING(r7, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
r8 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), r0)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r8, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)

1.157773872s ago: executing program 3 (id=4659):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1)
ioctl$TUNSETSTEERINGEBPF(r0, 0x800454e0, &(0x7f0000000080))
close(r0)

1.120555373s ago: executing program 2 (id=4660):
r0 = timerfd_create(0x2, 0x800)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000040)={'team0\x00', <r3=>0x0})
r4 = syz_genetlink_get_family_id$team(0x0, 0xffffffffffffffff)
sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000003ffdbdf250100000008000100", @ANYRES32=r3, @ANYBLOB="44000280400001002400010071756575655f69640000000000000000000000000000000000000000000000000500030026000000080004000400000008000600", @ANYRES32=0x0, @ANYBLOB], 0x98}, 0x1, 0xf000}, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYRES16=r0], &(0x7f0000000500)='GPL\x00', 0xffff0001, 0x0, 0x0, 0x0, 0x0, '\x00', r3, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
prctl$PR_SET_TIMERSLACK(0x1d, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f00000003c0)={0x5, &(0x7f00000005c0)=[{0x800, 0xc, 0x8, 0x4}, {0x7, 0x9, 0xfa, 0x3ff}, {0x2, 0x9, 0x8, 0xc}, {0x9, 0xd, 0xf, 0x1}, {0x2, 0x2, 0x0, 0x5}]})
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r7, 0x0, 0x3}, 0x18)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000240)=ANY=[@ANYBLOB="e80000006c00010029bd7000fcdbdf2500000000", @ANYRES32, @ANYBLOB="001000008000000008000f002000000014003500726f7365300000000000000000000000a40034801400350070696d367265673000000020000000001400350076657468305f6d614176746170000000140035006d61637674617030020000000000000014003500677265300000000000000000000000001400350076657468305f746f5f626174616476001400350001657468315f6d6163767461700000001400350067726530000000000000000000000000140035006261746164765f736c6176655f31000008000f"], 0xe8}}, 0x0)

1.120089142s ago: executing program 3 (id=4661):
syz_emit_ethernet(0x4e, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x6000000)
r0 = io_uring_setup(0x7870, &(0x7f0000001080)={0x0, 0x8ffffffc, 0x1, 0x0, 0xe4})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00'}, 0x10)
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{0x0}], 0x1)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000002700)=""/4096, 0x1000}], 0x0, 0x1}, 0x20)
mmap(&(0x7f000041e000/0x3000)=nil, 0x3000, 0xb635773f06ebbeee, 0x810, 0xffffffffffffffff, 0x28f43000)
perf_event_open(0x0, 0x0, 0xa, 0xffffffffffffffff, 0x3)
mbind(&(0x7f000063d000/0x1000)=nil, 0x1000, 0x4000, &(0x7f0000000000)=0x8, 0x0, 0x3)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@updsa={0xf0, 0x1a, 0x1, 0x0, 0x0, {{@in=@loopback, @in6=@empty, 0x0, 0x7, 0x0, 0x0, 0x0, 0xa0}, {@in=@local, 0x0, 0x33}, @in6=@rand_addr=' \x01\x00', {}, {}, {}, 0x0, 0x0, 0x2}}, 0xf0}}, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000001100)=@raw={'raw\x00', 0x21, 0x3, 0x580, 0x248, 0xffffffff, 0xffffffff, 0x248, 0xffffffff, 0x4b0, 0xffffffff, 0xffffffff, 0x4b0, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private2, @private2, [], [], 'netdevsim0\x00', 'syzkaller1\x00', {0xff}}, 0x0, 0x220, 0x248, 0x0, {}, [@common=@inet=@hashlimit2={{0x150}, {'sit0\x00', {0x0, 0x9, 0x0, 0x0, 0x0, 0x8, 0x5}}}, @inet=@rpfilter={{0x28}}]}, @common=@unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x3, {0x0, 0x4}}}, {{@ipv6={@empty, @mcast1, [], [], 'veth1_to_hsr\x00', 'veth1\x00', {}, {}, 0x0, 0x0, 0x2}, 0x0, 0x200, 0x268, 0x0, {}, [@common=@inet=@policy={{0x158}, {[{@ipv6=@private1, [], @ipv4=@remote, [], 0x0, 0xfffffffe}, {@ipv6=@private0={0xfc, 0x0, '\x00', 0x1}, [], @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, {@ipv4=@multicast2, [], @ipv6=@loopback}, {@ipv6=@rand_addr=' \x01\x00', [], @ipv4=@local}]}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00', 'syz0\x00', {0x100000000000}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5e0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x4b, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50)
move_mount(0xffffffffffffffff, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000400)='./file0/../file0\x00', 0x110)
syz_io_uring_setup(0x3c0c, &(0x7f0000000400)={0x0, 0xc890, 0x4002}, 0x0, 0x0)

1.065856383s ago: executing program 2 (id=4662):
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
setsockopt$MRT6_ADD_MFC(0xffffffffffffffff, 0x29, 0xcc, &(0x7f00000004c0)={{0xa, 0x4e24, 0x2, @private2, 0x200}, {0xa, 0x4e21, 0x3, @dev={0xfe, 0x80, '\x00', 0x24}, 0xffffff8f}, 0xffffffffffffffff, {[0x7, 0x600, 0x4, 0x3, 0x1, 0x7, 0x8, 0xdd5]}}, 0x5c)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8"], 0x0}, 0x94)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYRES16=r0], 0x60}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
socket$kcm(0x10, 0x2, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18080000000000000000000000000002850000000f000000850000002a00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x18)
r3 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendto$inet6(r3, &(0x7f0000000b80)="be", 0x1, 0x4008014, &(0x7f0000000000)={0xa, 0x4e22, 0x1, @dev={0xfe, 0x80, '\x00', 0x23}, 0x7}, 0x1c)
shutdown(r3, 0x1)

1.065048033s ago: executing program 3 (id=4663):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000440)='rxrpc_call_reset\x00', r0}, 0x18)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000600), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r1, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=ANY=[@ANYBLOB="59000000ae802831784f0aead21689cc7a8933334dda473d848903abc751bee16286f58b65bca8a9efcfb83d8240fe62a2d6681844c2f6a94120a25fa6ae2496a652b28414bdb66f4ec29b1747961815d3148a312558197a37dc1d9f28f55e299bc7c05e230caaa7", @ANYRES16=r2, @ANYBLOB="010000000000000000000100000024000300a05ca84f6c9c8e3853e2fd7a70ae0fb20fa152600cb00845174f08076f8d78431400020077673100000000000000000000000000040008800800050001000000"], 0x58}, 0x1, 0x0, 0x0, 0x40000}, 0x20000010)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000400)=ANY=[@ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={0x0, r3}, 0x18)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
r4 = syz_open_procfs(0x0, 0x0)
faccessat2(r4, 0x0, 0x1, 0x1300)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180200000020702500000000002020207b1af8ff00000000bfa100000000000007010000dbffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r5, 0x0, 0xfffffffffffffffc}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0x88000f, &(0x7f0000000700)={[{@resuid}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x3}}, {@minixdf}, {@inlinecrypt}]}, 0x3, 0x45e, &(0x7f0000001400)="$eJzs3M9vFFUcAPDvzHaLCNiK+IMfKorGxh8tBVQOHtRo4gETEz3osWkLQRZqaE2EEAVj8GSMiXfj0X/Bk16M8WTiVe+GhBgugKc1sztDd7e7S7vdspX9fJIh78284b1v37zdN/N2N4ChtT/7J4nYHhF/RsRYPdtYYEtWKCt349qF2ZvXLswmUa2++09SK3f92oXZomhx3rY8M5FGpF8ksbdNvYvnzp+aqVTmz+b5qaXTH00tnjv/wsnTMyfmT8yfOXT06JHD0y+/dOjFvsSZten6nk8X9u1+64Nv3j72VVP8LXH0yf5uB5+uVvtc3WDtaEgnIwNsCGtSioisu8q18T8WpVjuvLF48/OBNg7YUNVqtbqt8+GLVeAulkRz3pCHYVG80Wf3v8XWOgl4deOmHwN39bX6DVAW9418qx8ZiTQvU265v+2n/RHx/sV/v8u22JjnEAAATX7K5j/Pt5v/pfFQQ7n78rWh8Yi4PyJ2RsQDEbErIh6MqJV9OCIeWWP9rYskK+c/6ZWeAlulbP73Sr621Tz/K2Z/MV7Kcztq8ZeT4ycr8wfzv8lElLdk+ekudfz8xh9fdzrWOP/Ltqz+Yi6Yt+PKyJbmc+ZmlmbWE3Ojq5ci9oy0iz+5tRKQRMTuiNjTYx0nn/1hX6djt4+/iz6sM1W/j3im3v8XoyX+QtJ9fXLqnqjMH5wqroqVfvv98jud6u8h/tI6wl0h6/97217/t+IfTxrXaxfXXsflv77seE/T6/U/mrxXS4/m+z6ZWVo6Ox0xmhyrN7px/6Hlc4t8UT6Lf+JA+/G/M5b/EnsjIruIH42IxyLi8bztT0TEkxFxoEv8v77+1Ie9x7+xsvjn1tT/y4nRaN3TPlE69cuPTZWOr4j/Zvf+P1JLTeR7VvP6t5p29XY1AwAAwP9PGhHbI0knb6XTdHKy/nn5XRFpZWFx6bnjCx+fmat/R2A8ymnxpGus4XnodH5bX89fioj6RwuK44fz58bflrbW8pOzC5W5QQcPQ25bh/Gf+buvT5qBTcn3tWB4Gf8wvIx/GF7GPwyvNuN/6yDaAdx57d7/PxtAO4A7r2X8W/aDIeL+H4ZXx/F/N//yD1Dj/R+G0uLWuP2X5Lsmiv+px9M3c2JHrOP0KG+SKDokYpW/3lCpJm07N9LNEIXERiUG+7oEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQL/8FAAD//3SN3rA=") (fail_nth: 1)

1.001550824s ago: executing program 2 (id=4664):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r2 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000080), 0x8)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000240)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
io_setup(0x1, &(0x7f0000000b80)=<r3=>0x0)
io_destroy(r3)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='rxrpc_local\x00', r5}, 0x10)
r6 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYRES16=r2], 0x10b8}, 0x44090)
close_range(r4, 0xffffffffffffffff, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_NET_SET(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000006c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="0100800000250f00000018"], 0x2c}, 0x1, 0x0, 0x0, 0x2805}, 0x0)
sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000540)=ANY=[@ANYBLOB="68020000", @ANYRES16=r8, @ANYBLOB="00032abd7000fedbdf2504000000540002800800010001800000080001000e0000002c000380080002000000000008000200d203000008000100040000000800010007000000080002000900000008000200030000000400040008000100d2000000"], 0x68}}, 0x4000000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000d0"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x11}, 0x94)
r9 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00'}, 0x10)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r10}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r9, 0x5, 0xb68, 0x11, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
r11 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001480), 0x42002, 0x0)
r12 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r11, r12, 0x0, 0x20000023896)

831.822707ms ago: executing program 3 (id=4665):
bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[], 0x50)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x800)
bpf$MAP_CREATE(0x0, &(0x7f0000000980)=ANY=[@ANYBLOB="09000000173100000a0000004000000042000000bf98a7f65eaf3c96502942e1846674542802cfc2ba7d76a92c7baae55915a1728136bfa40ddf84b250581264ec8270d94e4f22cec1b103a84d236fa414cb9743a795b4d019dbed333a6179db479ab8ef6e295c74a0aa4e3c01e28079d9c400819a53633f66edcd66d4a0133ac000"/140, @ANYRES32=0x1, @ANYBLOB="0500"/18, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50)
r0 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x67, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18)
process_vm_writev(0x0, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)

812.613147ms ago: executing program 3 (id=4666):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffbffe, 0x1, @perf_bp={0x0, 0x7}, 0x816c, 0x10000, 0x2, 0x1, 0x8, 0x200, 0x1, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x14, 0x1, 0x1, 0x101, 0x0, 0x0, {0x2, 0x0, 0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x20000815}, 0x40080)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_MSG_GETRULE(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2c000000070aff010000000000000000000000000900010073797a30"], 0x2c}}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4b, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
syz_open_dev$sg(0x0, 0xffffffffffffffff, 0x608082)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff})
r5 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
ioctl$USBDEVFS_SUBMITURB(r5, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x20000009, 0x0, &(0x7f0000000240)={0x0, 0x0, 0xfffc, 0x360}, 0x8, 0x9, 0x80, 0x0, 0x0, 0x101, 0x0})
close_range(r4, 0xffffffffffffffff, 0x0)

749.428318ms ago: executing program 3 (id=4667):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000c}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, 0x0, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$netlink(0x10, 0x3, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r4, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x44041}, 0x40040)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000640)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x3}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r6}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x6, 0x4, &(0x7f0000002180)=ANY=[@ANYBLOB="180200000000000000000000cfffffff850000001700000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94)
ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000000100)=0x3ff)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f0000000040))
sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@ipv6_getnetconf={0xfffffffffffffcbd, 0x52, 0x4, 0x70bd2d, 0x25dfdbfe, {}, [@NETCONFA_PROXY_NEIGH={0x8, 0x5, 0x150}]}, 0x1c}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r8 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'lo\x00'})

547.584411ms ago: executing program 1 (id=4668):
r0 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @dev, 0x5}, 0x1c)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000001440)=ANY=[], 0xc0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2c}}, 0x10)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg$inet(r1, &(0x7f0000004540)=[{{&(0x7f0000000040)={0x2, 0x4e22, @multicast1}, 0x10, 0x0}, 0xee0000b0}, {{0x0, 0x0, &(0x7f00000012c0)=[{&(0x7f0000001100)="15b26f226e2966667482d50903b0a8d92ccd9e69d5cc4cb3d467a670b237a9225fb56c0f7ea725dee27c4bb43bb50c6748c83b71d59f0537405dfab648c096607340fac939a2efd31cbe2f8ca29c409e87ea0974b7bceff9afef5d07d691575f5115f2f961ad488e3386036913e98181a6034febaab853a3e928b9035b0e3a8e1cb393c70f6d0448970e0af2476f8b923ee09c19deca55d58f70e8eeff55dda6381cb96afe97196c0af0a8fd450a1447a1a521e2c211fb84cbcf4aebd31298972ec6bea1764fbde5500fa30c5f2459cff4d7f123ab94cfd5762d586ec7a28abc2f8c9e608f8f964b96ecb0883d60d444f317834a3d734cb304051a60d1a084a84da8f9a23a1b9d4951c0a81985c63ae193f40e9deb358b2f08553324fd6086be9e70e5061568abefebcda50e70f4dab2e4dc0cf6d85aced044d7005326922886194895267165f7f592036ebe11dcf1cad98f5cda766eaea90fb4cb5e793525126c7594f8599055192d63a81d3cd26aadd50983f1c3f1d4655c1b5f59e80f733e3abc4792b760729fd26298ef15141cf76cc4", 0x192}, {&(0x7f0000000d80)="7d68e6de85f9b0cbc9d710267f321ec64eab043ecad9af7e01e9463218ec45924a99867163e468d36a682fadd749caa325e685d75559a87139e02fae7271be8f55671cfd32a09896278d1941370174720838039d0989bc3394b8a4c4f4a30f0496be313d6d60fe47966c634a3ee1f659e8ef310647725bda0130d5de5028220a4cf5fc808a75694738ee26cb21302b4bba4265b845a5d5dce706d9820c6936b122f9658446d74a9016b94424971dd443a6907eb5c73b6b200e92b23f2c36a214729b0bc231511e4c", 0xc8}, {&(0x7f0000000380)}], 0x3}}, {{0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000001700)="a6", 0x1}], 0x1}}], 0x3, 0x0)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)

524.164121ms ago: executing program 1 (id=4670):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000c}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, 0x0, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$netlink(0x10, 0x3, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r4, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x44041}, 0x40040)

397.379234ms ago: executing program 4 (id=4674):
r0 = timerfd_create(0x2, 0x800)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000040)={'team0\x00', <r3=>0x0})
r4 = syz_genetlink_get_family_id$team(0x0, 0xffffffffffffffff)
sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000003ffdbdf250100000008000100", @ANYRES32=r3, @ANYBLOB="44000280400001002400010071756575655f69640000000000000000000000000000000000000000000000000500030026000000080004000400000008000600", @ANYRES32=0x0, @ANYBLOB], 0x98}, 0x1, 0xf000}, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYRES16=r0], &(0x7f0000000500)='GPL\x00', 0xffff0001, 0x0, 0x0, 0x0, 0x0, '\x00', r3, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
prctl$PR_SET_TIMERSLACK(0x1d, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f00000003c0)={0x5, &(0x7f00000005c0)=[{0x800, 0xc, 0x8, 0x4}, {0x7, 0x9, 0xfa, 0x3ff}, {0x2, 0x9, 0x8, 0xc}, {0x9, 0xd, 0xf, 0x1}, {0x2, 0x2, 0x0, 0x5}]})
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r7, 0x0, 0x3}, 0x18)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000240)=ANY=[@ANYBLOB="e80000006c00010029bd7000fcdbdf2500000000", @ANYRES32, @ANYBLOB="001000008000000008000f002000000014003500726f7365300000000000000000000000a40034801400350070696d367265673000000020000000001400350076657468305f6d614176746170000000140035006d61637674617030020000000000000014003500677265300000000000000000000000001400350076657468305f746f5f626174616476001400350001657468315f6d6163767461700000001400350067726530000000000000000000000000140035006261746164765f736c6176655f31000008000f"], 0xe8}}, 0x0)

358.117634ms ago: executing program 4 (id=4675):
syz_emit_ethernet(0x4e, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x6000000)
r0 = io_uring_setup(0x7870, &(0x7f0000001080)={0x0, 0x8ffffffc, 0x1, 0x0, 0xe4})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00'}, 0x10)
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{0x0}], 0x1)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000002700)=""/4096, 0x1000}], 0x0, 0x1}, 0x20)
mmap(&(0x7f000041e000/0x3000)=nil, 0x3000, 0xb635773f06ebbeee, 0x810, 0xffffffffffffffff, 0x28f43000)
perf_event_open(0x0, 0x0, 0xa, 0xffffffffffffffff, 0x3)
mbind(&(0x7f000063d000/0x1000)=nil, 0x1000, 0x4000, &(0x7f0000000000)=0x8, 0x0, 0x3)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@updsa={0xf0, 0x1a, 0x1, 0x0, 0x0, {{@in=@loopback, @in6=@empty, 0x0, 0x7, 0x0, 0x0, 0x0, 0xa0}, {@in=@local, 0x0, 0x33}, @in6=@rand_addr=' \x01\x00', {}, {}, {}, 0x0, 0x0, 0x2}}, 0xf0}}, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000001100)=@raw={'raw\x00', 0x21, 0x3, 0x580, 0x248, 0xffffffff, 0xffffffff, 0x248, 0xffffffff, 0x4b0, 0xffffffff, 0xffffffff, 0x4b0, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private2, @private2, [], [], 'netdevsim0\x00', 'syzkaller1\x00', {0xff}}, 0x0, 0x220, 0x248, 0x0, {}, [@common=@inet=@hashlimit2={{0x150}, {'sit0\x00', {0x0, 0x9, 0x0, 0x0, 0x0, 0x8, 0x5}}}, @inet=@rpfilter={{0x28}}]}, @common=@unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x3, {0x0, 0x4}}}, {{@ipv6={@empty, @mcast1, [], [], 'veth1_to_hsr\x00', 'veth1\x00', {}, {}, 0x0, 0x0, 0x2}, 0x0, 0x200, 0x268, 0x0, {}, [@common=@inet=@policy={{0x158}, {[{@ipv6=@private1, [], @ipv4=@remote, [], 0x0, 0xfffffffe}, {@ipv6=@private0={0xfc, 0x0, '\x00', 0x1}, [], @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, {@ipv4=@multicast2, [], @ipv6=@loopback}, {@ipv6=@rand_addr=' \x01\x00', [], @ipv4=@local}]}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00', 'syz0\x00', {0x100000000000}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5e0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x4b, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50)
move_mount(0xffffffffffffffff, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000400)='./file0/../file0\x00', 0x110)
syz_io_uring_setup(0x3c0c, &(0x7f0000000400)={0x0, 0xc890, 0x4002}, 0x0, 0x0)

297.660515ms ago: executing program 4 (id=4676):
bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[], 0x50)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x800)
bpf$MAP_CREATE(0x0, &(0x7f0000000980)=ANY=[@ANYBLOB="09000000173100000a0000004000000042000000bf98a7f65eaf3c96502942e1846674542802cfc2ba7d76a92c7baae55915a1728136bfa40ddf84b250581264ec8270d94e4f22cec1b103a84d236fa414cb9743a795b4d019dbed333a6179db479ab8ef6e295c74a0aa4e3c01e28079d9c400819a53633f66edcd66d4a0133ac000"/140, @ANYRES32=0x1, @ANYBLOB="0500"/18, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50)
r0 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x67, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18)
process_vm_writev(0x0, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)

217.797996ms ago: executing program 4 (id=4677):
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000008000000000000000"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
setsockopt$MRT6_ADD_MFC(0xffffffffffffffff, 0x29, 0xcc, &(0x7f00000004c0)={{0xa, 0x4e24, 0x2, @private2, 0x200}, {0xa, 0x4e21, 0x3, @dev={0xfe, 0x80, '\x00', 0x24}, 0xffffff8f}, 0xffffffffffffffff, {[0x7, 0x600, 0x4, 0x3, 0x1, 0x7, 0x8, 0xdd5]}}, 0x5c)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8"], 0x0}, 0x94)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYRES16=r0], 0x60}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
socket$kcm(0x10, 0x2, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18080000000000000000000000000002850000000f000000850000002a00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x18)
r3 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendto$inet6(r3, &(0x7f0000000b80)="be", 0x1, 0x4008014, &(0x7f0000000000)={0xa, 0x4e22, 0x1, @dev={0xfe, 0x80, '\x00', 0x23}, 0x7}, 0x1c)
shutdown(r3, 0x1)

216.842406ms ago: executing program 4 (id=4678):
r0 = socket(0x10, 0x2, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=@getneightbl={0x14, 0x42, 0x89745301ffea7a81}, 0x14}}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/key-users\x00', 0x0, 0x0)
r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/expire_nodest_conn\x00', 0x2, 0x0)
sendfile(r2, r1, &(0x7f0000000000)=0x9, 0x3fffff)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, &(0x7f0000000040)={0x2, 0x4e24, @empty}, 0x10)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x18, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r5}, 0x10)
setregid(0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x34, &(0x7f0000000080)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x26, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x12, 0x0, @opaque='\x00'/10}}}}}, 0x0)
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt(r6, 0x6, 0x320609d, &(0x7f00000000c0)="5c17e9f22f90439e87c33bbf8f2e89297e56ec4c6b06393a06ba467578a4491e3b915fbef07408117ed1f2107466f798f031ad931038e642c7c449aadd58c2a478779fc13b5199f822fe7493e32646130285e3811cbdbf568c4fb97286a0fe3c8b864b7a6d851bb70098f81fc07ec9ee1324e7e32f108d7dc2d10f494db2ea9d0bd30544268e41088f98b02052206fc54e4e54cf85ed3ca1c9aced1408c7281649574af64365a280f31763a6e69e42a3f19d443db69e70d1650167a0f90dc389fb055d87593225b625d1631144d4ae346057f69b80dd8d5510ffcbd78be006eac1e901b2114a230580a3c7124bcf3819ce309ea071b57be7e17e7c07e41846c92c3925f80c29bc7cb7b338ab0544e9d271b081a99a1e34463e90718d62a25c44c1ec07cf6d4b57ba011b96739d72e6f30700d935c45d08e25ff1da503e5b81f2722b14b0958b433d72ba5a46e31494e4d498ff46127ddd210279bbabf2dfffb2364ef8f5bab26bec3ba4c8575f9e346fd25ff765087a0ee308e0cc4e6b9376c9da2977072a65546e5ca075d2c737a3866801e9bc745e45cc04999a8a092e67e5cf554360a9d649b84b6c692e853d196d252c65a40b05afe915b5a742bd3d7ada2978f17b85d9d80863324fb9065cbe779e99e57f849eec3b6a7e0811c5594d0e0a7c6fcb9bed8d80a16a603de8d6f683e06e0d08dec726cdc192f3300bf024f36c73fe58c390f4c846522ad8248c25b7c168954ddee203f87da101ce09f25a28887868139e962d0749ca702d3ec42b4ee3203b5781cd6e85c00c850c5dd40a16cabfee95b4b8138e62b7e5734f53c5bce5b8f196a25d2b29794d6d76b50bedf0fcbd8a2ed7551c65e53d394bd97b087d09239b63fcf4ec72a6811a41fba9bc7000311de8da118b8db5faf141b5632b67fb88bd884011a81b32a64a532a89dc1cfe08c2250d0d5668ca792d7eb15041696ab3d6601d682dd60704dfefcf847aa5f471a6d22926bcaf820ed567c0872c8dfe115c208c13579bd9727b9c6bf0f9ca4ba4de0b0dc5a77cd31b9f5b31351e9c5c5f4cf5b9d78f562d8e7e680411ec40da2b64516e80471ae52538dacf4d941591b0b0b4f633625ac9adf323e6e71520bd1ef0ef80049829cae0b346a2b827ba807f14e9f02bec3d0614a2fb0e45afec38e5d34da2a5d2ee29871ed0db95eed8466960604b2fa0f40ddebec98b961df2f60ab1fdc05edae3ddb2f872ba9ede5ea17d67244d0b9b5af556ca9bee35c0ca6911f209af53aeee8d3cf4b7b3e29dc470d967e245e3f4eb7e8f4a2f9c37559e9210385213834e1ad58dec2e67be6eb1b4fd4ed4a2ea2e58e286241f5db00378b862a891128954687ad05c3f8e04f34c04ebd7af4d3809c4904f5c41fb375006b776188685e082b43b4e4542d40f7762cb346052695392ab156ea5a989991aeef1a0bff5cb028fdac396bd04a61e7e126c40cf6f561d6a5dcf8c68f6174928bd8e822c368ecf3cc68c1967f97fa45fb3baa39d758d6c3f03a7d2f2789ff0c63237ef4aafd77dab8ea866528bd204c8905a46edb114c87294801cb82ac100895a4c45c223f140f7e64737b7e356b14edf5b8c588fe0c4575784df80026514c766d60a9105bb7a12e424668409601984a3eba56874d61dd86ffa1249528cbdf968845f6f1b9b597156a263029a8361f33b5783a6dbb03facc8684303a23955af6b6f3e2c2529be4f14961bd1fd9a662e0c9b54c6a485fffbfbe9941158e84b74f47e22d4b2c0d9c5bebf819011a4269e4b8e74fe59982efcb45b86a16fccb02b756a8d5a6d5fc0bc5d2542ed57f9cb0284a1c800dc5ef9d897dfa2868c8920c372841312f99513cdec6ba4f3297d44d726cfeba2b849e56b153807b5d3ea796eaa5798aeab3a34e8131e472e24adbe8d239183e5038766d4d81d26cf569cbf44a3bbbf975c325ce257bab9f6877755161a0bfcf9b957549ac1943b5b9dca6bd20cfe4b7bd89379ed2138382523ba8dcf48e5eaf38131a8b718f9c762924e1005bc88bef20a19a90b01f719e325e77a9640d1e4bfba4b3b4e7e35612d8e30a154ea45088166398a228a7a61b6be4117b350e9d6637931c519456b61b7bf325a30971e8e5d75f734ed8938de4cc53b860fe4cee5041a95b4c4444e0ab12c48f9c5305cc7c712dce748d24248b4092d3b62e073b862fc578e199ee349614a07fc43bbe74a591265b26153673ce115907d6cc75e5bc360329fd75e3bc8e5ef60ce4a8f9ce8722899cb9aa7647d4a89e261db3adfb8ea18ffcde0fe82c4f0b7bdc7ac7fc35079b0061741976fda2b75741ad2b1e38b2eee799cbab1e422af0ed1a013a59d37328789941a26dafb34db41291f8caf9bc00845d27c95f32ab1c41481bf0638309acbffdc365f7f4b52349716a06002766f07d38c3d8c1eaf43a42570d4e2859408b1fb432196b6ec44843f7e80af769e97612a90e2a769fb631bd3097d8a5b7adb1ff443aa3eabef6b18d9b7fe1b3d86023492d0a3e89b8130d88334ee94433d019f73070b67a850a4348e3c351cb402a2775188afb11545eaee5fdca6d11f9fde8cbba7a2b0b9b547fcb13609df0fadeedf1261ad4be87994ca600571eae9330d833af75e97dfccda8915ff1ad9039b410a569580f52d06ed173a0ed646c739254ad9bb2a06416f1bea82c04c4e48c42dd7aadfaf203af566b595378d56c5f685c40147892656d74c2d52a9c6e29040f07c6df4a9532e90ce1e54b0d477245e47fb3d2ee69bdc224e5e82a2a5518a1d332231d4b553864ea2eef4dbb95c1f9ad2a264b6e4f8451537bbf93c8bdfdf7e4d60069504b6d112890fef118b7efaf1762bda18b21adf8e1f1ea9a25163754efc0cc7ac5ca3050d82ba28de7386d930911cdd9ed19b017ea617531975c07903f84ddbc28640c9d6dfd4d6e2277b243669dc0173122a12cc032b05122d8fa782180f51d4ed0e1171757a57e1ce276d6d23e513ffeae52a353ecf5070e940d0ee4da338ff3caca191f82283db3076a1caad1df19f68c23de2101a529cef4afe2a357dd8f2590e50a3ba23e7c67b3498a1d7938a0b32165c1b0af73202ffecb28856b764d9a5c5ee3cc7acfc9d3863cb02698947079b0ed17919b18030eab32f0f7647c81e2c6860cdd90c262f2269a204ce3939726c252eb2c41609c68d9de84e884c3e1e68c81bf524095b0de128171206d6f421bcdfb105edcb390e9e3a1abbfabcfd57ada644905333a069a88994101afce9fe0cdbef574219d1c93e76fc493865a81b2bf04a4423cc8827fcfb5482b5f390fd583c2c0d5a1e5356929d19bc97946de41a7c2576e7d634839d880983a20d52fb1398fe7d894e3156fd0bae70a2b6b5b7e886675a0ec1043f042d7dd28ec1aa4366e4fd45c6875fb9f8e5794441ffa6a0517d0828d06ff7f86d0ee9dcb6f1257ba213c4979f6b59f0a68be18781e9f438571b90f1e66bfda4ede81fc00c91afc2708591c8c6dcac17773bfe0d0cbf1fc8fdc914be9053bf5776b2ed55595002f3246dd77bb85ccc737e6a2dd0db7818e893a71a95685a4e961c53936d128993c845bea0672377b221ef7168078e73ca9e74eb6f7f24427b0d85c29862b638eae4f38ac893efd5d646ba33a7c7324bd09f52932a914536f58b265e10ceec9c1b8d14700582001d091307dc79a2e2bb8994b3294fb51d4930ded48c8f8fe772ac1ffefa0a4494917986e713d7059069b9af9f18a68037b22da5dcd73c408d80548752e9050d7261db7aff7e31761f6983308430badc1a9c6a86341d1be3214373b9cb63490c54d5812487159101ec07c61289b4853a12f74d281813f9056d94e9df1d8150cfc136dce7e4bed76c634490eb6e11168aeb49b8dc8e1806ac2afe5f878a3bab24d9e2efaea175dc23d331425c017411929f9f2348a7170c046366844bffefc2258c9a5c4d82cedbe9257663398d33fa67141f15ea84bb74d190d67b66ac46648931a47266c1b5d20fa97f57174c5358a19f1505f8af5d3775016cbd3dc48045eea84efd82280eac991a2abb83552f662a8b5b2aea3b1eee8078d7dd4674642f3c805658ce19ef478a4ce5ca5ac5438a5e7835fa210f7b23f1017a68c58a8f70e89a087c6c1bd92174a5369c7f789d2e28dafa89d8755300e66aaf66db6db03d15fb6df2fc244dd9b2778e278e35f0d931e388591fad9198330f3f03d9ab88310e89434d4a34c7849bbb224cd16585db5e90c676e1146290652e0d88f7d06b57dd124b02b0c1075d48abd19eb00593637b93d0db5dbd8a519214f8ade570c60cb1fdf990c9d3899e8dee589edb6690e1a9918a3f4a36a28ee87ad538d3be1efcc044c0368c2683c88191b09e782fc005f5dcf0fce918ae0a2b5fab727c8524cf10fe6c898362dd2d13ee195550e4df15ae48f7e519d5bb7cbe23aef20041f59689a13d7d1a5ca4257df343765131e3e4547efc63de91b151fec236c9bde58ed779334e7bb554b742553dd219ba58b420b61f8f93a2ca2ca70d10c0c3b0f07e202e45e30e90b4eff5e3a2f4441904bc665a5f2b4cc789b4ddc12524ae268840356ec25c0f40328597299dc8eea2f2510968c1b6e82a217007111b0faa9ebb6a934ebf6c40755f46d9b0ceb13d0d278a4871797cd236cddcea7e8c1f8b6a144f9fb75115f563724e8c3e9adb0b3799f5001ea84a21a8ddcc8e0b21d737bc5cb65fa2e06d7124080e0ff22d0bc0a7e4d5a9e80afc9dc4a52d2ff37ff13729b3dae5dfd8cc9f9d5ef4d1dd5da20874f096b66eaf21b4309a6ee1917972655540a705a249a54568e8b1a5a23586e780343c5caaa8b62802d5d076b6536eaa2298966c15f8f162259364c0fa7d1a4e16113e2f778f39472b128c2c44c2fb10de3b9ea3c9051c12bbb177c6c238cb4318df56a8ab8a70ce4aafa36f6ebb7f3ab87d34f8e7b1b7fa65b6d13e29a6ef7f746a139eaea4bc7d1ebb557799a3058d7931623aa3713d23040342e4ac47b78f223ce9926d494844b5c95f2d445f348dabbd65a043df6b79f684a78f620db4adc15aed808240aa35a3f40b819b7d9db4b6bfcb048962f695556f6168492e6da99c413815f068564e858799733dffb50291133bb2bb330dad5fcc0275dbc41ea23cbc175678afb32a5c27b087e6d60a87783afd47b3673feb88b939fcd0ea174dcbe52250962c88ef7c0a779920776e59a69f30fda06bdf434f859e520866f1e6d9e39e8b4906f5da7ad39d8f20a5f096d33ae04f2ee319bca908409f1a5d174cf4bd514cebc1ea36e8772e36e9702acc850d76df4ae9078a2beed52063b231d16b9c628877e315958c1707cf015f70ad6502418dd2fd2072d2d6feabb46bbcbfe62e5219593304e0ee30ab50f56c0a677fa05c18d85157d9f9a5bf43cf38a44d926724c0ff6f2b3302aa6168b586bbda3501905c43de4fea67288b341e636b3fa707c834c6404a21b6c576738359d90c6407d486d45ca9cbadcc604941ef3dc3291c5cad2b3706447b3cb78101fa5088b68c5bcea78ea5169dabb3ee21c1e141216e3b1cf0fe89e8c85448441da721d4a98245c430039eadf78a1969c62b38163e7b4819079d08a4e97cb591d1f99e1b9ab4c87d6316a692396fa57becc2ae648769f04efe5097495718ead2188dc36c8c9cc2f3959006521f991cd06b6f58ab00c26a218801120960fc658c73d15c536a0209778069463a29f0d8014c1bad86bea332b81c0b444b845f03426daf7b9afa84d11c1e7645c09265f66e88c1b02347d64908a2481fa1899d15", 0x1000)

172.330847ms ago: executing program 4 (id=4679):
r0 = socket$inet(0x2b, 0x801, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000080)=0x5)
poll(0x0, 0x0, 0xff16)
socket$packet(0x11, 0x3, 0x300)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f00000000c0)={0x4, &(0x7f0000000040)=[{0x3, 0x8, 0x4, 0x8}, {0x8, 0x7, 0x0, 0x800}, {0x0, 0x5, 0x68, 0xb372}, {0x6, 0x2c, 0x80, 0x852}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000400)='sched\x00')
writev(r1, &(0x7f0000000200)=[{&(0x7f0000000040)}, {&(0x7f0000000740)="8c4120a080172472b57291a1ef36b81122d80ba664652dd04da6473e01ffbb24cdb47e87e25f4e377bb75ce227f76711832494c59d475938134ec94e0ee06955a590f8a8f2d8152050b2b17cc9c8049dc1426ed28d249cb7464000aa7ed934feed924f43069e509f69c61d919bfd00d94db8905d762c0fcd4633297252ff19054e8877af29a1766f854e9a54a9c8a886071c588332f67552f5bf67346572f9be646b67019f2a28dafe4098667170bd1a4d15d93892fa4e803fc8aa1223c2aa7aea45154b58897c9b1574c07f63fa0659bc", 0xd1}], 0x2)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000080050005000200000011000300686173683a69702c706f7274"], 0x4c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x224e, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="5000000009060102000000ffff000000020000840900020073797a310000ffff0500010007000000280007800c00018008000140fffffff70500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x90)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000180)="e502", 0x2)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB="0000000000000800000000000004000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/27], 0x50)
socket$inet6_sctp(0xa, 0x1, 0x84)
r4 = socket$netlink(0x10, 0x3, 0x10)
bpf$TOKEN_CREATE(0x24, &(0x7f00000003c0), 0x8)
r5 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r5, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r5, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
write$selinux_attr(0xffffffffffffffff, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)
add_key(&(0x7f00000001c0)='id_resolver\x00', &(0x7f00000005c0)={'syz', 0x2}, &(0x7f0000000600)="a6", 0x1, 0xffffffffffffffff)
clock_gettime(0x0, &(0x7f0000000280)={<r6=>0x0, <r7=>0x0})
timer_settime(0x0, 0x1, &(0x7f00000004c0)={{r6, r7+60000000}, {0x77359400}}, &(0x7f0000000500))
r8 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), r4)
sendmsg$DEVLINK_CMD_RATE_NEW(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r8, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)

0s ago: executing program 2 (id=4680):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/igmp\x00')
pread64(r0, &(0x7f0000000180)=""/15, 0xfffffe9c, 0xb6)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sys_enter\x00', r1}, 0x10) (async)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x400000)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r2, 0x4058534c, &(0x7f0000000180)={0x88f, 0xffff, 0x4, 0x9, 0xffffffff, 0x3}) (async)
timer_settime(0x0, 0x0, 0x0, 0x0) (async)
syz_clone3(&(0x7f0000000680)={0x40004000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58)

kernel console output (not intermixed with test programs):

TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1340
[  195.401277][   T29] audit: type=1107 audit(451.385:10998): pid=12644 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='h ~é'
[  195.454371][T12649] __nla_validate_parse: 1 callbacks suppressed
[  195.454392][T12649] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3308'.
[  195.496209][   T29] audit: type=1326 audit(451.485:10999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12654 comm="syz.3.3311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  195.519346][   T29] audit: type=1326 audit(451.485:11000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12654 comm="syz.3.3311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  195.542465][   T29] audit: type=1326 audit(451.485:11001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12654 comm="syz.3.3311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  195.565613][   T29] audit: type=1326 audit(451.485:11002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12654 comm="syz.3.3311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  195.588719][   T29] audit: type=1326 audit(451.485:11003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12654 comm="syz.3.3311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  195.597441][T12657] hub 9-0:1.0: USB hub found
[  195.611967][   T29] audit: type=1326 audit(451.485:11004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12654 comm="syz.3.3311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  195.621283][T12657] hub 9-0:1.0: 8 ports detected
[  195.640806][   T29] audit: type=1326 audit(451.485:11005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12654 comm="syz.3.3311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  195.798093][T12669] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3317'.
[  196.218872][T12603] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  196.230394][T12603] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  196.241916][T12603] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  196.253658][T12603] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  196.406564][T12678] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3321'.
[  196.489466][T12565] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  196.501846][T12565] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  196.516472][T12565] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  196.530659][T12565] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  196.563723][T12688] tipc: Started in network mode
[  196.568702][T12688] tipc: Node identity ac14140f, cluster identity 4711
[  196.575638][T12688] tipc: New replicast peer: 255.255.255.255
[  196.581655][T12688] tipc: Enabled bearer <udp:syz2>, priority 10
[  196.718079][T12701] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  196.818595][T12701] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  196.868609][T12598] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  196.887240][T12701] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  196.926711][T12598] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  196.953845][T12726] FAULT_INJECTION: forcing a failure.
[  196.953845][T12726] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  196.967103][T12726] CPU: 0 UID: 0 PID: 12726 Comm: syz.2.3336 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(voluntary) 
[  196.967131][T12726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  196.967200][T12726] Call Trace:
[  196.967207][T12726]  <TASK>
[  196.967216][T12726]  __dump_stack+0x1d/0x30
[  196.967240][T12726]  dump_stack_lvl+0xe8/0x140
[  196.967296][T12726]  dump_stack+0x15/0x1b
[  196.967311][T12726]  should_fail_ex+0x265/0x280
[  196.967352][T12726]  should_fail+0xb/0x20
[  196.967451][T12726]  should_fail_usercopy+0x1a/0x20
[  196.967490][T12726]  _copy_from_user+0x1c/0xb0
[  196.967563][T12726]  __copy_msghdr+0x244/0x300
[  196.967605][T12726]  ___sys_sendmsg+0x109/0x1d0
[  196.967663][T12726]  __x64_sys_sendmsg+0xd4/0x160
[  196.967790][T12726]  x64_sys_call+0x2999/0x2fb0
[  196.967818][T12726]  do_syscall_64+0xd2/0x200
[  196.967839][T12726]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  196.967872][T12726]  ? clear_bhb_loop+0x40/0x90
[  196.967978][T12726]  ? clear_bhb_loop+0x40/0x90
[  196.968091][T12726]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.968206][T12726] RIP: 0033:0x7f2a1c39e929
[  196.968221][T12726] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  196.968239][T12726] RSP: 002b:00007f2a1aa07038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  196.968257][T12726] RAX: ffffffffffffffda RBX: 00007f2a1c5c5fa0 RCX: 00007f2a1c39e929
[  196.968296][T12726] RDX: 0000000000000000 RSI: 00002000000003c0 RDI: 0000000000000003
[  196.968312][T12726] RBP: 00007f2a1aa07090 R08: 0000000000000000 R09: 0000000000000000
[  196.968382][T12726] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  196.968398][T12726] R13: 0000000000000000 R14: 00007f2a1c5c5fa0 R15: 00007ffe8b4e3788
[  196.968424][T12726]  </TASK>
[  197.168600][T12598] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  197.178323][T12701] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  197.209212][T12598] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  197.227548][T12702] chnl_net:caif_netlink_parms(): no params data found
[  197.236076][T12731] 9pnet_fd: Insufficient options for proto=fd
[  197.308367][T12742] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3341'.
[  197.328796][T12702] bridge0: port 1(bridge_slave_0) entered blocking state
[  197.336075][T12702] bridge0: port 1(bridge_slave_0) entered disabled state
[  197.343608][T12702] bridge_slave_0: entered allmulticast mode
[  197.350208][T12702] bridge_slave_0: entered promiscuous mode
[  197.357415][T12702] bridge0: port 2(bridge_slave_1) entered blocking state
[  197.364640][T12702] bridge0: port 2(bridge_slave_1) entered disabled state
[  197.378877][T12702] bridge_slave_1: entered allmulticast mode
[  197.379565][T12702] bridge_slave_1: entered promiscuous mode
[  197.402144][T12702] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  197.403832][T12702] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  197.438349][T12702] team0: Port device team_slave_0 added
[  197.453831][T12702] team0: Port device team_slave_1 added
[  197.457006][T12751] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3343'.
[  197.480549][T12702] batman_adv: batadv0: Adding interface: batadv_slave_0
[  197.487634][T12702] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  197.513673][T12702] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  197.525197][T12702] batman_adv: batadv0: Adding interface: batadv_slave_1
[  197.532247][T12702] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  197.558615][T12702] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  197.573775][ T3393] tipc: Node number set to 2886997007
[  197.629795][T12752] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  197.768512][T12702] hsr_slave_0: entered promiscuous mode
[  197.774705][T12702] hsr_slave_1: entered promiscuous mode
[  197.780793][T12702] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  197.788565][T12702] Cannot create hsr debugfs directory
[  197.806303][T12752] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  197.851490][T12761] hub 9-0:1.0: USB hub found
[  197.857208][T12761] hub 9-0:1.0: 8 ports detected
[  198.374324][T12702] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.392139][T12752] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.549982][T12702] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.586408][T12752] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.645367][T12702] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.744329][T12702] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.926132][T12786] hub 9-0:1.0: USB hub found
[  198.931015][T12786] hub 9-0:1.0: 8 ports detected
[  198.995349][T12788] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  199.047336][T12790] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  199.061331][T12701] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  199.071472][T12788] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  199.087061][T12701] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  199.097621][T12790] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  199.112629][T12701] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  199.132541][T12788] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  199.146232][T12701] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  199.165694][T12790] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  199.217487][T12788] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  199.242362][T12796] hub 9-0:1.0: USB hub found
[  199.247516][T12796] hub 9-0:1.0: 8 ports detected
[  199.274681][T12790] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  199.336849][T12799] wg2: entered promiscuous mode
[  199.341796][T12799] wg2: entered allmulticast mode
[  199.349836][T12799] random: crng reseeded on system resumption
[  199.386113][T12802] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3360'.
[  199.437224][T12803] futex_wake_op: syz.3.3360 tries to shift op by -1; fix this program
[  200.177782][T12752] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  200.189415][T12752] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  200.200984][T12752] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  200.212372][T12752] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  200.241132][   T29] kauditd_printk_skb: 78 callbacks suppressed
[  200.241149][   T29] audit: type=1326 audit(969.224:11084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12805 comm="syz.2.3361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a1c39e929 code=0x7ffc0000
[  200.270406][   T29] audit: type=1326 audit(969.224:11085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12805 comm="syz.2.3361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a1c39e929 code=0x7ffc0000
[  200.293517][   T29] audit: type=1326 audit(969.224:11086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12805 comm="syz.2.3361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f2a1c39e929 code=0x7ffc0000
[  200.301139][T12807] netlink: 52 bytes leftover after parsing attributes in process `syz.2.3361'.
[  200.316492][   T29] audit: type=1326 audit(969.234:11087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12805 comm="syz.2.3361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a1c39e929 code=0x7ffc0000
[  200.316527][   T29] audit: type=1326 audit(969.234:11088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12805 comm="syz.2.3361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=333 compat=0 ip=0x7f2a1c39e929 code=0x7ffc0000
[  200.371638][   T29] audit: type=1326 audit(969.314:11089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12805 comm="syz.2.3361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a1c39e929 code=0x7ffc0000
[  200.394657][   T29] audit: type=1326 audit(969.314:11090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12805 comm="syz.2.3361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a1c39e929 code=0x7ffc0000
[  200.417688][   T29] audit: type=1326 audit(969.324:11091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12805 comm="syz.2.3361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2a1c39e929 code=0x7ffc0000
[  200.440778][   T29] audit: type=1326 audit(969.324:11092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12805 comm="syz.2.3361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a1c39e929 code=0x7ffc0000
[  200.463758][   T29] audit: type=1326 audit(969.324:11093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12805 comm="syz.2.3361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a1c39e929 code=0x7ffc0000
[  200.669135][T12812] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.714521][T12812] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.778107][T12812] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.824404][T12812] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.062167][T12788] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  201.074221][T12788] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  201.087557][T12788] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  201.099866][T12788] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  201.254234][   T51] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  201.264586][T12824] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  201.277267][T12824] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3368'.
[  201.511238][T12836] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.534387][T12836] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.574538][T12836] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.614313][T12836] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.706355][T12702] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  201.716337][T12702] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  201.729900][T12790] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  201.738859][T12702] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  201.752163][T12790] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  201.760660][T12702] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  201.773116][T12790] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  201.785766][T12790] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  201.820796][T12702] 8021q: adding VLAN 0 to HW filter on device bond0
[  201.835289][T12702] 8021q: adding VLAN 0 to HW filter on device team0
[  201.845660][   T37] bridge0: port 1(bridge_slave_0) entered blocking state
[  201.852804][   T37] bridge0: port 1(bridge_slave_0) entered forwarding state
[  201.864042][   T37] bridge0: port 2(bridge_slave_1) entered blocking state
[  201.871207][   T37] bridge0: port 2(bridge_slave_1) entered forwarding state
[  201.942561][T12852] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3375'.
[  201.958997][T12702] 8021q: adding VLAN 0 to HW filter on device batadv0
[  201.971096][   T54] bridge_slave_1: left allmulticast mode
[  201.976936][   T54] bridge_slave_1: left promiscuous mode
[  201.982692][   T54] bridge0: port 2(bridge_slave_1) entered disabled state
[  202.003101][   T54] bridge_slave_0: left allmulticast mode
[  202.008926][   T54] bridge_slave_0: left promiscuous mode
[  202.014774][   T54] bridge0: port 1(bridge_slave_0) entered disabled state
[  202.136059][   T54] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  202.137833][T12856] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3377'.
[  202.168733][   T54] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  202.190214][   T54] bond0 (unregistering): Released all slaves
[  202.239968][   T54] tipc: Disabling bearer <udp:syz2>
[  202.245352][   T54] tipc: Left network mode
[  202.257792][   T54] hsr_slave_0: left promiscuous mode
[  202.264922][   T54] hsr_slave_1: left promiscuous mode
[  202.271226][   T54] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  202.278726][   T54] batman_adv: batadv0: Removing interface: batadv_slave_0
[  202.296612][   T54] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  202.304121][   T54] batman_adv: batadv0: Removing interface: batadv_slave_1
[  202.324489][   T54] veth1_macvtap: left promiscuous mode
[  202.330058][   T54] veth0_macvtap: left promiscuous mode
[  202.342764][   T54] veth1_vlan: left promiscuous mode
[  202.353083][   T54] veth0_vlan: left promiscuous mode
[  202.440134][   T54] team0 (unregistering): Port device team_slave_1 removed
[  202.452859][   T54] team0 (unregistering): Port device team_slave_0 removed
[  202.498735][T12702] veth0_vlan: entered promiscuous mode
[  202.506728][T12702] veth1_vlan: entered promiscuous mode
[  202.522498][T12702] veth0_macvtap: entered promiscuous mode
[  202.529845][T12702] veth1_macvtap: entered promiscuous mode
[  202.540472][T12702] batman_adv: batadv0: Interface activated: batadv_slave_0
[  202.549705][T12702] batman_adv: batadv0: Interface activated: batadv_slave_1
[  202.561706][T12702] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  202.570509][T12702] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  202.579294][T12702] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  202.588156][T12702] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  202.633178][T12868] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3379'.
[  202.808949][T12884] hub 9-0:1.0: USB hub found
[  202.815598][T12884] hub 9-0:1.0: 8 ports detected
[  203.026658][T12890] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  203.155540][T12890] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  203.215384][T12890] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  203.255258][T12890] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  203.363292][T12894] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  203.369843][T12894] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  203.377395][T12894] vhci_hcd vhci_hcd.0: Device attached
[  203.833200][T12435] usb 1-1: new low-speed USB device number 11 using vhci_hcd
[  203.924700][T12895] vhci_hcd: connection reset by peer
[  203.930671][ T3458] vhci_hcd: stop threads
[  203.934999][ T3458] vhci_hcd: release socket
[  203.939438][ T3458] vhci_hcd: disconnect device
[  204.179991][T12900] SELinux: syz.3.3389 (12900) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  204.649521][T12917] hub 9-0:1.0: USB hub found
[  204.654318][T12917] hub 9-0:1.0: 8 ports detected
[  204.667535][T12922] hub 9-0:1.0: USB hub found
[  204.672303][T12922] hub 9-0:1.0: 8 ports detected
[  204.898076][T12948] hub 9-0:1.0: USB hub found
[  204.902863][T12948] hub 9-0:1.0: 8 ports detected
[  205.017805][T12812] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  205.029285][T12812] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  205.040743][T12812] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  205.052482][T12812] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  205.198114][T12973] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.247747][T12973] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.279608][T12975] hub 9-0:1.0: USB hub found
[  205.284998][T12975] hub 9-0:1.0: 8 ports detected
[  205.314551][T12973] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.365742][T12973] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.487330][T12980] hub 9-0:1.0: USB hub found
[  205.492347][T12980] hub 9-0:1.0: 8 ports detected
[  205.523708][   T29] kauditd_printk_skb: 83 callbacks suppressed
[  205.523734][   T29] audit: type=1326 audit(974.514:11177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12981 comm="syz.3.3425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  205.552919][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  205.565236][   T29] audit: type=1326 audit(974.544:11178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12981 comm="syz.3.3425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  205.588295][   T29] audit: type=1326 audit(974.544:11179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12981 comm="syz.3.3425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  205.611594][   T29] audit: type=1326 audit(974.544:11180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12981 comm="syz.3.3425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  205.634843][   T29] audit: type=1326 audit(974.544:11181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12981 comm="syz.3.3425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  205.658242][   T29] audit: type=1326 audit(974.544:11182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12981 comm="syz.3.3425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  205.681162][   T29] audit: type=1326 audit(974.544:11183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12981 comm="syz.3.3425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  205.704378][   T29] audit: type=1326 audit(974.544:11184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12981 comm="syz.3.3425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  205.727402][   T29] audit: type=1326 audit(974.544:11185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12981 comm="syz.3.3425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  205.750459][   T29] audit: type=1326 audit(974.544:11186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12981 comm="syz.3.3425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  205.776895][T12991] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3429'.
[  205.844066][T12996] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3431'.
[  205.918376][T12836] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  205.938740][T12836] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  205.955910][T12836] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  205.976018][T12836] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  206.062436][T13007] hub 9-0:1.0: USB hub found
[  206.067215][T13007] hub 9-0:1.0: 8 ports detected
[  206.201838][T13016] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3438'.
[  206.310564][T12890] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  206.324436][T12890] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  206.336896][T12890] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  206.349338][T12890] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  206.363136][T13022] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.605499][T13036] SELinux: syz.3.3446 (13036) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  206.906707][T13022] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.957267][T13022] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.084930][T13048] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.107593][T13022] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.122023][T13047] netlink: 52 bytes leftover after parsing attributes in process `syz.3.3451'.
[  207.145468][T13048] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.205261][T13048] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.255587][T13048] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.305670][T13022] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  207.408659][T13022] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  207.541453][T13022] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  207.589859][T13055] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3454'.
[  207.914262][T13022] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  207.977892][T13059] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.048221][T13059] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.121619][T13059] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.166102][T13069] hub 9-0:1.0: USB hub found
[  208.182063][T13069] hub 9-0:1.0: 8 ports detected
[  208.519940][T13077] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.539122][T13059] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.607789][T13077] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.654964][T13077] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.714789][T13077] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.913233][T12435] usb 1-1: enqueue for inactive port 0
[  208.920624][T12435] usb 1-1: enqueue for inactive port 0
[  209.002728][T12435] vhci_hcd: vhci_device speed not set
[  210.157830][T12973] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  210.169082][T12973] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  210.180127][T12973] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  210.191601][T12973] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  210.275204][T13090] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.324886][T13090] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.385264][T13090] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.425593][T13090] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.064720][T13059] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  211.077483][T13059] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  211.116267][T13059] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  211.132867][T13059] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  211.164550][   T29] kauditd_printk_skb: 132 callbacks suppressed
[  211.164589][   T29] audit: type=1400 audit(980.154:11319): avc:  denied  { create } for  pid=13095 comm="syz.4.3469" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  211.174590][T13096] hsr0: entered promiscuous mode
[  211.200907][   T29] audit: type=1400 audit(980.154:11320): avc:  denied  { ioctl } for  pid=13095 comm="syz.4.3469" path="socket:[46412]" dev="sockfs" ino=46412 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  211.228432][   T29] audit: type=1400 audit(980.214:11321): avc:  denied  { write } for  pid=13095 comm="syz.4.3469" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  211.356496][T13096] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3469'.
[  211.365872][T13096] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3469'.
[  211.390062][T13096] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3469'.
[  211.400471][T13096] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3469'.
[  211.434053][T13096] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3469'.
[  211.444315][T13096] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3469'.
[  211.628736][T13077] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  211.640846][T13077] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  211.674266][T13077] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.724486][T13077] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  212.218099][   T29] audit: type=1326 audit(981.204:11322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13116 comm="syz.1.3476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7efc51e929 code=0x7ffc0000
[  212.263828][   T29] audit: type=1326 audit(981.204:11323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13116 comm="syz.1.3476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7efc51e929 code=0x7ffc0000
[  212.287077][   T29] audit: type=1326 audit(981.204:11324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13116 comm="syz.1.3476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7efc51e929 code=0x7ffc0000
[  212.310278][   T29] audit: type=1326 audit(981.204:11325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13116 comm="syz.1.3476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7efc51e929 code=0x7ffc0000
[  212.333361][   T29] audit: type=1326 audit(981.204:11326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13116 comm="syz.1.3476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7efc51e929 code=0x7ffc0000
[  212.356379][   T29] audit: type=1326 audit(981.204:11327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13116 comm="syz.1.3476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7efc51e929 code=0x7ffc0000
[  212.379459][   T29] audit: type=1326 audit(981.204:11328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13116 comm="syz.1.3476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7efc51e929 code=0x7ffc0000
[  212.476879][T13122] hub 9-0:1.0: USB hub found
[  212.481676][T13122] hub 9-0:1.0: 8 ports detected
[  212.509669][T13124] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3479'.
[  212.886296][T13132] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  212.946256][T13132] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.006246][T13132] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.065675][T13132] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.089362][T13137] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3484'.
[  213.130162][T13132] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  213.141426][T13132] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  213.164586][T13132] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  213.185432][T13132] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  213.696609][T13156] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3492'.
[  213.842972][T13154] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  213.852086][T13154] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  213.871243][T13163] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.935764][T13163] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.966682][T13166] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.986590][T13163] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.005859][T13166] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.035446][T13163] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.039236][T13154] netlink: 'syz.1.3491': attribute type 4 has an invalid length.
[  214.053263][T13154] netlink: 'syz.1.3491': attribute type 2 has an invalid length.
[  214.078416][T13166] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.126171][T13090] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  214.166107][T13090] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  214.183350][T13090] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  214.194465][T13166] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.209462][T13090] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  214.814655][T13196] netlink: 1 bytes leftover after parsing attributes in process `syz.1.3508'.
[  214.819939][T13193] hub 9-0:1.0: USB hub found
[  214.828545][T13196] block device autoloading is deprecated and will be removed.
[  214.828766][T13193] hub 9-0:1.0: 8 ports detected
[  214.836164][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  214.880348][T13200] loop2: detected capacity change from 0 to 512
[  214.889115][T13200] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.3510: corrupted in-inode xattr: invalid ea_ino
[  214.902804][T13200] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.3510: couldn't read orphan inode 15 (err -117)
[  214.908803][T13166] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  214.917038][T13200] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  214.927311][T13166] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  214.944221][T13200] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3510'.
[  214.947043][T13166] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  214.964642][T13166] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  214.974803][T12123] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.052145][T13213] random: crng reseeded on system resumption
[  215.248966][T13224] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3519'.
[  215.276901][T13226] capability: warning: `syz.2.3520' uses deprecated v2 capabilities in a way that may be insecure
[  215.349424][T13230] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3522'.
[  215.396241][T13236] loop2: detected capacity change from 0 to 256
[  215.441919][T13239] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  215.475943][T13243] loop2: detected capacity change from 0 to 512
[  215.495763][T13243] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  215.514464][T13239] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  215.526919][T13243] FAULT_INJECTION: forcing a failure.
[  215.526919][T13243] name failslab, interval 1, probability 0, space 0, times 0
[  215.539740][T13243] CPU: 0 UID: 0 PID: 13243 Comm: syz.2.3528 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(voluntary) 
[  215.539821][T13243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  215.539837][T13243] Call Trace:
[  215.539918][T13243]  <TASK>
[  215.539929][T13243]  __dump_stack+0x1d/0x30
[  215.539962][T13243]  dump_stack_lvl+0xe8/0x140
[  215.539987][T13243]  dump_stack+0x15/0x1b
[  215.540009][T13243]  should_fail_ex+0x265/0x280
[  215.540081][T13243]  should_failslab+0x8c/0xb0
[  215.540109][T13243]  kmem_cache_alloc_noprof+0x50/0x310
[  215.540143][T13243]  ? getname_flags+0x80/0x3b0
[  215.540292][T13243]  getname_flags+0x80/0x3b0
[  215.540322][T13243]  __x64_sys_link+0x33/0x70
[  215.540427][T13243]  x64_sys_call+0x2af9/0x2fb0
[  215.540486][T13243]  do_syscall_64+0xd2/0x200
[  215.540567][T13243]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  215.540659][T13243]  ? clear_bhb_loop+0x40/0x90
[  215.540688][T13243]  ? clear_bhb_loop+0x40/0x90
[  215.540713][T13243]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.540732][T13243] RIP: 0033:0x7f2a1c39e929
[  215.540894][T13243] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  215.540918][T13243] RSP: 002b:00007f2a1aa07038 EFLAGS: 00000246 ORIG_RAX: 0000000000000056
[  215.540943][T13243] RAX: ffffffffffffffda RBX: 00007f2a1c5c5fa0 RCX: 00007f2a1c39e929
[  215.541012][T13243] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000680
[  215.541029][T13243] RBP: 00007f2a1aa07090 R08: 0000000000000000 R09: 0000000000000000
[  215.541046][T13243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  215.541069][T13243] R13: 0000000000000000 R14: 00007f2a1c5c5fa0 R15: 00007ffe8b4e3788
[  215.541095][T13243]  </TASK>
[  215.755142][T12123] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.775300][T13239] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  215.808375][T13252] hub 9-0:1.0: USB hub found
[  215.813192][T13252] hub 9-0:1.0: 8 ports detected
[  215.845107][T13239] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  215.859754][T13254] SELinux: syz.2.3531 (13254) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  215.891039][T13254] loop2: detected capacity change from 0 to 512
[  215.908890][T13254] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  216.029277][T13260] syz.1.3532 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  216.053370][T12123] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  216.215741][T13266] loop2: detected capacity change from 0 to 512
[  216.234003][T13266] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.3535: corrupted in-inode xattr: invalid ea_ino
[  216.247664][T13266] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.3535: couldn't read orphan inode 15 (err -117)
[  216.260644][T13266] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  216.324216][T13266] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3535'.
[  216.348087][T12123] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  216.859884][T13163] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  216.876526][T13163] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  216.888141][T13163] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  216.901042][T13163] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  216.931389][T13273] xt_policy: neither incoming nor outgoing policy selected
[  216.987144][T13281] hub 9-0:1.0: USB hub found
[  216.992500][T13281] hub 9-0:1.0: 8 ports detected
[  217.118762][   T29] kauditd_printk_skb: 271 callbacks suppressed
[  217.118777][   T29] audit: type=1326 audit(986.104:11600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13295 comm="syz.3.3544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  217.154082][   T29] audit: type=1326 audit(986.134:11601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13295 comm="syz.3.3544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  217.177160][   T29] audit: type=1326 audit(986.134:11602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13295 comm="syz.3.3544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  217.200275][   T29] audit: type=1326 audit(986.134:11603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13295 comm="syz.3.3544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  217.223821][   T29] audit: type=1326 audit(986.134:11604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13295 comm="syz.3.3544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  217.246880][   T29] audit: type=1326 audit(986.134:11605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13295 comm="syz.3.3544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  217.270007][   T29] audit: type=1326 audit(986.134:11606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13295 comm="syz.3.3544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  217.293149][   T29] audit: type=1326 audit(986.134:11607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13295 comm="syz.3.3544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  217.316263][   T29] audit: type=1326 audit(986.134:11608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13295 comm="syz.3.3544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  217.339373][   T29] audit: type=1326 audit(986.134:11609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13295 comm="syz.3.3544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  217.398777][T13302] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3546'.
[  217.447985][T13307] FAULT_INJECTION: forcing a failure.
[  217.447985][T13307] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  217.461160][T13307] CPU: 0 UID: 0 PID: 13307 Comm: syz.1.3549 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(voluntary) 
[  217.461345][T13307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  217.461376][T13307] Call Trace:
[  217.461382][T13307]  <TASK>
[  217.461389][T13307]  __dump_stack+0x1d/0x30
[  217.461412][T13307]  dump_stack_lvl+0xe8/0x140
[  217.461429][T13307]  dump_stack+0x15/0x1b
[  217.461444][T13307]  should_fail_ex+0x265/0x280
[  217.461551][T13307]  should_fail+0xb/0x20
[  217.461583][T13307]  should_fail_usercopy+0x1a/0x20
[  217.461654][T13307]  _copy_from_user+0x1c/0xb0
[  217.461758][T13307]  ___sys_sendmsg+0xc1/0x1d0
[  217.461883][T13307]  __x64_sys_sendmsg+0xd4/0x160
[  217.461934][T13307]  x64_sys_call+0x2999/0x2fb0
[  217.461954][T13307]  do_syscall_64+0xd2/0x200
[  217.462017][T13307]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  217.462048][T13307]  ? clear_bhb_loop+0x40/0x90
[  217.462098][T13307]  ? clear_bhb_loop+0x40/0x90
[  217.462126][T13307]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.462152][T13307] RIP: 0033:0x7f7efc51e929
[  217.462166][T13307] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  217.462183][T13307] RSP: 002b:00007f7efab87038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  217.462277][T13307] RAX: ffffffffffffffda RBX: 00007f7efc745fa0 RCX: 00007f7efc51e929
[  217.462288][T13307] RDX: 0000000000040010 RSI: 0000200000006040 RDI: 0000000000000006
[  217.462300][T13307] RBP: 00007f7efab87090 R08: 0000000000000000 R09: 0000000000000000
[  217.462311][T13307] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  217.462326][T13307] R13: 0000000000000000 R14: 00007f7efc745fa0 R15: 00007ffef6f1aa48
[  217.462348][T13307]  </TASK>
[  217.795144][T13326] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3556'.
[  217.804396][T13326] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3556'.
[  217.881474][T13328] hub 9-0:1.0: USB hub found
[  217.886017][T13334] loop2: detected capacity change from 0 to 512
[  217.892818][T13328] hub 9-0:1.0: 8 ports detected
[  217.920436][T13334] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.3559: corrupted in-inode xattr: invalid ea_ino
[  217.934382][T13334] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.3559: couldn't read orphan inode 15 (err -117)
[  217.947909][T13334] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  217.965679][T13334] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3559'.
[  217.974756][T13338] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  217.986959][T13338] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  217.998816][T13338] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  218.010668][T13338] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  218.039321][T13341] SELinux: syz.3.3560 (13341) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  218.061285][T12123] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.081685][T13344] SELinux: syz.2.3561 (13344) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  218.104505][T13344] loop2: detected capacity change from 0 to 512
[  218.142067][T13344] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  218.268222][T12123] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.410919][T13355] netlink: 52 bytes leftover after parsing attributes in process `syz.1.3564'.
[  218.747349][T13360] unsupported nla_type 52263
[  218.929180][T13364] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  218.932833][T13360] Falling back ldisc for ttyS3.
[  218.935729][T13364] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  218.948374][T13364] vhci_hcd vhci_hcd.0: Device attached
[  218.955884][T13365] vhci_hcd: cannot find the pending unlink 6
[  219.001968][T13376] block device autoloading is deprecated and will be removed.
[  219.033843][T13365] vhci_hcd: connection closed
[  219.034156][ T3442] vhci_hcd: stop threads
[  219.043336][ T3442] vhci_hcd: release socket
[  219.047798][ T3442] vhci_hcd: disconnect device
[  219.109468][T13383] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3572'.
[  219.190526][T13387] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3574'.
[  219.318740][T13239] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  219.330126][T13239] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  219.341406][T13239] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  219.353862][T13239] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  219.441821][T13403] FAULT_INJECTION: forcing a failure.
[  219.441821][T13403] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  219.455118][T13403] CPU: 0 UID: 0 PID: 13403 Comm: syz.3.3579 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(voluntary) 
[  219.455152][T13403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  219.455167][T13403] Call Trace:
[  219.455175][T13403]  <TASK>
[  219.455184][T13403]  __dump_stack+0x1d/0x30
[  219.455231][T13403]  dump_stack_lvl+0xe8/0x140
[  219.455251][T13403]  dump_stack+0x15/0x1b
[  219.455267][T13403]  should_fail_ex+0x265/0x280
[  219.455298][T13403]  should_fail+0xb/0x20
[  219.455381][T13403]  should_fail_usercopy+0x1a/0x20
[  219.455419][T13403]  _copy_from_user+0x1c/0xb0
[  219.455439][T13403]  ___sys_sendmsg+0xc1/0x1d0
[  219.455488][T13403]  __x64_sys_sendmsg+0xd4/0x160
[  219.455562][T13403]  x64_sys_call+0x2999/0x2fb0
[  219.455584][T13403]  do_syscall_64+0xd2/0x200
[  219.455602][T13403]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  219.455628][T13403]  ? clear_bhb_loop+0x40/0x90
[  219.455650][T13403]  ? clear_bhb_loop+0x40/0x90
[  219.455706][T13403]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  219.455727][T13403] RIP: 0033:0x7f102776e929
[  219.455742][T13403] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  219.455840][T13403] RSP: 002b:00007f1025db6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  219.455901][T13403] RAX: ffffffffffffffda RBX: 00007f1027996080 RCX: 00007f102776e929
[  219.455914][T13403] RDX: 0000000020000000 RSI: 0000200000000000 RDI: 0000000000000005
[  219.455926][T13403] RBP: 00007f1025db6090 R08: 0000000000000000 R09: 0000000000000000
[  219.455938][T13403] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  219.455950][T13403] R13: 0000000000000001 R14: 00007f1027996080 R15: 00007ffcbdd61a98
[  219.456028][T13403]  </TASK>
[  219.684245][T13413] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3585'.
[  219.901366][T13427] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.991151][T13427] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.049363][T13431] netlink: 52 bytes leftover after parsing attributes in process `syz.2.3592'.
[  220.065587][T13427] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.125105][T13427] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.166189][T13439] hub 9-0:1.0: USB hub found
[  220.170911][T13439] hub 9-0:1.0: 8 ports detected
[  220.351299][T13462] loop0: detected capacity change from 0 to 512
[  220.362420][T13462] EXT4-fs error (device loop0): ext4_iget_extra_inode:5035: inode #15: comm syz.0.3603: corrupted in-inode xattr: invalid ea_ino
[  220.376337][T13462] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.3603: couldn't read orphan inode 15 (err -117)
[  220.388973][T13462] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  220.407296][T13462] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3603'.
[  220.431208][T12702] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.456281][T13468] hub 9-0:1.0: USB hub found
[  220.460997][T13468] hub 9-0:1.0: 8 ports detected
[  220.766777][T13474] netlink: 52 bytes leftover after parsing attributes in process `syz.0.3606'.
[  220.928634][T13482] loop0: detected capacity change from 0 to 1024
[  220.944719][T13482] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  220.971856][T13482] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4113: comm syz.0.3610: Allocating blocks 449-513 which overlap fs metadata
[  221.006382][T13481] EXT4-fs (loop0): pa ffff888106df0a10: logic 48, phys. 177, len 21
[  221.014507][T13481] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 4
[  221.035826][T12702] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.908700][T13506] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  221.920466][T13506] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  221.931946][T13506] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  221.946389][T13506] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  222.136659][T13510] loop0: detected capacity change from 0 to 1024
[  222.154345][T13510] EXT4-fs: Ignoring removed nobh option
[  222.159985][T13510] EXT4-fs: Ignoring removed bh option
[  222.185680][T13510] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.236699][T12702] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.252788][   T29] kauditd_printk_skb: 392 callbacks suppressed
[  222.252805][   T29] audit: type=1400 audit(991.204:12002): avc:  denied  { ioctl } for  pid=13509 comm="syz.0.3620" path="/53/file1/cpu.stat" dev="loop0" ino=18 ioctlcmd=0x583b scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  222.322675][T13517] Falling back ldisc for ttyS3.
[  222.398123][T13525] block device autoloading is deprecated and will be removed.
[  222.475445][T13533] SELinux: syz.3.3630 (13533) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  222.535627][T13536] loop0: detected capacity change from 0 to 1024
[  222.570971][T13536] EXT4-fs: Ignoring removed nomblk_io_submit option
[  222.606276][T13536] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  222.628703][   T29] audit: type=1107 audit(991.614:12003): pid=13539 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='h ~é'
[  222.839983][T12702] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.851812][T13544] xt_policy: neither incoming nor outgoing policy selected
[  222.924507][T13548] xt_policy: neither incoming nor outgoing policy selected
[  222.959891][T13549] __nla_validate_parse: 4 callbacks suppressed
[  222.959905][T13549] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3636'.
[  223.026867][T13552] xt_policy: neither incoming nor outgoing policy selected
[  223.412459][T13563] SELinux: syz.1.3643 (13563) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  223.450378][   T29] audit: type=1107 audit(992.434:12004): pid=13565 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='h ~é'
[  223.653976][T13573] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  223.694948][T13573] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  223.744532][T13573] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  223.834231][T13573] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  223.862810][T13578] Falling back ldisc for ttyS3.
[  223.892246][T13573] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  223.904116][T13573] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  223.917709][T13573] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  223.930887][T13573] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  223.983964][T13589] SELinux: syz.1.3654 (13589) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  224.024855][   T29] audit: type=1107 audit(993.014:12005): pid=13590 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='h ~é'
[  224.066094][T13593] netlink: 1 bytes leftover after parsing attributes in process `syz.3.3656'.
[  224.246039][   T29] audit: type=1326 audit(993.194:12006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13598 comm="syz.3.3659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  224.269264][   T29] audit: type=1326 audit(993.194:12007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13598 comm="syz.3.3659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  224.292424][   T29] audit: type=1326 audit(993.194:12008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13598 comm="syz.3.3659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=238 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  224.315497][   T29] audit: type=1326 audit(993.194:12009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13598 comm="syz.3.3659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  224.338547][   T29] audit: type=1326 audit(993.194:12010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13598 comm="syz.3.3659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  224.362755][   T29] audit: type=1326 audit(993.234:12011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13598 comm="syz.3.3659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  225.070459][T13427] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  225.085345][T13615] hub 9-0:1.0: USB hub found
[  225.086741][T13427] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  225.090324][T13615] hub 9-0:1.0: 8 ports detected
[  225.102291][T13427] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  225.115209][T13427] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  225.131085][T13619] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  225.137642][T13619] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  225.145292][T13619] vhci_hcd vhci_hcd.0: Device attached
[  225.157161][T13618] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3667'.
[  225.175653][T13621] vhci_hcd: cannot find the pending unlink 6
[  225.204712][T13630] hub 9-0:1.0: USB hub found
[  225.209487][T13630] hub 9-0:1.0: 8 ports detected
[  225.233777][T13632] SELinux: syz.4.3671 (13632) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  225.273931][T13621] vhci_hcd: connection closed
[  225.274453][ T3442] vhci_hcd: stop threads
[  225.283937][ T3442] vhci_hcd: release socket
[  225.288651][ T3442] vhci_hcd: disconnect device
[  225.322615][   T10] vhci_hcd: vhci_device speed not set
[  225.358118][T13637] xt_policy: neither incoming nor outgoing policy selected
[  225.424151][T13639] sctp: [Deprecated]: syz.0.3674 (pid 13639) Use of int in max_burst socket option.
[  225.424151][T13639] Use struct sctp_assoc_value instead
[  225.448563][T13641] FAULT_INJECTION: forcing a failure.
[  225.448563][T13641] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  225.461784][T13641] CPU: 1 UID: 0 PID: 13641 Comm: syz.4.3675 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(voluntary) 
[  225.461818][T13641] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  225.461833][T13641] Call Trace:
[  225.461841][T13641]  <TASK>
[  225.461849][T13641]  __dump_stack+0x1d/0x30
[  225.461928][T13641]  dump_stack_lvl+0xe8/0x140
[  225.462021][T13641]  dump_stack+0x15/0x1b
[  225.462122][T13641]  should_fail_ex+0x265/0x280
[  225.462155][T13641]  should_fail+0xb/0x20
[  225.462187][T13641]  should_fail_usercopy+0x1a/0x20
[  225.462285][T13641]  _copy_from_user+0x1c/0xb0
[  225.462303][T13641]  ___sys_sendmsg+0xc1/0x1d0
[  225.462376][T13641]  __x64_sys_sendmsg+0xd4/0x160
[  225.462421][T13641]  x64_sys_call+0x2999/0x2fb0
[  225.462446][T13641]  do_syscall_64+0xd2/0x200
[  225.462478][T13641]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  225.462510][T13641]  ? clear_bhb_loop+0x40/0x90
[  225.462627][T13641]  ? clear_bhb_loop+0x40/0x90
[  225.462654][T13641]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.462682][T13641] RIP: 0033:0x7f4b8366e929
[  225.462704][T13641] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  225.462729][T13641] RSP: 002b:00007f4b81cd7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  225.462811][T13641] RAX: ffffffffffffffda RBX: 00007f4b83895fa0 RCX: 00007f4b8366e929
[  225.462827][T13641] RDX: 0000000000008000 RSI: 0000200000000fc0 RDI: 0000000000000003
[  225.462842][T13641] RBP: 00007f4b81cd7090 R08: 0000000000000000 R09: 0000000000000000
[  225.462855][T13641] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  225.462915][T13641] R13: 0000000000000000 R14: 00007f4b83895fa0 R15: 00007ffd7049e1e8
[  225.462939][T13641]  </TASK>
[  225.705290][T13650] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3679'.
[  225.741830][T13654] hub 9-0:1.0: USB hub found
[  225.754464][T13654] hub 9-0:1.0: 8 ports detected
[  225.755094][T13656] xt_policy: neither incoming nor outgoing policy selected
[  225.937549][T13665] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3685'.
[  226.013922][T13672] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3688'.
[  226.036963][T13673] netlink: 52 bytes leftover after parsing attributes in process `syz.1.3686'.
[  226.257183][T13686] hub 9-0:1.0: USB hub found
[  226.265450][T13686] hub 9-0:1.0: 8 ports detected
[  226.292472][T13693] FAULT_INJECTION: forcing a failure.
[  226.292472][T13693] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  226.305630][T13693] CPU: 1 UID: 0 PID: 13693 Comm: syz.4.3695 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(voluntary) 
[  226.305663][T13693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  226.305713][T13693] Call Trace:
[  226.305719][T13693]  <TASK>
[  226.305725][T13693]  __dump_stack+0x1d/0x30
[  226.305746][T13693]  dump_stack_lvl+0xe8/0x140
[  226.305765][T13693]  dump_stack+0x15/0x1b
[  226.305855][T13693]  should_fail_ex+0x265/0x280
[  226.305885][T13693]  should_fail+0xb/0x20
[  226.305911][T13693]  should_fail_usercopy+0x1a/0x20
[  226.305942][T13693]  _copy_from_user+0x1c/0xb0
[  226.305960][T13693]  do_ipv6_setsockopt+0x220/0x22e0
[  226.306037][T13693]  ? _parse_integer+0x27/0x40
[  226.306066][T13693]  ? kstrtoull+0x111/0x140
[  226.306089][T13693]  ? __rcu_read_unlock+0x4f/0x70
[  226.306154][T13693]  ? avc_has_perm_noaudit+0x1b1/0x200
[  226.306180][T13693]  ? selinux_netlbl_socket_setsockopt+0x1f9/0x2d0
[  226.306326][T13693]  ipv6_setsockopt+0x59/0x130
[  226.306428][T13693]  rawv6_setsockopt+0x1d2/0x420
[  226.306451][T13693]  sock_common_setsockopt+0x69/0x80
[  226.306548][T13693]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  226.306610][T13693]  __sys_setsockopt+0x184/0x200
[  226.306651][T13693]  __x64_sys_setsockopt+0x64/0x80
[  226.306681][T13693]  x64_sys_call+0x2bd5/0x2fb0
[  226.306702][T13693]  do_syscall_64+0xd2/0x200
[  226.306752][T13693]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  226.306777][T13693]  ? clear_bhb_loop+0x40/0x90
[  226.306797][T13693]  ? clear_bhb_loop+0x40/0x90
[  226.306841][T13693]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.306861][T13693] RIP: 0033:0x7f4b8366e929
[  226.306874][T13693] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  226.306892][T13693] RSP: 002b:00007f4b81cd7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  226.306909][T13693] RAX: ffffffffffffffda RBX: 00007f4b83895fa0 RCX: 00007f4b8366e929
[  226.306934][T13693] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[  226.306946][T13693] RBP: 00007f4b81cd7090 R08: 0000000000000400 R09: 0000000000000000
[  226.306957][T13693] R10: 0000200000000600 R11: 0000000000000246 R12: 0000000000000001
[  226.306969][T13693] R13: 0000000000000000 R14: 00007f4b83895fa0 R15: 00007ffd7049e1e8
[  226.306987][T13693]  </TASK>
[  226.596866][T13699] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  226.713770][T13699] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  226.738406][T13714] netlink: 52 bytes leftover after parsing attributes in process `syz.3.3703'.
[  226.756245][T13720] netlink: 1 bytes leftover after parsing attributes in process `syz.4.3705'.
[  226.785202][T13699] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  226.790782][T13723] hub 9-0:1.0: USB hub found
[  226.802796][T13723] hub 9-0:1.0: 8 ports detected
[  226.915365][T13699] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.017099][T13738] netlink: '’': attribute type 10 has an invalid length.
[  227.029138][T13738] team0: Port device dummy0 added
[  227.037010][T13738] netlink: '’': attribute type 10 has an invalid length.
[  227.054329][T13738] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  227.076639][T13738] team0: Failed to send options change via netlink (err -105)
[  227.087448][T13738] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  227.097656][T13738] team0: Port device dummy0 removed
[  227.106967][T13738] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  227.141536][T13744] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3716'.
[  227.342029][   T29] kauditd_printk_skb: 115 callbacks suppressed
[  227.342046][   T29] audit: type=1326 audit(996.324:12127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13759 comm="syz.0.3723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe8571e929 code=0x7ffc0000
[  227.376104][   T29] audit: type=1326 audit(996.364:12128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13759 comm="syz.0.3723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbe8571e929 code=0x7ffc0000
[  227.399180][   T29] audit: type=1326 audit(996.364:12129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13759 comm="syz.0.3723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe8571e929 code=0x7ffc0000
[  227.422295][   T29] audit: type=1326 audit(996.364:12130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13759 comm="syz.0.3723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbe8571e929 code=0x7ffc0000
[  227.445440][   T29] audit: type=1326 audit(996.364:12131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13759 comm="syz.0.3723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe8571e929 code=0x7ffc0000
[  227.468770][   T29] audit: type=1326 audit(996.364:12132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13759 comm="syz.0.3723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7fbe8571e929 code=0x7ffc0000
[  227.491838][   T29] audit: type=1326 audit(996.364:12133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13759 comm="syz.0.3723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe8571e929 code=0x7ffc0000
[  227.515170][   T29] audit: type=1326 audit(996.364:12134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13759 comm="syz.0.3723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7fbe8571e929 code=0x7ffc0000
[  227.538509][   T29] audit: type=1326 audit(996.364:12135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13759 comm="syz.0.3723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe8571e929 code=0x7ffc0000
[  227.561804][   T29] audit: type=1326 audit(996.364:12136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13759 comm="syz.0.3723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbe8571e929 code=0x7ffc0000
[  227.599076][T13699] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  227.621105][T13699] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  227.670152][T13699] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  227.682185][T13699] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  228.051388][T13805] hub 9-0:1.0: USB hub found
[  228.057015][T13805] hub 9-0:1.0: 8 ports detected
[  228.638118][T13816] __nla_validate_parse: 4 callbacks suppressed
[  228.638140][T13816] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3746'.
[  229.011130][T13821] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3748'.
[  229.485143][T13849] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  229.545473][T13849] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  229.560261][T13848] FAULT_INJECTION: forcing a failure.
[  229.560261][T13848] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  229.573552][T13848] CPU: 1 UID: 0 PID: 13848 Comm: syz.3.3759 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(voluntary) 
[  229.573584][T13848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  229.573680][T13848] Call Trace:
[  229.573687][T13848]  <TASK>
[  229.573695][T13848]  __dump_stack+0x1d/0x30
[  229.573714][T13848]  dump_stack_lvl+0xe8/0x140
[  229.573798][T13848]  dump_stack+0x15/0x1b
[  229.573816][T13848]  should_fail_ex+0x265/0x280
[  229.573844][T13848]  should_fail_alloc_page+0xf2/0x100
[  229.573867][T13848]  __alloc_frozen_pages_noprof+0xff/0x360
[  229.573954][T13848]  __alloc_pages_noprof+0x9/0x20
[  229.574012][T13848]  ___kmalloc_large_node+0x73/0x140
[  229.574045][T13848]  __kmalloc_large_node_noprof+0x16/0xa0
[  229.574079][T13848]  __kmalloc_noprof+0x2ab/0x3e0
[  229.574109][T13848]  ? iovec_from_user+0x84/0x210
[  229.574205][T13848]  iovec_from_user+0x84/0x210
[  229.574229][T13848]  ? process_vm_rw+0x137/0x950
[  229.574258][T13848]  process_vm_rw+0x15b/0x950
[  229.574280][T13848]  ? _parse_integer+0x27/0x40
[  229.574346][T13848]  ? kstrtoull+0x111/0x140
[  229.574380][T13848]  ? __fget_files+0x184/0x1c0
[  229.574397][T13848]  ? fput+0x8f/0xc0
[  229.574429][T13848]  __x64_sys_process_vm_writev+0x78/0x90
[  229.574463][T13848]  x64_sys_call+0xe80/0x2fb0
[  229.574505][T13848]  do_syscall_64+0xd2/0x200
[  229.574554][T13848]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  229.574659][T13848]  ? clear_bhb_loop+0x40/0x90
[  229.574755][T13848]  ? clear_bhb_loop+0x40/0x90
[  229.574776][T13848]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.574801][T13848] RIP: 0033:0x7f102776e929
[  229.574819][T13848] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  229.574838][T13848] RSP: 002b:00007f1025db6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000137
[  229.574914][T13848] RAX: ffffffffffffffda RBX: 00007f1027996080 RCX: 00007f102776e929
[  229.574930][T13848] RDX: 0000000000000001 RSI: 0000200000000000 RDI: 0000000000000297
[  229.574941][T13848] RBP: 00007f1025db6090 R08: 000000000000023a R09: 0000000000000000
[  229.575009][T13848] R10: 0000200000121000 R11: 0000000000000246 R12: 0000000000000001
[  229.575024][T13848] R13: 0000000000000000 R14: 00007f1027996080 R15: 00007ffcbdd61a98
[  229.575047][T13848]  </TASK>
[  230.124455][T13849] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  230.161266][T13854] hub 9-0:1.0: USB hub found
[  230.170258][T13854] hub 9-0:1.0: 8 ports detected
[  230.253233][T13861] FAULT_INJECTION: forcing a failure.
[  230.253233][T13861] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  230.266361][T13861] CPU: 1 UID: 0 PID: 13861 Comm: syz.2.3764 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(voluntary) 
[  230.266424][T13861] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  230.266436][T13861] Call Trace:
[  230.266442][T13861]  <TASK>
[  230.266450][T13861]  __dump_stack+0x1d/0x30
[  230.266469][T13861]  dump_stack_lvl+0xe8/0x140
[  230.266493][T13861]  dump_stack+0x15/0x1b
[  230.266512][T13861]  should_fail_ex+0x265/0x280
[  230.266556][T13861]  should_fail+0xb/0x20
[  230.266588][T13861]  should_fail_usercopy+0x1a/0x20
[  230.266625][T13861]  _copy_from_user+0x1c/0xb0
[  230.266720][T13861]  get_timespec64+0x4c/0x100
[  230.266884][T13861]  __se_sys_clock_nanosleep+0x10b/0x250
[  230.266952][T13861]  __x64_sys_clock_nanosleep+0x55/0x70
[  230.266993][T13861]  x64_sys_call+0x1df0/0x2fb0
[  230.267052][T13861]  do_syscall_64+0xd2/0x200
[  230.267068][T13861]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  230.267170][T13861]  ? clear_bhb_loop+0x40/0x90
[  230.267193][T13861]  ? clear_bhb_loop+0x40/0x90
[  230.267219][T13861]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  230.267243][T13861] RIP: 0033:0x7f2a1c39e929
[  230.267257][T13861] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  230.267273][T13861] RSP: 002b:00007f2a1aa07038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e6
[  230.267340][T13861] RAX: ffffffffffffffda RBX: 00007f2a1c5c5fa0 RCX: 00007f2a1c39e929
[  230.267355][T13861] RDX: 0000200000000080 RSI: 0000000000000000 RDI: 0000000000000009
[  230.267370][T13861] RBP: 00007f2a1aa07090 R08: 0000000000000000 R09: 0000000000000000
[  230.267385][T13861] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  230.267400][T13861] R13: 0000000000000000 R14: 00007f2a1c5c5fa0 R15: 00007ffe8b4e3788
[  230.267422][T13861]  </TASK>
[  230.745428][T13849] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  230.863043][T13885] netlink: 7 bytes leftover after parsing attributes in process `syz.2.3773'.
[  230.919501][T13888] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3772'.
[  230.928493][T13888] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3772'.
[  230.946837][T13885] netlink: 7 bytes leftover after parsing attributes in process `syz.2.3773'.
[  231.042197][T13888] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3772'.
[  231.092737][T13888] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3772'.
[  231.101682][T13888] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3772'.
[  231.123580][T13890] Falling back ldisc for ttyS3.
[  231.151536][T13888] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3772'.
[  231.464615][T13918] block device autoloading is deprecated and will be removed.
[  231.717124][T13929] hub 9-0:1.0: USB hub found
[  231.721857][T13929] hub 9-0:1.0: 8 ports detected
[  231.946187][T13940] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  231.962087][T13942] loop0: detected capacity change from 0 to 512
[  231.977888][T13942] EXT4-fs error (device loop0): ext4_iget_extra_inode:5035: inode #15: comm syz.0.3792: corrupted in-inode xattr: invalid ea_ino
[  232.026789][T13942] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.3792: couldn't read orphan inode 15 (err -117)
[  232.064167][T13942] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  232.094240][T13940] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  232.209116][T12702] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.229342][T13940] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  232.317892][T13940] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  232.365274][   T29] kauditd_printk_skb: 150 callbacks suppressed
[  232.365289][   T29] audit: type=1326 audit(1001.354:12287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13953 comm="syz.3.3797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  232.395095][   T29] audit: type=1326 audit(1001.354:12288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13953 comm="syz.3.3797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  232.429573][   T29] audit: type=1326 audit(1001.414:12289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13953 comm="syz.3.3797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  232.462957][T13940] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  232.475195][T13940] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  232.483656][T13952] Falling back ldisc for ttyS3.
[  232.487931][T13940] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  232.512471][T13940] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  232.577989][   T29] audit: type=1326 audit(1001.564:12290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13967 comm="syz.3.3803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  232.601760][   T29] audit: type=1326 audit(1001.564:12291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13967 comm="syz.3.3803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  232.625108][   T29] audit: type=1326 audit(1001.564:12292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13967 comm="syz.3.3803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  232.648174][   T29] audit: type=1326 audit(1001.564:12293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13967 comm="syz.3.3803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  232.671375][   T29] audit: type=1326 audit(1001.564:12294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13967 comm="syz.3.3803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=48 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  232.694503][   T29] audit: type=1326 audit(1001.564:12295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13967 comm="syz.3.3803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  232.717888][   T29] audit: type=1326 audit(1001.594:12296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13967 comm="syz.3.3803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f102776e929 code=0x7ffc0000
[  232.782577][T13973] xt_policy: neither incoming nor outgoing policy selected
[  232.974842][T13998] xt_policy: neither incoming nor outgoing policy selected
[  233.392615][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  233.738298][T13849] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  233.749188][T13849] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  233.760612][T13849] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  233.771665][T13849] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  234.745950][T14105] __nla_validate_parse: 8 callbacks suppressed
[  234.745970][T14105] netlink: 116 bytes leftover after parsing attributes in process `syz.2.3862'.
[  234.776485][T14112] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3865'.
[  234.776515][T14112] netlink: 'syz.4.3865': attribute type 18 has an invalid length.
[  234.776531][T14112] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3865'.
[  234.872671][T14109] Falling back ldisc for ttyS3.
[  236.045892][T14154] xt_policy: neither incoming nor outgoing policy selected
[  236.153619][T14155] veth1_macvtap: left promiscuous mode
[  236.163591][T14155] macsec0: entered promiscuous mode
[  236.254350][T14173] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3888'.
[  236.733027][T14200] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3899'.
[  236.926079][T14207] FAULT_INJECTION: forcing a failure.
[  236.926079][T14207] name failslab, interval 1, probability 0, space 0, times 0
[  236.938779][T14207] CPU: 1 UID: 0 PID: 14207 Comm: syz.3.3902 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(voluntary) 
[  236.938816][T14207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  236.938833][T14207] Call Trace:
[  236.938841][T14207]  <TASK>
[  236.938850][T14207]  __dump_stack+0x1d/0x30
[  236.938877][T14207]  dump_stack_lvl+0xe8/0x140
[  236.938902][T14207]  dump_stack+0x15/0x1b
[  236.938924][T14207]  should_fail_ex+0x265/0x280
[  236.938964][T14207]  should_failslab+0x8c/0xb0
[  236.938989][T14207]  kmem_cache_alloc_noprof+0x50/0x310
[  236.939022][T14207]  ? vm_area_dup+0x33/0x2c0
[  236.939056][T14207]  ? xa_load+0xb1/0xe0
[  236.939079][T14207]  vm_area_dup+0x33/0x2c0
[  236.939106][T14207]  __split_vma+0xe9/0x650
[  236.939134][T14207]  ? mas_find+0x4ea/0x610
[  236.939177][T14207]  vms_gather_munmap_vmas+0x2a5/0x7a0
[  236.939229][T14207]  mmap_region+0x4ce/0x1580
[  236.939263][T14207]  ? mntput_no_expire+0x6f/0x3c0
[  236.939299][T14207]  ? mntput+0x4b/0x80
[  236.939363][T14207]  do_mmap+0x9b3/0xbe0
[  236.939416][T14207]  vm_mmap_pgoff+0x17a/0x2e0
[  236.939461][T14207]  ksys_mmap_pgoff+0x268/0x310
[  236.939505][T14207]  x64_sys_call+0x1602/0x2fb0
[  236.939537][T14207]  do_syscall_64+0xd2/0x200
[  236.939560][T14207]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  236.939596][T14207]  ? clear_bhb_loop+0x40/0x90
[  236.939624][T14207]  ? clear_bhb_loop+0x40/0x90
[  236.939654][T14207]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  236.939683][T14207] RIP: 0033:0x7f102776e929
[  236.939703][T14207] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  236.939723][T14207] RSP: 002b:00007f1025dd7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  236.939743][T14207] RAX: ffffffffffffffda RBX: 00007f1027995fa0 RCX: 00007f102776e929
[  236.939756][T14207] RDX: 000000000100000b RSI: 0000000000004000 RDI: 0000200000000000
[  236.939773][T14207] RBP: 00007f1025dd7090 R08: 0000000000000003 R09: 0000000000000000
[  236.939790][T14207] R10: 0000000000002013 R11: 0000000000000246 R12: 0000000000000001
[  236.939807][T14207] R13: 0000000000000000 R14: 00007f1027995fa0 R15: 00007ffcbdd61a98
[  236.939832][T14207]  </TASK>
[  237.277645][T14225] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3910'.
[  237.374514][   T29] kauditd_printk_skb: 801 callbacks suppressed
[  237.374531][   T29] audit: type=1400 audit(1006.364:13098): avc:  denied  { map_create } for  pid=14229 comm="syz.1.3912" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  237.400024][   T29] audit: type=1400 audit(1006.364:13099): avc:  denied  { prog_load } for  pid=14229 comm="syz.1.3912" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  237.419047][   T29] audit: type=1400 audit(1006.364:13100): avc:  denied  { prog_load } for  pid=14229 comm="syz.1.3912" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  237.453599][   T29] audit: type=1400 audit(1006.414:13101): avc:  denied  { create } for  pid=14232 comm="syz.0.3913" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[  237.473861][   T29] audit: type=1400 audit(1006.414:13102): avc:  denied  { execmem } for  pid=14232 comm="syz.0.3913" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=0
[  237.498531][   T29] audit: type=1400 audit(1006.464:13103): avc:  denied  { map_create } for  pid=14232 comm="syz.0.3913" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  237.517588][   T29] audit: type=1400 audit(1006.464:13104): avc:  denied  { prog_load } for  pid=14232 comm="syz.0.3913" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  237.536548][   T29] audit: type=1400 audit(1006.464:13105): avc:  denied  { read write } for  pid=14232 comm="syz.0.3913" name="loop0" dev="devtmpfs" ino=873 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=0
[  237.559362][   T29] audit: type=1400 audit(1006.484:13106): avc:  denied  { open } for  pid=14234 comm="syz.1.3914" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=0
[  237.578384][   T29] audit: type=1400 audit(1006.484:13107): avc:  denied  { read write } for  pid=12123 comm="syz-executor" name="loop2" dev="devtmpfs" ino=872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=0
[  237.692748][T14240] Falling back ldisc for ttyS3.
[  237.908361][T14250] syzkaller0: entered promiscuous mode
[  237.913945][T14250] syzkaller0: entered allmulticast mode
[  237.988847][T14255] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3921'.
[  239.263224][T14345] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3957'.
[  239.357682][T14355] FAULT_INJECTION: forcing a failure.
[  239.357682][T14355] name failslab, interval 1, probability 0, space 0, times 0
[  239.370426][T14355] CPU: 1 UID: 0 PID: 14355 Comm: syz.2.3959 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(voluntary) 
[  239.370469][T14355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  239.370481][T14355] Call Trace:
[  239.370486][T14355]  <TASK>
[  239.370493][T14355]  __dump_stack+0x1d/0x30
[  239.370555][T14355]  dump_stack_lvl+0xe8/0x140
[  239.370605][T14355]  dump_stack+0x15/0x1b
[  239.370623][T14355]  should_fail_ex+0x265/0x280
[  239.370692][T14355]  should_failslab+0x8c/0xb0
[  239.370714][T14355]  kmem_cache_alloc_node_noprof+0x57/0x320
[  239.370742][T14355]  ? dup_task_struct+0x70/0x6a0
[  239.370831][T14355]  dup_task_struct+0x70/0x6a0
[  239.370856][T14355]  ? _parse_integer+0x27/0x40
[  239.370888][T14355]  copy_process+0x399/0x1f90
[  239.370952][T14355]  ? kstrtouint+0x76/0xc0
[  239.370979][T14355]  ? kstrtouint_from_user+0x9f/0xf0
[  239.371020][T14355]  kernel_clone+0x16c/0x5b0
[  239.371095][T14355]  ? vfs_write+0x75e/0x8e0
[  239.371126][T14355]  __x64_sys_clone+0xe6/0x120
[  239.371162][T14355]  x64_sys_call+0x2c59/0x2fb0
[  239.371299][T14355]  do_syscall_64+0xd2/0x200
[  239.371320][T14355]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  239.371406][T14355]  ? clear_bhb_loop+0x40/0x90
[  239.371431][T14355]  ? clear_bhb_loop+0x40/0x90
[  239.371463][T14355]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.371483][T14355] RIP: 0033:0x7f2a1c39e929
[  239.371520][T14355] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  239.371539][T14355] RSP: 002b:00007f2a1aa06fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  239.371558][T14355] RAX: ffffffffffffffda RBX: 00007f2a1c5c5fa0 RCX: 00007f2a1c39e929
[  239.371569][T14355] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000042000000
[  239.371581][T14355] RBP: 00007f2a1aa07090 R08: 0000000000000000 R09: 0000000000000000
[  239.371592][T14355] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[  239.371603][T14355] R13: 0000000000000000 R14: 00007f2a1c5c5fa0 R15: 00007ffe8b4e3788
[  239.371704][T14355]  </TASK>
[  239.896110][T14377] FAULT_INJECTION: forcing a failure.
[  239.896110][T14377] name failslab, interval 1, probability 0, space 0, times 0
[  239.908992][T14377] CPU: 0 UID: 0 PID: 14377 Comm: syz.1.3970 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(voluntary) 
[  239.909022][T14377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  239.909037][T14377] Call Trace:
[  239.909044][T14377]  <TASK>
[  239.909052][T14377]  __dump_stack+0x1d/0x30
[  239.909123][T14377]  dump_stack_lvl+0xe8/0x140
[  239.909160][T14377]  dump_stack+0x15/0x1b
[  239.909182][T14377]  should_fail_ex+0x265/0x280
[  239.909217][T14377]  should_failslab+0x8c/0xb0
[  239.909267][T14377]  kmem_cache_alloc_noprof+0x50/0x310
[  239.909307][T14377]  ? dst_alloc+0xbd/0x100
[  239.909346][T14377]  dst_alloc+0xbd/0x100
[  239.909530][T14377]  ip_route_output_key_hash_rcu+0xf16/0x1440
[  239.909561][T14377]  ip_route_output_flow+0x7b/0x130
[  239.909592][T14377]  udp_sendmsg+0x1197/0x13b0
[  239.909619][T14377]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  239.909712][T14377]  ? avc_has_perm+0xd3/0x150
[  239.909745][T14377]  ? __pfx_udp_sendmsg+0x10/0x10
[  239.909770][T14377]  inet_sendmsg+0xac/0xd0
[  239.909802][T14377]  __sock_sendmsg+0x102/0x180
[  239.909825][T14377]  ____sys_sendmsg+0x345/0x4e0
[  239.909974][T14377]  ___sys_sendmsg+0x17b/0x1d0
[  239.910020][T14377]  __sys_sendmmsg+0x178/0x300
[  239.910071][T14377]  __x64_sys_sendmmsg+0x57/0x70
[  239.910145][T14377]  x64_sys_call+0x2f2f/0x2fb0
[  239.910170][T14377]  do_syscall_64+0xd2/0x200
[  239.910233][T14377]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  239.910266][T14377]  ? clear_bhb_loop+0x40/0x90
[  239.910328][T14377]  ? clear_bhb_loop+0x40/0x90
[  239.910354][T14377]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.910389][T14377] RIP: 0033:0x7f7efc51e929
[  239.910407][T14377] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  239.910449][T14377] RSP: 002b:00007f7efab87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  239.910467][T14377] RAX: ffffffffffffffda RBX: 00007f7efc745fa0 RCX: 00007f7efc51e929
[  239.910480][T14377] RDX: 000000000800001d RSI: 0000200000007fc0 RDI: 0000000000000003
[  239.910491][T14377] RBP: 00007f7efab87090 R08: 0000000000000000 R09: 0000000000000000
[  239.910506][T14377] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  239.910520][T14377] R13: 0000000000000000 R14: 00007f7efc745fa0 R15: 00007ffef6f1aa48
[  239.910541][T14377]  </TASK>
[  240.564835][T14409] netlink: 'syz.3.3985': attribute type 4 has an invalid length.
[  240.584612][T14409] netlink: 'syz.3.3985': attribute type 4 has an invalid length.
[  240.596155][T14411] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3986'.
[  240.644241][T14418] FAULT_INJECTION: forcing a failure.
[  240.644241][T14418] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  240.657419][T14418] CPU: 1 UID: 0 PID: 14418 Comm: syz.3.3989 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(voluntary) 
[  240.657473][T14418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  240.657490][T14418] Call Trace:
[  240.657498][T14418]  <TASK>
[  240.657508][T14418]  __dump_stack+0x1d/0x30
[  240.657540][T14418]  dump_stack_lvl+0xe8/0x140
[  240.657580][T14418]  dump_stack+0x15/0x1b
[  240.657604][T14418]  should_fail_ex+0x265/0x280
[  240.657733][T14418]  should_fail+0xb/0x20
[  240.657766][T14418]  should_fail_usercopy+0x1a/0x20
[  240.657845][T14418]  _copy_from_user+0x1c/0xb0
[  240.657869][T14418]  ___sys_sendmsg+0xc1/0x1d0
[  240.657923][T14418]  __x64_sys_sendmsg+0xd4/0x160
[  240.658041][T14418]  x64_sys_call+0x2999/0x2fb0
[  240.658073][T14418]  do_syscall_64+0xd2/0x200
[  240.658162][T14418]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  240.658194][T14418]  ? clear_bhb_loop+0x40/0x90
[  240.658220][T14418]  ? clear_bhb_loop+0x40/0x90
[  240.658247][T14418]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.658273][T14418] RIP: 0033:0x7f102776e929
[  240.658291][T14418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  240.658363][T14418] RSP: 002b:00007f1025dd7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  240.658387][T14418] RAX: ffffffffffffffda RBX: 00007f1027995fa0 RCX: 00007f102776e929
[  240.658481][T14418] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000005
[  240.658497][T14418] RBP: 00007f1025dd7090 R08: 0000000000000000 R09: 0000000000000000
[  240.658588][T14418] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  240.658603][T14418] R13: 0000000000000000 R14: 00007f1027995fa0 R15: 00007ffcbdd61a98
[  240.658625][T14418]  </TASK>
[  241.018627][T14440] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3999'.
[  241.295198][T14472] FAULT_INJECTION: forcing a failure.
[  241.295198][T14472] name failslab, interval 1, probability 0, space 0, times 0
[  241.307974][T14472] CPU: 1 UID: 0 PID: 14472 Comm: syz.2.4014 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(voluntary) 
[  241.308011][T14472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  241.308033][T14472] Call Trace:
[  241.308041][T14472]  <TASK>
[  241.308110][T14472]  __dump_stack+0x1d/0x30
[  241.308202][T14472]  dump_stack_lvl+0xe8/0x140
[  241.308227][T14472]  dump_stack+0x15/0x1b
[  241.308248][T14472]  should_fail_ex+0x265/0x280
[  241.308315][T14472]  should_failslab+0x8c/0xb0
[  241.308344][T14472]  kmem_cache_alloc_node_noprof+0x57/0x320
[  241.308377][T14472]  ? __alloc_skb+0x101/0x320
[  241.308560][T14472]  __alloc_skb+0x101/0x320
[  241.308590][T14472]  netlink_alloc_large_skb+0xba/0xf0
[  241.308627][T14472]  netlink_sendmsg+0x3cf/0x6b0
[  241.308711][T14472]  ? __pfx_netlink_sendmsg+0x10/0x10
[  241.308735][T14472]  __sock_sendmsg+0x145/0x180
[  241.308763][T14472]  ____sys_sendmsg+0x31e/0x4e0
[  241.308796][T14472]  ___sys_sendmsg+0x17b/0x1d0
[  241.309005][T14472]  __x64_sys_sendmsg+0xd4/0x160
[  241.309051][T14472]  x64_sys_call+0x2999/0x2fb0
[  241.309079][T14472]  do_syscall_64+0xd2/0x200
[  241.309142][T14472]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  241.309189][T14472]  ? clear_bhb_loop+0x40/0x90
[  241.309216][T14472]  ? clear_bhb_loop+0x40/0x90
[  241.309243][T14472]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.309283][T14472] RIP: 0033:0x7f2a1c39e929
[  241.309299][T14472] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  241.309317][T14472] RSP: 002b:00007f2a1aa07038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  241.309340][T14472] RAX: ffffffffffffffda RBX: 00007f2a1c5c5fa0 RCX: 00007f2a1c39e929
[  241.309356][T14472] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  241.309371][T14472] RBP: 00007f2a1aa07090 R08: 0000000000000000 R09: 0000000000000000
[  241.309385][T14472] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  241.309409][T14472] R13: 0000000000000000 R14: 00007f2a1c5c5fa0 R15: 00007ffe8b4e3788
[  241.309432][T14472]  </TASK>
[  241.635623][T14484] bond1: entered promiscuous mode
[  241.640740][T14484] bond1: entered allmulticast mode
[  241.665942][T14484] 8021q: adding VLAN 0 to HW filter on device bond1
[  241.745668][T14484] bond1 (unregistering): Released all slaves
[  241.955673][T14531] FAULT_INJECTION: forcing a failure.
[  241.955673][T14531] name failslab, interval 1, probability 0, space 0, times 0
[  241.968707][T14531] CPU: 0 UID: 0 PID: 14531 Comm: syz.1.4038 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(voluntary) 
[  241.968745][T14531] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  241.968762][T14531] Call Trace:
[  241.968772][T14531]  <TASK>
[  241.968782][T14531]  __dump_stack+0x1d/0x30
[  241.968810][T14531]  dump_stack_lvl+0xe8/0x140
[  241.968836][T14531]  dump_stack+0x15/0x1b
[  241.968983][T14531]  should_fail_ex+0x265/0x280
[  241.969016][T14531]  ? alloc_pipe_info+0xae/0x350
[  241.969048][T14531]  should_failslab+0x8c/0xb0
[  241.969070][T14531]  __kmalloc_cache_noprof+0x4c/0x320
[  241.969186][T14531]  alloc_pipe_info+0xae/0x350
[  241.969267][T14531]  splice_direct_to_actor+0x592/0x680
[  241.969375][T14531]  ? kstrtouint_from_user+0x9f/0xf0
[  241.969406][T14531]  ? __pfx_direct_splice_actor+0x10/0x10
[  241.969475][T14531]  ? __rcu_read_unlock+0x4f/0x70
[  241.969498][T14531]  ? get_pid_task+0x96/0xd0
[  241.969523][T14531]  ? avc_policy_seqno+0x15/0x30
[  241.969567][T14531]  ? selinux_file_permission+0x1e4/0x320
[  241.969600][T14531]  do_splice_direct+0xda/0x150
[  241.969636][T14531]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  241.969672][T14531]  do_sendfile+0x380/0x650
[  241.969697][T14531]  __x64_sys_sendfile64+0x105/0x150
[  241.969781][T14531]  x64_sys_call+0xb39/0x2fb0
[  241.969811][T14531]  do_syscall_64+0xd2/0x200
[  241.969835][T14531]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  241.969888][T14531]  ? clear_bhb_loop+0x40/0x90
[  241.969930][T14531]  ? clear_bhb_loop+0x40/0x90
[  241.969980][T14531]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.970010][T14531] RIP: 0033:0x7f7efc51e929
[  241.970030][T14531] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  241.970072][T14531] RSP: 002b:00007f7efab66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  241.970168][T14531] RAX: ffffffffffffffda RBX: 00007f7efc746080 RCX: 00007f7efc51e929
[  241.970232][T14531] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000004
[  241.970245][T14531] RBP: 00007f7efab66090 R08: 0000000000000000 R09: 0000000000000000
[  241.970258][T14531] R10: 0100000800000009 R11: 0000000000000246 R12: 0000000000000001
[  241.970276][T14531] R13: 0000000000000000 R14: 00007f7efc746080 R15: 00007ffef6f1aa48
[  241.970301][T14531]  </TASK>
[  242.420661][   T29] kauditd_printk_skb: 940 callbacks suppressed
[  242.420679][   T29] audit: type=1400 audit(1011.404:14048): avc:  denied  { prog_load } for  pid=14539 comm="syz.2.4042" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  242.445718][   T29] audit: type=1400 audit(1011.404:14049): avc:  denied  { create } for  pid=14539 comm="syz.2.4042" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[  242.465901][   T29] audit: type=1400 audit(1011.404:14050): avc:  denied  { create } for  pid=14539 comm="syz.2.4042" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[  242.486066][   T29] audit: type=1400 audit(1011.404:14051): avc:  denied  { create } for  pid=14539 comm="syz.2.4042" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[  242.506269][   T29] audit: type=1400 audit(1011.404:14052): avc:  denied  { prog_load } for  pid=14539 comm="syz.2.4042" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  242.525141][   T29] audit: type=1400 audit(1011.404:14053): avc:  denied  { map_create } for  pid=14539 comm="syz.2.4042" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  242.544192][   T29] audit: type=1400 audit(1011.404:14054): avc:  denied  { prog_load } for  pid=14539 comm="syz.2.4042" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  242.562971][   T29] audit: type=1400 audit(1011.404:14055): avc:  denied  { prog_load } for  pid=14539 comm="syz.2.4042" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  242.581784][   T29] audit: type=1400 audit(1011.404:14056): avc:  denied  { prog_load } for  pid=14539 comm="syz.2.4042" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  242.600642][   T29] audit: type=1400 audit(1011.404:14057): avc:  denied  { create } for  pid=14539 comm="syz.2.4042" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=0
[  244.433080][T14613] FAULT_INJECTION: forcing a failure.
[  244.433080][T14613] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  244.446284][T14613] CPU: 1 UID: 0 PID: 14613 Comm: syz.4.4071 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(voluntary) 
[  244.446354][T14613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  244.446376][T14613] Call Trace:
[  244.446383][T14613]  <TASK>
[  244.446389][T14613]  __dump_stack+0x1d/0x30
[  244.446409][T14613]  dump_stack_lvl+0xe8/0x140
[  244.446427][T14613]  dump_stack+0x15/0x1b
[  244.446446][T14613]  should_fail_ex+0x265/0x280
[  244.446544][T14613]  should_fail+0xb/0x20
[  244.446572][T14613]  should_fail_usercopy+0x1a/0x20
[  244.446602][T14613]  _copy_to_user+0x20/0xa0
[  244.446620][T14613]  simple_read_from_buffer+0xb5/0x130
[  244.446657][T14613]  proc_fail_nth_read+0x100/0x140
[  244.446704][T14613]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  244.446797][T14613]  vfs_read+0x19d/0x6f0
[  244.446853][T14613]  ? __rcu_read_unlock+0x4f/0x70
[  244.446880][T14613]  ? __fget_files+0x184/0x1c0
[  244.446901][T14613]  ksys_read+0xda/0x1a0
[  244.446942][T14613]  __x64_sys_read+0x40/0x50
[  244.446979][T14613]  x64_sys_call+0x2d77/0x2fb0
[  244.447005][T14613]  do_syscall_64+0xd2/0x200
[  244.447027][T14613]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  244.447073][T14613]  ? clear_bhb_loop+0x40/0x90
[  244.447100][T14613]  ? clear_bhb_loop+0x40/0x90
[  244.447122][T14613]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.447141][T14613] RIP: 0033:0x7f4b8366d33c
[  244.447155][T14613] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  244.447177][T14613] RSP: 002b:00007f4b81cd7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  244.447198][T14613] RAX: ffffffffffffffda RBX: 00007f4b83895fa0 RCX: 00007f4b8366d33c
[  244.447214][T14613] RDX: 000000000000000f RSI: 00007f4b81cd70a0 RDI: 0000000000000004
[  244.447229][T14613] RBP: 00007f4b81cd7090 R08: 0000000000000000 R09: 0000000000000000
[  244.447244][T14613] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  244.447259][T14613] R13: 0000000000000000 R14: 00007f4b83895fa0 R15: 00007ffd7049e1e8
[  244.447282][T14613]  </TASK>
[  244.822657][T14625] Falling back ldisc for ttyS3.
[  245.227446][T14647] netlink: 'syz.0.4085': attribute type 10 has an invalid length.
[  245.235444][T14647] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4085'.
[  245.266938][T14647] team0: Port device geneve1 added
[  245.402760][T14654] Falling back ldisc for ttyS3.
[  245.913092][T14683] Falling back ldisc for ttyS3.
[  246.492805][T14720] Falling back ldisc for ttyS3.
[  247.502434][   T29] kauditd_printk_skb: 826 callbacks suppressed
[  247.502452][   T29] audit: type=1400 audit(1016.484:14884): avc:  denied  { read write } for  pid=12702 comm="syz-executor" name="loop0" dev="devtmpfs" ino=873 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=0
[  247.539355][   T29] audit: type=1400 audit(1016.524:14885): avc:  denied  { prog_load } for  pid=14766 comm="syz.0.4136" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  247.560111][   T29] audit: type=1400 audit(1016.524:14886): avc:  denied  { prog_load } for  pid=14766 comm="syz.0.4136" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  247.579228][   T29] audit: type=1400 audit(1016.524:14887): avc:  denied  { map_create } for  pid=14766 comm="syz.0.4136" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  247.599763][   T29] audit: type=1400 audit(1016.584:14888): avc:  denied  { prog_load } for  pid=14766 comm="syz.0.4136" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  247.618880][   T29] audit: type=1400 audit(1016.584:14889): avc:  denied  { create } for  pid=14766 comm="syz.0.4136" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[  247.639245][   T29] audit: type=1400 audit(1016.584:14890): avc:  denied  { create } for  pid=14766 comm="syz.0.4136" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[  247.659568][   T29] audit: type=1400 audit(1016.584:14891): avc:  denied  { create } for  pid=14766 comm="syz.0.4136" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[  247.697435][   T29] audit: type=1400 audit(1016.674:14892): avc:  denied  { map_create } for  pid=14769 comm="syz.4.4137" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  247.716721][   T29] audit: type=1400 audit(1016.674:14893): avc:  denied  { map_create } for  pid=14769 comm="syz.4.4137" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  249.902812][T14873] Falling back ldisc for ttyS3.
[  252.954400][   T29] kauditd_printk_skb: 884 callbacks suppressed
[  252.954418][   T29] audit: type=1400 audit(1021.944:15778): avc:  denied  { read write } for  pid=12123 comm="syz-executor" name="loop2" dev="devtmpfs" ino=872 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=0
[  253.020404][   T29] audit: type=1400 audit(1021.984:15779): avc:  denied  { open } for  pid=14996 comm="syz.2.4229" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=0
[  253.039430][   T29] audit: type=1400 audit(1021.994:15780): avc:  denied  { create } for  pid=14996 comm="syz.2.4229" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=0
[  253.059369][   T29] audit: type=1400 audit(1021.994:15781): avc:  denied  { create } for  pid=14996 comm="syz.2.4229" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=0
[  253.078761][   T29] audit: type=1400 audit(1022.004:15782): avc:  denied  { read write } for  pid=12702 comm="syz-executor" name="loop0" dev="devtmpfs" ino=873 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=0
[  253.101786][   T29] audit: type=1400 audit(1022.004:15783): avc:  denied  { read } for  pid=14996 comm="syz.2.4229" dev="nsfs" ino=4026533001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=0
[  253.122747][   T29] audit: type=1400 audit(1022.004:15784): avc:  denied  { prog_load } for  pid=14996 comm="syz.2.4229" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  253.141486][   T29] audit: type=1400 audit(1022.004:15785): avc:  denied  { map_create } for  pid=14996 comm="syz.2.4229" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  253.160396][   T29] audit: type=1400 audit(1022.004:15786): avc:  denied  { prog_load } for  pid=14996 comm="syz.2.4229" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  253.179257][   T29] audit: type=1400 audit(1022.004:15787): avc:  denied  { prog_load } for  pid=14996 comm="syz.2.4229" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  254.125824][T15057] netlink: 'syz.1.4254': attribute type 1 has an invalid length.
[  254.155163][T15057] 8021q: adding VLAN 0 to HW filter on device bond1
[  254.173732][T15057] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4254'.
[  254.185354][T15057] bond1 (unregistering): Released all slaves
[  255.078365][T15105] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15105 comm=syz.3.4272
[  256.306040][T15195] netlink: 36 bytes leftover after parsing attributes in process `syz.1.4312'.
[  256.498247][T15227] netlink: 52 bytes leftover after parsing attributes in process `syz.1.4327'.
[  256.525299][T15224] sctp: [Deprecated]: syz.4.4326 (pid 15224) Use of int in max_burst socket option.
[  256.525299][T15224] Use struct sctp_assoc_value instead
[  256.545920][T15229] xt_policy: neither incoming nor outgoing policy selected
[  257.268956][T15252] netlink: 'syz.1.4337': attribute type 13 has an invalid length.
[  257.372695][T15252] bridge0: port 2(bridge_slave_1) entered disabled state
[  257.380089][T15252] bridge0: port 1(bridge_slave_0) entered disabled state
[  257.460453][T15252] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  257.482603][T15252] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  257.557013][T15252] netdevsim netdevsim1 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  257.565630][T15252] netdevsim netdevsim1 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  257.574038][T15252] netdevsim netdevsim1 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  257.582524][T15252] netdevsim netdevsim1 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  257.637286][T15274] xt_policy: neither incoming nor outgoing policy selected
[  257.928940][T15298] sctp: [Deprecated]: syz.3.4355 (pid 15298) Use of int in max_burst socket option.
[  257.928940][T15298] Use struct sctp_assoc_value instead
[  257.962830][   T29] kauditd_printk_skb: 1084 callbacks suppressed
[  257.962847][   T29] audit: type=1400 audit(1026.954:16872): avc:  denied  { create } for  pid=15296 comm="syz.1.4356" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[  257.997688][   T29] audit: type=1400 audit(1026.974:16873): avc:  denied  { create } for  pid=15296 comm="syz.1.4356" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[  258.018316][   T29] audit: type=1400 audit(1026.974:16874): avc:  denied  { create } for  pid=15296 comm="syz.1.4356" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[  258.038767][   T29] audit: type=1400 audit(1026.974:16875): avc:  denied  { prog_load } for  pid=15296 comm="syz.1.4356" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  258.057797][   T29] audit: type=1400 audit(1026.984:16876): avc:  denied  { map_create } for  pid=15296 comm="syz.1.4356" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  258.076884][   T29] audit: type=1400 audit(1026.984:16877): avc:  denied  { prog_load } for  pid=15296 comm="syz.1.4356" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  258.095837][   T29] audit: type=1400 audit(1026.984:16878): avc:  denied  { prog_load } for  pid=15296 comm="syz.1.4356" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  258.114798][   T29] audit: type=1400 audit(1026.984:16879): avc:  denied  { create } for  pid=15294 comm="syz.3.4355" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=0
[  258.185668][T15303] xt_policy: neither incoming nor outgoing policy selected
[  258.219423][   T29] audit: type=1400 audit(1027.144:16880): avc:  denied  { open } for  pid=15300 comm="syz.3.4357" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=0
[  258.238696][   T29] audit: type=1400 audit(1027.144:16881): avc:  denied  { create } for  pid=15300 comm="syz.3.4357" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=0
[  258.711127][T15335] sctp: [Deprecated]: syz.3.4369 (pid 15335) Use of int in max_burst socket option.
[  258.711127][T15335] Use struct sctp_assoc_value instead
[  259.979636][T15420] xt_policy: neither incoming nor outgoing policy selected
[  260.787422][T15454] xt_policy: neither incoming nor outgoing policy selected
[  261.238322][T15488] xt_policy: neither incoming nor outgoing policy selected
[  261.978314][T15514] xt_policy: neither incoming nor outgoing policy selected
[  262.976430][   T29] kauditd_printk_skb: 691 callbacks suppressed
[  262.976449][   T29] audit: type=1400 audit(1031.964:17573): avc:  denied  { map_create } for  pid=15546 comm="syz.3.4462" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  263.004608][   T29] audit: type=1400 audit(1031.974:17574): avc:  denied  { prog_load } for  pid=15550 comm="syz.4.4463" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  263.023698][   T29] audit: type=1400 audit(1031.974:17575): avc:  denied  { prog_load } for  pid=15550 comm="syz.4.4463" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  263.042896][   T29] audit: type=1400 audit(1031.974:17576): avc:  denied  { create } for  pid=15550 comm="syz.4.4463" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=0
[  263.056602][T15549] xt_policy: neither incoming nor outgoing policy selected
[  263.062253][   T29] audit: type=1400 audit(1031.974:17577): avc:  denied  { create } for  pid=15550 comm="syz.4.4463" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=0
[  263.088912][   T29] audit: type=1400 audit(1031.974:17578): avc:  denied  { prog_load } for  pid=15550 comm="syz.4.4463" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  263.107913][   T29] audit: type=1400 audit(1031.974:17579): avc:  denied  { create } for  pid=15550 comm="syz.4.4463" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=0
[  263.127306][   T29] audit: type=1400 audit(1031.994:17580): avc:  denied  { allowed } for  pid=15548 comm="syz.1.4461" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=0
[  263.146565][   T29] audit: type=1400 audit(1031.994:17581): avc:  denied  { map_create } for  pid=15548 comm="syz.1.4461" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  263.167463][   T29] audit: type=1400 audit(1031.994:17582): avc:  denied  { prog_load } for  pid=15548 comm="syz.1.4461" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  264.169772][T15596] xt_policy: neither incoming nor outgoing policy selected
[  265.217717][T15637] xt_policy: neither incoming nor outgoing policy selected
[  266.247919][T15672] xt_policy: neither incoming nor outgoing policy selected
[  267.059103][T15710] xt_policy: neither incoming nor outgoing policy selected
[  267.911557][T15738] xt_policy: neither incoming nor outgoing policy selected
[  267.994994][   T29] kauditd_printk_skb: 570 callbacks suppressed
[  267.995012][   T29] audit: type=1400 audit(1036.984:18153): avc:  denied  { prog_load } for  pid=15739 comm="syz.4.4540" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  268.029554][   T29] audit: type=1400 audit(1037.004:18154): avc:  denied  { create } for  pid=15739 comm="syz.4.4540" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=0
[  268.049153][   T29] audit: type=1400 audit(1037.004:18155): avc:  denied  { create } for  pid=15739 comm="syz.4.4540" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[  268.069518][   T29] audit: type=1400 audit(1037.004:18156): avc:  denied  { create } for  pid=15739 comm="syz.4.4540" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[  268.090017][   T29] audit: type=1400 audit(1037.004:18157): avc:  denied  { prog_load } for  pid=15739 comm="syz.4.4540" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  268.109110][   T29] audit: type=1400 audit(1037.004:18158): avc:  denied  { prog_load } for  pid=15739 comm="syz.4.4540" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  268.128100][   T29] audit: type=1400 audit(1037.004:18159): avc:  denied  { prog_load } for  pid=15739 comm="syz.4.4540" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  268.147116][   T29] audit: type=1400 audit(1037.004:18160): avc:  denied  { prog_load } for  pid=15739 comm="syz.4.4540" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  268.166030][   T29] audit: type=1400 audit(1037.004:18161): avc:  denied  { prog_load } for  pid=15739 comm="syz.4.4540" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  268.201480][   T29] audit: type=1400 audit(1037.174:18162): avc:  denied  { read write } for  pid=12702 comm="syz-executor" name="loop0" dev="devtmpfs" ino=873 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=0
[  268.497697][T15767] xt_policy: neither incoming nor outgoing policy selected
[  269.136150][T15796] xt_policy: neither incoming nor outgoing policy selected
[  269.994442][T15829] xt_policy: neither incoming nor outgoing policy selected
[  270.520170][T15858] xt_policy: neither incoming nor outgoing policy selected
[  271.202054][T15887] xt_policy: neither incoming nor outgoing policy selected
[  271.789111][T15915] xt_policy: neither incoming nor outgoing policy selected
[  272.398147][T15940] FAULT_INJECTION: forcing a failure.
[  272.398147][T15940] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  272.411464][T15940] CPU: 0 UID: 0 PID: 15940 Comm: syz.0.4623 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(voluntary) 
[  272.411533][T15940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  272.411549][T15940] Call Trace:
[  272.411556][T15940]  <TASK>
[  272.411564][T15940]  __dump_stack+0x1d/0x30
[  272.411608][T15940]  dump_stack_lvl+0xe8/0x140
[  272.411626][T15940]  dump_stack+0x15/0x1b
[  272.411641][T15940]  should_fail_ex+0x265/0x280
[  272.411683][T15940]  should_fail+0xb/0x20
[  272.411784][T15940]  should_fail_usercopy+0x1a/0x20
[  272.411819][T15940]  _copy_to_user+0x20/0xa0
[  272.411841][T15940]  simple_read_from_buffer+0xb5/0x130
[  272.411923][T15940]  proc_fail_nth_read+0x100/0x140
[  272.411956][T15940]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  272.412067][T15940]  vfs_read+0x19d/0x6f0
[  272.412093][T15940]  ? __rcu_read_unlock+0x4f/0x70
[  272.412144][T15940]  ? __fget_files+0x184/0x1c0
[  272.412168][T15940]  ksys_read+0xda/0x1a0
[  272.412204][T15940]  __x64_sys_read+0x40/0x50
[  272.412284][T15940]  x64_sys_call+0x2d77/0x2fb0
[  272.412316][T15940]  do_syscall_64+0xd2/0x200
[  272.412336][T15940]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  272.412443][T15940]  ? clear_bhb_loop+0x40/0x90
[  272.412535][T15940]  ? clear_bhb_loop+0x40/0x90
[  272.412560][T15940]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.412583][T15940] RIP: 0033:0x7fbe8571d33c
[  272.412597][T15940] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  272.412622][T15940] RSP: 002b:00007fbe83d87030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  272.412641][T15940] RAX: ffffffffffffffda RBX: 00007fbe85945fa0 RCX: 00007fbe8571d33c
[  272.412656][T15940] RDX: 000000000000000f RSI: 00007fbe83d870a0 RDI: 0000000000000003
[  272.412671][T15940] RBP: 00007fbe83d87090 R08: 0000000000000000 R09: 0000000000000000
[  272.412686][T15940] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  272.412861][T15940] R13: 0000000000000000 R14: 00007fbe85945fa0 R15: 00007fff56662de8
[  272.412878][T15940]  </TASK>
[  272.465984][T15945] xt_policy: neither incoming nor outgoing policy selected
[  273.197580][   T29] kauditd_printk_skb: 635 callbacks suppressed
[  273.197663][   T29] audit: type=1400 audit(1042.184:18798): avc:  denied  { map_create } for  pid=15962 comm="syz.1.4631" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  273.224595][   T29] audit: type=1400 audit(1042.214:18799): avc:  denied  { prog_load } for  pid=15962 comm="syz.1.4631" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  273.244022][   T29] audit: type=1400 audit(1042.214:18800): avc:  denied  { map_create } for  pid=15962 comm="syz.1.4631" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  273.262951][   T29] audit: type=1400 audit(1042.214:18801): avc:  denied  { write } for  pid=15962 comm="syz.1.4631" name="001" dev="devtmpfs" ino=171 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=0
[  273.285527][   T29] audit: type=1400 audit(1042.214:18802): avc:  denied  { map_create } for  pid=15962 comm="syz.1.4631" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  273.304417][   T29] audit: type=1400 audit(1042.214:18803): avc:  denied  { prog_load } for  pid=15962 comm="syz.1.4631" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  273.326685][   T29] audit: type=1400 audit(1042.314:18804): avc:  denied  { create } for  pid=15964 comm="syz.1.4632" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=0
[  273.350255][   T29] audit: type=1400 audit(1042.334:18805): avc:  denied  { create } for  pid=15964 comm="syz.1.4632" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=0
[  273.397972][   T29] audit: type=1400 audit(1042.364:18806): avc:  denied  { read } for  pid=15964 comm="syz.1.4632" dev="nsfs" ino=4026532381 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=0
[  273.418947][   T29] audit: type=1400 audit(1042.364:18807): avc:  denied  { prog_load } for  pid=15964 comm="syz.1.4632" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  273.510561][T15976] xt_policy: neither incoming nor outgoing policy selected
[  274.271356][T16008] xt_policy: neither incoming nor outgoing policy selected
[  274.644675][T16036] xt_policy: neither incoming nor outgoing policy selected
[  274.689278][T16040] FAULT_INJECTION: forcing a failure.
[  274.689278][T16040] name failslab, interval 1, probability 0, space 0, times 0
[  274.702075][T16040] CPU: 0 UID: 0 PID: 16040 Comm: syz.3.4663 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(voluntary) 
[  274.702169][T16040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  274.702181][T16040] Call Trace:
[  274.702187][T16040]  <TASK>
[  274.702194][T16040]  __dump_stack+0x1d/0x30
[  274.702230][T16040]  dump_stack_lvl+0xe8/0x140
[  274.702253][T16040]  dump_stack+0x15/0x1b
[  274.702274][T16040]  should_fail_ex+0x265/0x280
[  274.702341][T16040]  ? __se_sys_memfd_create+0x1cc/0x590
[  274.702379][T16040]  should_failslab+0x8c/0xb0
[  274.702405][T16040]  __kmalloc_cache_noprof+0x4c/0x320
[  274.702462][T16040]  ? fput+0x8f/0xc0
[  274.702553][T16040]  __se_sys_memfd_create+0x1cc/0x590
[  274.702592][T16040]  __x64_sys_memfd_create+0x31/0x40
[  274.702677][T16040]  x64_sys_call+0x122f/0x2fb0
[  274.702696][T16040]  do_syscall_64+0xd2/0x200
[  274.702752][T16040]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  274.702784][T16040]  ? clear_bhb_loop+0x40/0x90
[  274.702809][T16040]  ? clear_bhb_loop+0x40/0x90
[  274.702894][T16040]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  274.702936][T16040] RIP: 0033:0x7f102776e929
[  274.702953][T16040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  274.702975][T16040] RSP: 002b:00007f1025dd6e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  274.703019][T16040] RAX: ffffffffffffffda RBX: 000000000000045e RCX: 00007f102776e929
[  274.703034][T16040] RDX: 00007f1025dd6ef0 RSI: 0000000000000000 RDI: 00007f10277f14cc
[  274.703049][T16040] RBP: 0000200000001400 R08: 00007f1025dd6bb7 R09: 00007f1025dd6e40
[  274.703063][T16040] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000180
[  274.703078][T16040] R13: 00007f1025dd6ef0 R14: 00007f1025dd6eb0 R15: 0000200000000700
[  274.703099][T16040]  </TASK>
[  275.412170][T16069] xt_policy: neither incoming nor outgoing policy selected
[  275.750468][T16082] ==================================================================
[  275.758614][T16082] BUG: KCSAN: data-race in call_rcu / mas_state_walk
[  275.765320][T16082] 
[  275.767656][T16082] write to 0xffff888106b62608 of 8 bytes by task 16080 on cpu 0:
[  275.775377][T16082]  call_rcu+0x51/0x3f0
[  275.779479][T16082]  mas_wmb_replace+0xc6a/0x14a0
[  275.784393][T16082]  mas_wr_store_entry+0x1773/0x2b50
[  275.789624][T16082]  mas_store_prealloc+0x74d/0x9e0
[  275.794690][T16082]  vma_iter_store_new+0x1c5/0x200
[  275.799731][T16082]  vma_complete+0x125/0x580
[  275.804256][T16082]  __split_vma+0x591/0x650
[  275.808699][T16082]  vma_modify+0x21e/0xc80
[  275.813056][T16082]  vma_modify_flags+0x101/0x130
[  275.817935][T16082]  mprotect_fixup+0x2cc/0x570
[  275.822636][T16082]  do_mprotect_pkey+0x6d6/0x980
[  275.827505][T16082]  __x64_sys_mprotect+0x48/0x60
[  275.832387][T16082]  x64_sys_call+0x2794/0x2fb0
[  275.837076][T16082]  do_syscall_64+0xd2/0x200
[  275.841588][T16082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  275.847497][T16082] 
[  275.849831][T16082] read to 0xffff888106b62608 of 8 bytes by task 16082 on cpu 1:
[  275.857498][T16082]  mas_state_walk+0x3e9/0x650
[  275.862193][T16082]  mas_walk+0x30/0x120
[  275.866285][T16082]  lock_vma_under_rcu+0xa2/0x2f0
[  275.871237][T16082]  do_user_addr_fault+0x233/0x1090
[  275.876458][T16082]  exc_page_fault+0x62/0xa0
[  275.880982][T16082]  asm_exc_page_fault+0x26/0x30
[  275.885857][T16082] 
[  275.888206][T16082] value changed: 0x000055556a23dfff -> 0xffff888106b62308
[  275.895316][T16082] 
[  275.897646][T16082] Reported by Kernel Concurrency Sanitizer on:
[  275.903807][T16082] CPU: 1 UID: 0 PID: 16082 Comm: syz.2.4680 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(voluntary) 
[  275.916318][T16082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  275.926387][T16082] ==================================================================