last executing test programs:

2.250280507s ago: executing program 4 (id=7787):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x10005, r2}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r3}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000071122700000000009500000000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)

2.229325567s ago: executing program 4 (id=7788):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x35d, &(0x7f0000000f00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPNiDurJvyeatLzFpfr/2+4GSycw8u7OZSXk27WYv3/3yo0rJ0kp6Q6JJJRERkSuRrEQlEPEfo245IWGH8srMnz+/uL5ZTHoVaiW/8WpOKTU3/8PHn6X8bmfTcpF9//KP3O8Xz148f/nvxodlS5UtVa01lK62a7829G3TULtlq6IptWoaumWoctUy6l77d/52zNreXlPp1d3Z9F7dsCylV5uqYjRVo6Ya9abSP9DLVaVpmppNC25SPF5b0/NDBu+MeDAYk3o9r0+JSKqnpXg8kQEBAICJ6s7/o05KP0z+vyVzhcLymnI6t/P/k5fOGzPvnM75+f9Zol/+/9ov3rY68n/ndKKd/9e884PSzfn/13KH/L83I3pchs7/s2MYDIYzn+ipinQ8c/L/tP/+dR29d7LoFsj/AQAAAAAAAAAAAAAAAAAAAAB4GlzZdsa27UzwGPy0LyHwn+NBGjT/0yKSdGbfZv4fsvXNLUm6F+45c2x+sV/cL3qPfodzETHF+Mfu5qyN4Moj5cjKj+aBH3+wX5xyW/IlKTvxsiQZybrrKRRv2ytvFZaXlMePb12mlA7H5yQjz4Tjv3dXpxOf64z395+QlxdC8Zpk5KcdqYkpu25ke/+fLyn15tuFrviU209Efrv3SQEAAAAAYMQ01dL3/F3TBrV73zKSL7kfExmyKBn5u//5/WLf8/NY5oXYpI8eAAAAAIDHwWp+WtElatTdgmn2K6RkYNMICrGOmriI9O2c6KqJX7flqdAR3nY8CfHuYPJ/j+ub4FW9S1TwjxTOwFtN/h1VZLjxBMfv1kRiw09T5FDcBXAYborKLcJj3YOfdypU384LA7dz5B9Iqyb42Cgx4HWW1d7tRK9ZCfGeGjsy3AJ47qtv/xrdG+T1U38FfHJz5yPTsA/kNpPSVXB20dsUH/svHgAAAAD3rp30BzVvhJvDNxIJ3yyHv9wDAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBCY/lKv67CpI8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFL8FwAA//8GuPOT")
creat(&(0x7f0000000040)='./bus\x00', 0x0)
r1 = open(&(0x7f0000000100)='./bus\x00', 0x14113e, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x143142, 0x0)
ftruncate(r2, 0x2007ffb)
sendfile(r2, r2, 0x0, 0x1000000201005)
write$binfmt_script(r1, &(0x7f0000000080), 0x208e24b)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000057"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_emit_ethernet(0x48, &(0x7f0000000a00)={@broadcast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x35}, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "cb653e", 0x12, 0x3a, 0xff, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @rand_addr=' \x01\x00', {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, [{0x22}]}}}}}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
socket$netlink(0x10, 0x3, 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000041000000850000008600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70200000000f400850000008600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
mlock(&(0x7f0000ffd000/0x2000)=nil, 0x2000)

1.6303437s ago: executing program 4 (id=7796):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0xca02})
close(r1)
socket$inet_smc(0x2b, 0x1, 0x0)
preadv(r2, &(0x7f0000001300)=[{&(0x7f00000000c0)=""/124, 0x4}], 0x3e8, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000840)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)

1.402025841s ago: executing program 2 (id=7800):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f00000005c0), r1)
sendmsg$NFC_CMD_LLC_GET_PARAMS(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x1c, r2, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x4040)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f00000017c0)='./file0\x00')
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x3, &(0x7f0000000280)=@framed, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
readlink(&(0x7f00000012c0)='./file0/../file0\x00', &(0x7f0000001580)=""/68, 0x44)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
getpid()
open$dir(&(0x7f0000000200)='./file0\x00', 0x400, 0x80)

1.382305592s ago: executing program 3 (id=7801):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x6, 0x3, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$packet(0x11, 0x2, 0x300)
syz_usb_connect(0x2, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r3=>0x0})
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000300)=<r4=>0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000340)={r1, r3, 0x25, 0x2, @val=@uprobe_multi={&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)=[0xd, 0x1, 0x100000001], &(0x7f0000000200)=[0x0, 0x1], 0x8000, 0x3, 0x0, r4}}, 0x40)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000400)={{r1}, &(0x7f00000000c0), &(0x7f00000003c0)='%-010d \x00'}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = creat(&(0x7f0000000cc0)='./bus\x00', 0x128)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x2000000, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r5}})
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(0xffffffffffffffff, &(0x7f0000000080), 0x1c)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r8=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000001c0)=@dellink={0x20, 0x11, 0x101, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r8}}, 0x20}}, 0x0)

1.357111072s ago: executing program 2 (id=7802):
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x40)
io_setup(0x3, &(0x7f0000000280)=<r1=>0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000a00)=@raw={'raw\x00', 0x9, 0x3, 0x380, 0x0, 0xffffffff, 0xffffffff, 0x158, 0xffffffff, 0x2b0, 0xffffffff, 0xffffffff, 0x2b0, 0xffffffff, 0x3, &(0x7f0000000000), {[{{@uncond, 0x0, 0xf0, 0x158, 0x0, {}, [@common=@hbh={{0x48}, {0x8000, 0x4, 0x1, [0x4, 0x0, 0xa75, 0x8, 0x200, 0x1, 0xffcc, 0xb43, 0xff00, 0x8, 0xbbc, 0x73d2, 0x3ff, 0x8000, 0x100, 0xfffc], 0xf}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x4, 0x8, 0x0, 'syz0\x00', 'syz1\x00', {0x8000000000000001}}}}, {{@ipv6={@mcast1, @rand_addr=' \x01\x00', [0xff, 0x0, 0xff, 0xff], [0xff, 0xffffff00, 0xff000000, 0xffffffff], 'bridge_slave_0\x00', 'veth0\x00', {}, {}, 0x89, 0x9, 0x1, 0x40}, 0x0, 0xf8, 0x158, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x7}}, @inet=@rpfilter={{0x28}, {0xe}}]}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv6=@ipv4={'\x00', '\xff\xff', @private=0xa010102}, [0x0, 0xffffff00, 0x0, 0xffffff00], 0x4e23, 0x4e21, 0x4e24, 0x4e21, 0x1000, 0x20, 0x101, 0x6, 0x3}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3e0)
io_submit(r1, 0x7, &(0x7f0000000580)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x7, r0, &(0x7f0000000100)="8ac33607d4a106298073561fc27f1a32ade7aa3733dc42537361db866b0139da7a7f0eb957625c7675515edfb17aed9515bdc8baba2b982af428d1f0a8bf39586186cf0716b1a06224b94722d51275260de6c3152396c0c4ad8a47f466b1832247ad34641d8abb6d7aded8916244bff85bd9f210e8c244df402a3714d3422a74ab9b301ec5b0c3546ab3a6f8d02b20f29c2e", 0x92, 0x7, 0x0, 0x3, r0}, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x2, r0, &(0x7f0000000e00)="c40873572b74b439ccfede3b2562444b8364d6a30d59c2d44b64ce8bdd70629913a4c7340c1400ecc27b7bfbe67d0f99182f7ff26d8d5ca1e9a8a0763bc2d3215450315269a12ec65b76a208c101c62a32a60aa9aef5047161c35cbbc249fb5d1e3f9618c330d5f79912250dbf249a061a43400ea993fd05a0bebb89c3d495367425a2089e3653f1cf1221a84d9f9bcf4e98e91600c05f3650ec608d1cfb408f980d531a7fb6cd793554e95e4ae379fc85146be6ea4338188507fe317a712d1970b3358e5d8c8c98e7fea8f8acea525f065687b15f8062fe3526e83cdcb66919cf04136d604bb7fb7f3e907c3159c44115fefc82f577480fc21f92387c4865d76acbb19814347b45586fccbde41ddfb9b2fe9fa4906d6943b42ce9bacd37cfb0554504f25052589cd084be728934a3d547523408b3db84d7b9d1723115ec491b3157ec2f59d9e81f98fbe8435b73ccb8447c9f04f915077156a22fcd021a4d79c829e05143752533182c74a5867a7c2b58c34209bc97c5e23ec622b422dd7139a6c5637965aaf1fbf9391ffc64b9271b2b93b44038999a338b9a5648f71e8f3b4f574e9ab52dbbf1c114226862be0169100c6373ddffd000261cff21912726cd70e6eff251eb7c12920416b888dccda48ec212153fd77a21aea5c763b3d7827c532f28785a1fbabb5fbbf6ef528d56cb3d884c364372c1dd096502a6a0c81a88ee9f46f1e9a6fa6b566f53f7560604d35149a343fb58f473a13262dda5a662bffadc35b478d398deee4f5c087f7efb231b08ecfcc27b724b38fe16850811ca086db678c6eeeb69d953dff3502fb7f5b89dca6f95918567a2707c382f09bb8190c0b7d3ca78ad4ed47035de542f4765d1de9fccedab06497198e6b85215e81490cf1ff84e1dbc83885eb9c2093131778a6926b7d006c24bdaa399af5bbf37db7b6c5ce51de26760f6aa2ea31749bd48c2e25900fd90b99e1db51dcfe5b15e1b20a8a62427a4b2f669124b2abe462c2e4111b0f598854ef11cd14e8eda8d1d1341c930cab04b93c84a34d04e14024fa6d1153d452938ba560aa7c04913ea921cefd891a3ccec10ecf632f2c44d8a1ac49f9c5a85313421be807355a0ce68841f758686d700d087f1dc724a2a0ec7f8056815818d9534dbd2cd05d78c39bee897ca282e754c477a77f289c97b48dfcc53df076a386d3d37fa2bf8e5186f98958e60834e6383ca0ccbbf123d391d4de874338f5f5c6438e2f103005aefab8cfef7ba17e2921d3f04a219f556594186b8be5be30428ab2aa1943c59d1ead7f67a4da9e2555511aaefe2e3d58cdd0bce8bef1ff80b61df32e9d8b698d9fba532973711ebc2ab4472b5ecb7492ac356602e8974e4eaafe0be6995353035ff4c9cb865d506752a5a43764aea56f14bf394b4393ed47d71024ae5c654e58a184532918af52864d8fa56f4ac181ec928acd1ecfb2cfb3c0580ccbc10121331145575b0e835868c4cd61db13351858a0d29ab3628ae37989b16d84aa8a08139addee54a7559983efae8b5ee963189fcc6dfc615b4d5537564b8bf095880588c6f1c10f954417e4e5b211437a2519b4cdd6f769d68e0a927925edcbe7f6cf1741adfc3afa76e10c513d437d1c1e0535d626f2a882212c303de5599b24fdb180bdc625351c12c125bca1696947be71c4d21198feb33ea7451ebe696119253600ebbe6c6501cb0d7cbd6da8d81bd49ec762e2aec976815b1b8af564bbc26859e027cd83f74bf5994dc39cd9d41f2f3eef23f317e1343cffbbe46311d8f51ed84054c0b2a6f30a59bba9a536aaadb718388a262027b536c4f296168b4f5116135edaeda0aed0ca4d32063a933c225235e3def5a81a3f1f9e67b25d1250ece05a013659a47be77f1de0149e7a9a195dc70d04daf2d8c1b8b96dd6732a20cf83df2d30fb172e3058c67f74151c9abff8a731cd9f936d599f19c047f9043d3b716a63c1b45f39612ee67802862e5cd9af1b71c83e1d8c918bdf09e5b47af0a9fc7b7df962158c1534b41384f26cf10a4d9a59453bb2ea630c9964bc9074e91c074cd35bdbaae1e4cb639d7d4b5f362d0a490992b09cf3b83ac0f332f0fbc7e84bea3db22bb29e4527ff743d5ef5aeed51cdbf7440391fdd0a25dbd88646f317e4cc4d9ca36acccbd252551cff021ff72267a62101b961a8f28b0fc99cd3d4361744b7e2ed4f93a8d3f2efa6dd41da1ad5b8cf9440e089361f18e83002113c8f855595e8a8c13e779f86f10d568486ff924f6ec06f94f80fc4c6f4f0493cd70f57a6789158041b78243ef6ed8bd274e2416071a7fe19d6e1001c96c770d0dd9be12bc87714faa1e0a1f7de8da9c4177253da1b465c67b1c454987039701ad8e6e1c2b64fa692b4d23b0fbea861136463c28c47ebe5d370c97a6c0a6f10f2f2890fc6515b063b583e8af17f26dde3ff1e25cc1aaa4345717fff5decc36b17472cfc219aa79efb876aa9471230867e07e5ed81b064b4c444bf71582d6986ea1aac9ee27b8599854532ae2fe27d41ff8ea199a99e5f35a22dfb7317710386602b352d2353648d76bb3cb67f387d6274efa8c4deb7aa91b6c624f3ef7de51b99044264b5d09d18383c7ecf6cdc8509e6305bbe748988f099f56b674b6b541f2f79a5d7e2943f731697f25970709a36e3da9e1780309eb18fb9424d16c50d78cb338b05a04b6f489ceaa12e4212c15abd033fd1c4face1f3f39c18f09aa2baffab0f7cc550064fad84f30d234ad0eb41a2436adeec781428f547d8b98e621d291d2e842efcd32f31413d99fe9d02f7baba2eb203183f0ee7394f7484b39682b0b1f7078998dcf097cb69066676062e1c7f0e6486de9c8c51b9d1349b32cc6ab871804616b7b228a40e9797384ed2fc687f46836f837b74883f851cc02ec72f22b0b95fe6d057a0a2786e95f0084cc62bc8d358e36c613f1712ef5fda9b239693a5d3b92f290d35d3ffbfe14782cdcdaba766610243a10c6380536949b3562cc0d0e15180c012cf3cd55d7cdcc686a563f26ac0d7e03a5e8e4cf9a8d694a1d7e0b19e1d2cf731dee55288d453cbda25f52d61943c5448c5fd1c309ba167224e2973c988567bda38f5da6c948701700a036fa43472b157ff9e2d81407c734e64b8b198bed26702f955e0778bc7286720457742458b497bb5cd9f523e626a1510049478406f8b8a8eb905436ef26d8e33c427d634a83dfea26cb310b38d6a0e07dcaaed2a90ebd906b89fdc812f86b9dda1feaea90a94760f5fb0a53e57df3fe12c901042e98434de290c273533b39ba56f1393152091748cf7b9776474bc3efd3a9e9795728ee650f88ebd83d0fda38a771104acd43674597a1ff6d4641d1a3c6f55715588ba9d3961b6ab366771877524abe97ceb66b46df11b8c8ef3edfeeda817453df60d2911c94117609b5d6ac826db3eec09a6a14c4b47a2c7cb311c94b53954acf14526cb48c509266969b8c0b22f2fb0d1ef0be3d84b91e14b3d4363029dcc235eb5a989681e5219478616bda1619211c1dc531af4ea0549f718fff3d47d289d49423d048378b1365f8f80c0e1379195901b6d7d81551e340994278eded4a39c85ae8cab2760c134fd5e554fa91f15cc1709ff02fbff77961091a3e2fbd083dca5dec4a7509c4aa4dc5ad6fa9c5a43135b28931b177881ace8ca364c57661a1cadfc810c5761bfdedb7aeb5b7c49021e740f1a370ac9c258b69d685cfcf7581b64865e196812b62f23371983bbb5d9e0d8032e2678e7d26c642fa1aa25dd0acf4c430657e55fb17d9640b329b67b6f28a9574c4124b8a0f2fbbff3fd6df9946e1516dc754c0a29e94999ffc83b1c9b56f09352894c9b2f52d9c09579909381af71e4be47b835c76da7d2e3a6556c5ea303981437d661c628ade85df66e407fbf09f3ba386d7dbe5815d23ef421351264f192073b21b314529e81deaa34aac0e7116a536258eeeaa635799f2afd8308164edcae2bd8a8a03ea74cc20d0142dde734190255e3738a3fbf77b1e85a3d150e2520939246a2dbad0ff26adb8e159bb29ee5b74c215be7731a77fefa742d9bc35aab9feec068144d48e982c8056a7393094d15d2d7e64bf2de6f7b095aaaa162b0da96bdc90e500d0e63194614cbf8c2640ce25832a01c061f00d510bdb8f22b61c0cffe115dc3253ad53deec74d10e2b690a745cfe13c71f09f4a6a0f72a669a48a70569443df8e0664d56f1eac7123118dcdb43ff7d197c46135ba247a106c152551af6245c3bb5aa6bf8bbd9aa954b12caadd79edc2628618b183d2ac2c8865aa4006800f448a893266f32e76e203aa175e4f002ada7ebb574290d9635a92d71c4e2badeacf36e379dca1c8c9a667ccf76617492bc2e7c5be09646f94539fc38734f640e8bd8258bf6b856682db5f506325160bf8d93a3d90b34b131faa2ccd0b6339a23f90f0084106ddcf18c92072e657c64e829c12ac9d382ce71a368b9c095010d24e7d5b83815176d9de8746407582e65a14b22d67e55db5a057df53ebf828fad1b44d05d1554d2c77d8d5a028e3cd265fd03b9ea02530ba37ca6c84f1d1c8b20e9239f20f58fb4662678d0af002a3d8684a7202c620e79124f88d49273fb4469b126336c6650b5a982f4a5cb01c7c360e13c25afb0ed075062dc353abfe6dcf961ae0bd2179151f7d661a429f421f8c10aaf88e2388faa20fc9ccd296fca1aaeb2f7db33e50d0d3245a13cb769564066075587608c61f320d266daa00e02e3c790f546fd022b578a5ef535c927ec0a174ff40d25596b48dbb78e7cdf1589e47ca1f4a77bc1b3ae7f6d407bc97216dbc278ce5c66aa76c0360d82e17fd21122f6feec0445e6faa3a6ec5026aa49e5f33845d8e3cd3356aabb4efecac67d307c98935c1c21fd2c1ebca3c0a7e38a2444955b927677cd050c15a129b2f4cc7d18d8e741e838722ee3624ab5e75d206a39f98598517618a6256f103ca3de486c06de7b9588165df66fc5c1cbaf2560998e7e6b71983379c75c9138b5aab1d7f1a8e93d239fc3039fc97c3170f79e353433db0d28bd05d6be4259123cfbfcc0f98b4cfef39fff2f9f7194f81eddd6064b0e1a2bdc64215730bf54d34c728f1c745c74c2430b31dc851ddcdb77a1ed7abbea72a3b71da8881a68725d278b907d28441b1b98ac904bc8ae3039d7c91e44fa79e72a49e06cffeac134b5066ded9e54c1ba6f6c3c83f474834cd073ffb0f63385b5b31d6860368d31acec165c5f2d9959f1b41dfe7fb3fbbd12e904e3d108cea13c16270fe52d21dd50b7568d88a9cdce788e6a92fa982ad1fd923330e16a38e200f2b86ca20c04ed6505b36fa7f231776ee16b50899b3013c3478490ab2676d1b8199e6c067c39507533c6fa6ea7e03699b34bcebd984c9eda1e82b828eeaa6795fcf70d92260f334622f9c004aac0551d0eac49b2958b1468d1f2dbfc170e801fe42f2ff20da8a1c11dcca141d14aa4cf306f38da721cea324979177446efe54da0e7e2cc1ed3d570a900a251c457a54c10af992539ea023ee401417fb275f95ecaa47ad52fe5e9aadd06f138e85fa92cef058dc579fd1d16e5e1cdd733decad90ff6dcb8e5f79555b3ab23fdb3da0b26aafa1a6a8b8e07909211df844b37b099f5b13347db0cc764a155d4096aed4b4330cda2c1a8cba14a9123200f9f85803746eac14d716860ef7073b312f28d3fd0ed06fe539cbfabd9b53c6db98de569bd37c52893e045fb62c2125b1deba31f650435b069228ae60435ebaa8492fc75922c39b39bb", 0x1000, 0x8, 0x0, 0x2, r0}, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x3, 0x400, r0, &(0x7f0000001e00)="58de87d6e739ccce211db6fb90030d892a291deae22e7e42aef65ffc9226140bae65be85016e1a0aee795f832b274ddb56fd38c33247bdffe12794db2e8525aa39a64a18ad1b9aadd0773e669d4f94326e5062941e0635870ea4b80438d1c1b28a94e03c460dd55889ea99e5caeedb8a29284f40064b81da25cac9f42cc2292518f10793d013c7a641903d4d4659d113a92bc7a0056410f00be64613fff93736eb5b1f4b531537024a9568832f2ee456724d0de6c87e0119b8b42d7e72ddb3634ec8fad68d467b5f353ec9cef259c041aed8b0febad5ac3645452516503fccf345bc69491e47334b2e1cd7808860744873b94ae6e77416bb25921e6539b4615e9cd927c8e31c9462107ab39d5f69a1172b1b738e2a23a972b89f212097c4c0f963aff30a8bcb5900d1999cd95b6197ed2d0f59f3e7310b1a549a7eb15415ebe804afaf7e5151757dc1520f95d9717824ca1431672989e6aecbe5218a5aa34322da8f1f05b8b697accc7ca30cdf4750ee7477d13847d717fb75cf64eda7d5e76edec7c8722e466099d64c2a5fe0d70ad777174fa240a083da34c78bd01c36b1ae6a49fc980e6481ed6449d2f3a4fe6703c54bd475a68ec876de88351beddfd08bff2b2e86efea9cf95d6c30371dcdf1e8e1fe957021a3a3bbf5e4127d01ff34ed5c3b93c4a7cc08ad2f3d9d288abeebe1ca5b4377412682657b56f0d48f59d059823fb407823b3af15303e9ba38b607ea9da039ddf405414541caabaaeda2c5a7a954cad3d288de51bbe7677b425a60fab48cf4160ac9e3d14a3112d1c7d9b490e93ea672d2a8d67a2143e51c5da918120e905f53c8a8ae87c34330df503035d00252eb18a0f55807cc81e1b28e682d6e4cf779013336f946a32b793533f352fe5433fcd3a662e10574d4539014f5b03e6c168bfabaec4541c06a2759e40582447ec22ffcbdda4e5352732e281fb0681ffeccde1b9e43eb8f921c4d0bc566b1f197a5871b827ce75261786e0009c969f9b34e6c34d171c5c1c427605dfa47f309d9e9916584e849e54c323258d6d212de1823db9929b8bc139375519d22c1f5d73ce9a6978c7829cdfbe4da1f0373b042a78f257d868354f3a681825b97ec1a55b39777c624706477830a989e04aee473805a5284a97fbe2496e0feb8ba0f4da5b61dd5135d3e1412ee21b29b323b21274934258ee6e863fb0c40a81fd1be08b4ec3658436f5c0bbe0277e08f48f24760ec76e1153c496711a7eea178774f61901d3f0205cc8d37cae03f04d597cae1800eae26e404b17c36a0f386a7a600deb4ee1c94dc4c2f6a0794d00001ca5d2a4c58af295886a389193874fe88cc63d342ae1dd197d235f0b70c35292d521555266969ddcff299775c21c56616d6f03847c17cc19b7b310b9b0dee864134041e6a20288bd10608c37eadd8034e8f88817c2815bbeafdaaa5215c6569f69c89c5ba22105f4d2555ee075531ffc8fed3ffb06ed6161567237db25fd6b8a02989d4fc544808986ac82c5a5b96889a9d399c40ae131efa51b12cee6134088876a6f01701fa951739e0a39069def641f40295a467fe3ca7c921dab7fff5fae1d6d8a9a55425144d48b0a24c89ad21ce320e99f1b4b74ab39d1b9a22f90f69e4d3d849151d11550cceaf5f81fcf211cbae4c5acbbeb420f88ddb2c9e79860fe351be13ed454d6f5d85fab72d4ac4b05131ff2e2d9f43c8c94edfaa569b19268df1fad11f3a281f05cecb7c93e2866b5c20a514a959663c8431d39fec3174567a0b862fa45d4c777c87c173cb0535476b47b6489c2d502548ac545b15f2db0022fff8a8804907315a2ee83a383daa712f5c4e7b5c60aa2ce1c90da74f80c431089267cdb3fedb0ae8862ce541d9c033b3e71c93ade5e6ae8d80b4ad788d8eee5f6db018b5648aad48b20ec5bf64b3d22b4a6c7d2d01a791218f62ad9e7543fdfab5a5453d348c7bc32b1d148038815092cdf12e5c3dcbec38bdad282557224b267d1781194b063bf4335c3f3103f7c724f4207e0033f324b34be3c24da3ae8d4307d073a4ffe44207e1f1d738de22a5e1a25972ff239e91dfba90b9b9a52a54f84379601aa380590412b6f052443c929edc528aee5e3c2eeb9205955cd3e75b0227022522587f4b4036ae0940dfb81cfc7bea3b1ec1f228c3abf1c8079c063612c97203a14c56a9acec366d9489f164cd86d23a579e1a9e03901ea0466d67d7c344b274e5c53e7a1e7b4169c815e6da07f9caae8e30c076861a91c8f32f600267b70587b4d671b8b49543325a5190dc7ee7ee2c40ca2074aaf2582f2225cda96eb50f26a03d60f5b6777e6a03d0740bfbceb455b3134aa1e3e6a9cf7356f1217a1ba2ed82a446645600e90784bcdfbce95f19582f2d6a008da65f4ba1660c803ecae5387ffac80a5e93ef742b2b9af082459d74dba33b8c0c28bba9d62dd9047bb94bffc72537ebd9905ddd4367c7f98606dc6a14d1ee34f620add9e961ae2165762668a800b449fc9bf187924ee4b20a4e81cde4d77978d81c624d83c6ef9c6dba8fd7806c3150aebe631f12cc4c576811f79fa2e41420f78b978c09aeb07e55c757f1757fbd206cce0cb182ccd9c4f869595bcd4b01c3acf11b2d9b3d6c61e68e296f0cdba73cfe478e5dce2877cc491e00a2b404fbba6408f159253552b3db768f6e7547fc7aa2932d906dcc96fd06bd306b874a6942bec41eceeac7017d9d639b68548f1e332810cceaa93489a50996ae50d36853d3e40aae629512aa3e2a9977cebcb9dbb2b39b6b1faf543837caaa48123a278bea99c1418ee96e2994a5278adaa8671efeb8293d3be1587e6bd26de7a83d931270a987b8833566b2ed769e88f6b61b0de267535fdfdce129d21586f5269c9b256795e05d3e2a40dc28badac226ccc8198059caf39b2ca56bd03ec72c8ffb1efd100a3e781dc43d20459ae1721143233d1833ae7ce9d145404f5ba7524650b2ada8b2726468846928dcebfa8e7cb34d9642fa5afb5b0d545968dcd0c94730fe036ae8ef0f95fad45f8995bb22a1ee0bada8a69a7686e3169a1f39adb1e60c90e6ff0ac03373fed4a35a41b8311531c6c588bdff2ee6e4d0a2097668122a981405a44dbad8bf1a0a36f15d0e1d622644210769283d08b325ee292618c5b899dc2e85a50bca8d447dfda7ecdad1e9509b1c4261172c445e5e7a25625a7c3eeef30902e561f9b092d37af986745a6a4d83f76871938f3c3f14239b4d8ff6b724211c9a88c69f0045e861679dfabe742165a583fa8454886ac4305e6d574f9ec9085425a91573c9c905aae78a8ac6f4b4330ad6a0671cbb848c36a74c774c86e331573438e187664b8066a5c6810ffb4604fcaa44a4f9f6b6691c322a6dc873532dc56f5e5da87e21fdf0c6226ca849b3614eb2294b0f2262462cc79b8c5bc586022ba5343d277f349395efe7909f2666c9b152cd1672b640d7989cc39b14ff6133897179d92dc92450328897a0d71e053f5103ebdb17a6e892d67f105db1d26622fe850f5a81633e05d8c99fb6863b009556d019d29b3859db7a04641d465834badddb0780e6170c60db1788fec2d1cd0d273113b14ba3e41c79838f34c42dd3a056dc731ff6244eea534d35c55eb271ffd3cf36f4e64f557e202c11e60cf99bad4f3f443c133ef79359d685f832f805e8070c4fe651552248707c5471320387c6a3b45e58ea51213779ad45d46e03a2f014be8898c0644774537c2bbba8ab966b6b918aa2e323379291d70ded93953b6cad1f3951f8d4248dce2e8d4ffba368b07159f0a169d45f828cc7a90d9e9ee8c41b5f54b027f9c575e3f09639d6efd9147263c5317ef62069b384975217c84cf87584cb75343b1d7eb80e5961e7081d09aa39f3fb71127b471b6c3b32ff9fdd14caa42086e06579d9251277509d93cce69461914d46990cfd36bcbc9633771ff9429bda3566cae8af6952809b285ae5d3b174ebeb7165ad1a0ed691ad97eb72f4a7bf05b028aa4a3d137a65fa7ef88f9f8579da01812bcc53260c06e2cf5c94b8f0b1577081719c71b8bc30023721ec0eebed6e4997e3299c41f6f0afdb7f877f2f1447ed952a6645d3c73d3c8c9324be8b9d852799064ca9dcf076ea2fc9103cef6616df2a4de867f1ff2f5c8b5d9d90925635ac1bc1dace7558b85444afd6728712c10d5ced60962ad83ff59481d03ff95340db1673792b1ba972a6341df3d5bfb608be2835603d9bdef15fc56af51267d4e174f356380d45db7b01ab9a6a6bbbd385021dd358a70eb7f896f786a209bafee2480515f80fc80ca31777045d7d39627803048771a59afa57d19594aaa86abb7408fe8b1a1a3701f357b92d9a37d69d50039259f7849a1e334380fd0d707ab71a871367b02207b230ec367e8de6709f4c7639db0647578a294d3b04167193f7313d878ed1788941baf2d3042e1340fe9eb9ec7b00a21fd02bb5ddae20dd5ca2343e11e314ba92088c9beefe93f78ec1916b76ee856dd5edd782e3cb77607c33a3291d22e0413e77f762559146a59de13d86013d094a4bc9c9eb58cc767a26e56aac5f7e25da436fadadf83672e4fe82ec013f5de7cca747641a52cb885f664a58ebe25fc8f114a9cc85f401d6a331a026d94818e3063cd32b76a4134bdcc5ac74eed67d56e46fb7c59734df4bbd690eaf0a41ca8adb005f467a065018cfe1fe94f6fa24f1242a314c6f99e18c202d3631a8431c09d3289062da60d6364470ca99c2150ea013f0d65133e35e12d8159b3dfbec8d40d5357e03ce7f0364224701ec931046d93d0413215dc45afd580c6e2c98076f3d3bcb09dce24db9d8e0882bea0f1f9a960e78b17ec2a04fa3c79d61535ce95b202734f7030b937d9e187169c313964341ab79dcd0a7df78846712d3a4249bba9399fd6e7a2e8341a031920b2bd46a2ada4b413b79a56bdf4ba68f6ed2ffd6c6c3f8a181ac3a401df5fe8283aa85088c07c3bd1e3194e4630878c67d298338cac7b9f0430557e3929269fa674d429b23e6585ef5276f267b86d2ee86b9d1db361480bdaead5918051f4411a9e9c57dbaf6a68572067b97fa26d886e9bdbd2c5a628c021b9012d98ff4f4f50eaa24fe7b2a4faea3910e75ca42f118f5ccb7966eb5afcbe96c49b98567ccd7f8e34310e49d08e2d8967bd2dd819e85bf05f11a81ec73375ce5b6f16f03671480762b24228a743dbe619510e7f0ae7ed82f7c68171e312dabf4fec0aec01d7fb8e867c3997e27da65e4398921630eb8bddffcef9d8b9836a3290cabf5e9175f44112cb26d321cdab7604d33b254e03031c517506bccf91b6df156548bbda748c3ade4e3ea8055012e1c9a38d31583c013ef21738df9dcb194a115605bc484ab69a647a5190c0530e8a65ae92938304b37ed4f80a56d312228e0803b9cf6adb859321850011058f06a5ba6908be91dc7fdab292364879eede98d5847205a8d22dfd59f1cf44b7736cea18514b03226951ce8f33ce2816722d91a3621c0a6079d8de4a334ec5325669180a1290543d1da8602250d9bc09d6828529cccebac629c1ab6ff160ba616a484cb7e987e90309d4529b9482ef5b3059f99c16c462c6179179a458a092b0f077fdfd75cd286d6b8bcb3d4f5036fb4a6dd33643dee43ab0fa550f043c9db90ac5700ee67a84ef6868bdd199cefa8fe26b69aae070c93dc0c1a40e4b2e77945aa9a3091a6f7535b089c1f96400412b54d0439b018d6ec86ec83278664b53973b9823c808ee4c3d758508d420139b30a73aa17299c895b", 0x1000, 0x10, 0x0, 0x1}, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x7, 0x66, r0, &(0x7f0000000240)="7e72bc4f98200a4c630d6ae3ae3cbb3b268418a6192c8de25e8316233ae05c", 0x1f, 0x7, 0x0, 0x2, r0}, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x400, r0, &(0x7f0000002e00)="7898a9313597a40d8c72863f476a2835727da35697ad0e8caf38445745ce31b340b8f6f873c8995dc49f5ece9c00c4b9920b518c3c590641be8cc86a15966b722f3d13ec920ef25e6b106377fcb7023b2664e5bc874caa95f8bb11b53b96a9fcd018a7f09f98f0406615d313f003e230be2cec1a323ec2d27ce4a444cc7f1724f04e6f17e38ee87677fc221b697d40af34568dc2d4f84bdcf06a8bfb018e5cc347540c1c5ff222d81d2e8b49c96f3cf45f69fbe0f637dd70d809497f9192f740af07dad95d35dece80d34489b193092776e9df25619610ae50d665637b31de2983555d083dca84dda9554beec170aec1eba15e7b2fbb7b249066115225ee6fe467a22f2f9dc6eb09f17fe61221f9f3d7a6efce77d3baab553fb207a2273ba60ab7da9f7d71cecfcf33b6d6d13be8031d07651f887915f19ea0957ae4d1c10e5f792f737adfd925f2ee2129e22115ac771845e198b710a671ef9cada9a0b6ff3030d96a855649b8f1c25a3429508021b227df1f26d077f4c3c63ccd8fc6c5f8e69f73d2ca4e967cb11528f44a95bcc3e0ff80fbc717d1f691c56e82aef9821a2f58327c435c8200576fcd76a53ce640433d8cfea64cf1981a2c7837276960af400614b7001aa750b35d5ff6cca717f7ac7922c05c16dec3c291572b9417f39442da805c893c8a339a091a12db6fd3ab391933c2f9d68a2a0b202f71d647ca4fc2bb9d7afb20cc7f01adfc0883d6d8a49a0dab5f4fad0f823ba2118932752f63d785e3aa0a9e57d3526e6b3fea00ab51ca459736eac6b1807762c8452d30fbc24c8b1739337312bb3ae8f60f3e3051a112a1bf3fe11fc97017b6216d83b9046f240fc177172f5c1e33e475dbf513c9eb72aed430013364d5672a06b179f88134626b1ed893ef69d4b962250b6a8f8b7e8af2f0ff0f2355d83a3ede9209e0002ef21d126d8dd50a3061a128e67f65fbbe40943eef04900718f9128082b23ce6e2115ce57c9e3f3d31fe2fff8c282b4c906e6cf22fe93fdd79cc9802a3c24cbe3be7fae939a3ebfe543bbfb473951257a3c99968423182876624049516136acb96f28d265021ebf962473aac783b4583beae2bb67e7032fd3c580bf77b9915cd1953a1e885bc848bde030ee69b3bc67e56dac065080ba1af052328d3cfba1cdfd4d51fa2a074b44b8f2accaeb6069edfbcadedea9368efef374ba1f949352ca03508b5d1eedda80ad362969c338f7caddb1614de394ad2dbb15ee5ec170330bad3a34c4e52a2cf0333081e00d8ed62fb9f3bc88aa651a8e107754edc09dc2b9debf7ba656bdfe94847c65b67c1b41e8c774738ffaa249e7b7b1ffd4fd18735642cef1afec3454d48f8da5346aad2325d990af17b0b4d153300f83bfd8e52ed24322fe13fbd7e80bb8e8ef48c4c387e0f9e3a68f6b05175e18f19a942626c182c87fbfb15ab9fb383ded6f17a3a53faaa0fd47e8ccc9c1284138ec072d4e19bf4c4c4c3e2b7991783b199b701c323b00d79937662459b9a474e6f5a3a7bb22e5bc1315a1cee4496d4490f3e3baf3f8ec718ee08e29c77fedf57af593e84fdd0eda1784b67e5b3356ef0e448a97c1f0ed03a43b314209ced2b46757420cfa9bee08461f9bfe9d8a2a52d20ca25d618ae8184193b83381953507a96d0632e09e825482a5301be1a63641bf06b5e1b3a2dccb08db7f9478aa85a60fde8c8eb7bb88eb18708af16da81bcaf6095d845e55021d6dac44b00f7aa23b022e105bfa25367c00429c90ffbb6eaed631d46671ede6baf2420e14fe0d358f5cc6d87962c39ad02bb4cd583855ca54331428fc1c768d66d1c39eb1a3ba6cb7cf156742c773addbc6bb9fb2a0bda4482428d4c9aff2d2b6330b7f3ccf676914f499c5bc310e1ecf4747cb0063099ef830e24ced08d0ad1245a999d4e71ccfdf84da4554f1a0a25baa614580488706027925cd179c9818f9ccd2fc9d818b172c6fcdcc44392ec2824dc2b38d1a427cb2f555b0f5b962715ba44c601ca8b87a7c856f499e0f2f88357a4bcdbf7ed65e37a4744876acce8a5d33514e66aad099ab0bce9b49448db63d4655ea5d7f0957bbcf69a1c58682894a4c56642fae9b5331a954caddb759f23c5232816edd0fade2bcf23baf2229ef3a3888ed01ab8dcbe5f3b40272292bcc963698a8bc038291a1f50342e3cb5b9b0f43abbf7fa2101d8c540801316f72c95c5881afd3068849fa6d03701475fd5d3e7ade7c549403fda3cbe401c9f8824605b447074714cb1051f44d5e89442207f265d6b2d017b1229082c50873ae8b991cd2070453d01f5aad3eac7dea849c41af93932e0f5170c83eee70430b314be45545fb0e662f09b620c7efda0e7f39f66bb9a3f70d46cec763b898fd6c28af1e8461561b5456160d0b60791a4d86fba11715f865852f5ccbc93d385c9853ab9891e1e9dfa9a9f1bfa7ff86666d4a21915a6887a7f42c41cdbf0301769c51648adf59d844f1a9d8ee253e5bb22c58af7243d00a6613041207574fc3351c3db47e61df6894cea7e1cf7aecb9a5b614f5e6d561a63d2166892891807191faaf4436a38fdead2d17cdeb0385a19c5f96719036f8ad31bf4da8b35c287d5f7a39bc695d81177f6c0ff2a2c3d5904a73b7df3d3847b25bf5544a5a6d18dcc6c14cdf0223b7332eeb25e21565a4abc114ea3bf27ae060b8a81e3cd719b2a5ef456e3268186b2355ceccf5b8fc67c349e30e14021760c537cdcd981ebaba8d9c1b0c8e094da384a45a16d5c6f845f576063cc5c1642e0b3af27115f591d5b5ce0bee39475b785b88ae0c356f34eefa5ff9306ca55564de876124c11e1f65cbca9f9c0cb3df2d2c04c24698f4b304b3f73ffed2b03f2bc9e4fdba1445739487e9b15be0d4ec8f9db9e4e95249bbcb9849d1dab811a1c32ddf4faf319cdb498802ea33cb333d3b5c03ac3abe34f80b2247187d388e8309e3fe5bb86aff9468407f53b988bde2698a0c1ebefb8b705e541c819428e691d67e192af9cbe8a687e80263af746573c0f07e5f87e5fc5f706bc0821cd7ee45df66b2d10b436e696db5ed3097b3885afc8033bf205837341d32ba5532bb60e2e6d777e9c2caa974d0698d32654419b66e680c4c98ddea13081906d04d14807f145654cc1b496659cd5e692491d5e2936b325f0b11cbc3243e53a042a83fe8daee966aea2ec4745db521f5814514c1eb507334b66adae1d5ff4fca49d982686d8314394b910e0cad5c02202fdf1d572185472e4b13b72fb5ecaec570bcfcf7eae4f512e941b52b76f428309d8d7359f39b92d789315ed99c51aff54d0bc5259bb4d3402fedf86d47f981be988d0807e85b5ee59824a6903de01a7cc7f33bdc8decdfad1020c642db4383705a36129ac60a7b4cc10cb946c5502d9e27698659d729fe11d4e8b0877cd112666fd6438b7e247c93ca9ef656e40b0a0573b227ea80f82e3f8167e3b46fb17cacf411ac08f1fa664387ec758e8f151aed3511a27c6178ba6d5096f34b02efceda53bf5f3847a243418aae30bf1af59e7353608440d2f423da6d47f8e585da2d990e751048440e446527dfd7c0dc10ff14f395473c22a09831024e8985ac539b6ad6c7d2d01bf2377e5021580652a2d2086cf5a081852cb0499f610949057baabaa3b9f44860467d932f1ea0fa1a615421610a22d8cec21303fc4a5f7e4f582c4f8159bfa452c7b9a586c8d2bb720bf0b1bd6b3d3733a2404c9fbc7a2a24b5d9dbc8b8c8186c1ba6b486727a721e738d554b0247c46df3d9baebf2a984905d6307d1f29cb385233d9a4c932da892af183ad39854c6856212d84c358e8abf348a5dcf0c600a541b043cfe8cf35402c3ddfe412cf84ddf6013813d53c51c1667278e8cb987263d51f719f5469342bb7ea050e72b9da517be65145cce0c9a2cc0e2df0b16f8df4d5337e30ac57f2d02b89482dbb9e5f33f2b863e37e2795c9145ae318a37bf0d9a9abcd4d9e0389c8db56a7ba7eb4841e47246f389a997a1d3a11c069a32e833ecb78bbb5b5b243d77691bfd52d392df3706a157c1f3830eaf4c66e56685dc1e393206d96ed72c356d8f12661913b22d276701053694d58007742c2090dac26ecc7ac09b5056ec3016d37b4a88b5a0a30d513e8ff63b9de17646a42ae2ce6c3b5000cb52fc3adc35e63042a013a728387868636d78450065a2145da0b7eba03d21d447bafcf2d5bc6ad9a15240fae8edf723b8146db4cfde979634282453c7be485aacd49df6aa9a7c33f55ef813035e403b63dc02a5de1013cdd510273ab71bc994422fb34324f0a526d6668122f179c76b92c94aee89deee7f65989487b2d7fd957f0e1aad70f861bc32d3432ca4108654f81d7bcd2b3b8c5c9fbe2af7239ff437c3d1a1ba58b2a772147f672e83bb381091e8f35440ba17a5021a72631be6dd7b7bd93799b46f2fae515a8abdb20ecec1731927e85cc89908f9e93debe3de2f5ee551369e9b3832d98c8916315c578b7cb46ffc699fe1abc18e1ef47d0e10e98af45daea735b852da68152505972b0d7304c79d5ba91b9e027fc3f9d34b7b00320dea265af07261a2c61b1bf512d3ef7220e777671d0a6244a57a0b091344f99dd84e86d836ee5214fb8f3a7c1825a2220598d7378b3ae7df3bd74184d698717dc5b06f205e60bf3c08b8a88c014c7ddc6c8e6531cdd4252f74a572e13d4594cba881564e429c92bc7da6c58cc592480116bc51efc9876f993abf9cca42e1628d7efd640f0fe6aa3cbd86e9c89c3b4e595c109fae5475739a412f865ffdc11e7ff3acbe72714362ac27ddd468664b0253a9b3cba0e655b4cddfdb9239cb5c998ba64cf95084ea8df374a1d4862dd85066526f0ade307ed94ee026cbfe75491f07381fcb2097174ab7bee0e2975c45279ad2b65131a5e4f4c9bfde9af123c06d144c639ec98116aaa07898d7bc0072e20137447f0beaf7f69dc366f5ee53df5eb00d813e539723dddd8f2e3fbbbc2096382dde8a24c9ad24f63fde4d96b778267d8501d3a37d617b2a8f5f7e69cd4ef0e4db4df56f9600751cecb09458c93310b59759713afe38bdd671b5905bdf24794ce01636161cda22d6e4a20a8d4b1decf4e5a4a30c7a35cb54e832d2a018931cd6597193322f23b48f4cd4c190d465cf80890f53c4af099c59f0d24277d9c53ca1493e8b38516fb2d844cc55874053d07161c4613ca95801e7a12308464a51a19199120a249c11372da19fa8f81612001437f4295380d7e0fdbe47455fb9ad59a0f03b640bdaaebc4cc23153fe7e29b0a3640a400590c58356243a8c5cffe291d02d645bfb921a2f9499a674cb9a2fd1c7527dd31a342dd17316d9984235ef5c131ff9eade3532f56bfc83ab3dcca5ab8a85dc75bfed2c879d1b64d3d4c1c4eb2b35225d7ccf0b73fafe8922c9e4cd710edf01a8f5d1f7a34b27f8a5a73ca8a541ad0ec09e35507d53408cceb390d8c2518b76ee6d046eff1e561f1e22a2fd4ff28dbcec2e375215072c39b7a9389a10e296b8a1f192de5fbd37f560c2dd42323c0eee3121a8d42910ff63c38fcd6e90e5329f8ccdc4f41c207f0a492b298864f72dc3a42ac408f14ca73ded5b27bcdf108efd210a0b464de4a48b684533547b6c24d7a27dd90462321d34a74310c82d4d4dbebde54f4d5ad42a9699ba49708d6a572fbb365b55836331b67457a9996e381d26b4e0d6201d94366e2ca293ea8634365d4c03991d6cb199e2d80d9b44f69432eb1a81e58ffaa45cdf2af772f4307e30e70e1b94d1e6376ba66607a53ed9279", 0x1000, 0x8000, 0x0, 0x7}, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x8, r0, &(0x7f0000000440)="81a39653eec93b5d59ad96ac4f45160599fa28c9456aa9384f8297efc308c1837f207eb3c6dcc4e2a05fe07d98580193f5a56baaac69fcf92b446bb70fb78b599a7f7cb00d289879449168d5aabd0c01e608f6dd97f89de05ee44932892222f403dcfc58ac9662c3caaf2d4f46b88ac5177756e63046fbc81085d79668bd8e70f5502159f90802dda1e29f1ef2eb86c649e6d3d349639fccea94b2b074a174b50f21d4dbf33df6632c4a3fece385fb0dceb7a0b2b08ef3291bae", 0xba, 0x7, 0x0, 0x0, r0}, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x3, 0x5, r0, &(0x7f0000000500)="a71f7f365fa370f068bfacf8df8c31e45930891df432eae2126166841b1cf4bac504a600ce8d2ae88bcbdb997aab77f2a903cbdf5207fb196cc95b588c4a1c670a3c078879a75f4afe741de3f65039d7b2d7964884269284e0dd981fa2fa553133513738ac2bb4fb4d8562e5e9fd7a9fb279543506b769846f7e9e5ba0897061", 0x80, 0x1, 0x0, 0x2, r0}])
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=@newlink={0x3c, 0x10, 0x421, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x88a8ffad, 0x60e1}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}]}}}]}, 0x3c}}, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000000)='sys_enter\x00'}, 0x18)
syz_clone3(&(0x7f0000000400)={0xa0000000, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140)=<r3=>0x0, {0x1e}, &(0x7f0000000180)=""/47, 0xffffffffffffff22, &(0x7f00000001c0)=""/196, &(0x7f00000003c0)=[0xffffffffffffffff, 0xffffffffffffffff], 0x2}, 0x58)
socket$packet(0x11, 0x3, 0x300)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_int(r4, 0x0, 0xb, 0x0, 0x0)
semtimedop(0x0, &(0x7f0000000040)=[{}], 0x1f4, &(0x7f0000000140)={0x0, 0x3938700})
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r6, &(0x7f00000000c0)={0x18, 0x0, {0x4, @local, 'veth0_to_bridge\x00'}}, 0x1e)
ioctl$PPPOEIOCSFWD(r6, 0x4008b100, &(0x7f0000000040)={0x18, 0x0, {0x21, @local, 'batadv_slave_0\x00'}})
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000600)={'vlan0\x00'})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000002400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000e00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r7], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r9}, 0x10)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r10}, 0x10)
listen(r8, 0x3)
r11 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000003c0), r5)
sendmsg$NLBL_CIPSOV4_C_LISTALL(r5, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r11, @ANYRES16=r3], 0x14}}, 0x200400c0)

1.072512654s ago: executing program 4 (id=7804):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000283d0020850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001100)={&(0x7f0000001500)='mm_page_alloc\x00', r0}, 0x10)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0xffffffc1, &(0x7f0000000000)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a181014100000000010000000000000e000a000f00000002800200121f", 0x2e}], 0x1}, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = socket(0x15, 0x5, 0x0)
recvmsg$can_raw(r3, &(0x7f0000000c40)={0x0, 0x0, 0x0}, 0x2)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
write$binfmt_script(r4, &(0x7f00000004c0)={'#! ', './file0'}, 0xb)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000000)='percpu_free_percpu\x00', r5}, 0x10)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100fffe08000a40000000000900020073797a32000000000900010073797a3000000000080005400000000f700000000c0a01030000000000000000010000000900020073797a32000000004400038040000080080003400000000234000b8020"], 0xf4}}, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r7}, 0x10)
timer_create(0x2, &(0x7f0000000000)={0x0, 0x14, 0x0, @tid=r2}, &(0x7f0000000040)=<r8=>0x0)
timer_gettime(r8, &(0x7f0000000080))
timer_getoverrun(r8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000005c0)='sched_switch\x00'}, 0x10)
syz_clone(0x5480, 0x0, 0x0, &(0x7f00000004c0), 0x0, &(0x7f0000000540)="a8071c38dab0")

1.005744384s ago: executing program 2 (id=7805):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000200), 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000070000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000040000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = accept4$nfc_llcp(0xffffffffffffffff, 0x0, &(0x7f0000000280), 0x400)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x200800, 0x0)
socket(0xa, 0x2, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000041c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=ANY=[@ANYRES16=r2, @ANYBLOB="0100000000000000000004000000140001800d0001007564703a73797a32"], 0x28}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
setrlimit(0x8, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
mlockall(0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x34, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="090000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001d0000000000000000000000010000000100000002000000ac1e0001"], 0x110)
mount$bind(0x0, 0x0, 0x0, 0x80000, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008108090f9becdb4cb92e264831371900000069bd6efb2502eaf60d002700020400bf050005001201", 0x2e}], 0x1}, 0x0)
ioperm(0x0, 0x5fd, 0x80000000)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
tee(r0, 0xffffffffffffffff, 0x9, 0xc)
socket$qrtr(0x2a, 0x2, 0x0)

973.126154ms ago: executing program 2 (id=7808):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0}, 0x10)
openat$nci(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)

949.307924ms ago: executing program 2 (id=7811):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b000000"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="20010000", @ANYRES16=r2, @ANYBLOB="050000000000000000000f00000008000300", @ANYRES32, @ANYBLOB="47000e"], 0x120}, 0x1, 0x0, 0x0, 0x90}, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000000), 0x4)
r3 = gettid()
process_vm_writev(r3, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000e80)={0x11, 0x3, &(0x7f0000000780)=@framed={{0x18, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, &(0x7f0000000840)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
preadv(r4, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001040)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000200)='mm_page_free\x00', r5, 0x0, 0x2}, 0x18)
madvise(&(0x7f000042f000/0x800000)=nil, 0x800000, 0x15)

790.786805ms ago: executing program 1 (id=7812):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f00000005c0), r1)
sendmsg$NFC_CMD_LLC_GET_PARAMS(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x1c, r2, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x4040)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f00000017c0)='./file0\x00')
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x3, &(0x7f0000000280)=@framed, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
readlink(&(0x7f00000012c0)='./file0/../file0\x00', &(0x7f0000001580)=""/68, 0x44)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
open$dir(&(0x7f0000000200)='./file0\x00', 0x400, 0x80)

736.033336ms ago: executing program 1 (id=7814):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
dup(r0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f00000000c0)={0x8})
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080)=0xffffffffffffffff, 0x4)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x1a9041, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000)={0x0, r2}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00'}, 0x10)
syz_open_procfs(0x0, 0x0)
ioctl$TCSETAF(r1, 0x5408, &(0x7f00000000c0)={0x7f, 0x0, 0x0, 0xb9ff, 0x0, '\x00\x00@\x00'})
syz_clone3(&(0x7f0000000340)={0x42107480, &(0x7f00000000c0), 0x0, 0x0, {0x1c}, 0x0, 0x0, 0x0, 0x0}, 0x58)
write$binfmt_aout(r1, &(0x7f00000003c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
r3 = syz_open_pts(r1, 0x0)
r4 = dup3(r3, r1, 0x0)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000000)=0x12)
fstat(r4, &(0x7f0000000100))

651.854826ms ago: executing program 0 (id=7815):
listen(0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
fcntl$lock(0xffffffffffffffff, 0x5, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r3, 0x0, 0x30, 0xe1515f8735398fb, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000240)=[0x44e, 0x4, 0x3], 0x0, 0x0, 0x44e, 0x1}}, 0x40)

607.764267ms ago: executing program 0 (id=7816):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x35d, &(0x7f0000000f00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPNiDurJvyeatLzFpfr/2+4GSycw8u7OZSXk27WYv3/3yo0rJ0kp6Q6JJJRERkSuRrEQlEPEfo245IWGH8srMnz+/uL5ZTHoVaiW/8WpOKTU3/8PHn6X8bmfTcpF9//KP3O8Xz148f/nvxodlS5UtVa01lK62a7829G3TULtlq6IptWoaumWoctUy6l77d/52zNreXlPp1d3Z9F7dsCylV5uqYjRVo6Ya9abSP9DLVaVpmppNC25SPF5b0/NDBu+MeDAYk3o9r0+JSKqnpXg8kQEBAICJ6s7/o05KP0z+vyVzhcLymnI6t/P/k5fOGzPvnM75+f9Zol/+/9ov3rY68n/ndKKd/9e884PSzfn/13KH/L83I3pchs7/s2MYDIYzn+ipinQ8c/L/tP/+dR29d7LoFsj/AQAAAAAAAAAAAAAAAAAAAAB4GlzZdsa27UzwGPy0LyHwn+NBGjT/0yKSdGbfZv4fsvXNLUm6F+45c2x+sV/cL3qPfodzETHF+Mfu5qyN4Moj5cjKj+aBH3+wX5xyW/IlKTvxsiQZybrrKRRv2ytvFZaXlMePb12mlA7H5yQjz4Tjv3dXpxOf64z395+QlxdC8Zpk5KcdqYkpu25ke/+fLyn15tuFrviU209Efrv3SQEAAAAAYMQ01dL3/F3TBrV73zKSL7kfExmyKBn5u//5/WLf8/NY5oXYpI8eAAAAAIDHwWp+WtElatTdgmn2K6RkYNMICrGOmriI9O2c6KqJX7flqdAR3nY8CfHuYPJ/j+ub4FW9S1TwjxTOwFtN/h1VZLjxBMfv1kRiw09T5FDcBXAYborKLcJj3YOfdypU384LA7dz5B9Iqyb42Cgx4HWW1d7tRK9ZCfGeGjsy3AJ47qtv/xrdG+T1U38FfHJz5yPTsA/kNpPSVXB20dsUH/svHgAAAAD3rp30BzVvhJvDNxIJ3yyHv9wDAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBCY/lKv67CpI8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFL8FwAA//8GuPOT")
creat(&(0x7f0000000040)='./bus\x00', 0x0)
r1 = open(&(0x7f0000000100)='./bus\x00', 0x14113e, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x143142, 0x0)
ftruncate(r2, 0x2007ffb)
sendfile(r2, r2, 0x0, 0x1000000201005)
write$binfmt_script(r1, &(0x7f0000000080), 0x208e24b)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000057"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_emit_ethernet(0x48, &(0x7f0000000a00)={@broadcast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x35}, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "cb653e", 0x12, 0x3a, 0xff, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @rand_addr=' \x01\x00', {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, [{0x22}]}}}}}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
socket$netlink(0x10, 0x3, 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
mlock(&(0x7f0000ffd000/0x2000)=nil, 0x2000)

573.303837ms ago: executing program 3 (id=7817):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0))
ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000200)=0x5)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x14, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000a0dad7b61242c3cd7625d019692d0000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x200, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000002000000fd0f000003"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
getcwd(&(0x7f0000000140)=""/235, 0xeb)
ioctl$PPPIOCSFLAGS1(r0, 0x40047459, &(0x7f00000003c0)=0x2200004)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0c00000004000000040000000900000000000000", @ANYRES32, @ANYBLOB='\x00'/13, @ANYRES32=0x0, @ANYRES32], 0x50)
pwritev(r0, &(0x7f0000000080)=[{&(0x7f00000004c0)='\x00!', 0x2}], 0x1, 0x0, 0x0)

481.278057ms ago: executing program 0 (id=7818):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'hsr0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x44}}, 0x0) (fail_nth: 4)

383.025208ms ago: executing program 1 (id=7819):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000200), 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000070000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000040000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = accept4$nfc_llcp(0xffffffffffffffff, 0x0, &(0x7f0000000280), 0x400)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x200800, 0x0)
socket(0xa, 0x2, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000041c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=ANY=[@ANYRES16=r2, @ANYBLOB="0100000000000000000004000000140001800d0001007564703a73797a32"], 0x28}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
setrlimit(0x8, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
mlockall(0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x34, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="090000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001d0000000000000000000000010000000100000002000000ac1e0001"], 0x110)
mount$bind(0x0, 0x0, 0x0, 0x80000, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008108090f9becdb4cb92e264831371900000069bd6efb2502eaf60d002700020400bf050005001201", 0x2e}], 0x1}, 0x0)
ioperm(0x0, 0x5fd, 0x80000000)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
tee(r0, 0xffffffffffffffff, 0x9, 0xc)
socket$qrtr(0x2a, 0x2, 0x0)

194.107439ms ago: executing program 0 (id=7820):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffd}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = memfd_create(&(0x7f00000001c0)='\x00\xc76\xbe\x91\x8d\x182)!\x9a%\xd9\x19\x17\xb0\xed|\xb3\xc2\x017h\xe9kL\xa2\xd28\xd6\x06\a\x0e\xfc\xfe\x12\x8f&\x13\xae%@T\xa3\xb0>\\\xec\xa9\xf9Q@6A\x10\x8cn|\x00\x00\x00\x00\x00\x00\x00\x00\xeb0\xdd\xe8\x87\x05=\xfb\x8b$\xdcQ\xee\xc5\x1f\x8bQ\xf7fo\"i\xa1hk\x1d\xf5z\xc1\x7f\xa4\\]\xc4\xbe3\xf9\xa8\t?:\xd8\xda\x84\xeepI[\x1c\x00\x00\x00\x00\xf9v\x00\x00\x00\x00\x00T\xb6\xbe\x0f~\xc0\x92\xe9O{\xa8\x81(\x01\x14\xfc\x83\xf9\xfb\x05\x94Tr@Lq]\xf9\x15zj\x87\xc4\x8e\xe8/\xb9-&R\x8e\xb2\xb3bBx\x1e1\x18\x8f2\xf7]#\xed,\xc7\x03\x00\x00\x00\xa3\xee\xcb\xaf\xb3\xe3\'}\x18\xe8O\xa8#K\xb6\xe4R$\xaa\x00U\x92\xd2\x99\xb8<X\xfa\xdd\x8a6\xa1\x82\xf7r\xd8z\x85\x8do\xa5\xed\xd4\xbc8\xfb\x16\x8e\x8b-W\xd4\xc9\xbc\x94CR[Du8U^\xf2tl8\xfe\xd0\x94\xfe\xf5\x1c+\x00U\te\xfa6\xca\xb9\xb4Q\xd9\xee\r6\x861h{\xc7z\'F\xc7\x91\x06x\xe1`\xf1:\xbd+\xd5\f\xb2\xce\xa4\x06\x90\x90\x9b\x1d\xcaa\xf7\x8f\x9e\x80\x93\xafT\xdfl\xec\xc6\x8e\x96', 0x5)
fsetxattr$security_selinux(r2, &(0x7f0000000480), &(0x7f00000004c0)='system_u:object_r:hwdata_t:s0\x00', 0x1a, 0x0)

193.639359ms ago: executing program 3 (id=7821):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa2000000000000070200e2f7ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x15, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "000080f100df00000000000000000009f600"})
syz_open_pts(r3, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r2, 0x541b, &(0x7f0000000200)={<r4=>0xffffffffffffffff})
close_range(r4, 0xffffffffffffffff, 0x0)

189.076009ms ago: executing program 4 (id=7822):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000"], &(0x7f0000000180)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10)
r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents64(r1, &(0x7f0000002ec0)=""/4096, 0x1000)

175.747939ms ago: executing program 4 (id=7823):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
dup(r0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f00000000c0)={0x8})
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080)=0xffffffffffffffff, 0x4)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x1a9041, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000)={0x0, r3}, 0x8)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0xfe, 0x0, 0x9, 0x0, 0x1fc, 0x129, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @perf_bp={0x0, 0xb}, 0x0, 0x0, 0x0, 0x3, 0x0, 0x2, 0xfffc}, 0x0, 0xc, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="c8010000", @ANYRES16=r6, @ANYBLOB="0100000000000000000001000000060006000000000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78042fb5426c010880f4000080060005000180000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff240002001bc715ee4868b12a49f4df11bc05475489f6a27c4d6483ad2fa5e45903b0ce851400040002000000ac1414aa00000000000000008c00098028000080060001000a00000014000200ff020000000000000000000000000001050003000000000028000080060001000a000000140002000000000000000000000000000000000105000300030000001c000080060001000200da0008000200e000000105000300000000001c000080060001000200000008000200ac141400050003000000000074000080200004000a004e2200000000fc0000000000000000000000000000000400000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff080003000100000024000200cde20bc0d9b90ac13642d7b66459dd9db5e20b4b16d3d23f2cb03a8aa417dce6080007000000000014000200776730"], 0x1c8}}, 0x0)
syz_clone3(&(0x7f0000000340)={0x42107480, &(0x7f00000000c0), 0x0, 0x0, {0x1c}, 0x0, 0x0, 0x0, 0x0}, 0x58)
write$binfmt_aout(r1, &(0x7f00000003c0)=ANY=[], 0xff2e)
r7 = syz_open_pts(r1, 0x0)
r8 = dup3(r7, r1, 0x0)
fstat(r8, &(0x7f0000000100))

142.924969ms ago: executing program 3 (id=7824):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000200), 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000070000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000040000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = accept4$nfc_llcp(0xffffffffffffffff, 0x0, &(0x7f0000000280), 0x400)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x200800, 0x0)
socket(0xa, 0x2, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000041c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=ANY=[@ANYRES16=r2, @ANYBLOB="0100000000000000000004000000140001800d0001007564703a73797a32"], 0x28}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
setrlimit(0x8, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
mlockall(0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x34, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f0000000400)=ANY=[@ANYBLOB="090000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001d0000000000000000000000010000000100000002000000ac1e0001"], 0x110)
mount$bind(0x0, 0x0, 0x0, 0x80000, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008108090f9becdb4cb92e264831371900000069bd6efb2502eaf60d002700020400bf050005001201", 0x2e}], 0x1}, 0x0)
ioperm(0x0, 0x5fd, 0x80000000)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
tee(r0, 0xffffffffffffffff, 0x9, 0xc)
socket$qrtr(0x2a, 0x2, 0x0)

141.330219ms ago: executing program 0 (id=7825):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='\v\x00\x00\x00\b\x00\x00\x00\f\x00'], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x10005, r2}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r3}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000071122700000000009500000000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)

109.774339ms ago: executing program 1 (id=7826):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0, <r1=>0xffffffffffffffff}, 0x4)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffff"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r2}, 0x38)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000280)={r1, 0x0, &(0x7f0000000580)=""/86}, 0x20)

103.118249ms ago: executing program 0 (id=7827):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x6, 0x3, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$packet(0x11, 0x2, 0x300)
syz_usb_connect(0x2, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r3=>0x0})
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000300)=<r4=>0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000340)={r1, r3, 0x25, 0x2, @val=@uprobe_multi={&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)=[0xd, 0x1, 0x100000001], &(0x7f0000000200)=[0x0, 0x1], 0x8000, 0x3, 0x0, r4}}, 0x40)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000400)={{r1}, &(0x7f00000000c0), &(0x7f00000003c0)='%-010d \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
creat(&(0x7f0000000cc0)='./bus\x00', 0x128)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0x2000000, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(0xffffffffffffffff, &(0x7f0000000080), 0x1c)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r6=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000001c0)=@dellink={0x20, 0x11, 0x101, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r6}}, 0x20}}, 0x0)

78.475769ms ago: executing program 1 (id=7828):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000ffffffff000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000001140)='kmem_cache_free\x00', r3}, 0x18)
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x201c448, &(0x7f0000000240)=ANY=[@ANYRES64=0x0, @ANYRES16, @ANYBLOB="2c6769643cfdcf0b77ac6521230a8e69bd954673aa802f1833d29130aeed4c22f81044f553f456f9bfb5098b2a9e93a548712e8ab98eb09e6416868eb529124b101953e0856f719f3a5ef09399b0", @ANYRESDEC=0xee00, @ANYBLOB="03fb17d64ee1457b7f766b0fe632a450d954a88a5bb013b1426dbcd2db8e678e84143735559fe815c1089ca7a332d4bdf01c174107f7b5d4c334bdfd19c144177281c2797af0c7710085c466d10db09cb9778b240f3eb0e9867af777b99555f3b8efc775ea468f79c992592b9d258f7d2aeed9897307ed4569b946f087f01194aabf91036335f9d608b0be48fc2ed6a83b29f4c907766a36d7e266f3e6f4cf00000000000000f783a32e834a9f97781a86d9d90efd41b71d18ae2c0859ee2360e8ca4c64dcd070c13085839ca1483b2194612068090284229d9493d0fc80edacb524a7ef83813bad9dda69b2e866830d718641eebecebf6e173b42d8965a70f248c11db1f8ed32875f78d366a6d57a5920f1693d9dfa2afecd1eadd4663be9ec6532e37b81707130b33ffce95706ca4b30011cf71474aea0b09d602b77a24d3f3a192d362e6254a946072b2261ebe3df62ef756d37d55a8a6144812f1c076805e7fdef71742c370745ab09469256abd3c95271edc945e2680bf25eea474ab4bf13e304695d070972bb50091058e50c12198aa0331a"], 0x0, 0xa78, &(0x7f0000000540)="$eJzs3c1vHGf9APDvbGzHdqs2bfNr+4vaZpIqrdsGZ23TRFEPNLHXyRa/INuRGgnUVI2DolgUNSC1EVJTCXGiokIICZAQ6pFTpXKgF5QTcOTEAQn6H6CKU4qAQTO7a+86+5K4azstn0+03pl5vs/bzOw88Xp3nuDzLMuy4rHF9XO/3snGcvc5PfPx+x+8mz/euR5DsSeeT34bMRwRacTAv4tzZXB6ZmlxvkdBVyIuRMSNiCQi9kbtuYORlrULkfwo7t1YvxHJL+LRNtmG77Bz9JTxP223zz8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALgrTc+UyxNJzFUXzr2cdlZMAd4lvVHcR8Ws38lHvapNIpL8EcPDjam+H92/kfxw/uNwPFZbe6w28/dwXLvn4X0vPDRQauTv0qAdcfWta1deXVtbfaO+vjdNB3tm2rvtzbpzQ1vLdqayUF1erM6fOlNJq8uL6cnjx8vHzs4up7PVqCyfX16pzKfTS5VTK4tL6dj0M+nEyZNTaWX8/OK5hTMz43OVxsYTX5osl4+nL41/rXJqaXlx4dhL48vTZ6tzc9WFM0VMnpzHnMhPxK9WV9KVyqn5NL10eW11qlcj86CJtilJa9Bkr5Imy5OTExOTI3H8+ZPPnyiXB+obJicaG8qbxC0Ru3/S0m+/vO3I3/T9+g2fQak+/sdcVGMhzsXLkbb9Nx0zsRSLMd8mLdkorzH+HzlW6Vpv8/jfGOUf3Ug+EMX4/0Rt7YlO43+Htvb+l2W1kreav/HvarwV1+JKvBprsRar8cZnLjGN37euf7o5/V9Zlm2h3DTv7cHmfdCHtp6JSixENZZjMaoxH6eKLWl9Sxon43gcj3K8EmdjNpYjjdmoxlxUYjnOx3KsRKU4o6ZjKSppxEosxlKkMRbT8UykMREnYySmIo1KjMf5WIxzsRBnYiZOFaVcisvFfp/q0sb1oInbCZrsEnTLYP7Zxv/sbvyfINutz1dw2LqsPv4PdQzIGktj0zvWKgAAAKCf/v+Pcd/+B//w14jBeLx4X362Olcp73azAAAAgD4qPq73WP40mEXE45G0+f2/tEuNAwAAAPoiKb5jl0TEaBysLdW+CbUnfAgAAAAAviCKv/8/kT+N5ksHI1m/E8qF3W4bAAAA0B+977HfMyIZjvo9LdOLteeL9Yj6fX5HZ6tzlfHpxbkXJuKp4i4DxTcNbiltT0QyWHz94Nk4VIs6NFp7Hm0tcTiPmhh/YSKejcP1jow9mT89OdYmcrIW+XQt8ukukVN5JAB80R2+dTz+NLvD8f/ZOFqLOHpgYCgiBg60GVnLGyPrwG50FABY13uOndaIt+v5msf/L2/8/j9YT24Z/x+MS//JN67GeLwWr8daXIyjxbcNik8ctNT79ffq7xmsfwyhHEd7vBvQiP3TiVIc7fF+wGjTRC9He7wjUIuNb0RMbe9BAIAddrjDONxp/C8iovHBwdr4f7Tp9/+49ff/9amFVn2lEADuCusz2Pd1IdvTvGW3+wgAtDJKAwAAAAAAAAAAAAAAAAAAAAAAAAAAQP/19bb/w1vM/rf6vH61LVn/5yNovzBS3weNLW/f0d545+pb134cEc1JpbwT29PmoqX9LbnUh3KyiNip47VzC7EvYst7NdolDUXEtjd+pB9VfFpfqL02St0uHue6pgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA5kETsabe9FLE3IsoRcWznW7V9ru92A3beV5pXkptxM96M+3avOQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX0z1+/+XovZ8T21TDJQijkTEhYjIdruN/XRztxvQJyNbzNd0///8mEeWxEDtsEcyOD2ztDifH/5i7ofSx+9/8O4jrdn33m49RWBp0+QS9Ro2x/7q3sbSA0Wu0ZnVq1e+8/q305nTUYqhOL0yOzczf2bpxY0sDycfRqRRezTk7c0f3zvyu/fa9PzDvKftba53ttg5M7fW+0i73N3r7eby2upkXtNK5eWV737r8ptNSQ/GoYgnxyLGWmv6Zv7oUNOhGOxWW/JJ8oPkvvhpXCiOf743kizJD9H9Rf9HLl1eWx1/7fW1ix3atC8ORsTFiOGebVrf1QeL60lbxVlXGsxrLRdB+Y/9PfrYXvMcF7USJzr04YHilBmt92GopQ+lDnWmnftQ7PCm/V5qLCTJ5hZN1Vs0FK0teiieanOks70RnffCU92PdHvJJ8lfkrPx5/h+0/wfpfz4H4nOr87WIorIpjOlY2SpFln0fLI54ZXNkX//2W21vu00NdypH7a8eEtN1//6serT9ShLul6Pmmqc6lBj+9fFpho3nxWljh0vRqT9m3LUrz4dM9Xaub8W1aGd/xfPRQwc6HZVvGW0fq7zFaU1/4vtk7f6+v95Mhb/iOvm/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO5+ScSedttLEUciYl9jPY3I7qDYvZ0SSqPJnTaxr66v//ic21/8LLVse6d3tuRm3Mze3q5GAQAAAAAAALDTTs98/P4H7+aP4u/xe25mWf3v+2nEQETsS34yEjNLi/M9ChqMuBARN/Ll4U5B/8xqWrfm+eLejfUbEdn9W+8SANDDfwMAAP//zlFyiw==")
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x0, 0x0)
chown(&(0x7f0000000040)='./file0\x00', 0x0, 0xffffffffffffffff)
r4 = syz_open_dev$ptys(0xc, 0x3, 0x0)
ioctl$TCSETS(r4, 0x5402, &(0x7f0000000480)={0x2, 0x1, 0x2, 0x7, 0x0, "16746627c579d6a6d9086d74ceb65102e059ee"})
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0xde02})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r5)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380))
ioctl$SIOCSIFHWADDR(r1, 0x8943, &(0x7f00000004c0)={'syzkaller0\x00', @remote})
preadv(r1, &(0x7f0000000400)=[{&(0x7f00000005c0)=""/257, 0x101}], 0x1, 0x8000, 0xc)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x204048, &(0x7f0000000280)={[{@nodiscard}, {}, {@nojournal_checksum}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@dioread_nolock}, {@nodelalloc}, {@acl}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x800343}}]}, 0xfd, 0x587, &(0x7f0000001240)="$eJzs3V9rU+cfAPDvSVP/1Z+tIPLbLobgxRxiatv9cTDQXY5NJsx7F9pYpKmRJhXbCdOLebObIYMxJoy9gN17KXsDexXCJohI2S7GoOOkJzW2Sf+Zmmg+Hzj6PDkn+T5Pn/M8eZ5zEhJA3zqW/pOLeCMivksihpv25SPbeWzluKWnNyfTLYnl5S+eJHF2zWsl2f9DWeb/EfHbNxEnc+vjVhcWZ4rlcmkuy4/WZq+NVhcWT12ZLU6XpktXxycmzrw3Mf7hB+93rK7vXPj7x88ffHLm2+NLP/z66PDdJM7FwWxfWq8OhLjVnDlW/DdLDca5NQeOdSBYL0m6XQB2ZCDr54ORjgHDMZD1euD193VELAN9KtH/oU815gGNtX2H1sGvjMcfryyA1tc/v3JtJPbV10YHlpLnVkbpenekA/HTGPf/vHc33WLj6xD7N8kDbMut2xFxOp9fP/4l2fi3c6frF483tjZG0/i37wXDA5t4kM5/klsR6/p/bnX+Ey3mP0Mt+u5ObND/o3oxnZ/mHnUgTFvp/O+jlvPf1aFrZCDL/a8+5xtMLl8pl05HxKGIOBGDe9P8Rvdzziw9XG63r3n+l25p/MZcMCvHo/ze558zVawVX6TOzR7fjniz5fw3WW3/pEX7p3+PC1uMcbR07612+zav/+5a/iXi7Zbt/+yOVrLx/cnR+vkw2jgr1vvrztHf28Xvdv3T9j+wcf1Hkub7tdXtx/h53z+ldvt2ev7vSS7W03uyx24Ua7W5sYg9yWf5obWPjz97biPfOD6t/4njrfv/Rud/uvj6cov1v3PkTttDe6H9p7bV/ttPPPz0q5/axd9a+79bT53IHtnK+LfVAr7I3w4AAAAAAAB6TS4iDkaSK6ymc7lCYeXzHUfiQK5cqdZOXq7MX52K+ndlR2Iw17jTPdz0eYix7POwjfz4mvxERByOiO8H9tfzhclKearblQcAAAAAAAAAAAAAAAAAAIAeMdTm+/+pPwa6XTpg19V/2GBvt0sBdEPLn/xvfvPvxC89AT2pZf8H+sL2+78rA/C68P4P/Uv/h/6l/0P/2mr/Hxze5YIAL10+4kmu24UAusL8HwAAAAAAAAAAAAAAAAAAAAAAAAAAADrqwvnz6ba89PTmZJqfur4wP1O5fmqqVJ0pzM5PFiYrc9cK05XKdLlUmKzMbvZ65Url2th4zN8YrZWqtdHqwuKl2cr81dqlK7PF6dKl0uBLqRUAAAAAAAAAAAAAAAAAAAC8WqoLizPFcrk0J9E2cTZ26ZXvH4rojQqu2NHT873STBIdTXR5YAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAJv8FAAD//4ieNi8=")
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
pwrite64(r6, &(0x7f0000000140)='2', 0xfdef, 0xfecc)

77.938269ms ago: executing program 3 (id=7829):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0}, 0x10)
openat$nci(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)

51.806419ms ago: executing program 2 (id=7830):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000283d0020850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001100)={&(0x7f0000001500)='mm_page_alloc\x00', r0}, 0x10)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a181014100000000010000000000000e000a000f0000000280020012", 0x2d}], 0x1}, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = socket(0x15, 0x5, 0x0)
recvmsg$can_raw(r3, &(0x7f0000000c40)={0x0, 0x0, 0x0}, 0x2)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
write$binfmt_script(r5, &(0x7f00000004c0)={'#! ', './file0'}, 0xb)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb85000000430000"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000000)='percpu_free_percpu\x00', r6}, 0x10)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100fffe08000a40000000000900020073797a32000000000900010073797a3000000000080005400000000f700000000c0a01030000000000000000010000000900020073797a32000000004400038040000080080003400000000234000b80200001800a00010071756f7461000000100002800c0001400000000000000000100001800c000100636f756e746572000900010073797a30"], 0xf4}}, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r8}, 0x10)
execveat(r5, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
timer_create(0x2, &(0x7f0000000000)={0x0, 0x14, 0x0, @tid=r2}, &(0x7f0000000040)=<r9=>0x0)
timer_gettime(r9, &(0x7f0000000080))
timer_getoverrun(r9)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000005c0)='sched_switch\x00', r10}, 0x10)
syz_clone(0x5480, 0x0, 0x0, &(0x7f00000004c0), 0x0, &(0x7f0000000540)="a8071c38dab0")

33.20678ms ago: executing program 3 (id=7831):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000283d0020850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001100)={&(0x7f0000001500)='mm_page_alloc\x00', r0}, 0x10)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a181014100000000010000000000000e000a000f0000000280020012", 0x2d}], 0x1}, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = socket(0x15, 0x5, 0x0)
recvmsg$can_raw(r3, &(0x7f0000000c40)={0x0, 0x0, 0x0}, 0x2)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
write$binfmt_script(r5, &(0x7f00000004c0)={'#! ', './file0'}, 0xb)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb85000000430000"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000000)='percpu_free_percpu\x00', r6}, 0x10)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100fffe08000a40000000000900020073797a32000000000900010073797a3000000000080005400000000f700000000c0a01030000000000000000010000000900020073797a32000000004400038040000080080003400000000234000b80200001800a00010071756f7461000000100002800c0001400000000000000000100001800c000100636f756e746572000900010073797a30"], 0xf4}}, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r8}, 0x10)
execveat(r5, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
timer_create(0x2, &(0x7f0000000000)={0x0, 0x14, 0x0, @tid=r2}, &(0x7f0000000040)=<r9=>0x0)
timer_gettime(r9, &(0x7f0000000080))
timer_getoverrun(r9)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000005c0)='sched_switch\x00', r10}, 0x10)
syz_clone(0x5480, 0x0, 0x0, &(0x7f00000004c0), 0x0, &(0x7f0000000540)="a8071c38dab0")

0s ago: executing program 1 (id=7832):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0))
ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000200)=0x5)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x14, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000a0dad7b61242c3cd7625d019692d0000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x200, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000002000000fd0f000003"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
getcwd(&(0x7f0000000140)=""/235, 0xeb)
ioctl$PPPIOCSFLAGS1(r0, 0x40047459, &(0x7f00000003c0)=0x2200004)
pwritev(r0, &(0x7f0000000080)=[{&(0x7f00000004c0)='\x00!', 0x2}], 0x1, 0x0, 0x0)

kernel console output (not intermixed with test programs):

64+0xc9/0x1c0
[  330.948208][T23662]  ? clear_bhb_loop+0x55/0xb0
[  330.952885][T23662]  ? clear_bhb_loop+0x55/0xb0
[  330.957555][T23662]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  330.963444][T23662] RIP: 0033:0x7ff4e2d3e819
[  330.967892][T23662] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  330.987617][T23662] RSP: 002b:00007ff4e13b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  330.996020][T23662] RAX: ffffffffffffffda RBX: 00007ff4e2ef5fa0 RCX: 00007ff4e2d3e819
[  331.003979][T23662] RDX: 0000000000000020 RSI: 0000000020000e40 RDI: 0000000000000002
[  331.012013][T23662] RBP: 00007ff4e13b7090 R08: 0000000000000000 R09: 0000000000000000
[  331.020037][T23662] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  331.027996][T23662] R13: 0000000000000000 R14: 00007ff4e2ef5fa0 R15: 00007ffec3503cb8
[  331.035964][T23662]  </TASK>
[  331.109626][T23672] netlink: 'syz.1.6817': attribute type 39 has an invalid length.
[  331.123013][T23668] Process accounting resumed
[  331.262122][T23687] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6824'.
[  331.275575][T23687] syzkaller0: entered allmulticast mode
[  331.288646][T23686] syzkaller0: left allmulticast mode
[  331.596054][T23699] netlink: 'syz.4.6829': attribute type 39 has an invalid length.
[  331.864045][T23722] syz.1.6838[23722] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  331.864153][T23722] syz.1.6838[23722] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  331.876548][T23722] syz.1.6838[23722] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  331.918606][T23725] netlink: 'syz.1.6839': attribute type 10 has an invalid length.
[  332.342432][T23732] netlink: 'syz.0.6841': attribute type 39 has an invalid length.
[  332.780968][T23750] tmpfs: Cannot enable swap on remount if it was disabled on first mount
[  333.084072][T23763] netlink: 'syz.4.6853': attribute type 39 has an invalid length.
[  333.249829][T23777] netlink: 'syz.2.6859': attribute type 10 has an invalid length.
[  333.347197][T23783] tmpfs: Cannot enable swap on remount if it was disabled on first mount
[  333.401701][T23785] FAULT_INJECTION: forcing a failure.
[  333.401701][T23785] name failslab, interval 1, probability 0, space 0, times 0
[  333.414402][T23785] CPU: 0 UID: 0 PID: 23785 Comm: syz.0.6862 Tainted: G        W          6.12.0-syzkaller-01892-g8f7c8b88bda4 #0
[  333.426401][T23785] Tainted: [W]=WARN
[  333.430262][T23785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  333.440322][T23785] Call Trace:
[  333.443604][T23785]  <TASK>
[  333.446604][T23785]  dump_stack_lvl+0xf2/0x150
[  333.451203][T23785]  dump_stack+0x15/0x20
[  333.455390][T23785]  should_fail_ex+0x223/0x230
[  333.460082][T23785]  ? x509_cert_parse+0xe6/0x440
[  333.464974][T23785]  should_failslab+0x8f/0xb0
[  333.469588][T23785]  __kmalloc_cache_noprof+0x4b/0x2a0
[  333.475678][T23785]  x509_cert_parse+0xe6/0x440
[  333.480461][T23785]  x509_key_preparse+0x3c/0x400
[  333.485328][T23785]  asymmetric_key_preparse+0x6b/0xc0
[  333.490620][T23785]  __key_create_or_update+0x29f/0x750
[  333.496077][T23785]  key_create_or_update+0x42/0x60
[  333.501196][T23785]  __se_sys_add_key+0x280/0x320
[  333.506099][T23785]  ? fput+0x1c4/0x200
[  333.510115][T23785]  __x64_sys_add_key+0x67/0x80
[  333.514997][T23785]  x64_sys_call+0x2964/0x2dc0
[  333.520080][T23785]  do_syscall_64+0xc9/0x1c0
[  333.524600][T23785]  ? clear_bhb_loop+0x55/0xb0
[  333.529294][T23785]  ? clear_bhb_loop+0x55/0xb0
[  333.533983][T23785]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  333.539884][T23785] RIP: 0033:0x7f6e8189e819
[  333.544373][T23785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  333.564001][T23785] RSP: 002b:00007f6e7ff17038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8
[  333.572440][T23785] RAX: ffffffffffffffda RBX: 00007f6e81a55fa0 RCX: 00007f6e8189e819
[  333.580408][T23785] RDX: 0000000020000140 RSI: 0000000000000000 RDI: 0000000020000100
[  333.588378][T23785] RBP: 00007f6e7ff17090 R08: 0000000005f9d8b3 R09: 0000000000000000
[  333.596353][T23785] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[  333.604407][T23785] R13: 0000000000000000 R14: 00007f6e81a55fa0 R15: 00007ffdd061fce8
[  333.612387][T23785]  </TASK>
[  333.658412][T23787] pim6reg1: entered promiscuous mode
[  333.663782][T23787] pim6reg1: entered allmulticast mode
[  333.739601][T23794] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  333.769761][T23800] __nla_validate_parse: 4 callbacks suppressed
[  333.769775][T23800] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6869'.
[  333.784979][T23800] bridge_slave_1: left allmulticast mode
[  333.790630][T23800] bridge_slave_1: left promiscuous mode
[  333.796371][T23800] bridge0: port 2(bridge_slave_1) entered disabled state
[  333.804756][T23800] bridge_slave_0: left allmulticast mode
[  333.810381][T23800] bridge_slave_0: left promiscuous mode
[  333.816169][T23800] bridge0: port 1(bridge_slave_0) entered disabled state
[  333.876870][T23794] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  333.936498][T23794] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  333.985920][T23794] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  334.049288][T23794] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  334.063233][T23794] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  334.081077][T23794] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  334.092441][T23794] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  334.467688][T23825] pim6reg: entered allmulticast mode
[  334.474446][T23825] FAULT_INJECTION: forcing a failure.
[  334.474446][T23825] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  334.487704][T23825] CPU: 1 UID: 0 PID: 23825 Comm: syz.3.6877 Tainted: G        W          6.12.0-syzkaller-01892-g8f7c8b88bda4 #0
[  334.499660][T23825] Tainted: [W]=WARN
[  334.503456][T23825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  334.514018][T23825] Call Trace:
[  334.517310][T23825]  <TASK>
[  334.520244][T23825]  dump_stack_lvl+0xf2/0x150
[  334.524895][T23825]  dump_stack+0x15/0x20
[  334.529059][T23825]  should_fail_ex+0x223/0x230
[  334.533748][T23825]  should_fail+0xb/0x10
[  334.537996][T23825]  should_fail_usercopy+0x1a/0x20
[  334.543026][T23825]  _copy_from_user+0x1e/0xb0
[  334.547674][T23825]  do_ipv6_setsockopt+0x1ef/0x2250
[  334.552798][T23825]  ? _parse_integer+0x27/0x30
[  334.557495][T23825]  ? __rcu_read_unlock+0x4e/0x70
[  334.562436][T23825]  ? avc_has_perm_noaudit+0x1cc/0x210
[  334.567827][T23825]  ? selinux_netlbl_socket_setsockopt+0xe5/0x2d0
[  334.574220][T23825]  ipv6_setsockopt+0x57/0x130
[  334.578972][T23825]  rawv6_setsockopt+0x21e/0x410
[  334.583834][T23825]  sock_common_setsockopt+0x64/0x80
[  334.589037][T23825]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  334.594947][T23825]  __sys_setsockopt+0x187/0x200
[  334.599986][T23825]  __x64_sys_setsockopt+0x66/0x80
[  334.605016][T23825]  x64_sys_call+0x282e/0x2dc0
[  334.609762][T23825]  do_syscall_64+0xc9/0x1c0
[  334.614283][T23825]  ? clear_bhb_loop+0x55/0xb0
[  334.618970][T23825]  ? clear_bhb_loop+0x55/0xb0
[  334.623654][T23825]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  334.629546][T23825] RIP: 0033:0x7ff4e2d3e819
[  334.633964][T23825] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  334.653596][T23825] RSP: 002b:00007ff4e13b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  334.662014][T23825] RAX: ffffffffffffffda RBX: 00007ff4e2ef5fa0 RCX: 00007ff4e2d3e819
[  334.670011][T23825] RDX: 00000000000000d4 RSI: 0000000000000029 RDI: 0000000000000003
[  334.678028][T23825] RBP: 00007ff4e13b7090 R08: 0000000000000004 R09: 0000000000000000
[  334.686094][T23825] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000001
[  334.694089][T23825] R13: 0000000000000000 R14: 00007ff4e2ef5fa0 R15: 00007ffec3503cb8
[  334.702118][T23825]  </TASK>
[  334.738186][   T29] kauditd_printk_skb: 291 callbacks suppressed
[  334.738265][   T29] audit: type=1326 audit(1732149853.840:17005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23826 comm="syz.3.6878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4e2d3e819 code=0x7ffc0000
[  334.768110][   T29] audit: type=1326 audit(1732149853.840:17006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23826 comm="syz.3.6878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4e2d3e819 code=0x7ffc0000
[  334.791789][   T29] audit: type=1326 audit(1732149853.840:17007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23826 comm="syz.3.6878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff4e2d3e819 code=0x7ffc0000
[  334.815451][   T29] audit: type=1326 audit(1732149853.840:17008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23826 comm="syz.3.6878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4e2d3e819 code=0x7ffc0000
[  334.839108][   T29] audit: type=1326 audit(1732149853.840:17009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23826 comm="syz.3.6878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff4e2d3e819 code=0x7ffc0000
[  334.862725][   T29] audit: type=1326 audit(1732149853.840:17010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23826 comm="syz.3.6878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4e2d3e819 code=0x7ffc0000
[  334.886400][   T29] audit: type=1326 audit(1732149853.900:17011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23826 comm="syz.3.6878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff4e2d3e819 code=0x7ffc0000
[  334.910006][   T29] audit: type=1326 audit(1732149853.900:17012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23826 comm="syz.3.6878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4e2d3e819 code=0x7ffc0000
[  334.933663][   T29] audit: type=1326 audit(1732149853.900:17013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23826 comm="syz.3.6878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4e2d3e819 code=0x7ffc0000
[  334.957452][   T29] audit: type=1326 audit(1732149853.920:17014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23826 comm="syz.3.6878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff4e2d3e819 code=0x7ffc0000
[  335.079408][T23839] IPVS: set_ctl: invalid protocol: 46 172.30.0.4:20000
[  336.110097][T23887] FAULT_INJECTION: forcing a failure.
[  336.110097][T23887] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  336.123352][T23887] CPU: 0 UID: 0 PID: 23887 Comm: syz.3.6899 Tainted: G        W          6.12.0-syzkaller-01892-g8f7c8b88bda4 #0
[  336.135267][T23887] Tainted: [W]=WARN
[  336.139242][T23887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  336.149295][T23887] Call Trace:
[  336.152596][T23887]  <TASK>
[  336.155526][T23887]  dump_stack_lvl+0xf2/0x150
[  336.160298][T23887]  dump_stack+0x15/0x20
[  336.164571][T23887]  should_fail_ex+0x223/0x230
[  336.169263][T23887]  should_fail+0xb/0x10
[  336.173413][T23887]  should_fail_usercopy+0x1a/0x20
[  336.178440][T23887]  _copy_to_user+0x20/0xa0
[  336.182931][T23887]  simple_read_from_buffer+0xa0/0x110
[  336.188315][T23887]  proc_fail_nth_read+0xf9/0x140
[  336.193315][T23887]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  336.198937][T23887]  vfs_read+0x1a2/0x700
[  336.203145][T23887]  ? __rcu_read_unlock+0x4e/0x70
[  336.208086][T23887]  ? __fget_files+0x17c/0x1c0
[  336.212933][T23887]  ksys_read+0xe8/0x1b0
[  336.217090][T23887]  __x64_sys_read+0x42/0x50
[  336.221605][T23887]  x64_sys_call+0x2874/0x2dc0
[  336.226336][T23887]  do_syscall_64+0xc9/0x1c0
[  336.230868][T23887]  ? clear_bhb_loop+0x55/0xb0
[  336.235595][T23887]  ? clear_bhb_loop+0x55/0xb0
[  336.240296][T23887]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.246191][T23887] RIP: 0033:0x7ff4e2d3d25c
[  336.250705][T23887] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  336.270304][T23887] RSP: 002b:00007ff4e13b7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  336.278783][T23887] RAX: ffffffffffffffda RBX: 00007ff4e2ef5fa0 RCX: 00007ff4e2d3d25c
[  336.286797][T23887] RDX: 000000000000000f RSI: 00007ff4e13b70a0 RDI: 0000000000000004
[  336.294763][T23887] RBP: 00007ff4e13b7090 R08: 0000000000000000 R09: 0000000000000000
[  336.302835][T23887] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  336.310833][T23887] R13: 0000000000000000 R14: 00007ff4e2ef5fa0 R15: 00007ffec3503cb8
[  336.318857][T23887]  </TASK>
[  336.516714][T23892] pim6reg1: entered promiscuous mode
[  336.522096][T23892] pim6reg1: entered allmulticast mode
[  336.578676][T23892] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  336.609471][T23900] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  336.618482][T23900] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  336.635785][T23892] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  336.696257][T23892] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  336.746130][T23892] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  336.810428][T23892] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  336.822126][T23892] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  336.835727][T23892] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  336.848840][T23892] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  336.873888][T23911] FAULT_INJECTION: forcing a failure.
[  336.873888][T23911] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  336.887018][T23911] CPU: 0 UID: 0 PID: 23911 Comm: syz.2.6908 Tainted: G        W          6.12.0-syzkaller-01892-g8f7c8b88bda4 #0
[  336.898960][T23911] Tainted: [W]=WARN
[  336.902758][T23911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  336.912855][T23911] Call Trace:
[  336.916477][T23911]  <TASK>
[  336.919407][T23911]  dump_stack_lvl+0xf2/0x150
[  336.924079][T23911]  dump_stack+0x15/0x20
[  336.928315][T23911]  should_fail_ex+0x223/0x230
[  336.932989][T23911]  should_fail+0xb/0x10
[  336.937179][T23911]  should_fail_usercopy+0x1a/0x20
[  336.942220][T23911]  _copy_from_iter+0xd5/0xd00
[  336.947038][T23911]  ? kernel_fpu_begin_mask+0x19d/0x200
[  336.952498][T23911]  ? kernel_fpu_end+0x5e/0x80
[  336.957195][T23911]  ? blake2s_compress+0xab/0xd0
[  336.962083][T23911]  ? blake2s_update+0x120/0x140
[  336.966944][T23911]  write_pool_user+0x80/0x1e0
[  336.971673][T23911]  ? import_ubuf+0xec/0x130
[  336.976170][T23911]  random_ioctl+0x2c6/0x3f0
[  336.980713][T23911]  ? __pfx_random_ioctl+0x10/0x10
[  336.985820][T23911]  __se_sys_ioctl+0xc9/0x140
[  336.990399][T23911]  __x64_sys_ioctl+0x43/0x50
[  336.995052][T23911]  x64_sys_call+0x1690/0x2dc0
[  336.999790][T23911]  do_syscall_64+0xc9/0x1c0
[  337.004320][T23911]  ? clear_bhb_loop+0x55/0xb0
[  337.009062][T23911]  ? clear_bhb_loop+0x55/0xb0
[  337.013746][T23911]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.019628][T23911] RIP: 0033:0x7fb9ca14e819
[  337.024030][T23911] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  337.043629][T23911] RSP: 002b:00007fb9c87c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  337.052030][T23911] RAX: ffffffffffffffda RBX: 00007fb9ca305fa0 RCX: 00007fb9ca14e819
[  337.060024][T23911] RDX: 0000000020000000 RSI: 0000000040085203 RDI: 0000000000000005
[  337.067984][T23911] RBP: 00007fb9c87c7090 R08: 0000000000000000 R09: 0000000000000000
[  337.075947][T23911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  337.083979][T23911] R13: 0000000000000000 R14: 00007fb9ca305fa0 R15: 00007ffe04bf15a8
[  337.092030][T23911]  </TASK>
[  337.109264][T23916] xt_hashlimit: overflow, rate too high: 0
[  337.419918][T23947] netlink: 'syz.3.6920': attribute type 39 has an invalid length.
[  337.489789][T23951] pim6reg1: entered promiscuous mode
[  337.495261][T23951] pim6reg1: entered allmulticast mode
[  337.558658][T23951] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.606267][T23951] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.676268][T23951] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.736210][T23951] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.790840][T23956] netlink: 112 bytes leftover after parsing attributes in process `syz.0.6924'.
[  337.842459][T23951] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  337.867811][T23951] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  337.881113][T23951] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  337.893651][T23951] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  338.065332][T23982] netlink: 112 bytes leftover after parsing attributes in process `syz.3.6937'.
[  338.100225][T23988] FAULT_INJECTION: forcing a failure.
[  338.100225][T23988] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  338.113507][T23988] CPU: 1 UID: 0 PID: 23988 Comm: syz.2.6939 Tainted: G        W          6.12.0-syzkaller-01892-g8f7c8b88bda4 #0
[  338.125421][T23988] Tainted: [W]=WARN
[  338.129245][T23988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  338.139329][T23988] Call Trace:
[  338.142746][T23988]  <TASK>
[  338.145673][T23988]  dump_stack_lvl+0xf2/0x150
[  338.150384][T23988]  dump_stack+0x15/0x20
[  338.154529][T23988]  should_fail_ex+0x223/0x230
[  338.159200][T23988]  should_fail+0xb/0x10
[  338.163413][T23988]  should_fail_usercopy+0x1a/0x20
[  338.168906][T23988]  _copy_from_user+0x1e/0xb0
[  338.174114][T23988]  move_addr_to_kernel+0x82/0x120
[  338.179205][T23988]  __sys_sendto+0x12e/0x230
[  338.183713][T23988]  __x64_sys_sendto+0x78/0x90
[  338.188393][T23988]  x64_sys_call+0x29fa/0x2dc0
[  338.193098][T23988]  do_syscall_64+0xc9/0x1c0
[  338.197677][T23988]  ? clear_bhb_loop+0x55/0xb0
[  338.202528][T23988]  ? clear_bhb_loop+0x55/0xb0
[  338.207654][T23988]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.213650][T23988] RIP: 0033:0x7fb9ca14e819
[  338.218057][T23988] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  338.237657][T23988] RSP: 002b:00007fb9c87c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  338.246100][T23988] RAX: ffffffffffffffda RBX: 00007fb9ca305fa0 RCX: 00007fb9ca14e819
[  338.254129][T23988] RDX: 00000000000100a6 RSI: 0000000020000180 RDI: 0000000000000004
[  338.262102][T23988] RBP: 00007fb9c87c7090 R08: 0000000020000140 R09: 0000000000000014
[  338.270338][T23988] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  338.278320][T23988] R13: 0000000000000000 R14: 00007fb9ca305fa0 R15: 00007ffe04bf15a8
[  338.286285][T23988]  </TASK>
[  338.305658][T23995] netlink: 'syz.3.6940': attribute type 39 has an invalid length.
[  338.361682][T24004] FAULT_INJECTION: forcing a failure.
[  338.361682][T24004] name failslab, interval 1, probability 0, space 0, times 0
[  338.374537][T24004] CPU: 1 UID: 0 PID: 24004 Comm: syz.3.6944 Tainted: G        W          6.12.0-syzkaller-01892-g8f7c8b88bda4 #0
[  338.386465][T24004] Tainted: [W]=WARN
[  338.390270][T24004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  338.400370][T24004] Call Trace:
[  338.403744][T24004]  <TASK>
[  338.406688][T24004]  dump_stack_lvl+0xf2/0x150
[  338.411292][T24004]  dump_stack+0x15/0x20
[  338.415465][T24004]  should_fail_ex+0x223/0x230
[  338.420155][T24004]  ? audit_log_start+0x34c/0x6b0
[  338.425207][T24004]  should_failslab+0x8f/0xb0
[  338.429871][T24004]  kmem_cache_alloc_noprof+0x4c/0x290
[  338.435263][T24004]  audit_log_start+0x34c/0x6b0
[  338.440265][T24004]  audit_seccomp+0x4b/0x130
[  338.444817][T24004]  __seccomp_filter+0x6fa/0x1180
[  338.449784][T24004]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  338.455532][T24004]  ? vfs_write+0x596/0x920
[  338.459962][T24004]  ? __schedule+0x6fa/0x930
[  338.464487][T24004]  __secure_computing+0x9f/0x1c0
[  338.469525][T24004]  syscall_trace_enter+0xd1/0x1f0
[  338.474590][T24004]  do_syscall_64+0xaa/0x1c0
[  338.479095][T24004]  ? clear_bhb_loop+0x55/0xb0
[  338.483780][T24004]  ? clear_bhb_loop+0x55/0xb0
[  338.488724][T24004]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.494619][T24004] RIP: 0033:0x7ff4e2d3e819
[  338.499048][T24004] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  338.518651][T24004] RSP: 002b:00007ff4e13b7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ef
[  338.527060][T24004] RAX: ffffffffffffffda RBX: 00007ff4e2ef5fa0 RCX: 00007ff4e2d3e819
[  338.535144][T24004] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  338.543364][T24004] RBP: 00007ff4e13b7090 R08: 0000000000000002 R09: 0000000000000000
[  338.551334][T24004] R10: 0000000020117000 R11: 0000000000000246 R12: 0000000000000001
[  338.559352][T24004] R13: 0000000000000000 R14: 00007ff4e2ef5fa0 R15: 00007ffec3503cb8
[  338.567377][T24004]  </TASK>
[  338.610835][T24018] netlink: 112 bytes leftover after parsing attributes in process `syz.3.6950'.
[  338.735024][T24037] FAULT_INJECTION: forcing a failure.
[  338.735024][T24037] name failslab, interval 1, probability 0, space 0, times 0
[  338.747823][T24037] CPU: 1 UID: 0 PID: 24037 Comm: syz.2.6955 Tainted: G        W          6.12.0-syzkaller-01892-g8f7c8b88bda4 #0
[  338.759729][T24037] Tainted: [W]=WARN
[  338.763530][T24037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  338.773591][T24037] Call Trace:
[  338.776880][T24037]  <TASK>
[  338.779818][T24037]  dump_stack_lvl+0xf2/0x150
[  338.784492][T24037]  dump_stack+0x15/0x20
[  338.788703][T24037]  should_fail_ex+0x223/0x230
[  338.793385][T24037]  ? getname_flags+0x81/0x3b0
[  338.798878][T24037]  should_failslab+0x8f/0xb0
[  338.803985][T24037]  kmem_cache_alloc_noprof+0x4c/0x290
[  338.809364][T24037]  getname_flags+0x81/0x3b0
[  338.813915][T24037]  getname+0x17/0x20
[  338.817880][T24037]  do_sys_openat2+0x67/0x120
[  338.822491][T24037]  __x64_sys_open+0xe6/0x110
[  338.827135][T24037]  x64_sys_call+0x13e1/0x2dc0
[  338.831916][T24037]  do_syscall_64+0xc9/0x1c0
[  338.836422][T24037]  ? clear_bhb_loop+0x55/0xb0
[  338.841209][T24037]  ? clear_bhb_loop+0x55/0xb0
[  338.845986][T24037]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.851895][T24037] RIP: 0033:0x7fb9ca14e819
[  338.856311][T24037] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  338.876085][T24037] RSP: 002b:00007fb9c87c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  338.884554][T24037] RAX: ffffffffffffffda RBX: 00007fb9ca305fa0 RCX: 00007fb9ca14e819
[  338.892575][T24037] RDX: 0000000000000000 RSI: 0000000000551a01 RDI: 0000000020000080
[  338.900571][T24037] RBP: 00007fb9c87c7090 R08: 0000000000000000 R09: 0000000000000000
[  338.908545][T24037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  338.916513][T24037] R13: 0000000000000000 R14: 00007fb9ca305fa0 R15: 00007ffe04bf15a8
[  338.924549][T24037]  </TASK>
[  339.077299][T24052] FAULT_INJECTION: forcing a failure.
[  339.077299][T24052] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  339.091091][T24052] CPU: 0 UID: 0 PID: 24052 Comm: syz.2.6963 Tainted: G        W          6.12.0-syzkaller-01892-g8f7c8b88bda4 #0
[  339.102998][T24052] Tainted: [W]=WARN
[  339.106813][T24052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  339.116864][T24052] Call Trace:
[  339.120147][T24052]  <TASK>
[  339.123119][T24052]  dump_stack_lvl+0xf2/0x150
[  339.127726][T24052]  dump_stack+0x15/0x20
[  339.131899][T24052]  should_fail_ex+0x223/0x230
[  339.136659][T24052]  should_fail+0xb/0x10
[  339.140944][T24052]  should_fail_usercopy+0x1a/0x20
[  339.146079][T24052]  _copy_from_user+0x1e/0xb0
[  339.150727][T24052]  move_addr_to_kernel+0x82/0x120
[  339.155832][T24052]  __sys_sendto+0x12e/0x230
[  339.160384][T24052]  __x64_sys_sendto+0x78/0x90
[  339.165162][T24052]  x64_sys_call+0x29fa/0x2dc0
[  339.170086][T24052]  do_syscall_64+0xc9/0x1c0
[  339.174607][T24052]  ? clear_bhb_loop+0x55/0xb0
[  339.179282][T24052]  ? clear_bhb_loop+0x55/0xb0
[  339.184010][T24052]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  339.189913][T24052] RIP: 0033:0x7fb9ca14e819
[  339.194369][T24052] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  339.214062][T24052] RSP: 002b:00007fb9c87c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  339.222476][T24052] RAX: ffffffffffffffda RBX: 00007fb9ca305fa0 RCX: 00007fb9ca14e819
[  339.230438][T24052] RDX: 00000000000100a6 RSI: 0000000020000180 RDI: 0000000000000004
[  339.238401][T24052] RBP: 00007fb9c87c7090 R08: 0000000020000140 R09: 0000000000000014
[  339.246365][T24052] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  339.254333][T24052] R13: 0000000000000000 R14: 00007fb9ca305fa0 R15: 00007ffe04bf15a8
[  339.262477][T24052]  </TASK>
[  339.500511][T24087] FAULT_INJECTION: forcing a failure.
[  339.500511][T24087] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  339.513704][T24087] CPU: 1 UID: 0 PID: 24087 Comm: syz.4.6973 Tainted: G        W          6.12.0-syzkaller-01892-g8f7c8b88bda4 #0
[  339.525721][T24087] Tainted: [W]=WARN
[  339.529524][T24087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  339.539640][T24087] Call Trace:
[  339.542916][T24087]  <TASK>
[  339.545842][T24087]  dump_stack_lvl+0xf2/0x150
[  339.550429][T24087]  dump_stack+0x15/0x20
[  339.554619][T24087]  should_fail_ex+0x223/0x230
[  339.559281][T24087]  should_fail+0xb/0x10
[  339.563421][T24087]  should_fail_usercopy+0x1a/0x20
[  339.568521][T24087]  _copy_from_user+0x1e/0xb0
[  339.573121][T24087]  __se_sys_rt_sigprocmask+0x9d/0x250
[  339.578578][T24087]  __x64_sys_rt_sigprocmask+0x55/0x70
[  339.585021][T24087]  x64_sys_call+0x2978/0x2dc0
[  339.589743][T24087]  do_syscall_64+0xc9/0x1c0
[  339.594310][T24087]  ? clear_bhb_loop+0x55/0xb0
[  339.598988][T24087]  ? clear_bhb_loop+0x55/0xb0
[  339.603738][T24087]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  339.609629][T24087] RIP: 0033:0x7f23b88ee819
[  339.614043][T24087] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  339.633657][T24087] RSP: 002b:00007f23b6f67038 EFLAGS: 00000246 ORIG_RAX: 000000000000000e
[  339.642598][T24087] RAX: ffffffffffffffda RBX: 00007f23b8aa5fa0 RCX: 00007f23b88ee819
[  339.650635][T24087] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000000
[  339.658797][T24087] RBP: 00007f23b6f67090 R08: 0000000000000000 R09: 0000000000000000
[  339.666763][T24087] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001
[  339.674752][T24087] R13: 0000000000000000 R14: 00007f23b8aa5fa0 R15: 00007ffc1e3cff18
[  339.682749][T24087]  </TASK>
[  339.779239][   T29] kauditd_printk_skb: 150 callbacks suppressed
[  339.779253][   T29] audit: type=1400 audit(1732149858.879:17163): avc:  denied  { load_policy } for  pid=24093 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  339.807676][T24094] SELinux:  policydb string length 37271 does not match expected length 8
[  339.816410][T24094] SELinux: failed to load policy
[  339.843320][T24097] netlink: 112 bytes leftover after parsing attributes in process `syz.2.6977'.
[  339.952012][T24105] FAULT_INJECTION: forcing a failure.
[  339.952012][T24105] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  339.965815][T24105] CPU: 0 UID: 0 PID: 24105 Comm: syz.2.6980 Tainted: G        W          6.12.0-syzkaller-01892-g8f7c8b88bda4 #0
[  339.977782][T24105] Tainted: [W]=WARN
[  339.981584][T24105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  339.991663][T24105] Call Trace:
[  339.994941][T24105]  <TASK>
[  339.997871][T24105]  dump_stack_lvl+0xf2/0x150
[  340.002579][T24105]  dump_stack+0x15/0x20
[  340.006771][T24105]  should_fail_ex+0x223/0x230
[  340.011453][T24105]  should_fail+0xb/0x10
[  340.015615][T24105]  should_fail_usercopy+0x1a/0x20
[  340.020682][T24105]  _copy_from_user+0x1e/0xb0
[  340.025290][T24105]  copy_msghdr_from_user+0x54/0x2a0
[  340.030516][T24105]  ? __fget_files+0x17c/0x1c0
[  340.035281][T24105]  __sys_sendmsg+0x13e/0x230
[  340.039993][T24105]  __x64_sys_sendmsg+0x46/0x50
[  340.044764][T24105]  x64_sys_call+0x2734/0x2dc0
[  340.049448][T24105]  do_syscall_64+0xc9/0x1c0
[  340.054036][T24105]  ? clear_bhb_loop+0x55/0xb0
[  340.058746][T24105]  ? clear_bhb_loop+0x55/0xb0
[  340.063481][T24105]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  340.069383][T24105] RIP: 0033:0x7fb9ca14e819
[  340.073854][T24105] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  340.093539][T24105] RSP: 002b:00007fb9c87c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  340.102019][T24105] RAX: ffffffffffffffda RBX: 00007fb9ca305fa0 RCX: 00007fb9ca14e819
[  340.109992][T24105] RDX: 0000000000000000 RSI: 0000000020001540 RDI: 0000000000000003
[  340.117989][T24105] RBP: 00007fb9c87c7090 R08: 0000000000000000 R09: 0000000000000000
[  340.126014][T24105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  340.133985][T24105] R13: 0000000000000000 R14: 00007fb9ca305fa0 R15: 00007ffe04bf15a8
[  340.142038][T24105]  </TASK>
[  340.353396][   T29] audit: type=1326 audit(1732149859.449:17164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24115 comm="syz.0.6985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8189e819 code=0x7ffc0000
[  340.377729][   T29] audit: type=1326 audit(1732149859.479:17165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24115 comm="syz.0.6985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f6e8189e819 code=0x7ffc0000
[  340.401500][   T29] audit: type=1326 audit(1732149859.479:17166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24115 comm="syz.0.6985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8189e819 code=0x7ffc0000
[  340.425412][   T29] audit: type=1326 audit(1732149859.479:17167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24115 comm="syz.0.6985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8189e819 code=0x7ffc0000
[  340.449189][   T29] audit: type=1326 audit(1732149859.479:17168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24115 comm="syz.0.6985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6e8189e819 code=0x7ffc0000
[  340.472897][   T29] audit: type=1326 audit(1732149859.479:17169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24115 comm="syz.0.6985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8189e819 code=0x7ffc0000
[  340.496601][   T29] audit: type=1326 audit(1732149859.479:17170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24115 comm="syz.0.6985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8189e819 code=0x7ffc0000
[  340.520423][   T29] audit: type=1326 audit(1732149859.479:17171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24115 comm="syz.0.6985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7f6e8189e819 code=0x7ffc0000
[  340.544070][   T29] audit: type=1326 audit(1732149859.479:17172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24115 comm="syz.0.6985" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8189e819 code=0x7ffc0000
[  340.776189][T24138] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1109
[  340.882635][T24146] netlink: 'syz.1.6996': attribute type 10 has an invalid length.
[  341.459490][T24218] netlink: 'syz.0.7023': attribute type 10 has an invalid length.
[  341.875421][T24232] FAULT_INJECTION: forcing a failure.
[  341.875421][T24232] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  341.888512][T24232] CPU: 0 UID: 0 PID: 24232 Comm: syz.1.7028 Tainted: G        W          6.12.0-syzkaller-01892-g8f7c8b88bda4 #0
[  341.900418][T24232] Tainted: [W]=WARN
[  341.904223][T24232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  341.914304][T24232] Call Trace:
[  341.917632][T24232]  <TASK>
[  341.920610][T24232]  dump_stack_lvl+0xf2/0x150
[  341.925292][T24232]  dump_stack+0x15/0x20
[  341.929459][T24232]  should_fail_ex+0x223/0x230
[  341.934146][T24232]  should_fail+0xb/0x10
[  341.938347][T24232]  should_fail_usercopy+0x1a/0x20
[  341.943383][T24232]  _copy_from_user+0x1e/0xb0
[  341.948037][T24232]  move_addr_to_kernel+0x82/0x120
[  341.953092][T24232]  __sys_sendto+0x12e/0x230
[  341.957626][T24232]  __x64_sys_sendto+0x78/0x90
[  341.962373][T24232]  x64_sys_call+0x29fa/0x2dc0
[  341.967068][T24232]  do_syscall_64+0xc9/0x1c0
[  341.971638][T24232]  ? clear_bhb_loop+0x55/0xb0
[  341.976326][T24232]  ? clear_bhb_loop+0x55/0xb0
[  341.981017][T24232]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  341.986925][T24232] RIP: 0033:0x7fa91311e819
[  341.991345][T24232] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  342.010970][T24232] RSP: 002b:00007fa911797038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  342.019392][T24232] RAX: ffffffffffffffda RBX: 00007fa9132d5fa0 RCX: 00007fa91311e819
[  342.027377][T24232] RDX: 00000000000100a6 RSI: 0000000020000180 RDI: 0000000000000004
[  342.035431][T24232] RBP: 00007fa911797090 R08: 0000000020000140 R09: 0000000000000014
[  342.043413][T24232] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  342.051473][T24232] R13: 0000000000000000 R14: 00007fa9132d5fa0 R15: 00007fff22e0c408
[  342.059493][T24232]  </TASK>
[  342.133296][T24250] FAULT_INJECTION: forcing a failure.
[  342.133296][T24250] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  342.147030][T24250] CPU: 0 UID: 0 PID: 24250 Comm: syz.1.7034 Tainted: G        W          6.12.0-syzkaller-01892-g8f7c8b88bda4 #0
[  342.159055][T24250] Tainted: [W]=WARN
[  342.162853][T24250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  342.173074][T24250] Call Trace:
[  342.176417][T24250]  <TASK>
[  342.179348][T24250]  dump_stack_lvl+0xf2/0x150
[  342.184023][T24250]  dump_stack+0x15/0x20
[  342.188183][T24250]  should_fail_ex+0x223/0x230
[  342.192930][T24250]  should_fail+0xb/0x10
[  342.197165][T24250]  should_fail_usercopy+0x1a/0x20
[  342.202218][T24250]  _copy_from_user+0x1e/0xb0
[  342.206861][T24250]  copy_msghdr_from_user+0x54/0x2a0
[  342.212070][T24250]  ? __fget_files+0x17c/0x1c0
[  342.216831][T24250]  __sys_sendmsg+0x13e/0x230
[  342.221482][T24250]  __x64_sys_sendmsg+0x46/0x50
[  342.226316][T24250]  x64_sys_call+0x2734/0x2dc0
[  342.231019][T24250]  do_syscall_64+0xc9/0x1c0
[  342.235588][T24250]  ? clear_bhb_loop+0x55/0xb0
[  342.240274][T24250]  ? clear_bhb_loop+0x55/0xb0
[  342.245016][T24250]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.250921][T24250] RIP: 0033:0x7fa91311e819
[  342.255339][T24250] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  342.274964][T24250] RSP: 002b:00007fa911797038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  342.283483][T24250] RAX: ffffffffffffffda RBX: 00007fa9132d5fa0 RCX: 00007fa91311e819
[  342.291531][T24250] RDX: 0000000000000000 RSI: 0000000020005800 RDI: 0000000000000003
[  342.299493][T24250] RBP: 00007fa911797090 R08: 0000000000000000 R09: 0000000000000000
[  342.307460][T24250] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  342.315447][T24250] R13: 0000000000000000 R14: 00007fa9132d5fa0 R15: 00007fff22e0c408
[  342.323423][T24250]  </TASK>
[  342.365695][T24256] netlink: 'syz.2.7036': attribute type 39 has an invalid length.
[  342.550283][T24276] hub 6-0:1.0: USB hub found
[  342.560040][T24276] hub 6-0:1.0: 8 ports detected
[  342.757908][T24290] vlan0: entered allmulticast mode
[  342.763056][T24290] bridge_slave_0: entered allmulticast mode
[  342.785901][T24290] bridge_slave_0: left allmulticast mode
[  343.810243][T24327] netlink: 'syz.2.7061': attribute type 10 has an invalid length.
[  344.615849][T24373] netlink: 48 bytes leftover after parsing attributes in process `syz.3.7080'.
[  344.637284][T24373] hub 6-0:1.0: USB hub found
[  344.642064][T24373] hub 6-0:1.0: 8 ports detected
[  344.841612][   T29] kauditd_printk_skb: 149 callbacks suppressed
[  344.841628][   T29] audit: type=1326 audit(1732149863.938:17322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24396 comm="syz.2.7090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9ca14e819 code=0x7ffc0000
[  344.873610][   T29] audit: type=1326 audit(1732149863.968:17323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24396 comm="syz.2.7090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7fb9ca14e819 code=0x7ffc0000
[  344.897831][   T29] audit: type=1326 audit(1732149863.968:17324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24396 comm="syz.2.7090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9ca14e819 code=0x7ffc0000
[  344.921827][   T29] audit: type=1326 audit(1732149863.968:17325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24396 comm="syz.2.7090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9ca14e819 code=0x7ffc0000
[  344.945422][   T29] audit: type=1326 audit(1732149863.968:17326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24396 comm="syz.2.7090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=47 compat=0 ip=0x7fb9ca14e819 code=0x7ffc0000
[  344.969929][   T29] audit: type=1326 audit(1732149863.968:17327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24396 comm="syz.2.7090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9ca14e819 code=0x7ffc0000
[  344.993475][   T29] audit: type=1326 audit(1732149863.968:17328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24396 comm="syz.2.7090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9ca14e819 code=0x7ffc0000
[  345.017517][   T29] audit: type=1326 audit(1732149863.968:17329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24396 comm="syz.2.7090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fb9ca14e819 code=0x7ffc0000
[  345.040976][   T29] audit: type=1326 audit(1732149863.968:17330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24396 comm="syz.2.7090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9ca14e819 code=0x7ffc0000
[  345.064999][   T29] audit: type=1326 audit(1732149863.968:17331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24396 comm="syz.2.7090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9ca14e819 code=0x7ffc0000
[  345.089665][T24404] netlink: 'syz.2.7092': attribute type 10 has an invalid length.
[  345.174494][T24410] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1109
[  345.202167][T24408] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  345.226293][T24408] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  345.625658][T24431] pim6reg1: entered promiscuous mode
[  345.631036][T24431] pim6reg1: entered allmulticast mode
[  345.661174][T24442] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=24442 comm=syz.3.7107
[  345.694026][T24438] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  345.749832][T24438] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  345.808018][T24438] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  345.867804][T24438] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  345.911921][T24438] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  345.923419][T24438] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  345.936923][T24438] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  345.948835][T24438] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  346.027520][T24474] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1109
[  346.042161][T24474] loop0: detected capacity change from 0 to 256
[  346.055959][T24474] FAT-fs (loop0): Directory bread(block 64) failed
[  346.063249][T24474] FAT-fs (loop0): Directory bread(block 65) failed
[  346.070635][T24474] FAT-fs (loop0): Directory bread(block 66) failed
[  346.077530][T24474] FAT-fs (loop0): Directory bread(block 67) failed
[  346.084187][T24474] FAT-fs (loop0): Directory bread(block 68) failed
[  346.091502][T24474] FAT-fs (loop0): Directory bread(block 69) failed
[  346.098182][T24474] FAT-fs (loop0): Directory bread(block 70) failed
[  346.104846][T24474] FAT-fs (loop0): Directory bread(block 71) failed
[  346.112151][T24474] FAT-fs (loop0): Directory bread(block 72) failed
[  346.118863][T24474] FAT-fs (loop0): Directory bread(block 73) failed
[  346.157610][T24477] pim6reg1: entered promiscuous mode
[  346.162949][T24477] pim6reg1: entered allmulticast mode
[  346.224977][T24478] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  346.287648][T24478] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  346.348459][T24478] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  346.407156][T24478] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  346.627966][T24480] netlink: 'syz.4.7122': attribute type 39 has an invalid length.
[  346.676914][T24482] netlink: 'syz.2.7123': attribute type 10 has an invalid length.
[  346.778096][T24501] pim6reg1: entered promiscuous mode
[  346.783439][T24501] pim6reg1: entered allmulticast mode
[  346.844236][T24506] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  346.887520][T24506] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  346.937157][T24506] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  346.987532][T24506] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  347.030460][T24506] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  347.041201][T24506] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  347.052677][T24506] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  347.063430][T24506] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  348.662292][T24563] pim6reg1: entered promiscuous mode
[  348.667641][T24563] pim6reg1: entered allmulticast mode
[  348.731485][T24568] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  348.777300][T24568] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  348.820090][T24568] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  348.867811][T24568] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  348.920697][T24568] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  348.932396][T24568] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  348.944922][T24568] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  348.957169][T24568] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  349.096153][T24583] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1109
[  349.369115][T24609] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1109
[  349.443333][T24617] FAULT_INJECTION: forcing a failure.
[  349.443333][T24617] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  349.457005][T24617] CPU: 0 UID: 0 PID: 24617 Comm: syz.3.7177 Tainted: G        W          6.12.0-syzkaller-01892-g8f7c8b88bda4 #0
[  349.468926][T24617] Tainted: [W]=WARN
[  349.472744][T24617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  349.482974][T24617] Call Trace:
[  349.486246][T24617]  <TASK>
[  349.489178][T24617]  dump_stack_lvl+0xf2/0x150
[  349.493835][T24617]  dump_stack+0x15/0x20
[  349.498037][T24617]  should_fail_ex+0x223/0x230
[  349.502710][T24617]  should_fail+0xb/0x10
[  349.506926][T24617]  should_fail_usercopy+0x1a/0x20
[  349.511986][T24617]  _copy_to_user+0x20/0xa0
[  349.516425][T24617]  simple_read_from_buffer+0xa0/0x110
[  349.521789][T24617]  proc_fail_nth_read+0xf9/0x140
[  349.526782][T24617]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  349.532384][T24617]  vfs_read+0x1a2/0x700
[  349.536541][T24617]  ? __rcu_read_unlock+0x4e/0x70
[  349.541504][T24617]  ? __fget_files+0x17c/0x1c0
[  349.546204][T24617]  ksys_read+0xe8/0x1b0
[  349.550348][T24617]  __x64_sys_read+0x42/0x50
[  349.554862][T24617]  x64_sys_call+0x2874/0x2dc0
[  349.559590][T24617]  do_syscall_64+0xc9/0x1c0
[  349.564094][T24617]  ? clear_bhb_loop+0x55/0xb0
[  349.568895][T24617]  ? clear_bhb_loop+0x55/0xb0
[  349.573572][T24617]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.579601][T24617] RIP: 0033:0x7ff4e2d3d25c
[  349.584008][T24617] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  349.603716][T24617] RSP: 002b:00007ff4e13b7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  349.612144][T24617] RAX: ffffffffffffffda RBX: 00007ff4e2ef5fa0 RCX: 00007ff4e2d3d25c
[  349.620107][T24617] RDX: 000000000000000f RSI: 00007ff4e13b70a0 RDI: 0000000000000005
[  349.628110][T24617] RBP: 00007ff4e13b7090 R08: 0000000000000000 R09: 0000000000000000
[  349.636110][T24617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  349.644131][T24617] R13: 0000000000000000 R14: 00007ff4e2ef5fa0 R15: 00007ffec3503cb8
[  349.652159][T24617]  </TASK>
[  349.694170][T24623] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  349.958009][T24478] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  349.969364][T24478] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  349.984133][T24478] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  349.998160][T24478] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  350.646585][   T29] kauditd_printk_skb: 218 callbacks suppressed
[  350.646601][   T29] audit: type=1326 audit(1732149869.748:17550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24667 comm="syz.3.7196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4e2d3e819 code=0x7ffc0000
[  350.677881][   T29] audit: type=1326 audit(1732149869.748:17551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24667 comm="syz.3.7196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4e2d3e819 code=0x7ffc0000
[  350.701581][   T29] audit: type=1326 audit(1732149869.748:17552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24667 comm="syz.3.7196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7ff4e2d3e819 code=0x7ffc0000
[  350.725763][   T29] audit: type=1326 audit(1732149869.748:17553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24667 comm="syz.3.7196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4e2d3e819 code=0x7ffc0000
[  350.749353][   T29] audit: type=1326 audit(1732149869.748:17554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24667 comm="syz.3.7196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=47 compat=0 ip=0x7ff4e2d3e819 code=0x7ffc0000
[  350.773908][   T29] audit: type=1326 audit(1732149869.748:17555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24667 comm="syz.3.7196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4e2d3e819 code=0x7ffc0000
[  350.798085][   T29] audit: type=1326 audit(1732149869.748:17556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24667 comm="syz.3.7196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7ff4e2d3e819 code=0x7ffc0000
[  350.821571][   T29] audit: type=1326 audit(1732149869.748:17557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24667 comm="syz.3.7196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4e2d3e819 code=0x7ffc0000
[  350.845771][   T29] audit: type=1326 audit(1732149869.748:17558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24667 comm="syz.3.7196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff4e2d3e819 code=0x7ffc0000
[  350.869369][   T29] audit: type=1326 audit(1732149869.748:17559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24667 comm="syz.3.7196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4e2d3e819 code=0x7ffc0000
[  350.929713][T24684] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1109
[  351.237550][T24698] netlink: 'syz.3.7206': attribute type 10 has an invalid length.
[  351.245748][T24698] geneve1: entered promiscuous mode
[  351.254683][T24698] bond0: (slave geneve1): Enslaving as an active interface with an up link
[  351.918349][T24743] FAULT_INJECTION: forcing a failure.
[  351.918349][T24743] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  351.931486][T24743] CPU: 1 UID: 0 PID: 24743 Comm: syz.0.7220 Tainted: G        W          6.12.0-syzkaller-01892-g8f7c8b88bda4 #0
[  351.943382][T24743] Tainted: [W]=WARN
[  351.947214][T24743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  351.957353][T24743] Call Trace:
[  351.960625][T24743]  <TASK>
[  351.963551][T24743]  dump_stack_lvl+0xf2/0x150
[  351.968154][T24743]  dump_stack+0x15/0x20
[  351.972356][T24743]  should_fail_ex+0x223/0x230
[  351.977025][T24743]  should_fail+0xb/0x10
[  351.981200][T24743]  should_fail_usercopy+0x1a/0x20
[  351.986222][T24743]  _copy_from_user+0x1e/0xb0
[  351.990937][T24743]  copy_msghdr_from_user+0x54/0x2a0
[  351.996172][T24743]  ? __fget_files+0x17c/0x1c0
[  352.000986][T24743]  __sys_recvmsg+0x140/0x260
[  352.005629][T24743]  __x64_sys_recvmsg+0x46/0x50
[  352.010392][T24743]  x64_sys_call+0xc64/0x2dc0
[  352.014998][T24743]  do_syscall_64+0xc9/0x1c0
[  352.019585][T24743]  ? clear_bhb_loop+0x55/0xb0
[  352.024267][T24743]  ? clear_bhb_loop+0x55/0xb0
[  352.028934][T24743]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  352.034884][T24743] RIP: 0033:0x7f6e8189e819
[  352.039319][T24743] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  352.058956][T24743] RSP: 002b:00007f6e7ff17038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  352.067433][T24743] RAX: ffffffffffffffda RBX: 00007f6e81a55fa0 RCX: 00007f6e8189e819
[  352.075405][T24743] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005
[  352.083368][T24743] RBP: 00007f6e7ff17090 R08: 0000000000000000 R09: 0000000000000000
[  352.091330][T24743] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  352.099297][T24743] R13: 0000000000000000 R14: 00007f6e81a55fa0 R15: 00007ffdd061fce8
[  352.107343][T24743]  </TASK>
[  352.169155][T24752] netlink: 'syz.3.7224': attribute type 1 has an invalid length.
[  352.174261][T24743] loop0: detected capacity change from 0 to 1024
[  352.208317][T24743] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  352.287946][T21502] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  352.317814][T24767] netlink: 'syz.2.7229': attribute type 39 has an invalid length.
[  352.421815][T24772] netlink: 5 bytes leftover after parsing attributes in process `syz.2.7230'.
[  352.431988][T24772] tc_dump_action: action bad kind
[  352.437304][T24782] netlink: 'syz.0.7234': attribute type 10 has an invalid length.
[  352.508849][T24792] pim6reg1: entered promiscuous mode
[  352.514164][T24792] pim6reg1: entered allmulticast mode
[  352.574309][T24792] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  352.647961][T24792] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  352.701576][T24809] FAULT_INJECTION: forcing a failure.
[  352.701576][T24809] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  352.714697][T24809] CPU: 0 UID: 0 PID: 24809 Comm: syz.4.7245 Tainted: G        W          6.12.0-syzkaller-01892-g8f7c8b88bda4 #0
[  352.726625][T24809] Tainted: [W]=WARN
[  352.730496][T24809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  352.740536][T24809] Call Trace:
[  352.743870][T24809]  <TASK>
[  352.746820][T24809]  dump_stack_lvl+0xf2/0x150
[  352.751398][T24809]  dump_stack+0x15/0x20
[  352.755538][T24809]  should_fail_ex+0x223/0x230
[  352.760217][T24809]  should_fail+0xb/0x10
[  352.764410][T24809]  should_fail_usercopy+0x1a/0x20
[  352.769429][T24809]  _copy_from_user+0x1e/0xb0
[  352.774059][T24809]  copy_msghdr_from_user+0x54/0x2a0
[  352.779294][T24809]  ? __fget_files+0x17c/0x1c0
[  352.783981][T24809]  __sys_sendmsg+0x13e/0x230
[  352.788570][T24809]  __x64_sys_sendmsg+0x46/0x50
[  352.793337][T24809]  x64_sys_call+0x2734/0x2dc0
[  352.798122][T24809]  do_syscall_64+0xc9/0x1c0
[  352.802741][T24809]  ? clear_bhb_loop+0x55/0xb0
[  352.807492][T24809]  ? clear_bhb_loop+0x55/0xb0
[  352.812197][T24809]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  352.818087][T24809] RIP: 0033:0x7f23b88ee819
[  352.822543][T24809] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  352.842233][T24809] RSP: 002b:00007f23b6f67038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  352.850631][T24809] RAX: ffffffffffffffda RBX: 00007f23b8aa5fa0 RCX: 00007f23b88ee819
[  352.858618][T24809] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000007
[  352.866584][T24809] RBP: 00007f23b6f67090 R08: 0000000000000000 R09: 0000000000000000
[  352.874568][T24809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  352.882518][T24809] R13: 0000000000000000 R14: 00007f23b8aa5fa0 R15: 00007ffc1e3cff18
[  352.890553][T24809]  </TASK>
[  352.897148][T24792] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  352.911294][T24811] FAULT_INJECTION: forcing a failure.
[  352.911294][T24811] name failslab, interval 1, probability 0, space 0, times 0
[  352.923990][T24811] CPU: 1 UID: 0 PID: 24811 Comm: syz.4.7246 Tainted: G        W          6.12.0-syzkaller-01892-g8f7c8b88bda4 #0
[  352.935878][T24811] Tainted: [W]=WARN
[  352.939664][T24811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  352.949729][T24811] Call Trace:
[  352.952991][T24811]  <TASK>
[  352.955910][T24811]  dump_stack_lvl+0xf2/0x150
[  352.960700][T24811]  dump_stack+0x15/0x20
[  352.964858][T24811]  should_fail_ex+0x223/0x230
[  352.969518][T24811]  ? alloc_empty_file+0xd0/0x200
[  352.974514][T24811]  should_failslab+0x8f/0xb0
[  352.979150][T24811]  kmem_cache_alloc_noprof+0x4c/0x290
[  352.984510][T24811]  alloc_empty_file+0xd0/0x200
[  352.989314][T24811]  path_openat+0x6a/0x1fa0
[  352.993775][T24811]  ? kernelmode_fixup_or_oops+0x58/0xb0
[  352.999319][T24811]  ? _parse_integer_limit+0x167/0x180
[  353.004754][T24811]  ? _parse_integer+0x27/0x30
[  353.009473][T24811]  ? kstrtoull+0x110/0x140
[  353.013890][T24811]  ? kstrtouint+0x77/0xc0
[  353.018267][T24811]  ? kstrtouint_from_user+0xb0/0xe0
[  353.023459][T24811]  do_filp_open+0x107/0x230
[  353.027981][T24811]  do_sys_openat2+0xab/0x120
[  353.032641][T24811]  __x64_sys_openat+0xf3/0x120
[  353.037406][T24811]  x64_sys_call+0x2b30/0x2dc0
[  353.042076][T24811]  do_syscall_64+0xc9/0x1c0
[  353.046571][T24811]  ? clear_bhb_loop+0x55/0xb0
[  353.051247][T24811]  ? clear_bhb_loop+0x55/0xb0
[  353.055917][T24811]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  353.061800][T24811] RIP: 0033:0x7f23b88ed1b0
[  353.066216][T24811] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 19 8f 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 6c 8f 02 00 8b 44
[  353.085815][T24811] RSP: 002b:00007f23b6f66f60 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  353.094329][T24811] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f23b88ed1b0
[  353.102289][T24811] RDX: 0000000000000000 RSI: 00007f23b8961876 RDI: 00000000ffffff9c
[  353.110297][T24811] RBP: 00007f23b8961876 R08: 0000000000000000 R09: 0000000000000000
[  353.118256][T24811] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  353.126247][T24811] R13: 0000000000000000 R14: 00007f23b8aa5fa0 R15: 00007ffc1e3cff18
[  353.134222][T24811]  </TASK>
[  353.168071][T24792] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  353.213070][T24792] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  353.224446][T24792] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  353.261535][T24792] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  353.290917][T24792] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  353.341749][T24829] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1109
[  353.437645][T24848] netlink: 'syz.0.7256': attribute type 8 has an invalid length.
[  353.445408][T24848] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7256'.
[  353.569826][T24872] hsr0: entered promiscuous mode
[  353.574889][T24872] macsec1: entered allmulticast mode
[  353.580258][T24872] hsr0: entered allmulticast mode
[  353.585389][T24872] hsr_slave_0: entered allmulticast mode
[  353.591175][T24872] hsr_slave_1: entered allmulticast mode
[  353.598039][T24872] hsr0: left allmulticast mode
[  353.602963][T24872] hsr_slave_0: left allmulticast mode
[  353.608439][T24872] hsr_slave_1: left allmulticast mode
[  353.900950][T24915] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1109
[  354.107339][T24943] FAULT_INJECTION: forcing a failure.
[  354.107339][T24943] name failslab, interval 1, probability 0, space 0, times 0
[  354.119940][T24943] CPU: 1 UID: 0 PID: 24943 Comm: syz.3.7302 Tainted: G        W          6.12.0-syzkaller-01892-g8f7c8b88bda4 #0
[  354.131948][T24943] Tainted: [W]=WARN
[  354.135744][T24943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  354.145878][T24943] Call Trace:
[  354.149231][T24943]  <TASK>
[  354.152185][T24943]  dump_stack_lvl+0xf2/0x150
[  354.156807][T24943]  dump_stack+0x15/0x20
[  354.160952][T24943]  should_fail_ex+0x223/0x230
[  354.165654][T24943]  ? __alloc_skb+0x10b/0x310
[  354.170241][T24943]  should_failslab+0x8f/0xb0
[  354.174867][T24943]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[  354.180810][T24943]  ? _raw_spin_unlock_irqrestore+0x2b/0x60
[  354.186615][T24943]  __alloc_skb+0x10b/0x310
[  354.191094][T24943]  tipc_buf_acquire+0x2c/0xb0
[  354.195764][T24943]  tipc_named_withdraw+0x144/0x360
[  354.200893][T24943]  tipc_nametbl_withdraw+0x105/0x1f0
[  354.206243][T24943]  tipc_release+0x16a/0xa70
[  354.210738][T24943]  sock_close+0x68/0x150
[  354.214984][T24943]  ? __pfx_sock_close+0x10/0x10
[  354.219828][T24943]  __fput+0x17a/0x6d0
[  354.223806][T24943]  ? file_close_fd_locked+0x17f/0x1a0
[  354.229222][T24943]  __fput_sync+0x96/0xc0
[  354.233450][T24943]  __se_sys_close+0x109/0x1b0
[  354.238116][T24943]  __x64_sys_close+0x1f/0x30
[  354.242705][T24943]  x64_sys_call+0x266c/0x2dc0
[  354.247377][T24943]  do_syscall_64+0xc9/0x1c0
[  354.251885][T24943]  ? clear_bhb_loop+0x55/0xb0
[  354.256611][T24943]  ? clear_bhb_loop+0x55/0xb0
[  354.261354][T24943]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  354.267373][T24943] RIP: 0033:0x7ff4e2d3e819
[  354.271772][T24943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  354.291457][T24943] RSP: 002b:00007ff4e13b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  354.299859][T24943] RAX: ffffffffffffffda RBX: 00007ff4e2ef5fa0 RCX: 00007ff4e2d3e819
[  354.307906][T24943] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006
[  354.315895][T24943] RBP: 00007ff4e13b7090 R08: 0000000000000000 R09: 0000000000000000
[  354.323856][T24943] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  354.331967][T24943] R13: 0000000000000000 R14: 00007ff4e2ef5fa0 R15: 00007ffec3503cb8
[  354.340009][T24943]  </TASK>
[  354.343055][T24943] tipc: Withdrawal distribution failure
[  354.393485][T24950] x_tables: duplicate underflow at hook 3
[  354.450866][T24958] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1109
[  354.546285][T24972] geneve0: entered promiscuous mode
[  354.596724][T24988] FAULT_INJECTION: forcing a failure.
[  354.596724][T24988] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  354.607789][T24974] geneve0: left promiscuous mode
[  354.609940][T24988] CPU: 0 UID: 0 PID: 24988 Comm: syz.1.7319 Tainted: G        W          6.12.0-syzkaller-01892-g8f7c8b88bda4 #0
[  354.626637][T24988] Tainted: [W]=WARN
[  354.630433][T24988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  354.640492][T24988] Call Trace:
[  354.643758][T24988]  <TASK>
[  354.646698][T24988]  dump_stack_lvl+0xf2/0x150
[  354.651362][T24988]  dump_stack+0x15/0x20
[  354.655550][T24988]  should_fail_ex+0x223/0x230
[  354.660218][T24988]  should_fail+0xb/0x10
[  354.664364][T24988]  should_fail_usercopy+0x1a/0x20
[  354.669378][T24988]  _copy_from_user+0x1e/0xb0
[  354.674031][T24988]  __sys_bpf+0x14e/0x7a0
[  354.678270][T24988]  __x64_sys_bpf+0x43/0x50
[  354.682686][T24988]  x64_sys_call+0x2914/0x2dc0
[  354.687375][T24988]  do_syscall_64+0xc9/0x1c0
[  354.691867][T24988]  ? clear_bhb_loop+0x55/0xb0
[  354.696535][T24988]  ? clear_bhb_loop+0x55/0xb0
[  354.701202][T24988]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  354.707098][T24988] RIP: 0033:0x7fa91311e819
[  354.711506][T24988] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  354.731458][T24988] RSP: 002b:00007fa911797038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  354.739937][T24988] RAX: ffffffffffffffda RBX: 00007fa9132d5fa0 RCX: 00007fa91311e819
[  354.747906][T24988] RDX: 0000000000000078 RSI: 0000000020000440 RDI: 0000000000000005
[  354.755916][T24988] RBP: 00007fa911797090 R08: 0000000000000000 R09: 0000000000000000
[  354.763886][T24988] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  354.771944][T24988] R13: 0000000000000000 R14: 00007fa9132d5fa0 R15: 00007fff22e0c408
[  354.779966][T24988]  </TASK>
[  354.870865][T24976] netlink: 'syz.4.7316': attribute type 8 has an invalid length.
[  354.879288][T24976] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7316'.
[  355.542643][T25038] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1109
[  355.614294][T25047] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1109
[  355.737709][   T29] kauditd_printk_skb: 370 callbacks suppressed
[  355.737722][   T29] audit: type=1326 audit(1732149874.837:17930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25051 comm="syz.1.7343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa91311e819 code=0x7ffc0000
[  355.738681][T25050] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7342'.
[  355.744314][   T29] audit: type=1326 audit(1732149874.837:17931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25051 comm="syz.1.7343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fa91311e819 code=0x7ffc0000
[  355.801325][   T29] audit: type=1326 audit(1732149874.907:17932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25051 comm="syz.1.7343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa91311e819 code=0x7ffc0000
[  355.825070][   T29] audit: type=1326 audit(1732149874.907:17933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25051 comm="syz.1.7343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa91311e819 code=0x7ffc0000
[  355.826387][T25050] Restarting kernel threads ... 
[  355.848960][   T29] audit: type=1326 audit(1732149874.907:17934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25051 comm="syz.1.7343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa91311e819 code=0x7ffc0000
[  355.849024][   T29] audit: type=1326 audit(1732149874.907:17935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25051 comm="syz.1.7343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa91311e819 code=0x7ffc0000
[  355.849049][   T29] audit: type=1326 audit(1732149874.907:17936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25051 comm="syz.1.7343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7fa91311e819 code=0x7ffc0000
[  355.849071][   T29] audit: type=1326 audit(1732149874.907:17937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25051 comm="syz.1.7343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000
[  355.857293][T25050] done.
[  355.877742][   T29] audit: type=1326 audit(1732149874.907:17938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25051 comm="syz.1.7343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa91311e819 code=0x7ffc0000
[  355.877772][   T29] audit: type=1326 audit(1732149874.907:17939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25051 comm="syz.1.7343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa91311e819 code=0x7ffc0000
[  356.147956][T25076] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1109
[  356.204449][T25078] loop0: detected capacity change from 0 to 8192
[  356.319595][T25099] pim6reg1: entered promiscuous mode
[  356.325023][T25099] pim6reg1: entered allmulticast mode
[  356.369231][T25099] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  356.418619][T25099] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  356.468548][T25099] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  356.518665][T25099] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  356.572657][T25099] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  356.584227][T25099] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  356.597162][T25099] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  356.609789][T25099] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  356.649873][T25116] loop0: detected capacity change from 0 to 1024
[  356.656157][T25118] netlink: 128 bytes leftover after parsing attributes in process `syz.4.7370'.
[  356.665368][T25118] netlink: 20 bytes leftover after parsing attributes in process `syz.4.7370'.
[  356.665717][T25116] ext4: Bad value for 'stripe'
[  356.675151][T25118] FAULT_INJECTION: forcing a failure.
[  356.675151][T25118] name failslab, interval 1, probability 0, space 0, times 0
[  356.692092][T25118] CPU: 1 UID: 0 PID: 25118 Comm: syz.4.7370 Tainted: G        W          6.12.0-syzkaller-01892-g8f7c8b88bda4 #0
[  356.705091][T25118] Tainted: [W]=WARN
[  356.708988][T25118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  356.719064][T25118] Call Trace:
[  356.722458][T25118]  <TASK>
[  356.725446][T25118]  dump_stack_lvl+0xf2/0x150
[  356.730043][T25118]  dump_stack+0x15/0x20
[  356.734203][T25118]  should_fail_ex+0x223/0x230
[  356.738948][T25118]  ? alloc_empty_file+0xd0/0x200
[  356.743888][T25118]  should_failslab+0x8f/0xb0
[  356.748505][T25118]  kmem_cache_alloc_noprof+0x4c/0x290
[  356.753924][T25118]  ? mntput+0x49/0x70
[  356.758012][T25118]  alloc_empty_file+0xd0/0x200
[  356.762819][T25118]  path_openat+0x6a/0x1fa0
[  356.767261][T25118]  ? _parse_integer_limit+0x167/0x180
[  356.772643][T25118]  ? _parse_integer+0x27/0x30
[  356.777319][T25118]  ? kstrtoull+0x110/0x140
[  356.781919][T25118]  ? kstrtouint+0x77/0xc0
[  356.786247][T25118]  ? kstrtouint_from_user+0xb0/0xe0
[  356.791506][T25118]  ? bpf_get_stack_raw_tp+0xfe/0x140
[  356.796893][T25118]  do_filp_open+0x107/0x230
[  356.801428][T25118]  do_sys_openat2+0xab/0x120
[  356.806267][T25118]  __x64_sys_openat+0xf3/0x120
[  356.811033][T25118]  x64_sys_call+0x2b30/0x2dc0
[  356.815757][T25118]  do_syscall_64+0xc9/0x1c0
[  356.820290][T25118]  ? clear_bhb_loop+0x55/0xb0
[  356.825015][T25118]  ? clear_bhb_loop+0x55/0xb0
[  356.829746][T25118]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  356.835635][T25118] RIP: 0033:0x7f23b88ed1b0
[  356.840044][T25118] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 19 8f 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 6c 8f 02 00 8b 44
[  356.859740][T25118] RSP: 002b:00007f23b6f66f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  356.868210][T25118] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f23b88ed1b0
[  356.876266][T25118] RDX: 0000000000000002 RSI: 00007f23b6f66fa0 RDI: 00000000ffffff9c
[  356.884269][T25118] RBP: 00007f23b6f66fa0 R08: 0000000000000000 R09: 0000000000000000
[  356.892233][T25118] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  356.900198][T25118] R13: 0000000000000000 R14: 00007f23b8aa5fa0 R15: 00007ffc1e3cff18
[  356.908169][T25118]  </TASK>
[  357.008061][T25122] loop0: detected capacity change from 0 to 8192
[  357.089562][T25142] pim6reg1: entered promiscuous mode
[  357.094921][T25142] pim6reg1: entered allmulticast mode
[  357.150035][T25142] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  357.164320][T25146] netlink: 16 bytes leftover after parsing attributes in process `syz.0.7379'.
[  357.208976][T25142] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  357.248470][T25142] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  357.300058][T25142] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  357.361503][T25142] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  357.372224][T25142] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  357.383001][T25142] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  357.393923][T25142] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  357.718684][T25190] pim6reg1: entered promiscuous mode
[  357.724001][T25190] pim6reg1: entered allmulticast mode
[  357.788358][T25191] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  357.842762][T25191] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  357.912724][T25191] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  357.978625][T25191] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  358.043797][T25191] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  358.058176][T25191] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  358.071286][T25191] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  358.082498][T25191] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  358.406059][T25236] block device autoloading is deprecated and will be removed.
[  358.414833][T25236] netlink: 'syz.2.7414': attribute type 10 has an invalid length.
[  358.757648][T25260] netlink: 'syz.4.7423': attribute type 10 has an invalid length.
[  358.791012][T25260] team0: Port device geneve0 added
[  358.811016][T25263] hsr0: entered promiscuous mode
[  358.816080][T25263] macsec1: entered allmulticast mode
[  358.822147][T25263] hsr0: entered allmulticast mode
[  358.827293][T25263] hsr_slave_0: entered allmulticast mode
[  358.832929][T25263] hsr_slave_1: entered allmulticast mode
[  358.885341][T25263] hsr0: left allmulticast mode
[  358.890174][T25263] hsr_slave_0: left allmulticast mode
[  358.895577][T25263] hsr_slave_1: left allmulticast mode
[  359.105197][T25270] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1109
[  359.314839][T25284] netlink: 'syz.2.7432': attribute type 10 has an invalid length.
[  359.369064][T25292] pim6reg1: entered promiscuous mode
[  359.374406][T25292] pim6reg1: entered allmulticast mode
[  359.437662][T25296] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  359.508790][T25296] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  359.558512][T25296] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  359.618787][T25296] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  360.511794][T25350] netlink: 'syz.2.7457': attribute type 10 has an invalid length.
[  361.051204][   T29] kauditd_printk_skb: 366 callbacks suppressed
[  361.051297][   T29] audit: type=1326 audit(1732149880.146:18304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25384 comm="syz.3.7471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4e2d3e819 code=0x7ffc0000
[  361.082788][   T29] audit: type=1326 audit(1732149880.146:18305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25384 comm="syz.3.7471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4e2d3e819 code=0x7ffc0000
[  361.106399][   T29] audit: type=1326 audit(1732149880.146:18306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25384 comm="syz.3.7471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff4e2d3e819 code=0x7ffc0000
[  361.130124][   T29] audit: type=1326 audit(1732149880.146:18307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25384 comm="syz.3.7471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4e2d3e819 code=0x7ffc0000
[  361.154179][   T29] audit: type=1326 audit(1732149880.146:18308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25384 comm="syz.3.7471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff4e2d3e819 code=0x7ffc0000
[  361.178235][   T29] audit: type=1326 audit(1732149880.146:18309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25384 comm="syz.3.7471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4e2d3e819 code=0x7ffc0000
[  361.201803][   T29] audit: type=1326 audit(1732149880.146:18310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25384 comm="syz.3.7471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4e2d3e819 code=0x7ffc0000
[  361.225963][   T29] audit: type=1326 audit(1732149880.146:18311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25384 comm="syz.3.7471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff4e2d3e819 code=0x7ffc0000
[  361.250127][   T29] audit: type=1326 audit(1732149880.146:18312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25384 comm="syz.3.7471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4e2d3e819 code=0x7ffc0000
[  361.273769][   T29] audit: type=1326 audit(1732149880.146:18313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25384 comm="syz.3.7471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7ff4e2d3e819 code=0x7ffc0000
[  363.382547][T25567] netlink: 'syz.2.7541': attribute type 10 has an invalid length.
[  363.562549][T25580] syz.1.7545[25580] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  363.562682][T25580] syz.1.7545[25580] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  363.585754][T25580] syz.1.7545[25580] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  363.683035][T25594] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7551'.
[  364.223134][T25618] FAULT_INJECTION: forcing a failure.
[  364.223134][T25618] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  364.237030][T25618] CPU: 0 UID: 0 PID: 25618 Comm: syz.1.7558 Tainted: G        W          6.12.0-syzkaller-01892-g8f7c8b88bda4 #0
[  364.248996][T25618] Tainted: [W]=WARN
[  364.252806][T25618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  364.262865][T25618] Call Trace:
[  364.266147][T25618]  <TASK>
[  364.269080][T25618]  dump_stack_lvl+0xf2/0x150
[  364.273876][T25618]  dump_stack+0x15/0x20
[  364.278130][T25618]  should_fail_ex+0x223/0x230
[  364.282836][T25618]  should_fail+0xb/0x10
[  364.287025][T25618]  should_fail_usercopy+0x1a/0x20
[  364.292107][T25618]  _copy_from_user+0x1e/0xb0
[  364.296757][T25618]  copy_msghdr_from_user+0x54/0x2a0
[  364.301992][T25618]  ? __fget_files+0x17c/0x1c0
[  364.306686][T25618]  __sys_sendmsg+0x13e/0x230
[  364.311323][T25618]  __x64_sys_sendmsg+0x46/0x50
[  364.316164][T25618]  x64_sys_call+0x2734/0x2dc0
[  364.320833][T25618]  do_syscall_64+0xc9/0x1c0
[  364.325327][T25618]  ? clear_bhb_loop+0x55/0xb0
[  364.329993][T25618]  ? clear_bhb_loop+0x55/0xb0
[  364.334735][T25618]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  364.340619][T25618] RIP: 0033:0x7fa91311e819
[  364.345030][T25618] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  364.366325][T25618] RSP: 002b:00007fa911797038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  364.374978][T25618] RAX: ffffffffffffffda RBX: 00007fa9132d5fa0 RCX: 00007fa91311e819
[  364.382949][T25618] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005
[  364.390908][T25618] RBP: 00007fa911797090 R08: 0000000000000000 R09: 0000000000000000
[  364.398955][T25618] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  364.406988][T25618] R13: 0000000000000000 R14: 00007fa9132d5fa0 R15: 00007fff22e0c408
[  364.414950][T25618]  </TASK>
[  364.485105][T25635] pim6reg1: entered promiscuous mode
[  364.490480][T25635] pim6reg1: entered allmulticast mode
[  364.569232][T25646] netlink: 'syz.4.7571': attribute type 10 has an invalid length.
[  364.588408][T25635] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.651423][T25635] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.709584][T25635] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.786034][T25635] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.854077][T25635] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  364.886452][T25635] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  364.919850][T25635] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  364.945024][T25635] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  365.074001][T25674] FAULT_INJECTION: forcing a failure.
[  365.074001][T25674] name failslab, interval 1, probability 0, space 0, times 0
[  365.087387][T25674] CPU: 0 UID: 0 PID: 25674 Comm: syz.0.7580 Tainted: G        W          6.12.0-syzkaller-01892-g8f7c8b88bda4 #0
[  365.099811][T25674] Tainted: [W]=WARN
[  365.103610][T25674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  365.113725][T25674] Call Trace:
[  365.117047][T25674]  <TASK>
[  365.119997][T25674]  dump_stack_lvl+0xf2/0x150
[  365.124595][T25674]  dump_stack+0x15/0x20
[  365.128761][T25674]  should_fail_ex+0x223/0x230
[  365.133511][T25674]  ? copy_splice_read+0xc7/0x5d0
[  365.138447][T25674]  should_failslab+0x8f/0xb0
[  365.143115][T25674]  __kmalloc_noprof+0xa5/0x370
[  365.147884][T25674]  copy_splice_read+0xc7/0x5d0
[  365.152647][T25674]  ? alloc_pipe_info+0x1cb/0x360
[  365.157646][T25674]  ? __kmalloc_noprof+0x203/0x370
[  365.162704][T25674]  ? __pfx_copy_splice_read+0x10/0x10
[  365.168114][T25674]  splice_direct_to_actor+0x269/0x670
[  365.173541][T25674]  ? __pfx_direct_splice_actor+0x10/0x10
[  365.179172][T25674]  do_splice_direct+0xd7/0x150
[  365.183931][T25674]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  365.189866][T25674]  do_sendfile+0x398/0x660
[  365.194347][T25674]  __x64_sys_sendfile64+0x110/0x150
[  365.199620][T25674]  x64_sys_call+0xfbd/0x2dc0
[  365.204301][T25674]  do_syscall_64+0xc9/0x1c0
[  365.208802][T25674]  ? clear_bhb_loop+0x55/0xb0
[  365.213507][T25674]  ? clear_bhb_loop+0x55/0xb0
[  365.218178][T25674]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  365.224066][T25674] RIP: 0033:0x7f6e8189e819
[  365.228482][T25674] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  365.249045][T25674] RSP: 002b:00007f6e7ff17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  365.257462][T25674] RAX: ffffffffffffffda RBX: 00007f6e81a55fa0 RCX: 00007f6e8189e819
[  365.265513][T25674] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000005
[  365.273476][T25674] RBP: 00007f6e7ff17090 R08: 0000000000000000 R09: 0000000000000000
[  365.281512][T25674] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001
[  365.289479][T25674] R13: 0000000000000000 R14: 00007f6e81a55fa0 R15: 00007ffdd061fce8
[  365.297450][T25674]  </TASK>
[  365.519117][T25704] pim6reg1: entered promiscuous mode
[  365.524461][T25704] pim6reg1: entered allmulticast mode
[  365.598940][T25714] syz.1.7594[25714] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  365.599065][T25714] syz.1.7594[25714] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  365.611108][T25714] syz.1.7594[25714] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  365.670845][T25715] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  365.739495][T25715] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  365.764881][T25730] FAULT_INJECTION: forcing a failure.
[  365.764881][T25730] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  365.778362][T25730] CPU: 0 UID: 0 PID: 25730 Comm: syz.1.7601 Tainted: G        W          6.12.0-syzkaller-01892-g8f7c8b88bda4 #0
[  365.790359][T25730] Tainted: [W]=WARN
[  365.794165][T25730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  365.804229][T25730] Call Trace:
[  365.807510][T25730]  <TASK>
[  365.810439][T25730]  dump_stack_lvl+0xf2/0x150
[  365.815207][T25730]  dump_stack+0x15/0x20
[  365.819428][T25730]  should_fail_ex+0x223/0x230
[  365.824275][T25730]  should_fail+0xb/0x10
[  365.828421][T25730]  should_fail_usercopy+0x1a/0x20
[  365.833464][T25730]  _copy_to_user+0x20/0xa0
[  365.837943][T25730]  simple_read_from_buffer+0xa0/0x110
[  365.843317][T25730]  proc_fail_nth_read+0xf9/0x140
[  365.848259][T25730]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  365.853799][T25730]  vfs_read+0x1a2/0x700
[  365.858015][T25730]  ? __rcu_read_unlock+0x4e/0x70
[  365.862958][T25730]  ? __fget_files+0x17c/0x1c0
[  365.867703][T25730]  ksys_read+0xe8/0x1b0
[  365.871869][T25730]  __x64_sys_read+0x42/0x50
[  365.876381][T25730]  x64_sys_call+0x2874/0x2dc0
[  365.881060][T25730]  do_syscall_64+0xc9/0x1c0
[  365.885568][T25730]  ? clear_bhb_loop+0x55/0xb0
[  365.890247][T25730]  ? clear_bhb_loop+0x55/0xb0
[  365.895020][T25730]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  365.901450][T25730] RIP: 0033:0x7fa91311d25c
[  365.905867][T25730] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  365.925474][T25730] RSP: 002b:00007fa911797030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  365.933891][T25730] RAX: ffffffffffffffda RBX: 00007fa9132d5fa0 RCX: 00007fa91311d25c
[  365.941861][T25730] RDX: 000000000000000f RSI: 00007fa9117970a0 RDI: 0000000000000007
[  365.949840][T25730] RBP: 00007fa911797090 R08: 0000000000000000 R09: 0000000000000000
[  365.957803][T25730] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000001
[  365.965907][T25730] R13: 0000000000000000 R14: 00007fa9132d5fa0 R15: 00007fff22e0c408
[  365.973927][T25730]  </TASK>
[  366.013854][T25715] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  366.065752][   T29] kauditd_printk_skb: 393 callbacks suppressed
[  366.065766][   T29] audit: type=1326 audit(1732149885.156:18707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25750 comm="syz.3.7609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4e2d3e819 code=0x7ffc0000
[  366.096684][   T29] audit: type=1326 audit(1732149885.156:18708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25750 comm="syz.3.7609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4e2d3e819 code=0x7ffc0000
[  366.120874][   T29] audit: type=1326 audit(1732149885.166:18709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25750 comm="syz.3.7609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff4e2d3e819 code=0x7ffc0000
[  366.144498][   T29] audit: type=1326 audit(1732149885.166:18710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25750 comm="syz.3.7609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4e2d3e819 code=0x7ffc0000
[  366.168682][   T29] audit: type=1326 audit(1732149885.166:18711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25750 comm="syz.3.7609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4e2d3e819 code=0x7ffc0000
[  366.192405][   T29] audit: type=1326 audit(1732149885.166:18712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25750 comm="syz.3.7609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff4e2d3e819 code=0x7ffc0000
[  366.217018][   T29] audit: type=1326 audit(1732149885.166:18713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25750 comm="syz.3.7609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4e2d3e819 code=0x7ffc0000
[  366.241184][   T29] audit: type=1326 audit(1732149885.166:18714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25750 comm="syz.3.7609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4e2d3e819 code=0x7ffc0000
[  366.264840][   T29] audit: type=1326 audit(1732149885.166:18715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25750 comm="syz.3.7609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7ff4e2d3e819 code=0x7ffc0000
[  366.289050][   T29] audit: type=1326 audit(1732149885.166:18716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25750 comm="syz.3.7609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff4e2d3e819 code=0x7ffc0000
[  366.315229][T25715] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  366.344526][T25760] pimreg: entered allmulticast mode
[  366.394441][T25760] pimreg: left allmulticast mode
[  366.419044][T25768] ip6gre1: entered allmulticast mode
[  366.447929][T25715] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  366.464231][T25715] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  366.490609][T25715] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  366.511280][T25715] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  366.875249][T25811] netlink: 172 bytes leftover after parsing attributes in process `syz.1.7625'.
[  366.884385][T25811] netlink: 16 bytes leftover after parsing attributes in process `syz.1.7625'.
[  367.008927][T25815] pim6reg1: entered promiscuous mode
[  367.014263][T25815] pim6reg1: entered allmulticast mode
[  367.109495][T25816] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  367.174615][T25816] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  367.330964][T25816] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  367.440684][T25816] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  367.473161][T25824] @: renamed from bond0 (while UP)
[  367.524662][T25816] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  367.542340][T25816] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  367.559326][T25816] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  367.583121][T25816] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  367.768698][T25842] FAULT_INJECTION: forcing a failure.
[  367.768698][T25842] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  367.782003][T25842] CPU: 1 UID: 0 PID: 25842 Comm: syz.3.7639 Tainted: G        W          6.12.0-syzkaller-01892-g8f7c8b88bda4 #0
[  367.793939][T25842] Tainted: [W]=WARN
[  367.797745][T25842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  367.807850][T25842] Call Trace:
[  367.811131][T25842]  <TASK>
[  367.814066][T25842]  dump_stack_lvl+0xf2/0x150
[  367.818784][T25842]  dump_stack+0x15/0x20
[  367.823148][T25842]  should_fail_ex+0x223/0x230
[  367.827828][T25842]  should_fail+0xb/0x10
[  367.831977][T25842]  should_fail_usercopy+0x1a/0x20
[  367.836994][T25842]  _copy_from_user+0x1e/0xb0
[  367.841597][T25842]  get_user_ifreq+0x8c/0x160
[  367.846191][T25842]  sock_do_ioctl+0xc6/0x260
[  367.850762][T25842]  sock_ioctl+0x46a/0x640
[  367.855091][T25842]  ? __pfx_sock_ioctl+0x10/0x10
[  367.859988][T25842]  __se_sys_ioctl+0xc9/0x140
[  367.864607][T25842]  __x64_sys_ioctl+0x43/0x50
[  367.869201][T25842]  x64_sys_call+0x1690/0x2dc0
[  367.875726][T25842]  do_syscall_64+0xc9/0x1c0
[  367.880240][T25842]  ? clear_bhb_loop+0x55/0xb0
[  367.884919][T25842]  ? clear_bhb_loop+0x55/0xb0
[  367.889658][T25842]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.895669][T25842] RIP: 0033:0x7ff4e2d3e819
[  367.900129][T25842] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  367.919826][T25842] RSP: 002b:00007ff4e1396038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  367.928344][T25842] RAX: ffffffffffffffda RBX: 00007ff4e2ef6080 RCX: 00007ff4e2d3e819
[  367.936367][T25842] RDX: 0000000020000540 RSI: 0000000000008923 RDI: 000000000000000b
[  367.944336][T25842] RBP: 00007ff4e1396090 R08: 0000000000000000 R09: 0000000000000000
[  367.952302][T25842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  367.960268][T25842] R13: 0000000000000000 R14: 00007ff4e2ef6080 R15: 00007ffec3503cb8
[  367.968241][T25842]  </TASK>
[  368.265782][T25860] pim6reg1: entered promiscuous mode
[  368.271218][T25860] pim6reg1: entered allmulticast mode
[  368.285467][T25869] FAULT_INJECTION: forcing a failure.
[  368.285467][T25869] name failslab, interval 1, probability 0, space 0, times 0
[  368.298168][T25869] CPU: 1 UID: 0 PID: 25869 Comm: syz.4.7651 Tainted: G        W          6.12.0-syzkaller-01892-g8f7c8b88bda4 #0
[  368.310116][T25869] Tainted: [W]=WARN
[  368.313929][T25869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  368.323989][T25869] Call Trace:
[  368.327280][T25869]  <TASK>
[  368.330215][T25869]  dump_stack_lvl+0xf2/0x150
[  368.334861][T25869]  dump_stack+0x15/0x20
[  368.339020][T25869]  should_fail_ex+0x223/0x230
[  368.343942][T25869]  ? __alloc_skb+0x10b/0x310
[  368.348599][T25869]  should_failslab+0x8f/0xb0
[  368.353186][T25869]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[  368.359062][T25869]  __alloc_skb+0x10b/0x310
[  368.363490][T25869]  alloc_skb_with_frags+0x80/0x450
[  368.368682][T25869]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  368.374882][T25869]  ? kernel_text_address+0x96/0xb0
[  368.380094][T25869]  ? __kernel_text_address+0xd/0x40
[  368.385365][T25869]  ? unwind_get_return_address+0x16/0x30
[  368.391122][T25869]  sock_alloc_send_pskb+0x435/0x4f0
[  368.396428][T25869]  __ip_append_data+0x185b/0x2350
[  368.401589][T25869]  ? percpu_counter_add_batch+0xc6/0x140
[  368.407224][T25869]  ? __pfx_udplite_getfrag+0x10/0x10
[  368.412539][T25869]  ? should_fail_ex+0xd7/0x230
[  368.417380][T25869]  ? should_failslab+0x8f/0xb0
[  368.422175][T25869]  ? __kmalloc_cache_noprof+0x10b/0x2a0
[  368.427757][T25869]  ? __pfx_udplite_getfrag+0x10/0x10
[  368.433048][T25869]  ip_append_data+0x11f/0x150
[  368.437734][T25869]  ? __pfx_udplite_getfrag+0x10/0x10
[  368.443123][T25869]  udp_sendmsg+0x281/0x12f0
[  368.447635][T25869]  ? __pfx_udplite_getfrag+0x10/0x10
[  368.453063][T25869]  ? __pfx_udp_sendmsg+0x10/0x10
[  368.458055][T25869]  inet_sendmsg+0xaf/0xd0
[  368.462390][T25869]  __sock_sendmsg+0x102/0x180
[  368.467151][T25869]  ____sys_sendmsg+0x312/0x410
[  368.471915][T25869]  __sys_sendmmsg+0x227/0x4b0
[  368.476681][T25869]  __x64_sys_sendmmsg+0x57/0x70
[  368.481539][T25869]  x64_sys_call+0x29aa/0x2dc0
[  368.486251][T25869]  do_syscall_64+0xc9/0x1c0
[  368.490752][T25869]  ? clear_bhb_loop+0x55/0xb0
[  368.495484][T25869]  ? clear_bhb_loop+0x55/0xb0
[  368.500296][T25869]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  368.506191][T25869] RIP: 0033:0x7f23b88ee819
[  368.510638][T25869] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  368.530243][T25869] RSP: 002b:00007f23b6f67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  368.538648][T25869] RAX: ffffffffffffffda RBX: 00007f23b8aa5fa0 RCX: 00007f23b88ee819
[  368.546743][T25869] RDX: 0000000000000004 RSI: 0000000020005b40 RDI: 0000000000000003
[  368.554862][T25869] RBP: 00007f23b6f67090 R08: 0000000000000000 R09: 0000000000000000
[  368.562891][T25869] R10: 000000000000c080 R11: 0000000000000246 R12: 0000000000000001
[  368.570923][T25869] R13: 0000000000000000 R14: 00007f23b8aa5fa0 R15: 00007ffc1e3cff18
[  368.578912][T25869]  </TASK>
[  368.599667][T25871] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  368.704184][T25871] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  368.750173][T25871] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  368.810394][T25871] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  369.443542][T25925] IPVS: set_ctl: invalid protocol: 24 10.1.1.2:20002
[  369.694547][T25871] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  369.710631][T25871] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  369.721985][T25871] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  369.751620][T25871] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  370.215085][T25984] pim6reg1: entered promiscuous mode
[  370.220493][T25984] pim6reg1: entered allmulticast mode
[  370.321725][T25984] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  370.423205][T25984] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  370.480444][T25984] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  370.570587][T25984] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  370.980920][T25984] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  371.000032][T25984] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  371.013784][T25984] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  371.025618][T25984] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  371.118052][   T29] kauditd_printk_skb: 289 callbacks suppressed
[  371.118068][   T29] audit: type=1326 audit(1732149890.205:19006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26011 comm="syz.0.7700" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8189e819 code=0x7ffc0000
[  371.145080][T26015] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  371.148683][   T29] audit: type=1326 audit(1732149890.205:19007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26011 comm="syz.0.7700" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f6e8189e819 code=0x7ffc0000
[  371.180273][   T29] audit: type=1326 audit(1732149890.205:19008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26011 comm="syz.0.7700" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8189e819 code=0x7ffc0000
[  371.204053][   T29] audit: type=1326 audit(1732149890.205:19009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26011 comm="syz.0.7700" exe="/root/syz-executor" sig=0 arch=c000003e syscall=47 compat=0 ip=0x7f6e8189e819 code=0x7ffc0000
[  371.228301][   T29] audit: type=1326 audit(1732149890.205:19010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26011 comm="syz.0.7700" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8189e819 code=0x7ffc0000
[  371.252014][   T29] audit: type=1326 audit(1732149890.205:19011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26011 comm="syz.0.7700" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f6e8189e819 code=0x7ffc0000
[  371.276294][   T29] audit: type=1326 audit(1732149890.205:19012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26011 comm="syz.0.7700" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8189e819 code=0x7ffc0000
[  371.300645][   T29] audit: type=1326 audit(1732149890.205:19013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26011 comm="syz.0.7700" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6e8189e819 code=0x7ffc0000
[  371.301348][T26015] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.7701'.
[  371.324242][   T29] audit: type=1326 audit(1732149890.205:19014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26011 comm="syz.0.7700" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8189e819 code=0x7ffc0000
[  371.324271][   T29] audit: type=1326 audit(1732149890.205:19015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26011 comm="syz.0.7700" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f6e8189e819 code=0x7ffc0000
[  371.431753][T26026] netlink: 'syz.1.7707': attribute type 10 has an invalid length.
[  371.627608][T19864] bridge_slave_1: left allmulticast mode
[  371.633400][T19864] bridge_slave_1: left promiscuous mode
[  371.639734][T19864] bridge0: port 2(bridge_slave_1) entered disabled state
[  371.666644][T19864] bridge_slave_0: left allmulticast mode
[  371.673110][T19864] bridge_slave_0: left promiscuous mode
[  371.678874][T19864] bridge0: port 1(bridge_slave_0) entered disabled state
[  371.789013][T19864] bond0 (unregistering): (slave geneve1): Releasing backup interface
[  371.851333][T19864] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  371.862320][T19864] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  371.873031][T19864] bond0 (unregistering): (slave team0): Releasing backup interface
[  371.882674][T19864] bond0 (unregistering): Released all slaves
[  371.929264][T19864] tipc: Disabling bearer <udp:syz0>
[  371.934534][T19864] tipc: Left network mode
[  371.944329][T19864] hsr_slave_0: left promiscuous mode
[  371.951100][T19864] hsr_slave_1: left promiscuous mode
[  371.959061][T19864] veth1_macvtap: left promiscuous mode
[  371.964582][T19864] veth0_macvtap: left promiscuous mode
[  371.970520][T19864] veth1_vlan: left promiscuous mode
[  372.089498][T19864] team0 (unregistering): Port device team_slave_1 removed
[  372.103030][T19864] team0 (unregistering): Port device team_slave_0 removed
[  372.371768][T26071] loop0: detected capacity change from 0 to 164
[  372.381245][T26076] FAULT_INJECTION: forcing a failure.
[  372.381245][T26076] name failslab, interval 1, probability 0, space 0, times 0
[  372.394016][T26076] CPU: 1 UID: 0 PID: 26076 Comm: syz.4.7720 Tainted: G        W          6.12.0-syzkaller-01892-g8f7c8b88bda4 #0
[  372.406020][T26076] Tainted: [W]=WARN
[  372.409817][T26076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  372.419937][T26076] Call Trace:
[  372.423207][T26076]  <TASK>
[  372.426143][T26076]  dump_stack_lvl+0xf2/0x150
[  372.430734][T26076]  dump_stack+0x15/0x20
[  372.434971][T26076]  should_fail_ex+0x223/0x230
[  372.439644][T26076]  ? proc_alloc_inode+0x34/0x90
[  372.444497][T26076]  should_failslab+0x8f/0xb0
[  372.449190][T26076]  kmem_cache_alloc_lru_noprof+0x51/0x2a0
[  372.454919][T26076]  ? __rcu_read_unlock+0x4e/0x70
[  372.459850][T26076]  proc_alloc_inode+0x34/0x90
[  372.464524][T26076]  ? __pfx_proc_alloc_inode+0x10/0x10
[  372.469891][T26076]  alloc_inode+0x3c/0x160
[  372.474271][T26076]  new_inode+0x1e/0x100
[  372.478427][T26076]  proc_pid_make_inode+0x1d/0xd0
[  372.483467][T26076]  proc_ns_dir_lookup+0x138/0x220
[  372.488485][T26076]  ? __pfx_proc_ns_dir_lookup+0x10/0x10
[  372.494119][T26076]  path_openat+0xd40/0x1fa0
[  372.498649][T26076]  do_filp_open+0x107/0x230
[  372.503159][T26076]  ? __pfx_kfree_link+0x10/0x10
[  372.508005][T26076]  do_sys_openat2+0xab/0x120
[  372.512637][T26076]  __x64_sys_openat+0xf3/0x120
[  372.518361][T26076]  x64_sys_call+0x2b30/0x2dc0
[  372.523101][T26076]  do_syscall_64+0xc9/0x1c0
[  372.527647][T26076]  ? clear_bhb_loop+0x55/0xb0
[  372.532333][T26076]  ? clear_bhb_loop+0x55/0xb0
[  372.537008][T26076]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  372.542899][T26076] RIP: 0033:0x7f23b88ed1b0
[  372.547306][T26076] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 19 8f 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 6c 8f 02 00 8b 44
[  372.567096][T26076] RSP: 002b:00007f23b6f66f60 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  372.575501][T26076] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f23b88ed1b0
[  372.583462][T26076] RDX: 0000000000000000 RSI: 00007f23b8961876 RDI: 00000000ffffff9c
[  372.591472][T26076] RBP: 00007f23b8961876 R08: 0000000000000000 R09: 0000000000000000
[  372.599434][T26076] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[  372.607596][T26076] R13: 0000000000000000 R14: 00007f23b8aa5fa0 R15: 00007ffc1e3cff18
[  372.615719][T26076]  </TASK>
[  372.627402][T26071] iso9660: Corrupted directory entry in block 4 of inode 1792
[  372.636938][T26071] syz.0.7719: attempt to access beyond end of device
[  372.636938][T26071] loop0: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  372.651340][T26071] syz.0.7719: attempt to access beyond end of device
[  372.651340][T26071] loop0: rw=0, sector=263328, nr_sectors = 4 limit=164
[  372.793616][T26091] netlink: 'syz.0.7726': attribute type 10 has an invalid length.
[  373.728584][T26144] FAULT_INJECTION: forcing a failure.
[  373.728584][T26144] name failslab, interval 1, probability 0, space 0, times 0
[  373.741334][T26144] CPU: 1 UID: 0 PID: 26144 Comm: syz.0.7744 Tainted: G        W          6.12.0-syzkaller-01892-g8f7c8b88bda4 #0
[  373.753296][T26144] Tainted: [W]=WARN
[  373.757081][T26144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  373.767136][T26144] Call Trace:
[  373.770427][T26144]  <TASK>
[  373.773351][T26144]  dump_stack_lvl+0xf2/0x150
[  373.777935][T26144]  dump_stack+0x15/0x20
[  373.782146][T26144]  should_fail_ex+0x223/0x230
[  373.786869][T26144]  ? alloc_empty_file+0xd0/0x200
[  373.791827][T26144]  should_failslab+0x8f/0xb0
[  373.796490][T26144]  kmem_cache_alloc_noprof+0x4c/0x290
[  373.801980][T26144]  alloc_empty_file+0xd0/0x200
[  373.806819][T26144]  path_openat+0x6a/0x1fa0
[  373.811259][T26144]  ? terminate_walk+0x260/0x280
[  373.816116][T26144]  ? path_openat+0x1a5a/0x1fa0
[  373.820947][T26144]  ? _parse_integer_limit+0x167/0x180
[  373.826311][T26144]  ? _parse_integer+0x27/0x30
[  373.830976][T26144]  do_filp_open+0x107/0x230
[  373.835544][T26144]  alloc_bprm+0xd5/0x740
[  373.839812][T26144]  ? should_fail_ex+0xd7/0x230
[  373.844635][T26144]  do_execveat_common+0x134/0x800
[  373.849672][T26144]  ? getname_flags+0x15a/0x3b0
[  373.854470][T26144]  __x64_sys_execveat+0x75/0x90
[  373.859367][T26144]  x64_sys_call+0x291e/0x2dc0
[  373.864044][T26144]  do_syscall_64+0xc9/0x1c0
[  373.868617][T26144]  ? clear_bhb_loop+0x55/0xb0
[  373.873356][T26144]  ? clear_bhb_loop+0x55/0xb0
[  373.878067][T26144]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  373.884028][T26144] RIP: 0033:0x7f6e8189e819
[  373.888666][T26144] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  373.908268][T26144] RSP: 002b:00007f6e7ff17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[  373.916679][T26144] RAX: ffffffffffffffda RBX: 00007f6e81a55fa0 RCX: 00007f6e8189e819
[  373.924742][T26144] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000008
[  373.932707][T26144] RBP: 00007f6e7ff17090 R08: 0000000000001000 R09: 0000000000000000
[  373.940754][T26144] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  373.948749][T26144] R13: 0000000000000000 R14: 00007f6e81a55fa0 R15: 00007ffdd061fce8
[  373.956724][T26144]  </TASK>
[  374.119860][T26166] netlink: 'syz.0.7752': attribute type 10 has an invalid length.
[  374.188235][T26175] netlink: 28 bytes leftover after parsing attributes in process `syz.0.7752'.
[  374.197359][T26175] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7752'.
[  374.879756][T26215] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  374.890426][T26215] FAULT_INJECTION: forcing a failure.
[  374.890426][T26215] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  374.903609][T26215] CPU: 1 UID: 0 PID: 26215 Comm: syz.1.7768 Tainted: G        W          6.12.0-syzkaller-01892-g8f7c8b88bda4 #0
[  374.915537][T26215] Tainted: [W]=WARN
[  374.919427][T26215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  374.929541][T26215] Call Trace:
[  374.932825][T26215]  <TASK>
[  374.935792][T26215]  dump_stack_lvl+0xf2/0x150
[  374.940848][T26215]  dump_stack+0x15/0x20
[  374.945150][T26215]  should_fail_ex+0x223/0x230
[  374.949826][T26215]  should_fail+0xb/0x10
[  374.953975][T26215]  should_fail_usercopy+0x1a/0x20
[  374.959030][T26215]  _copy_from_user+0x1e/0xb0
[  374.963626][T26215]  kstrtouint_from_user+0x76/0xe0
[  374.968664][T26215]  ? 0xffffffff81000000
[  374.972827][T26215]  ? selinux_file_permission+0x22a/0x360
[  374.978454][T26215]  proc_fail_nth_write+0x4f/0x150
[  374.983475][T26215]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  374.989102][T26215]  vfs_write+0x281/0x920
[  374.993339][T26215]  ? __pfx_random_recv_done+0x10/0x10
[  374.998710][T26215]  ? vring_interrupt+0x161/0x190
[  375.003679][T26215]  ? __fget_files+0x17c/0x1c0
[  375.008391][T26215]  ksys_write+0xe8/0x1b0
[  375.012632][T26215]  __x64_sys_write+0x42/0x50
[  375.017217][T26215]  x64_sys_call+0x287e/0x2dc0
[  375.023253][T26215]  do_syscall_64+0xc9/0x1c0
[  375.027798][T26215]  ? clear_bhb_loop+0x55/0xb0
[  375.032465][T26215]  ? clear_bhb_loop+0x55/0xb0
[  375.037142][T26215]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  375.043085][T26215] RIP: 0033:0x7fa91311d2ff
[  375.047488][T26215] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[  375.067092][T26215] RSP: 002b:00007fa911797030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  375.075497][T26215] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fa91311d2ff
[  375.083524][T26215] RDX: 0000000000000001 RSI: 00007fa9117970a0 RDI: 0000000000000009
[  375.091483][T26215] RBP: 00007fa911797090 R08: 0000000000000000 R09: 0000000000000000
[  375.099455][T26215] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  375.107480][T26215] R13: 0000000000000000 R14: 00007fa9132d5fa0 R15: 00007fff22e0c408
[  375.115536][T26215]  </TASK>
[  375.208821][T26228] FAULT_INJECTION: forcing a failure.
[  375.208821][T26228] name failslab, interval 1, probability 0, space 0, times 0
[  375.221515][T26228] CPU: 0 UID: 0 PID: 26228 Comm: syz.3.7773 Tainted: G        W          6.12.0-syzkaller-01892-g8f7c8b88bda4 #0
[  375.233529][T26228] Tainted: [W]=WARN
[  375.237323][T26228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  375.247374][T26228] Call Trace:
[  375.250645][T26228]  <TASK>
[  375.253607][T26228]  dump_stack_lvl+0xf2/0x150
[  375.258240][T26228]  dump_stack+0x15/0x20
[  375.262421][T26228]  should_fail_ex+0x223/0x230
[  375.267179][T26228]  ? genl_start+0x11e/0x390
[  375.271680][T26228]  should_failslab+0x8f/0xb0
[  375.276320][T26228]  __kmalloc_cache_noprof+0x4b/0x2a0
[  375.281644][T26228]  ? __rcu_read_unlock+0x34/0x70
[  375.286575][T26228]  genl_start+0x11e/0x390
[  375.290905][T26228]  __netlink_dump_start+0x32a/0x520
[  375.296135][T26228]  genl_rcv_msg+0x4e5/0x6c0
[  375.300648][T26228]  ? __pfx_netlbl_cipsov4_listall+0x10/0x10
[  375.306542][T26228]  ? __pfx_genl_start+0x10/0x10
[  375.311449][T26228]  ? __pfx_genl_dumpit+0x10/0x10
[  375.316386][T26228]  ? __pfx_genl_done+0x10/0x10
[  375.321148][T26228]  netlink_rcv_skb+0x12c/0x230
[  375.325952][T26228]  ? __pfx_genl_rcv_msg+0x10/0x10
[  375.330979][T26228]  genl_rcv+0x28/0x40
[  375.335084][T26228]  netlink_unicast+0x599/0x670
[  375.339972][T26228]  netlink_sendmsg+0x5cc/0x6e0
[  375.344830][T26228]  ? __pfx_netlink_sendmsg+0x10/0x10
[  375.350142][T26228]  __sock_sendmsg+0x140/0x180
[  375.354843][T26228]  ____sys_sendmsg+0x312/0x410
[  375.359676][T26228]  __sys_sendmsg+0x19d/0x230
[  375.364302][T26228]  __x64_sys_sendmsg+0x46/0x50
[  375.369063][T26228]  x64_sys_call+0x2734/0x2dc0
[  375.373748][T26228]  do_syscall_64+0xc9/0x1c0
[  375.378392][T26228]  ? clear_bhb_loop+0x55/0xb0
[  375.383156][T26228]  ? clear_bhb_loop+0x55/0xb0
[  375.387835][T26228]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  375.393745][T26228] RIP: 0033:0x7ff4e2d3e819
[  375.398153][T26228] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  375.417833][T26228] RSP: 002b:00007ff4e13b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  375.426325][T26228] RAX: ffffffffffffffda RBX: 00007ff4e2ef5fa0 RCX: 00007ff4e2d3e819
[  375.434366][T26228] RDX: 0000000000000000 RSI: 00000000200009c0 RDI: 0000000000000004
[  375.442342][T26228] RBP: 00007ff4e13b7090 R08: 0000000000000000 R09: 0000000000000000
[  375.450405][T26228] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  375.458447][T26228] R13: 0000000000000000 R14: 00007ff4e2ef5fa0 R15: 00007ffec3503cb8
[  375.466419][T26228]  </TASK>
[  375.559420][T26248] netlink: 'syz.1.7780': attribute type 10 has an invalid length.
[  375.589651][T26253] FAULT_INJECTION: forcing a failure.
[  375.589651][T26253] name failslab, interval 1, probability 0, space 0, times 0
[  375.602369][T26253] CPU: 1 UID: 0 PID: 26253 Comm: +}[@ Tainted: G        W          6.12.0-syzkaller-01892-g8f7c8b88bda4 #0
[  375.613748][T26253] Tainted: [W]=WARN
[  375.617540][T26253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  375.627595][T26253] Call Trace:
[  375.630967][T26253]  <TASK>
[  375.633894][T26253]  dump_stack_lvl+0xf2/0x150
[  375.638547][T26253]  dump_stack+0x15/0x20
[  375.642795][T26253]  should_fail_ex+0x223/0x230
[  375.647524][T26253]  ? rtnl_newlink+0x5d/0x1690
[  375.652218][T26253]  should_failslab+0x8f/0xb0
[  375.656805][T26253]  __kmalloc_cache_noprof+0x4b/0x2a0
[  375.662090][T26253]  rtnl_newlink+0x5d/0x1690
[  375.666638][T26253]  ? xa_load+0xb9/0xe0
[  375.670772][T26253]  ? __memcg_slab_free_hook+0xc9/0x1e0
[  375.676224][T26253]  ? __rcu_read_unlock+0x4e/0x70
[  375.681154][T26253]  ? avc_has_perm_noaudit+0x1cc/0x210
[  375.686529][T26253]  ? selinux_capable+0x1f2/0x260
[  375.691511][T26253]  ? security_capable+0x81/0x90
[  375.696365][T26253]  ? ns_capable+0x7d/0xb0
[  375.700698][T26253]  ? __pfx_rtnl_newlink+0x10/0x10
[  375.705797][T26253]  rtnetlink_rcv_msg+0x6aa/0x710
[  375.710763][T26253]  ? ref_tracker_free+0x3a5/0x410
[  375.715788][T26253]  ? __dev_queue_xmit+0x161/0x2040
[  375.720916][T26253]  ? ref_tracker_alloc+0x1f5/0x2f0
[  375.726049][T26253]  netlink_rcv_skb+0x12c/0x230
[  375.730806][T26253]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  375.736349][T26253]  rtnetlink_rcv+0x1c/0x30
[  375.740757][T26253]  netlink_unicast+0x599/0x670
[  375.745530][T26253]  netlink_sendmsg+0x5cc/0x6e0
[  375.750356][T26253]  ? __pfx_netlink_sendmsg+0x10/0x10
[  375.755645][T26253]  __sock_sendmsg+0x140/0x180
[  375.760370][T26253]  ____sys_sendmsg+0x312/0x410
[  375.765220][T26253]  __sys_sendmsg+0x19d/0x230
[  375.769837][T26253]  __x64_sys_sendmsg+0x46/0x50
[  375.774597][T26253]  x64_sys_call+0x2734/0x2dc0
[  375.779374][T26253]  do_syscall_64+0xc9/0x1c0
[  375.783878][T26253]  ? clear_bhb_loop+0x55/0xb0
[  375.788565][T26253]  ? clear_bhb_loop+0x55/0xb0
[  375.793362][T26253]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  375.799290][T26253] RIP: 0033:0x7fb9ca14e819
[  375.803739][T26253] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  375.823432][T26253] RSP: 002b:00007fb9c87c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  375.831857][T26253] RAX: ffffffffffffffda RBX: 00007fb9ca305fa0 RCX: 00007fb9ca14e819
[  375.839839][T26253] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000003
[  375.847853][T26253] RBP: 00007fb9c87c7090 R08: 0000000000000000 R09: 0000000000000000
[  375.855817][T26253] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  375.863825][T26253] R13: 0000000000000000 R14: 00007fb9ca305fa0 R15: 00007ffe04bf15a8
[  375.871851][T26253]  </TASK>
[  375.886068][T26254] netlink: 28 bytes leftover after parsing attributes in process `syz.1.7780'.
[  375.895084][T26254] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7780'.
[  376.140757][   T29] kauditd_printk_skb: 524 callbacks suppressed
[  376.140771][   T29] audit: type=1326 audit(1732149895.235:19540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26269 comm="syz.4.7788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23b88ee819 code=0x7ffc0000
[  376.174331][   T29] audit: type=1326 audit(1732149895.265:19541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26269 comm="syz.4.7788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23b88ee819 code=0x7ffc0000
[  376.198138][   T29] audit: type=1326 audit(1732149895.265:19542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26269 comm="syz.4.7788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f23b88ee819 code=0x7ffc0000
[  376.222350][   T29] audit: type=1326 audit(1732149895.265:19543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26269 comm="syz.4.7788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23b88ee819 code=0x7ffc0000
[  376.246012][   T29] audit: type=1326 audit(1732149895.265:19544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26269 comm="syz.4.7788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23b88ee819 code=0x7ffc0000
[  376.270366][   T29] audit: type=1326 audit(1732149895.265:19545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26269 comm="syz.4.7788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f23b88ee819 code=0x7ffc0000
[  376.294222][   T29] audit: type=1326 audit(1732149895.265:19546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26269 comm="syz.4.7788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23b88ee819 code=0x7ffc0000
[  376.318608][   T29] audit: type=1326 audit(1732149895.265:19547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26269 comm="syz.4.7788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=149 compat=0 ip=0x7f23b88ee819 code=0x7ffc0000
[  376.342742][   T29] audit: type=1326 audit(1732149895.265:19548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26269 comm="syz.4.7788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23b88ee819 code=0x7ffc0000
[  376.366497][   T29] audit: type=1326 audit(1732149895.265:19549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26269 comm="syz.4.7788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23b88ee819 code=0x7ffc0000
[  376.408394][T26281] sd 0:0:1:0: device reset
[  376.459051][T26281] syz.2.7792[26281] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  376.459112][T26281] syz.2.7792[26281] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  376.502088][T26281] syz.2.7792[26281] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  376.912082][T26313] FAULT_INJECTION: forcing a failure.
[  376.912082][T26313] name failslab, interval 1, probability 0, space 0, times 0
[  376.936259][T26313] CPU: 1 UID: 0 PID: 26313 Comm: syz.1.7799 Tainted: G        W          6.12.0-syzkaller-01892-g8f7c8b88bda4 #0
[  376.948169][T26313] Tainted: [W]=WARN
[  376.952034][T26313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  376.962221][T26313] Call Trace:
[  376.965557][T26313]  <TASK>
[  376.968480][T26313]  dump_stack_lvl+0xf2/0x150
[  376.973093][T26313]  dump_stack+0x15/0x20
[  376.977260][T26313]  should_fail_ex+0x223/0x230
[  376.981999][T26313]  ? __alloc_skb+0x10b/0x310
[  376.986891][T26313]  should_failslab+0x8f/0xb0
[  376.991474][T26313]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[  376.997398][T26313]  __alloc_skb+0x10b/0x310
[  377.001813][T26313]  audit_log_start+0x368/0x6b0
[  377.006642][T26313]  ? kmem_cache_free+0xdc/0x2d0
[  377.011503][T26313]  audit_seccomp+0x4b/0x130
[  377.016034][T26313]  __seccomp_filter+0x6fa/0x1180
[  377.020960][T26313]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  377.026614][T26313]  ? vfs_write+0x596/0x920
[  377.031025][T26313]  ? radix_tree_lookup+0x144/0x150
[  377.036246][T26313]  ? idr_find+0x2c/0x40
[  377.040394][T26313]  __secure_computing+0x9f/0x1c0
[  377.045404][T26313]  syscall_trace_enter+0xd1/0x1f0
[  377.050503][T26313]  ? fpregs_assert_state_consistent+0x83/0xa0
[  377.056610][T26313]  do_syscall_64+0xaa/0x1c0
[  377.061107][T26313]  ? clear_bhb_loop+0x55/0xb0
[  377.065769][T26313]  ? clear_bhb_loop+0x55/0xb0
[  377.070694][T26313]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  377.076693][T26313] RIP: 0033:0x7fa91311d25c
[  377.081121][T26313] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  377.100770][T26313] RSP: 002b:00007fa911797030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  377.109367][T26313] RAX: ffffffffffffffda RBX: 00007fa9132d5fa0 RCX: 00007fa91311d25c
[  377.117322][T26313] RDX: 000000000000000f RSI: 00007fa9117970a0 RDI: 0000000000000006
[  377.125381][T26313] RBP: 00007fa911797090 R08: 0000000000000000 R09: 0000000000000000
[  377.133426][T26313] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  377.141456][T26313] R13: 0000000000000000 R14: 00007fa9132d5fa0 R15: 00007fff22e0c408
[  377.149453][T26313]  </TASK>
[  377.175419][T26319] netlink: 'syz.4.7804': attribute type 10 has an invalid length.
[  377.210466][T26321] netlink: 'syz.2.7805': attribute type 39 has an invalid length.
[  377.250536][T26322] netlink: 28 bytes leftover after parsing attributes in process `syz.4.7804'.
[  377.259555][T26322] netlink: 12 bytes leftover after parsing attributes in process `syz.4.7804'.
[  377.334795][T26334] netlink: 264 bytes leftover after parsing attributes in process `syz.1.7809'.
[  377.344050][T26338] netlink: '+}[@': attribute type 4 has an invalid length.
[  377.468237][T26345] loop0: detected capacity change from 0 to 128
[  377.491983][T26345] syz.0.7813: attempt to access beyond end of device
[  377.491983][T26345] loop0: rw=2049, sector=225, nr_sectors = 128 limit=128
[  377.641584][T26354] loop0: detected capacity change from 0 to 128
[  377.684842][T26354] syz.0.7816: attempt to access beyond end of device
[  377.684842][T26354] loop0: rw=2049, sector=225, nr_sectors = 128 limit=128
[  377.789165][T26358] FAULT_INJECTION: forcing a failure.
[  377.789165][T26358] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  377.802291][T26358] CPU: 1 UID: 0 PID: 26358 Comm: syz.0.7818 Tainted: G        W          6.12.0-syzkaller-01892-g8f7c8b88bda4 #0
[  377.814299][T26358] Tainted: [W]=WARN
[  377.818159][T26358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  377.828295][T26358] Call Trace:
[  377.831597][T26358]  <TASK>
[  377.834678][T26358]  dump_stack_lvl+0xf2/0x150
[  377.839269][T26358]  dump_stack+0x15/0x20
[  377.843569][T26358]  should_fail_ex+0x223/0x230
[  377.848235][T26358]  should_fail+0xb/0x10
[  377.852399][T26358]  should_fail_usercopy+0x1a/0x20
[  377.857424][T26358]  _copy_from_iter+0xd5/0xd00
[  377.862097][T26358]  ? kmalloc_reserve+0x16e/0x190
[  377.867093][T26358]  ? __build_skb_around+0x196/0x1f0
[  377.872288][T26358]  ? __alloc_skb+0x21f/0x310
[  377.876942][T26358]  ? __virt_addr_valid+0x1ed/0x250
[  377.882149][T26358]  ? __check_object_size+0x364/0x520
[  377.887494][T26358]  netlink_sendmsg+0x460/0x6e0
[  377.892349][T26358]  ? __pfx_netlink_sendmsg+0x10/0x10
[  377.897714][T26358]  __sock_sendmsg+0x140/0x180
[  377.902472][T26358]  ____sys_sendmsg+0x312/0x410
[  377.907230][T26358]  __sys_sendmsg+0x19d/0x230
[  377.911821][T26358]  __x64_sys_sendmsg+0x46/0x50
[  377.916622][T26358]  x64_sys_call+0x2734/0x2dc0
[  377.921294][T26358]  do_syscall_64+0xc9/0x1c0
[  377.925826][T26358]  ? clear_bhb_loop+0x55/0xb0
[  377.930503][T26358]  ? clear_bhb_loop+0x55/0xb0
[  377.935172][T26358]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  377.941121][T26358] RIP: 0033:0x7f6e8189e819
[  377.945523][T26358] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  377.965138][T26358] RSP: 002b:00007f6e7ff17038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  377.973638][T26358] RAX: ffffffffffffffda RBX: 00007f6e81a55fa0 RCX: 00007f6e8189e819
[  377.981678][T26358] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000003
[  377.989694][T26358] RBP: 00007f6e7ff17090 R08: 0000000000000000 R09: 0000000000000000
[  377.997690][T26358] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  378.005707][T26358] R13: 0000000000000000 R14: 00007f6e81a55fa0 R15: 00007ffdd061fce8
[  378.013675][T26358]  </TASK>
[  378.091305][T26360] netlink: 'syz.1.7819': attribute type 39 has an invalid length.
[  378.111458][T26369] netlink: 'syz.3.7824': attribute type 39 has an invalid length.
[  378.258870][    C0] ==================================================================
[  378.266978][    C0] BUG: KCSAN: data-race in wq_worker_tick / wq_worker_tick
[  378.274178][    C0] 
[  378.276486][    C0] read-write to 0xffff88810006d0b8 of 8 bytes by interrupt on cpu 1:
[  378.284619][    C0]  wq_worker_tick+0x63/0x240
[  378.289229][    C0]  sched_tick+0xd7/0x140
[  378.293461][    C0]  update_process_times+0x161/0x190
[  378.298647][    C0]  tick_nohz_handler+0x250/0x2d0
[  378.303576][    C0]  __hrtimer_run_queues+0x20d/0x5e0
[  378.308814][    C0]  hrtimer_interrupt+0x235/0x4a0
[  378.313762][    C0]  __sysvec_apic_timer_interrupt+0x5c/0x1d0
[  378.319667][    C0]  sysvec_apic_timer_interrupt+0x6e/0x80
[  378.325288][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  378.331262][    C0]  n_tty_receive_buf_common+0x3ca/0xbe0
[  378.336796][    C0]  n_tty_receive_buf2+0x33/0x40
[  378.341639][    C0]  tty_ldisc_receive_buf+0x63/0x100
[  378.346839][    C0]  tty_port_default_receive_buf+0x59/0x90
[  378.352573][    C0]  flush_to_ldisc+0x1ce/0x410
[  378.357264][    C0]  process_scheduled_works+0x483/0x9a0
[  378.362709][    C0]  worker_thread+0x51d/0x6f0
[  378.367285][    C0]  kthread+0x1d1/0x210
[  378.371337][    C0]  ret_from_fork+0x4b/0x60
[  378.375748][    C0]  ret_from_fork_asm+0x1a/0x30
[  378.380500][    C0] 
[  378.382812][    C0] read-write to 0xffff88810006d0b8 of 8 bytes by interrupt on cpu 0:
[  378.390874][    C0]  wq_worker_tick+0x63/0x240
[  378.395451][    C0]  sched_tick+0xd7/0x140
[  378.399676][    C0]  update_process_times+0x161/0x190
[  378.404862][    C0]  tick_nohz_handler+0x250/0x2d0
[  378.409783][    C0]  __hrtimer_run_queues+0x20d/0x5e0
[  378.414971][    C0]  hrtimer_interrupt+0x235/0x4a0
[  378.419895][    C0]  __sysvec_apic_timer_interrupt+0x5c/0x1d0
[  378.425777][    C0]  sysvec_apic_timer_interrupt+0x6e/0x80
[  378.431396][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  378.437366][    C0]  __tsan_read4+0x42/0x180
[  378.441773][    C0]  n_tty_lookahead_flow_ctrl+0x5b/0x130
[  378.447338][    C0]  tty_port_default_lookahead_buf+0x8a/0xc0
[  378.453230][    C0]  flush_to_ldisc+0x31c/0x410
[  378.457904][    C0]  process_scheduled_works+0x483/0x9a0
[  378.463349][    C0]  worker_thread+0x51d/0x6f0
[  378.467928][    C0]  kthread+0x1d1/0x210
[  378.471988][    C0]  ret_from_fork+0x4b/0x60
[  378.476400][    C0]  ret_from_fork_asm+0x1a/0x30
[  378.481166][    C0] 
[  378.483485][    C0] value changed: 0x00000000003df360 -> 0x00000000003e1a70
[  378.490602][    C0] 
[  378.492917][    C0] Reported by Kernel Concurrency Sanitizer on:
[  378.499052][    C0] CPU: 0 UID: 0 PID: 19864 Comm: kworker/u8:10 Tainted: G        W          6.12.0-syzkaller-01892-g8f7c8b88bda4 #0
[  378.511187][    C0] Tainted: [W]=WARN
[  378.514977][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  378.525452][    C0] Workqueue: events_unbound flush_to_ldisc
[  378.531250][    C0] ==================================================================
[  386.983418][T19860] bridge_slave_1: left allmulticast mode
[  386.989090][T19860] bridge_slave_1: left promiscuous mode
[  386.994808][T19860] bridge0: port 2(bridge_slave_1) entered disabled state
[  387.002491][T19860] bridge_slave_0: left allmulticast mode
[  387.008123][T19860] bridge_slave_0: left promiscuous mode
[  387.013781][T19860] bridge0: port 1(bridge_slave_0) entered disabled state
[  387.065898][T19860] bond0 (unregistering): (slave geneve1): Releasing backup interface
[  387.102484][T19860] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  387.112880][T19860] bond0 (unregistering): (slave team0): Releasing backup interface
[  387.121624][T19860] bond0 (unregistering): Released all slaves
[  387.129737][T19860] bond1 (unregistering): Released all slaves
[  387.183807][T19860] hsr_slave_0: left promiscuous mode
[  387.189480][T19860] hsr_slave_1: left promiscuous mode
[  387.196262][T19860] veth1_macvtap: left promiscuous mode
[  387.202285][T19860] veth0_macvtap: left promiscuous mode
[  387.207844][T19860] veth1_vlan: left promiscuous mode
[  387.213062][T19860] veth0_vlan: left promiscuous mode
[  387.282512][T19860] team0 (unregistering): Port device team_slave_1 removed
[  387.293720][T19860] team0 (unregistering): Port device team_slave_0 removed
[  387.458198][T19860] IPVS: stop unused estimator thread 0...