last executing test programs: 1m12.274449161s ago: executing program 3 (id=493): r0 = syz_io_uring_setup(0x4e0, &(0x7f00000000c0)={0x0, 0x40079af, 0x3180, 0x8000, 0x400252}, 0x0, &(0x7f0000000340)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4) syz_io_uring_submit(0x0, r1, &(0x7f0000000500)=@IORING_OP_MKDIRAT={0x25, 0x17, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1f, 0x0, 0xf9b7a26b18f77d51}) io_uring_enter(r0, 0x627, 0x4c1, 0x43, 0x0, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, 0x0, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r2}, 0x10) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[], 0x128}, 0x1, 0x0, 0x0, 0x4048044}, 0x4004040) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r4}, 0x38) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_GET(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000800)=ANY=[@ANYBLOB=',', @ANYRES16=r6, @ANYBLOB="010300000000fcdbdf252600000018000180140002"], 0x2c}}, 0x20000000) r7 = socket$nl_route(0x10, 0x3, 0x0) r8 = socket$packet(0x11, 0x2, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r8, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00', 0x0}) setsockopt$packet_add_memb(r8, 0x107, 0x1, 0x0, 0x0) sendmsg$nl_route_sched(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=@getchain={0x24, 0x11, 0x43d, 0x10000000, 0x25dfdbff, {0x0, 0x0, 0x0, r9, {0x4, 0x1}, {0x4, 0xc}, {0x0, 0xffe0}}}, 0x24}, 0x1, 0x0, 0x0, 0x4048010}, 0x20000000) 1m12.163713316s ago: executing program 3 (id=496): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000640)='sched_switch\x00', r1}, 0x18) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r2, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) r3 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r3, &(0x7f0000000180)=[{&(0x7f0000000900)="580000001400192340834b80040d8c560a066e0202ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000200060c10000000010000000000", 0x58}], 0x1) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001c80)={{r0}, &(0x7f0000001c00), &(0x7f0000001c40)=r1}, 0x20) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', 0x0}) r9 = socket$unix(0x1, 0x2, 0x0) sendmmsg$unix(r9, &(0x7f0000001bc0)=[{{&(0x7f0000000240)=@abs={0x1, 0x0, 0x4e22}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x40100}}], 0x1, 0x2840) sendmsg$nl_route(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x20, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_OIF={0x8, 0x5, r8}]}, 0x20}}, 0x0) sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=@ipv6_newrule={0x24, 0x18, 0x409, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, [@FIB_RULE_POLICY=@FRA_GOTO={0x8, 0x1e, 0x1}]}, 0x24}}, 0x80) sendmsg$nl_route(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=@newlink={0x6c, 0x10, 0x437, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x4c, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x38, 0x2, 0x0, 0x1, [@IFLA_GRE_LOCAL={0x14, 0x6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @IFLA_GRE_REMOTE={0x14, 0x7, @private2}, @IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_LINK={0x8, 0x1, r8}]}}}]}, 0x6c}}, 0x0) r10 = socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="9feb010018000000000000003000000030000000020000000000000001000004ffffffff000000000300000000000000000000000000000203000000000000000000000902"], 0x0, 0x4a}, 0x20) r11 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000380), r10) ioctl$ifreq_SIOCGIFINDEX_wireguard(r10, 0x8933, &(0x7f0000000080)={'wg2\x00', 0x0}) bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0xf}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x4000, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x4e24, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa845942824251d7d17b5191584bcd4fbe40a23424d00", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3}, 0x94) r13 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r13, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) sendmsg$WG_CMD_SET_DEVICE(r10, &(0x7f0000000d40)={0x0, 0x300, &(0x7f0000000d00)={&(0x7f0000000880)=ANY=[@ANYBLOB="2c020000", @ANYRES16=r11, @ANYBLOB="010000000000000000000100000024000300a05ca84f6c9c8e3853e2fd7a70ae0fb20fa152600cb00845174f08076f8d7843e40108804400208024000100000000000100000000000000fdffff01000000000000000000000000000000001400040003000000ac1414bb00000000000000000600050000000000000100802400020073e591ec06154031d3954ac0e16752e72640f08b5281a8461d17d26d12f2bbb6060005000021000024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b39228c00098028000080060001000a0000001400020020010000000000000000000002000001050003000000000088000080060001000a000000140002002001000000f800000000000000000002050003000000001003800080060001008c0e000008000200ac1414aa05000300000000001c000080060001000200000008000200ac1414bb0500030000000000200004000e00000000000000fe800000000000000000000000000000000000009c0000802400020073961633df6dc9cb418b15afd0bae7b90f1e6cfed8bb423cf9285c474163154908000a00010000002400010000000000000000000000000000000000000000000000000000000000000000004800098028000080060001000a00000014000200fe8000000000000000000000000000bb05000300000000001c000080060001000200000008000200000000000500030000000000080005000100000008000100", @ANYRES32=r12], 0x22c}}, 0x0) 1m11.925409275s ago: executing program 3 (id=500): r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x40a00, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r2}, 0x38) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b7040000000000008500000001000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3, 0x0, 0x3}, 0x18) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) 1m11.794709801s ago: executing program 3 (id=505): r0 = syz_pidfd_open(0x0, 0x0) setns(r0, 0x24020000) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0) mount$bind(&(0x7f0000000580)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x1b5008, 0x0) mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0) mount$bind(&(0x7f0000000540)='./file0\x00', &(0x7f0000000140)='./file0/../file0\x00', 0x0, 0x2145499, 0x0) umount2(&(0x7f0000000040)='.\x00', 0x2) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000000)=ANY=[@ANYRES16=r1, @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000006c0)='kmem_cache_free\x00', r2}, 0x18) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x1006, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) syz_mount_image$iso9660(&(0x7f0000000240), &(0x7f0000000080)='./file2\x00', 0x1808004, &(0x7f0000000000)=ANY=[@ANYRES16=0x0, @ANYRES64], 0x4, 0x7cc, &(0x7f0000002200)="$eJzs3U1sHOUZAOB3HJsEI6WIVimKQpgEKgUJzHoNpi4HWNZje2C9a+2uq0RVRSNwkBUHKBS15AJRJWirVlVPPVKu3HqjqtRKPbQ9VSqHXnpD4lRRqX+iqpBczew6/v9JcEIgz2PF3+zsO9/3zmY978za+20AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJHUJyuV0SQa+bfnT6fbq0+2W7M73L/S32/XNes8vm7ciKT4F4cOxUf/6q370urdR4pvJ+NY79axOFQ0h+LibUduf/SLgwMr2++Q0NU6sce4JOL1IqnzZ5eWFl66BolcRz/69RVv8t/l4vt01sw7rXy2Np2leaeVToyPVx6cmeqkU3kj65zpdLPZtN7Oat1WOz1Vvy8dnZgYS7ORM6355vRkrZGtrHzkgWqlMp4+OTKX1dqdVvPBJ6NTn8kbjbw5XcZUK9+NIuaR4on4VN5Nu1ltNk3PLS4tjK3JKtkq1SJodKs7DvSeP8fuvf2DV97/5+JC8YTcbn+T/hOzOjparY6OPzzx8COVymC1Ul2/orJBXI6IgYgi4po8afkM2d8DOHwCA/36H43IoxnzcTrSDV9DETEU9ZiMdrRitlj3l6FNUX0r9f8rD/79TzuNu7b+r1T5O1fvPhpl/T/eu3V8u/q/KYsdv4auKHpPXy/Hq3ExzsfZWIqlWIiX9rf/g/ue8cAn7SFZd2s6smhGHp1oRR6zUSvXpP01aUzEeIxHJZ6OmZiKTqQxFXk0IotOnIlOdCMrn1H1aEcWtehGK9qRxqmox32RxmhMxESMRRpZjMSZaMV8NGM6Hoha2cu5WCwf97ENWR65NX713J8/eKtYvhw0utNuFSdzRdA/dgjaVO53rP/Ly8X5wsYI9f9mdw2O4nB1llfqPwAAAPC5lZSvviflS/x3lUtTeSP7xh627A5eh/QAAACAfVD+5v9Y0QwVS3dFUlz/V7aIfO+65wYAAADsj6R8j10SEcNxd2/pXCzG67EQW70IAAAAAHwGlb//P140wxGvlStWpktx/Q8AAACfEz/Ybo7991fm2O3MHUx+U84BnFyaO31vcqFWxNUuHOht12++frnH7tTR5HC/k7IZH7x4WxIRg/XsWLIy++XHB3vth+X3o6tzCWw313/Sbu+YQOycQHkrfhwnejEnnu21z/bvSXqjDE/ljWyk3mo8Wk6JWPzrvvL84vciitF/2Jw9nMS5xaWFkWdeWHq2zOVS0culC/0JFNfNo7j8hR1zWe4/AnHX1ns8VL4Roz/ucG/cytr9Hyi3/t9yOc/stvufrB3zjTjZizk53GuHV+7pjXmoGHN05NHRqNUOD3Sz091XltfsfT+L0d32fJf/hTfinl7MPafu6TVbZFFdl8Xzm7Oors2i91jEwD5l8daJ107/5/etJBvbLYuxK8hi+UDExiwAPi3nyll/VqvQrWUVKopKoaj/G+rurStb7uFY++/VUXpnGR/3u42INbVuMDZW99W+91bdl6N3RD/ViznVO58YPLpFXalscUR/cfHFP/SP6A+98/NffPP4H39ZjntV1e2duK8X02/ijt9tU2OLff7Jhqr6drHF21uOW5yDdRrVJC5FHPjOhRfjyMuvXnxg8cLZ5xaeW3i+Wh0brzxUqTxcjaHyVKHf7JApADev3T9jZ9uIW/pdJA9td1Xdr3h3XP6TgpF4Jl6IpSjOAO7uxd69edx3iyvxNX+GcP8uV63Daz7h5f5dri1XY6ubY5PYJnZszSP25Z+VzUfX5L8DAK6LkzvU4V3q/+VX5u/f5bp7fS3fcHUc29fyrXz1mj4aAHBzyNofJsPdN5N2O597enRiYrTWncnSdqv+VNrOJ6ezNG92s3Z9ptacztK5dqvbqq+8cDyZddLO/Nxcq91Np1rtNAY6+enyk9/T/ke/d7LZWrOb1ztzjazWydJ6q9mt1bvpZN6pp3PzTzTyzkzWLjfuzGX1fCqv17p5q5l2WvPtejaSpp0sWxOYT2bNbj6VF4vNdK6dz9balyKiMT+bpZNZp97O57qtXocrY+XNqVZ7tux2ZPPu/+16P94AcCN4+dWL588uLS28dHULf91L8Ke9jwDAeqo0AAAAAAAAAAAAAADc+Da/Xa9Y+wneEXhlCwfjmg9xEy18rT8lY29NsXSDJPbpLXzrscfObxfzxGt3zuytn61/UrZ6q+ubhyNuefenvTWPbx/8/f7P3/7s6XsRcRWbLyc7xKw7TNxynQ9LAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALCl/wcAAP//ez9qPw==") r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c"], 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r6}, 0x10) open_by_handle_at(0xffffffffffffff9c, &(0x7f0000000640)=ANY=[@ANYBLOB="20000000020000001d"], 0x202400) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r4}, &(0x7f0000000180), &(0x7f00000001c0)=r3}, 0x20) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r7}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) brk(0x400000ffc000) r8 = memfd_secret(0x80000) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) fchownat(r8, &(0x7f0000000040)='\x00', 0x0, 0x0, 0x1000) 1m11.616411869s ago: executing program 3 (id=506): unshare(0x4020400) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0xffffffffffffffff}, 0x18) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0xe68, 0x30, 0x871a15abc695fa3d, 0x70bd2d, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{0x0, 0x300}, 0x93}, [{0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {0x0, 0x0, 0x0, 0x0, 0x3000000, 0x40000000}, {0x1, 0x0, 0x0, 0x4000000, 0x7, 0x80000}, {0x8000, 0x5, 0x0, 0xfffffffc, 0x5}, {0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x800000, 0x0, 0x6}, {0x0, 0xc3}, {0x0, 0x5}, {0x5}, {}, {0x0, 0x10}, {0x0, 0x470a, 0x0, 0x8000000}, {}, {0x2, 0x0, 0x0, 0x0, 0x6, 0x6}, {}, {}, {0x0, 0x0, 0x0, 0x1, 0x0, 0xfff}, {0x0, 0x0, 0x0, 0x8000000}, {}, {0x0, 0x0, 0x0, 0x0, 0x20}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {}, {0x0, 0x0, 0x0, 0xfffffffc}, {0x20000}, {}, {0x0, 0x7, 0x0, 0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x3}, {0x0, 0x8000, 0x0, 0x0, 0x5}, {0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x60569add}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2b25}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {0xffffffff, 0x9}, {0x0, 0x0, 0x0, 0x0, 0xfffff800}, {0x3}, {}, {0xffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {0xfffffffd}, {}, {0x0, 0x9, 0x0, 0xffffffff, 0x0, 0x2}, {}, {0x80}, {0x80}, {0x0, 0x0, 0x0, 0x5, 0x5}, {}, {0x0, 0x0, 0x8}, {0x0, 0x2, 0x0, 0x0, 0x9}, {0x0, 0x0, 0x8, 0x0, 0x3}, {}, {0x0, 0x5}, {0x0, 0x0, 0x0, 0x8510}, {0xffff}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {0x0, 0xfffefffd}, {0x0, 0x0, 0x0, 0x1}, {}, {0x5}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}, {0x0, 0x7}, {}, {0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x9}, {0x0, 0xfffffffc, 0x200}, {0x0, 0x0, 0x0, 0x200}, {}, {0x4}, {}, {0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x101, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x3, 0xfffffffe}, {0x0, 0x0, 0x0, 0x4, 0x9}, {}, {0x0, 0x0, 0x0, 0x0, 0x1, 0x7}, {0x0, 0xb}, {0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x5, 0x0, 0x0, 0x0, 0xfffffffc}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x56}, {0x0, 0x0, 0x0, 0xec33, 0x0, 0x4}, {}, {0xb, 0x0, 0x0, 0x0, 0x0, 0xfe1}, {0x0, 0x0, 0x0, 0x0, 0x4}, {0x0, 0x0, 0xfffffffc}, {}, {0x0, 0xfffffffd}, {0x6}, {0x7f}, {}, {0x0, 0x8, 0x0, 0x0, 0xfffffffe}, {0x4, 0x2, 0x2000000, 0x2, 0x0, 0xfffffffe}, {0x0, 0x0, 0x0, 0x0, 0xe9d, 0x58a}, {0x2}, {0x2, 0x9, 0x20000000}, {0xfffffffc}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x292}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {0x0, 0x0, 0xe600, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, {0x0, 0x5, 0x0, 0x7, 0x1}, {0x0, 0x5, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x80}, {0x10000000, 0x0, 0x0, 0x0, 0x1}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {}, {}, {0xfffffffb, 0x0, 0x0, 0x0, 0x8000}, {0x6, 0xffffffff, 0x0, 0x0, 0x0, 0xfffffffe}, {0x2d, 0x0, 0x10000}, {0x0, 0x0, 0x8000}, {0x0, 0x8000, 0x0, 0xe}, {0x0, 0x0, 0x10000}, {0x0, 0x80000000, 0x0, 0x7fff800, 0x4}, {0x0, 0x3}, {0xffffffff, 0x0, 0x0, 0x0, 0xd}], [{}, {}, {0x0, 0x1}, {0x1}, {}, {0x3}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x3, 0x1}, {0x0, 0x1}, {}, {0x5, 0x1}, {0x0, 0x1}, {0x4}, {0x3}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {0x4}, {}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x1}, {}, {}, {}, {0x0, 0x1}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x0, 0x1}, {0x2}, {0x5}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {0x1}, {}, {0x5}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x2, 0x1}, {}, {}, {}, {}, {0x5, 0x1}, {}, {}, {}, {0x2}, {}, {}, {0x4}, {0x3}, {}, {}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0) 1m11.371425569s ago: executing program 3 (id=509): r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x40a00, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x4, 0x0, &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) connect$inet6(r3, &(0x7f0000000080)={0xa, 0x4e22, 0x3f80, @private1={0xfc, 0x1, '\x00', 0x1}, 0xd45}, 0x1c) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_CMD_ENABLE_BEARER(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="1e0000", @ANYRES16, @ANYBLOB="010025bd7000"], 0x34}, 0x1, 0x0, 0x0, 0x4000}, 0x800) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r2, 0x0, 0x2}, 0x18) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0) fcntl$lock(r5, 0x5, &(0x7f00000000c0)={0x0, 0x2, 0x3ff2e233}) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r6}, 0x38) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r7, 0x0, 0x3}, 0x18) r8 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x16, &(0x7f0000fcb000), 0x4) close_range(r8, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x60c80, 0x151) io_setup(0x2, &(0x7f0000000080)) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001200)={0x0, 0x700, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x14, 0x2, [@TCA_FQ_FLOW_DEFAULT_RATE={0x10, 0x11, 0x4000}, @TCA_FQ_QUANTUM={0x8, 0x3, 0x4000}]}}]}, 0x40}}, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) 1m11.371012089s ago: executing program 32 (id=509): r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x40a00, 0x0) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x4, 0x0, &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) connect$inet6(r3, &(0x7f0000000080)={0xa, 0x4e22, 0x3f80, @private1={0xfc, 0x1, '\x00', 0x1}, 0xd45}, 0x1c) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_CMD_ENABLE_BEARER(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="1e0000", @ANYRES16, @ANYBLOB="010025bd7000"], 0x34}, 0x1, 0x0, 0x0, 0x4000}, 0x800) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r2, 0x0, 0x2}, 0x18) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0) fcntl$lock(r5, 0x5, &(0x7f00000000c0)={0x0, 0x2, 0x3ff2e233}) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r6}, 0x38) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r7, 0x0, 0x3}, 0x18) r8 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x16, &(0x7f0000fcb000), 0x4) close_range(r8, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x60c80, 0x151) io_setup(0x2, &(0x7f0000000080)) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001200)={0x0, 0x700, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x14, 0x2, [@TCA_FQ_FLOW_DEFAULT_RATE={0x10, 0x11, 0x4000}, @TCA_FQ_QUANTUM={0x8, 0x3, 0x4000}]}}]}, 0x40}}, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) 2.405610277s ago: executing program 0 (id=1545): setsockopt$inet_int(0xffffffffffffffff, 0x0, 0xe, 0x0, 0x0) r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x2) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x300) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff) r4 = gettid() bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYRESOCT=r0], 0x50) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYRESHEX=0x0], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r6}, 0x10) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400080000000900020073797a3100000000050005000a00000012000300686173683a6e65742c706f72"], 0x4c}}, 0x2) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)={0x38, 0x9, 0x6, 0x801, 0x0, 0x0, {0x7}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_ADT={0x1c, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_CIDR={0x5, 0x3, 0xe}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBPRIO={0x8, 0x1c, 0x1, 0x0, 0x8}}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x10000042}, 0x24000891) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010028bd7000ffdbdf2514000000080001000100000008001c00", @ANYRES32=r4, @ANYBLOB="2a997dee7022a69a668b5d91e4fc5efe77bcb02013af3a43884aa6fd8b38b1bc00000101000000db19717495fcb791b6"], 0x24}, 0x1, 0x0, 0x0, 0x20000040}, 0x4000000) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa4"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r9 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000000)={'macvtap0\x00'}) r10 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) getsockopt$bt_BT_SNDMTU(r10, 0x112, 0xc, &(0x7f0000000400)=0x126a, &(0x7f0000002540)=0x2) socket$netlink(0x10, 0x3, 0x0) 2.11467227s ago: executing program 0 (id=1553): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0xe, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10) dup3(r2, r0, 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = dup(r4) ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}) write$tun(r3, &(0x7f0000000100)={@val={0x0, 0x6003}, @void, @eth={@broadcast, @broadcast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x67, 0x0, 0x3, 0x2f, 0x0, @private=0x1fe1, @private=0xa010100}, {0xa000, 0x86dd, 0xc, 0x0, @opaque="f842651e"}}}}}}, 0x32) 2.046722723s ago: executing program 0 (id=1556): r0 = syz_io_uring_setup(0x5f4b, &(0x7f0000000100)={0x0, 0x1568, 0x10000, 0x2, 0x285}, &(0x7f0000000040)=0x0, &(0x7f00000000c0)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x2, 0xa3d8, &(0x7f00000005c0)=[{0x0}], 0x1, 0x8, 0x1, {0x2}}) io_uring_enter(r0, 0x29ab, 0xd480, 0x0, 0x0, 0x0) 1.939764977s ago: executing program 2 (id=1559): r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01) ioctl$USBDEVFS_SETINTERFACE(r0, 0x80085504, 0x0) 1.898718239s ago: executing program 0 (id=1561): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x39) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='inet_sock_set_state\x00', r1}, 0x18) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000800000000000070000000900010073797a30000000007c000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d38001280140001800c000100636f756e7465720004000280200001800e000100636f6e6e6c696d69740000000c000280080001400000000808000340000001"], 0xc4}}, 0x20050890) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYRES64=r2], 0x0}, 0x94) r3 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) newfstatat(0xffffffffffffff9c, 0x0, 0x0, 0x400) socket$inet(0x2, 0x5, 0x0) r4 = socket$igmp6(0xa, 0x3, 0x2) socketpair$unix(0x1, 0x5, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4000) setsockopt$MRT6_DEL_MIF(r4, 0x29, 0xcb, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0, r5}, 0x18) write$UHID_CREATE2(r3, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r6 = syz_open_dev$hidraw(&(0x7f0000000000), 0x0, 0x81) ioctl$HIDIOCSFEATURE(r6, 0xc0404806, &(0x7f0000000040)) write$UHID_SET_REPORT_REPLY(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="0e00"], 0xc) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff) 1.845386581s ago: executing program 2 (id=1563): r0 = socket$nl_route(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c"], 0x48) (async) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000) mlockall(0x7) (async) mlockall(0x7) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) listxattr(&(0x7f0000000140)='./file0\x00', 0x0, 0xffffffffffffffae) sendmsg$nl_xfrm(r3, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000000)=ANY=[@ANYBLOB="48010000100001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac141400000000000000000000000000000000003200000000000000000000000000000000000000000000000000000000000000000000000000001eb900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000004c00120073657169762863636d28626c6f77666973682d61736d29290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000c0008"], 0x148}}, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'hsr0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYBLOB="4400000010000104fcffffff8000000000000000", @ANYRES32=0x0, @ANYBLOB="0317000000000000140012800b0001006d616373656300000400028008000500", @ANYRES32=r4, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r4, @ANYBLOB="266547d23de48d5a19aa39473f10379fb7748ebc63e1319bff969f7abb1564a36ba0320858d4f3a5065937c9dc6a768fba996d29928814106f15d46cc7389064ff01b1be59a9fb8346cf1c4f5d6c3f75d7f9125e93250063844ef07421343890053407e48a908a95333f57e29bd2ed9c4833d19b2c6da820ada5519d70a0f0ed058aeeb938d9c8350b4e162af86fd688b1df0a9fb1afe4e065a9e6c14ebe7ea36df0f3f960e2cfbf038980d7c12fec7ecbee2056c67e8e8367a7c440cce25d65ea0d8e1b06b44d0c444af256f95689969a3512b7906c598d86c3728631539ded3b762214f5ba602a5c70827a8362ceca8370655afe5257e4beade76d06ce4cfb4374b9e122bdecdafe3a07fa4a71790292ae937db38f68ea9a0a4a2815d6231bc40d077631ec73ba47e5b050e5091ac71a79a89610e5febc5629475b1dd9afe3accb87b0b62b5ea213628fb351e6532b9d9fd5427a42fac3daa2688743f56c6ccc79db7ab9df0a63b2bf817b19d9cd2c9dcd2923d1ee5f4f68a97141100402bc9975a6d365092a7503c4c9a99090eb"], 0x44}, 0x1, 0x0, 0x0, 0x2004d808}, 0x0) (async) sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYBLOB="4400000010000104fcffffff8000000000000000", @ANYRES32=0x0, @ANYBLOB="0317000000000000140012800b0001006d616373656300000400028008000500", @ANYRES32=r4, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r4, @ANYBLOB="266547d23de48d5a19aa39473f10379fb7748ebc63e1319bff969f7abb1564a36ba0320858d4f3a5065937c9dc6a768fba996d29928814106f15d46cc7389064ff01b1be59a9fb8346cf1c4f5d6c3f75d7f9125e93250063844ef07421343890053407e48a908a95333f57e29bd2ed9c4833d19b2c6da820ada5519d70a0f0ed058aeeb938d9c8350b4e162af86fd688b1df0a9fb1afe4e065a9e6c14ebe7ea36df0f3f960e2cfbf038980d7c12fec7ecbee2056c67e8e8367a7c440cce25d65ea0d8e1b06b44d0c444af256f95689969a3512b7906c598d86c3728631539ded3b762214f5ba602a5c70827a8362ceca8370655afe5257e4beade76d06ce4cfb4374b9e122bdecdafe3a07fa4a71790292ae937db38f68ea9a0a4a2815d6231bc40d077631ec73ba47e5b050e5091ac71a79a89610e5febc5629475b1dd9afe3accb87b0b62b5ea213628fb351e6532b9d9fd5427a42fac3daa2688743f56c6ccc79db7ab9df0a63b2bf817b19d9cd2c9dcd2923d1ee5f4f68a97141100402bc9975a6d365092a7503c4c9a99090eb"], 0x44}, 0x1, 0x0, 0x0, 0x2004d808}, 0x0) 1.427668079s ago: executing program 4 (id=1569): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000640)='sched_switch\x00', r1}, 0x18) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r2, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) r3 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r3, &(0x7f0000000180)=[{&(0x7f0000000900)="580000001400192340834b80040d8c560a066e0202ff000000000000000058000b4824ca945f64009400ff03", 0x2c}], 0x1) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001c80)={{r0}, &(0x7f0000001c00), &(0x7f0000001c40)=r1}, 0x20) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', 0x0}) r9 = socket$unix(0x1, 0x2, 0x0) sendmmsg$unix(r9, &(0x7f0000001bc0)=[{{&(0x7f0000000240)=@abs={0x1, 0x0, 0x4e22}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x40100}}], 0x1, 0x2840) sendmsg$nl_route(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x20, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_OIF={0x8, 0x5, r8}]}, 0x20}}, 0x0) sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=@ipv6_newrule={0x24, 0x18, 0x409, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, [@FIB_RULE_POLICY=@FRA_GOTO={0x8, 0x1e, 0x1}]}, 0x24}}, 0x80) sendmsg$nl_route(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=@newlink={0x6c, 0x10, 0x437, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x4c, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x38, 0x2, 0x0, 0x1, [@IFLA_GRE_LOCAL={0x14, 0x6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @IFLA_GRE_REMOTE={0x14, 0x7, @private2}, @IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_LINK={0x8, 0x1, r8}]}}}]}, 0x6c}}, 0x0) r10 = socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="9feb010018000000000000003000000030000000020000000000000001000004ffffffff000000000300000000000000000000000000000203000000000000000000000902"], 0x0, 0x4a}, 0x20) r11 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000380), r10) ioctl$ifreq_SIOCGIFINDEX_wireguard(r10, 0x8933, &(0x7f0000000080)={'wg2\x00', 0x0}) bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0xf}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x4000, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x4e24, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa845942824251d7d17b5191584bcd4fbe40a23424d00", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3}, 0x94) r13 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r13, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) sendmsg$WG_CMD_SET_DEVICE(r10, &(0x7f0000000d40)={0x0, 0x300, &(0x7f0000000d00)={&(0x7f0000000880)=ANY=[@ANYBLOB="2c020000", @ANYRES16=r11, @ANYBLOB="010000000000000000000100000024000300a05ca84f6c9c8e3853e2fd7a70ae0fb20fa152600cb00845174f08076f8d7843e40108804400208024000100000000000100000000000000fdffff01000000000000000000000000000000001400040003000000ac1414bb00000000000000000600050000000000000100802400020073e591ec06154031d3954ac0e16752e72640f08b5281a8461d17d26d12f2bbb6060005000021000024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b39228c00098028000080060001000a0000001400020020010000000000000000000002000001050003000000000088000080060001000a000000140002002001000000f800000000000000000002050003000000001003800080060001008c0e000008000200ac1414aa05000300000000001c000080060001000200000008000200ac1414bb0500030000000000200004000e00000000000000fe800000000000000000000000000000000000009c0000802400020073961633df6dc9cb418b15afd0bae7b90f1e6cfed8bb423cf9285c474163154908000a00010000002400010000000000000000000000000000000000000000000000000000000000000000004800098028000080060001000a00000014000200fe8000000000000000000000000000bb05000300000000001c000080060001000200000008000200000000000500030000000000080005000100000008000100", @ANYRES32=r12], 0x22c}}, 0x0) 1.40197373s ago: executing program 2 (id=1570): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x39) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='inet_sock_set_state\x00', r1}, 0x18) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000800000000000070000000900010073797a30000000007c000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d38001280140001800c000100636f756e7465720004000280200001800e000100636f6e6e6c696d69740000000c000280080001400000000808000340000001"], 0xc4}}, 0x20050890) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYRES64=r2], 0x0}, 0x94) r3 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0) r4 = socket$inet6_udp(0xa, 0x2, 0x0) newfstatat(0xffffffffffffff9c, 0x0, 0x0, 0x400) r5 = socket$igmp6(0xa, 0x3, 0x2) socketpair$unix(0x1, 0x5, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4000) setsockopt$MRT6_DEL_MIF(r5, 0x29, 0xcb, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0}, 0x18) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x18, 0x7, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000e50003000000000085100000fcffffff250000001000000007000000faffffff95"], &(0x7f0000000140)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x4c, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xa}, 0x94) setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f00000010c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x460, 0x280, 0x268, 0x300, 0x280, 0x268, 0x390, 0x460, 0x460, 0x390, 0x460, 0x9, 0x0, {[{{@uncond, 0x0, 0x240, 0x280, 0x0, {0x9401}, [@common=@inet=@hashlimit2={{0x150}, {'hsr0\x00', {0x0, 0xb, 0x0, 0x3, 0x0, 0x5, 0x9}}}, @common=@unspec=@limit={{0x48}, {0xfff, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x2}}]}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x8, 0x21, "6bb6778f9bdec125b0fb4f26be757b1e6f2fb8e9079627dc6726c4bc85e9"}}}, {{@ipv6={@private2, @remote, [], [], 'ip6gretap0\x00', 'ip6_vti0\x00'}, 0x0, 0xa8, 0x110}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x511) write$UHID_CREATE2(r3, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r6 = syz_open_dev$hidraw(&(0x7f0000000000), 0x0, 0x81) ioctl$HIDIOCSFEATURE(r6, 0xc0404806, &(0x7f0000000040)) write$UHID_SET_REPORT_REPLY(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="0e00"], 0xc) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r7, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000c00)=ANY=[@ANYBLOB="14000000", @ANYRES16=r8], 0x14}}, 0x0) 1.122922842s ago: executing program 5 (id=1576): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000300)={0xa, 0x2, 0xfffffffc, @empty, 0x80000001}, 0x1c) sendto$inet6(r0, &(0x7f0000000680)="d942cf39c8", 0x5, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) 1.115894662s ago: executing program 1 (id=1577): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000000)={0x500, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB], 0x78}}, 0x0) bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) open(&(0x7f0000000280)='.\x00', 0x2000, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r2) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r3}, &(0x7f0000000200), 0x0}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=']) r4 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r4, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @local}, 0xc) r5 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r5, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000040)="2e00000011008188040f80ec59acbc0413a1f8480b0000005e140602000000000e0027001000000002800000121f", 0x2e}], 0x1}, 0x0) 1.091049634s ago: executing program 5 (id=1578): mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2, 0xc3072, 0xffffffffffffffff, 0x200000) setresuid(0x0, 0xee00, 0x0) r0 = io_uring_setup(0xaae, &(0x7f0000000300)={0x0, 0xbfffeffb, 0x800, 0x7, 0x2}) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x2300000000000000, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) 1.062482215s ago: executing program 5 (id=1579): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) getrusage(0xffffffffffffffff, &(0x7f0000001640)) 986.966678ms ago: executing program 5 (id=1580): r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x6, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18) r2 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000000)=@nat={'nat\x00', 0x670, 0x5, 0x448, 0x190, 0x0, 0xffffffff, 0x238, 0x0, 0x3b0, 0x3b0, 0xffffffff, 0x3b0, 0x3b0, 0x5, 0x0, {[{{@uncond, 0x0, 0x158, 0x190, 0x48, {}, [@common=@unspec=@string={{0xc0}, {0x5, 0xc, 'bm\x00', "0d01d3e4c6b2bfd892aa7400051624fa86999b13d39b99407a9b7abe75a728baa18da576811985de44110b8602025e1298ea55f1c5087ab16f67b18ca90ac68f0b3d6a068f727f7d23fa5fad26a59a5da2651212bdf9d29248ae63e2349b2470915eea2c39ade5129ff26b6fe772493180cfda2cdd49412e9469d85abdb467ba", 0x79, 0x2, {0x1}}}, @common=@unspec=@addrtype1={{0x28}, {0x4, 0x400, 0x3}}]}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0x0, @rand_addr=0x64010102, @loopback, @gre_key=0x3, @port=0x4e20}}}}, {{@ip={@multicast1, @dev={0xac, 0x14, 0x14, 0x64}, 0xff, 0xff000000, 'veth1_to_bridge\x00', 'ip6erspan0\x00', {0xff}, {}, 0x11, 0x2, 0x78}, 0x0, 0x70, 0xa8}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x10, @remote, @local, @port=0x4e20, @gre_key=0x6}}}}, {{@ip={@loopback, @private=0xa010102, 0xff, 0x0, 'veth1_to_hsr\x00', 'batadv_slave_1\x00', {}, {}, 0x6e, 0x0, 0x4}, 0x0, 0x70, 0xa8}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0x2, @loopback, @remote, @icmp_id=0x67, @port=0x4e23}}}}, {{@ip={@multicast1, @broadcast, 0xff000000, 0xff, 'veth1_macvtap\x00', 'bridge0\x00', {}, {0xff}, 0x73, 0x2, 0x20}, 0x0, 0x98, 0xd0, 0x0, {}, [@common=@icmp={{0x28}, {0xc, "1542", 0x1}}]}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x10, @rand_addr, @dev={0xac, 0x14, 0x14, 0x26}, @port=0x4e23, @icmp_id}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0xffb2) 953.15626ms ago: executing program 1 (id=1581): r0 = bpf$MAP_CREATE(0x0, 0x0, 0x39) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='inet_sock_set_state\x00', r1}, 0x18) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000800000000000070000000900010073797a30000000007c000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d38001280140001800c000100636f756e7465720004000280200001800e000100636f6e6e6c696d69740000000c000280080001400000000808000340000001"], 0xc4}}, 0x20050890) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYRES64=r2], 0x0}, 0x94) r3 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0) r4 = socket$inet6_udp(0xa, 0x2, 0x0) newfstatat(0xffffffffffffff9c, 0x0, 0x0, 0x400) socket$inet(0x2, 0x5, 0x0) r5 = socket$igmp6(0xa, 0x3, 0x2) socketpair$unix(0x1, 0x5, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4000) setsockopt$MRT6_DEL_MIF(r5, 0x29, 0xcb, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0, r6}, 0x18) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x18, 0x7, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000e50003000000000085100000fcffffff250000001000000007000000faffffff95"], &(0x7f0000000140)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x4c, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xa}, 0x94) setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f00000010c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x460, 0x280, 0x268, 0x300, 0x280, 0x268, 0x390, 0x460, 0x460, 0x390, 0x460, 0x9, 0x0, {[{{@uncond, 0x0, 0x240, 0x280, 0x0, {0x9401}, [@common=@inet=@hashlimit2={{0x150}, {'hsr0\x00', {0x0, 0xb, 0x0, 0x3, 0x0, 0x5, 0x9}}}, @common=@unspec=@limit={{0x48}, {0xfff, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x2}}]}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x8, 0x21, "6bb6778f9bdec125b0fb4f26be757b1e6f2fb8e9079627dc6726c4bc85e9"}}}, {{@ipv6={@private2, @remote, [], [], 'ip6gretap0\x00', 'ip6_vti0\x00'}, 0x0, 0xa8, 0x110}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x511) write$UHID_CREATE2(r3, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r7 = syz_open_dev$hidraw(&(0x7f0000000000), 0x0, 0x81) ioctl$HIDIOCSFEATURE(r7, 0xc0404806, &(0x7f0000000040)) write$UHID_SET_REPORT_REPLY(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="0e00"], 0xc) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r8, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000c00)=ANY=[@ANYBLOB="14000000", @ANYRES16=r9], 0x14}}, 0x0) 942.20195ms ago: executing program 0 (id=1582): bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='inet_sock_set_state\x00', r0}, 0x18) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000800000000000070000000900010073797a30000000007c000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d38001280140001800c000100636f756e7465720004000280200001800e000100636f6e6e6c696d69740000000c000280080001400000000808000340000001"], 0xc4}}, 0x20050890) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYRES64=r1], 0x0}, 0x94) r2 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) newfstatat(0xffffffffffffff9c, 0x0, 0x0, 0x400) socket$inet(0x2, 0x5, 0x0) r4 = socket$igmp6(0xa, 0x3, 0x2) socketpair$unix(0x1, 0x5, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4000) setsockopt$MRT6_DEL_MIF(r4, 0x29, 0xcb, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0, r5}, 0x18) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x18, 0x7, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000e50003000000000085100000fcffffff250000001000000007000000faffffff95"], &(0x7f0000000140)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x4c, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xa}, 0x94) setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f00000010c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x460, 0x280, 0x268, 0x300, 0x280, 0x268, 0x390, 0x460, 0x460, 0x390, 0x460, 0x9, 0x0, {[{{@uncond, 0x0, 0x240, 0x280, 0x0, {0x9401}, [@common=@inet=@hashlimit2={{0x150}, {'hsr0\x00', {0x0, 0xb, 0x0, 0x3, 0x0, 0x5, 0x9}}}, @common=@unspec=@limit={{0x48}, {0xfff, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x2}}]}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x8, 0x21, "6bb6778f9bdec125b0fb4f26be757b1e6f2fb8e9079627dc6726c4bc85e9"}}}, {{@ipv6={@private2, @remote, [], [], 'ip6gretap0\x00', 'ip6_vti0\x00'}, 0x0, 0xa8, 0x110}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x511) write$UHID_CREATE2(r2, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r6 = syz_open_dev$hidraw(&(0x7f0000000000), 0x0, 0x81) ioctl$HIDIOCSFEATURE(r6, 0xc0404806, &(0x7f0000000040)) write$UHID_SET_REPORT_REPLY(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="0e00"], 0xc) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r7, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000c00)=ANY=[@ANYBLOB="14000000", @ANYRES16=r8], 0x14}}, 0x0) 858.562284ms ago: executing program 5 (id=1583): socket$kcm(0xa, 0x922000000003, 0x11) r0 = socket$kcm(0x10, 0x2, 0x4) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_int(r1, 0x29, 0x19, &(0x7f0000000000)=0x94b, 0x4) syz_emit_ethernet(0x6e, &(0x7f0000000100)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2e}, @void, {@ipv6={0x86dd, @icmpv6={0x1, 0x6, '\x00\'$', 0x38, 0x3a, 0xff, @empty, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x500, {0x6, 0x6, ':yE', 0x2, 0x3a, 0x0, @private2={0xfc, 0x2, '\x00', 0x4}, @loopback, [], "8029335287b7a081"}}}}}}}, 0x0) sendmsg$kcm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="48000000140081fb7059ae08060c04000aff0f11000000040011018701546fabca1b4e7d06a6bd7c493872f750375ed08a562af5745e17b8c119418f0f000000d6e74703c48f93b8", 0x48}], 0x1}, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newlink={0x50, 0x10, 0x437, 0x70bd2d, 0x25dfdbfd, {}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x20, 0x2, 0x0, 0x1, [@IFLA_GRE_OFLAGS={0x6, 0x3, 0x81}, @IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_IGNORE_DF={0x5}, @IFLA_GRE_REMOTE={0x8, 0x7, @broadcast}]}}}]}, 0x50}, 0x1, 0x0, 0x0, 0x24000015}, 0x0) setsockopt$IP_VS_SO_SET_EDIT(r2, 0x0, 0x483, &(0x7f0000000640)={0xe5, @local, 0x4e20, 0x3, 'sed\x00', 0x15, 0x9, 0x18}, 0x2c) r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r4 = syz_open_dev$loop(&(0x7f0000000280), 0xffff, 0x14f600) mount$cgroup2(0x0, 0x0, &(0x7f00000005c0), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB]) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='blkio.throttle.io_serviced_recursive\x00', 0x275a, 0x0) ioctl$LOOP_CONFIGURE(r4, 0x4c0a, &(0x7f00000002c0)={r5, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x15, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000251e000000000000000001000000004000000000000800", [0x0, 0x2000000000001]}}) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bind$inet6(0xffffffffffffffff, &(0x7f0000000300)={0xa, 0x2, 0xfffffffc, @empty, 0x80000001}, 0x1c) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) fdatasync(0xffffffffffffffff) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0) signalfd4(r7, &(0x7f0000000080)={[0xe]}, 0x8, 0x800) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r8}, 0x10) r9 = syz_open_dev$usbfs(&(0x7f0000000000), 0x70, 0x103301) ioctl$USBDEVFS_IOCTL(r9, 0xc0105512, &(0x7f0000000200)) perf_event_open$cgroup(&(0x7f0000000200)={0x1, 0x80, 0x3, 0x9, 0x2, 0x7, 0x0, 0x8, 0x10, 0x8, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1d310d44, 0x2, @perf_bp={&(0x7f0000000040), 0x2}, 0x2921, 0xfdd9, 0x80, 0x1, 0x0, 0x2c21, 0x2, 0x0, 0x0, 0x0, 0x1}, r5, 0x7, r5, 0x1) ioctl$LOOP_SET_DIRECT_IO(r4, 0x4c08, 0x0) sendmsg$netlink(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x1}, 0x0) 815.857345ms ago: executing program 4 (id=1584): r0 = syz_io_uring_setup(0x5f4b, &(0x7f0000000100)={0x0, 0x1568, 0x10000, 0x2, 0x285}, &(0x7f0000000040)=0x0, &(0x7f00000000c0)=0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x10, 0x7ffc1ffb}]}) r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{}, &(0x7f0000000180), &(0x7f00000001c0)=r3}, 0x20) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r4}, 0x10) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x2, 0xa3d8, &(0x7f00000005c0)=[{&(0x7f0000000240)="5db5bd", 0x3}], 0x10000000000002a8, 0x8, 0x1, {0x2}}) io_uring_enter(r0, 0x29ab, 0xd480, 0x0, 0x0, 0x0) 764.605308ms ago: executing program 5 (id=1585): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYRESHEX], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x49, &(0x7f00000037c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000a70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c21f664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffaf4ab87b1bfed9fbe586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff90326eea31ae460f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf8714d7bb2366fde41f94290c2a5fdecb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be58770366261a9535c1659dbf17866fb84d4173731efe895ff2e1f5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd91e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27832b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd210819203a513a67da4a571ce585a17a02a210382f14d12ca3c3431ee97471c785a69da7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedda1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a540f0c10ec3a11667290b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad95971030000007d00000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfadfdd708789a20287d58187fbd49fa410632f95a5f622f851c66ee7e30393cd574d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91647b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf06d0000f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe6e7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a1914b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d0104361c37c61a43b5afd865b60d4cae891b73220f17d25979a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c056d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e9613521d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e64701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c617f005ac2d371a95b8adc67ec92d13a4faa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a2689217380400a9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c259d3f28b9ea81232fbef665f6212f875b2a000000000000000000000000000020bd79e41c682139c58ac1deb039a691ad640e12c12fe11d70fe495906f2d5d71778acbd4eee53a3996cb0de84bd2b059d60c0f96a53ea44e0b293865aa68df494f87db976e36ad6c06912244d4c883c4aaa60b4a1392ce0b2f2c519663b4652ff871e0f6dfff9f7d34ecf04be0a58c3d53174b67d1886e34b81ad8c60da56acc64739c3acab24aa8d0ac92d465074f915608b1b60a948bad401b1a7fb3627bbe6c45123ed44bfdf8cc143bdd27e663dc3d0476b8e39becffc429e41f66b1e37ae52aacaff0f1dc8ea70780025072e20586b19127d75fa71577f265c51000000000000000000000000000000000000000000915c2cde78db002a20e370600f56b3803786ffff268fa1782c240a1d3b62bb5c9c5712bc58a0f276f5224b6efaceab36d1468b0800"/3896], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000380)='sys_enter\x00', r2}, 0x18) readahead(0xffffffffffffffff, 0x4, 0x6) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x9d}, 0x18) r3 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0xfc, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x98}, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000001c0)='cpu~00\t&&') r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETOBJ(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="34000000150a03000000000000000000020000000900020073797a3100000000080003"], 0x34}}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x3, 0x1d459d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x183, 0x6}, 0x6025, 0x4005, 0xb, 0x0, 0x1, 0x1, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x80, 0x2, 0x1f9}, &(0x7f0000000000)=0x0, &(0x7f0000000300)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r6, 0x0, &(0x7f0000000040)='./file0\x00', 0x64, 0x183000, 0x12345}) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002) io_uring_enter(r6, 0x47f6, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r11 = socket$nl_netfilter(0x10, 0x3, 0xc) r12 = syz_io_uring_setup(0x1104, &(0x7f0000000300)={0x0, 0x2, 0x80, 0x0, 0x8000021e}, &(0x7f0000000240)=0x0, &(0x7f0000000040)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r13, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) socket$kcm(0x29, 0x5, 0x0) io_uring_enter(r12, 0x47fa, 0x0, 0x0, 0x0, 0x0) sendmsg$NFNL_MSG_CTHELPER_NEW(r9, &(0x7f0000000540)={0x0, 0xfffffffffffffc48, &(0x7f0000000240)={&(0x7f0000000a40)=ANY=[], 0x70}, 0x1, 0x0, 0x0, 0x20040000}, 0x0) sendmsg$IPSET_CMD_GET_BYINDEX(r11, &(0x7f0000000440)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="0f06050000000000000000000200000706000b00ffff000006000b0001000000"], 0x24}}, 0x0) splice(r5, 0x0, r10, 0x0, 0xf3a, 0x0) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r9, 0x84, 0x76, &(0x7f0000000080)={0x0, 0xc39}, &(0x7f00000000c0)=0x8) write$binfmt_script(r10, 0x0, 0xd9) 763.773618ms ago: executing program 4 (id=1586): socket$packet(0x11, 0xa, 0x300) socket$packet(0x11, 0xa, 0x300) socket$packet(0x11, 0xa, 0x300) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00'}, 0x80) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[], 0xa4}}, 0x0) 708.0299ms ago: executing program 4 (id=1587): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000540), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f00000000c0)={'batadv_slave_0\x00', 0x0}) sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f0000000800)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYRES32=r2], 0x30}}, 0x0) 678.863951ms ago: executing program 4 (id=1588): perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000001, 0x10021, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x11, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0xffffff7f) r0 = open$dir(&(0x7f0000000100)='./file0\x00', 0x149a00, 0x11d) io_setup(0x1, &(0x7f0000000b80)=0x0) io_submit(r1, 0x1, &(0x7f0000001d00)=[&(0x7f0000001a80)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}]) openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x2c0042, 0x8a) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r2}, 0x10) r3 = socket(0x10, 0x3, 0x9) sendmsg$NFT_BATCH(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)=ANY=[@ANYBLOB="14000000ea03010000000000000000000a00000a140000001100010000000000000000000200000ab52fb85cf16b9f8c08c148c3aa6c1bc3dcb68c65ea6987c1df1fe4be0ff396a24a8d67112aac986f5c0b0053b8bb548cad3f910000000190f0e2b1afc97789bb9dd6e754850bc182617a76481b40ac1180a4afb4e250f46d040608ae98951ad832b8144fcd776ae08f73215bc5e87eb41aa9aad6e1a331f707afb0430fe89f837be0b4e3a9f7dd3c15c5cde7780f45276077cac644e5defb4772626dcbf1f3e9d233aaf58e84f7c4cad56fde924056d9e6ff60332161e81463778618c7609a75779956217bbda24f4f58a0bfaabc6218be9f7079aad00cb2c109"], 0x28}}, 0x0) bind$inet(r3, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) close(0xffffffffffffffff) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000940)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={0x0, r4, 0x0, 0x10000000000}, 0x18) socket$phonet_pipe(0x23, 0x5, 0x2) syz_genetlink_get_family_id$ethtool(&(0x7f00000006c0), r3) sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(0xffffffffffffffff, &(0x7f00000007c0)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000780)={&(0x7f0000000700)=ANY=[], 0x48}, 0x1, 0x0, 0x0, 0x1}, 0x200408c4) r5 = bpf$MAP_CREATE(0x0, 0x0, 0x48) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2b, &(0x7f0000000380)=0xbf9f, 0x4) sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000280)={0x28, 0x3f7, 0x4, 0x70bd2a, 0x25dfdbfb, {0x7, 0x7, './file0', './file0'}, [""]}, 0x28}, 0x1, 0x0, 0x0, 0x10}, 0x40000) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x18, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000001b80)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3b}, 0x94) 510.790028ms ago: executing program 4 (id=1589): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x1022002, 0x0) r1 = dup(r0) r2 = openat$random(0xffffffffffffff9c, &(0x7f00000000c0), 0x8000, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r5 = signalfd4(0xffffffffffffffff, &(0x7f0000002140)={[0xfffffffffffffff5]}, 0x8, 0x0) readv(r5, &(0x7f0000002940)=[{&(0x7f00000000c0)=""/121, 0x80}, {0x0, 0xe00}], 0x10000000000000fb) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='sched_switch\x00', r4, 0x0, 0x80}, 0x18) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x8943, &(0x7f0000000100)={'syz_tun\x00', @random="f401401000"}) r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r8 = socket(0x400000000010, 0x3, 0x0) r9 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r8, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r10, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r8, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000cc0)=@newtfilter={0x70, 0x2c, 0xd27, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, r10, {0xfff3, 0x7}, {}, {0xa, 0x1}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x40, 0x2, [@TCA_CGROUP_EMATCHES={0x3c, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x6}}, @TCA_EMATCH_TREE_LIST={0x30, 0x2, 0x0, 0x1, [@TCF_EM_IPT={0x2c, 0x1, 0x0, 0x0, {{0xe38, 0x9, 0x4}, [@TCA_EM_IPT_HOOK={0x8, 0x1, 0x1000000}, @TCA_EM_IPT_MATCH_NAME={0xb}, @TCA_EM_IPT_NFPROTO={0x5, 0x4, 0xa}, @TCA_EM_IPT_MATCH_DATA={0x4}]}}]}]}]}}]}, 0x70}, 0x1, 0x0, 0x0, 0x40080}, 0x40010) r11 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r11}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) sendfile(r1, r2, 0x0, 0x8000ffffffff) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x8, 0x4a646, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x0, 0xfffffffffffffff5}, 0x0, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r12 = socket$nl_route(0x10, 0x3, 0x0) r13 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r12, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r14, {0x0, 0xfff3}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{}, [@TCA_NETEM_CORRUPT={0xc, 0x2}]}}}]}, 0x58}}, 0x0) r15 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000000), 0x14000, 0x0) bpf$TOKEN_CREATE(0x24, &(0x7f0000000040)={0x0, r15}, 0x8) 452.180831ms ago: executing program 1 (id=1590): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) mkdir(0x0, 0x18b) mount$bpf(0x200000000000, &(0x7f0000000440)='./file0\x00', 0x0, 0x989046, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r1, 0x0, r0, 0x0, 0x46) close(r0) 445.138402ms ago: executing program 2 (id=1591): r0 = open(&(0x7f0000000400)='./file0\x00', 0x64842, 0x2) pwritev2(r0, &(0x7f0000000240)=[{}], 0x1, 0x7c00, 0x0, 0x3) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x1cb041, 0x8) r2 = dup(r1) sendfile(r2, r0, 0x0, 0x8000fffffffc) 423.058232ms ago: executing program 2 (id=1592): acct(0xfffffffffffffffe) (fail_nth: 3) 422.278062ms ago: executing program 1 (id=1593): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000180)={0x1f, 0xffff, 0x3}, 0x6) io_setup(0x8f0, &(0x7f0000002400)=0x0) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00"/14], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6, 0x2b, 0x81}]}, 0x10) io_submit(r1, 0x1, &(0x7f00000001c0)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r0, &(0x7f0000000040)='\x00\x00\x00\x00\x00\x00', 0x6, 0x0, 0x0, 0x2}]) 384.621194ms ago: executing program 0 (id=1594): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000640)='sched_switch\x00', r1}, 0x18) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r2, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) r3 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r3, &(0x7f0000000180)=[{&(0x7f0000000900)="580000001400192340834b80040d8c560a066e0202ff000000000000000058000b4824ca945f64009400ff03", 0x2c}], 0x1) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001c80)={{r0}, &(0x7f0000001c00), &(0x7f0000001c40)=r1}, 0x20) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', 0x0}) r9 = socket$unix(0x1, 0x2, 0x0) sendmmsg$unix(r9, &(0x7f0000001bc0)=[{{&(0x7f0000000240)=@abs={0x1, 0x0, 0x4e22}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x40100}}], 0x1, 0x2840) sendmsg$nl_route(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x20, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_OIF={0x8, 0x5, r8}]}, 0x20}}, 0x0) sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=@ipv6_newrule={0x24, 0x18, 0x409, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, [@FIB_RULE_POLICY=@FRA_GOTO={0x8, 0x1e, 0x1}]}, 0x24}}, 0x80) sendmsg$nl_route(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=@newlink={0x6c, 0x10, 0x437, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x4c, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x38, 0x2, 0x0, 0x1, [@IFLA_GRE_LOCAL={0x14, 0x6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @IFLA_GRE_REMOTE={0x14, 0x7, @private2}, @IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_LINK={0x8, 0x1, r8}]}}}]}, 0x6c}}, 0x0) r10 = socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="9feb010018000000000000003000000030000000020000000000000001000004ffffffff000000000300000000000000000000000000000203000000000000000000000902"], 0x0, 0x4a}, 0x20) r11 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000380), r10) ioctl$ifreq_SIOCGIFINDEX_wireguard(r10, 0x8933, &(0x7f0000000080)={'wg2\x00', 0x0}) bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0xf}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x4000, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x4e24, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa845942824251d7d17b5191584bcd4fbe40a23424d00", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3}, 0x94) r13 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r13, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) sendmsg$WG_CMD_SET_DEVICE(r10, &(0x7f0000000d40)={0x0, 0x300, &(0x7f0000000d00)={&(0x7f0000000880)=ANY=[@ANYBLOB="2c020000", @ANYRES16=r11, @ANYBLOB="010000000000000000000100000024000300a05ca84f6c9c8e3853e2fd7a70ae0fb20fa152600cb00845174f08076f8d7843e40108804400208024000100000000000100000000000000fdffff01000000000000000000000000000000001400040003000000ac1414bb00000000000000000600050000000000000100802400020073e591ec06154031d3954ac0e16752e72640f08b5281a8461d17d26d12f2bbb6060005000021000024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b39228c00098028000080060001000a0000001400020020010000000000000000000002000001050003000000000088000080060001000a000000140002002001000000f800000000000000000002050003000000001003800080060001008c0e000008000200ac1414aa05000300000000001c000080060001000200000008000200ac1414bb0500030000000000200004000e00000000000000fe800000000000000000000000000000000000009c0000802400020073961633df6dc9cb418b15afd0bae7b90f1e6cfed8bb423cf9285c474163154908000a00010000002400010000000000000000000000000000000000000000000000000000000000000000004800098028000080060001000a00000014000200fe8000000000000000000000000000bb05000300000000001c000080060001000200000008000200000000000500030000000000080005000100000008000100", @ANYRES32=r12], 0x22c}}, 0x0) 364.071555ms ago: executing program 2 (id=1595): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYRESHEX], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x49, &(0x7f00000037c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000a70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c21f664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffaf4ab87b1bfed9fbe586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff90326eea31ae460f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf8714d7bb2366fde41f94290c2a5fdecb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be58770366261a9535c1659dbf17866fb84d4173731efe895ff2e1f5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd91e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27832b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd210819203a513a67da4a571ce585a17a02a210382f14d12ca3c3431ee97471c785a69da7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedda1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a540f0c10ec3a11667290b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad95971030000007d00000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfadfdd708789a20287d58187fbd49fa410632f95a5f622f851c66ee7e30393cd574d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91647b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf06d0000f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe6e7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a1914b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d0104361c37c61a43b5afd865b60d4cae891b73220f17d25979a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c056d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e9613521d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e64701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c617f005ac2d371a95b8adc67ec92d13a4faa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a2689217380400a9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c259d3f28b9ea81232fbef665f6212f875b2a000000000000000000000000000020bd79e41c682139c58ac1deb039a691ad640e12c12fe11d70fe495906f2d5d71778acbd4eee53a3996cb0de84bd2b059d60c0f96a53ea44e0b293865aa68df494f87db976e36ad6c06912244d4c883c4aaa60b4a1392ce0b2f2c519663b4652ff871e0f6dfff9f7d34ecf04be0a58c3d53174b67d1886e34b81ad8c60da56acc64739c3acab24aa8d0ac92d465074f915608b1b60a948bad401b1a7fb3627bbe6c45123ed44bfdf8cc143bdd27e663dc3d0476b8e39becffc429e41f66b1e37ae52aacaff0f1dc8ea70780025072e20586b19127d75fa71577f265c51000000000000000000000000000000000000000000915c2cde78db002a20e370600f56b3803786ffff268fa1782c240a1d3b62bb5c9c5712bc58a0f276f5224b6efaceab36d1468b0800"/3889], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000380)='sys_enter\x00', r2}, 0x18) readahead(0xffffffffffffffff, 0x4, 0x6) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x9d}, 0x18) r3 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0xfc, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x98}, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000001c0)='cpu~00\t&&') r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETOBJ(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="34000000150a03000000000000000000020000000900020073797a3100000000080003"], 0x34}}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x3, 0x1d459d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x183, 0x6}, 0x6025, 0x4005, 0xb, 0x0, 0x1, 0x1, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x80, 0x2, 0x1f9}, &(0x7f0000000000)=0x0, &(0x7f0000000300)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r6, 0x0, &(0x7f0000000040)='./file0\x00', 0x64, 0x183000, 0x12345}) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002) io_uring_enter(r6, 0x47f6, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r11 = socket$nl_netfilter(0x10, 0x3, 0xc) r12 = syz_io_uring_setup(0x1104, &(0x7f0000000300)={0x0, 0x2, 0x80, 0x0, 0x8000021e}, &(0x7f0000000240)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r13, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) r15 = socket$kcm(0x29, 0x5, 0x0) syz_io_uring_submit(r13, r14, &(0x7f0000000380)=@IORING_OP_CONNECT={0x10, 0x4, 0x0, r15, 0x80, &(0x7f0000000280)=@isdn={0x22, 0x40, 0xa, 0x8}, 0x0, 0x0, 0x1}) io_uring_enter(r12, 0x47fa, 0x0, 0x0, 0x0, 0x0) sendmsg$NFNL_MSG_CTHELPER_NEW(r9, &(0x7f0000000540)={0x0, 0xfffffffffffffc48, &(0x7f0000000240)={&(0x7f0000000a40)=ANY=[], 0x70}, 0x1, 0x0, 0x0, 0x20040000}, 0x0) sendmsg$IPSET_CMD_GET_BYINDEX(r11, &(0x7f0000000440)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="0f06050000000000000000000200000706000b00ffff000006000b0001000000"], 0x24}}, 0x0) splice(r5, 0x0, r10, 0x0, 0xf3a, 0x0) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r9, 0x84, 0x76, &(0x7f0000000080)={0x0, 0xc39}, &(0x7f00000000c0)=0x8) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r10, 0x84, 0x9, &(0x7f0000000100)={r16, @in={{0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x39}}}, 0x80000000, 0x9, 0x9, 0xfff, 0x9, 0x3, 0x81}, 0x9c) write$binfmt_script(r10, 0x0, 0xd9) 113.016566ms ago: executing program 1 (id=1596): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000007c0)={{r0}, &(0x7f0000000740), &(0x7f0000000780)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0x22c7, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0xfffffead, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000088500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000025c0)='fib6_table_lookup\x00', r3}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, &(0x7f0000000100), 0x0, 0xfe, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6_vti0\x00', 0x200}) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)) perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x157, 0x0, 0xfff, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f00000002c0)='kfree\x00', r1, 0x0, 0x2}, 0x18) r4 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01) ioctl$USBDEVFS_DISCONNECT_CLAIM(r4, 0x8108551b, &(0x7f0000000140)={0x0, 0x2, "9a96944a5e6a8e8b9a61fd102c2bf04c688d7ddf41d61d869cda17d692990b6d05c7b559aeaf3180ba4095a5786bfd130e6118a2cd9b95d40448502d3b4cf5e9569c00998dcdb4e976f6368ea17bc56c463b9a909c8da23befb494e91c96066d8ff0cfbee66853696640d1d9c40e076276d68a1d5c3ab1941417d0b07c649e54ea9d78e5f06b072de9912b7e548c35e3f20180b3d71cc783252131b984e559126f72fc35137bc368571509b819bdf8645581bac4233ed104e2381e0760e479a9f0821e3acfa31d8ef625fcdabb9515e71a88fcaee1c18e39cca29ae42c227d2013ccc7627dd55ed98410ae506ac910fbd68688f797f9206542e6683f4374d9b1"}) ioctl$USBDEVFS_SETINTERFACE(r4, 0x80085504, &(0x7f0000000080)={0x0, 0x7ff}) ioctl$USBDEVFS_CLAIM_PORT(r4, 0x80045518, &(0x7f0000000040)=0x4) r5 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_FEATURES_SET(r5, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000000580)={0x0, 0x30}}, 0x8084) 0s ago: executing program 1 (id=1597): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000000)={0x500, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB], 0x78}}, 0x0) bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) open(&(0x7f0000000280)='.\x00', 0x2000, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r2) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r3}, &(0x7f0000000200), &(0x7f0000000240)=r4}, 0x20) bpf$PROG_LOAD(0x5, 0x0, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=']) r5 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r5, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @local}, 0xc) r6 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r6, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000040)="2e00000011008188040f80ec59acbc0413a1f8480b0000005e140602000000000e0027001000000002800000121f", 0x2e}], 0x1}, 0x0) kernel console output (not intermixed with test programs): lecting invalid altsetting 2047 [ 58.272752][ T4886] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 58.278208][ T3419] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0 [ 58.292246][ T3419] hid-generic 0000:0000:0000.0012: hidraw0: HID v0.00 Device [syz1] on syz0 [ 58.342402][ T4886] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 58.391059][ T4886] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 58.432458][ T4886] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 58.453961][ T4889] Cannot find add_set index 0 as target [ 58.461977][ T3406] hid-generic 0000:86010001:0006.0013: unknown main item tag 0x0 [ 58.485263][ T49] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.501440][ T49] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.514254][ T49] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.524008][ T49] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.563547][ T4891] __nla_validate_parse: 7 callbacks suppressed [ 58.563565][ T4891] netlink: 4 bytes leftover after parsing attributes in process `syz.3.493'. [ 58.581713][ T4891] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 58.768826][ T4904] usb usb8: selecting invalid altsetting 2047 [ 58.819002][ T4906] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=4906 comm=syz.2.498 [ 59.053620][ T29] kauditd_printk_skb: 100 callbacks suppressed [ 59.053645][ T29] audit: type=1326 audit(1764359542.674:990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4922 comm="syz.3.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7dd883f749 code=0x7ffc0000 [ 59.098472][ T29] audit: type=1326 audit(1764359542.694:991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4922 comm="syz.3.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=12 compat=0 ip=0x7f7dd883f749 code=0x7ffc0000 [ 59.121852][ T29] audit: type=1326 audit(1764359542.694:992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4922 comm="syz.3.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7dd883f749 code=0x7ffc0000 [ 59.128573][ T3406] hid-generic 0000:86010001:0006.0013: hidraw1: HID v69662f.2e Device [syz1] on syz0 [ 59.145346][ T29] audit: type=1326 audit(1764359542.694:993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4922 comm="syz.3.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7f7dd883f749 code=0x7ffc0000 [ 59.179256][ T29] audit: type=1326 audit(1764359542.694:994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4922 comm="syz.3.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7dd883f749 code=0x7ffc0000 [ 59.203187][ T29] audit: type=1326 audit(1764359542.694:995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4922 comm="syz.3.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f7dd883f749 code=0x7ffc0000 [ 59.226941][ T29] audit: type=1326 audit(1764359542.694:996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4922 comm="syz.3.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7dd883f749 code=0x7ffc0000 [ 59.250766][ T29] audit: type=1326 audit(1764359542.694:997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4922 comm="syz.3.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=260 compat=0 ip=0x7f7dd883f749 code=0x7ffc0000 [ 59.274265][ T29] audit: type=1326 audit(1764359542.694:998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4922 comm="syz.3.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7dd883f749 code=0x7ffc0000 [ 59.297695][ T29] audit: type=1326 audit(1764359542.704:999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4922 comm="syz.3.505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7dd883f749 code=0x7ffc0000 [ 59.595507][ T4953] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=4953 comm=syz.1.513 [ 59.780175][ T3451] bridge_slave_1: left allmulticast mode [ 59.785893][ T3451] bridge_slave_1: left promiscuous mode [ 59.791643][ T3451] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.805901][ T3451] bridge_slave_0: left allmulticast mode [ 59.811726][ T3451] bridge_slave_0: left promiscuous mode [ 59.817531][ T3451] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.882185][ T3419] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 59.890426][ T3419] hid-generic 0000:0000:0000.0014: hidraw0: HID v0.00 Device [syz1] on syz0 [ 59.900374][ T3451] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 59.910870][ T3451] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 59.920111][ T3451] bond0 (unregistering): Released all slaves [ 59.933321][ T4939] chnl_net:caif_netlink_parms(): no params data found [ 59.986998][ T3451] hsr_slave_0: left promiscuous mode [ 60.000806][ T3451] hsr_slave_1: left promiscuous mode [ 60.006518][ T3451] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 60.099500][ T3451] team0 (unregistering): Port device team_slave_1 removed [ 60.121384][ T3451] team0 (unregistering): Port device team_slave_0 removed [ 60.219487][ T4939] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.226680][ T4939] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.234222][ T4939] bridge_slave_0: entered allmulticast mode [ 60.240868][ T4939] bridge_slave_0: entered promiscuous mode [ 60.248143][ T4939] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.255235][ T4939] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.262545][ T4939] bridge_slave_1: entered allmulticast mode [ 60.269468][ T4939] bridge_slave_1: entered promiscuous mode [ 60.292220][ T4939] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.302691][ T4939] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.322902][ T4939] team0: Port device team_slave_0 added [ 60.329489][ T4939] team0: Port device team_slave_1 added [ 60.343973][ T4939] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 60.351247][ T4939] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 60.377268][ T4939] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 60.388746][ T4939] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 60.395877][ T4939] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 60.421841][ T4939] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 60.446821][ T4939] hsr_slave_0: entered promiscuous mode [ 60.453165][ T4939] hsr_slave_1: entered promiscuous mode [ 60.511905][ T4939] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 60.520667][ T4939] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 60.529396][ T4939] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 60.538327][ T4939] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 60.577082][ T4939] 8021q: adding VLAN 0 to HW filter on device bond0 [ 60.591589][ T4939] 8021q: adding VLAN 0 to HW filter on device team0 [ 60.601684][ T3451] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.608786][ T3451] bridge0: port 1(bridge_slave_0) entered forwarding state [ 60.627427][ T31] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.634513][ T31] bridge0: port 2(bridge_slave_1) entered forwarding state [ 60.749711][ T4992] Cannot find del_set index 3 as target [ 60.777345][ T3419] hid-generic 0000:86010001:0006.0015: unknown main item tag 0x0 [ 60.806343][ T3419] hid-generic 0000:86010001:0006.0015: hidraw0: HID v69662f.2e Device [syz1] on syz0 [ 60.830411][ T4939] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 60.946522][ T5019] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5019 comm=syz.1.523 [ 60.999641][ T4939] veth0_vlan: entered promiscuous mode [ 61.009086][ T4939] veth1_vlan: entered promiscuous mode [ 61.041360][ T4939] veth0_macvtap: entered promiscuous mode [ 61.051536][ T4939] veth1_macvtap: entered promiscuous mode [ 61.080851][ T4939] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 61.091329][ T4939] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 61.115111][ T31] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.142784][ T31] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.153167][ T31] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.193601][ T3451] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.570919][ T5052] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5052 comm=syz.0.531 [ 61.591393][ T5054] usb usb8: selecting invalid altsetting 2047 [ 61.676136][ T5069] FAULT_INJECTION: forcing a failure. [ 61.676136][ T5069] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 61.689345][ T5069] CPU: 1 UID: 0 PID: 5069 Comm: syz.4.538 Not tainted syzkaller #0 PREEMPT(voluntary) [ 61.689367][ T5069] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 61.689376][ T5069] Call Trace: [ 61.689381][ T5069] [ 61.689388][ T5069] __dump_stack+0x1d/0x30 [ 61.689407][ T5069] dump_stack_lvl+0xe8/0x140 [ 61.689435][ T5069] dump_stack+0x15/0x1b [ 61.689450][ T5069] should_fail_ex+0x265/0x280 [ 61.689544][ T5069] should_fail+0xb/0x20 [ 61.689599][ T5069] should_fail_usercopy+0x1a/0x20 [ 61.689615][ T5069] _copy_from_iter+0xd2/0xe80 [ 61.689630][ T5069] ? __build_skb_around+0x1ab/0x200 [ 61.689653][ T5069] ? __alloc_skb+0x223/0x320 [ 61.689668][ T5069] netlink_sendmsg+0x471/0x6b0 [ 61.689679][ T5069] ? __pfx_netlink_sendmsg+0x10/0x10 [ 61.689711][ T5069] __sock_sendmsg+0x145/0x180 [ 61.689724][ T5069] ____sys_sendmsg+0x31e/0x4e0 [ 61.689735][ T5069] ___sys_sendmsg+0x17b/0x1d0 [ 61.689751][ T5069] __x64_sys_sendmsg+0xd4/0x160 [ 61.689763][ T5069] x64_sys_call+0x191e/0x3000 [ 61.689778][ T5069] do_syscall_64+0xd2/0x200 [ 61.689857][ T5069] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 61.689885][ T5069] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 61.689899][ T5069] RIP: 0033:0x7f729d6cf749 [ 61.689925][ T5069] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 61.689936][ T5069] RSP: 002b:00007f729c12f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 61.689979][ T5069] RAX: ffffffffffffffda RBX: 00007f729d925fa0 RCX: 00007f729d6cf749 [ 61.689987][ T5069] RDX: 0000000000000000 RSI: 0000200000001200 RDI: 0000000000000004 [ 61.689995][ T5069] RBP: 00007f729c12f090 R08: 0000000000000000 R09: 0000000000000000 [ 61.690002][ T5069] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 61.690010][ T5069] R13: 00007f729d926038 R14: 00007f729d925fa0 R15: 00007ffd30599848 [ 61.690023][ T5069] [ 62.286687][ T5086] usb usb8: selecting invalid altsetting 2047 [ 62.586282][ T5102] netlink: 4 bytes leftover after parsing attributes in process `syz.1.553'. [ 62.595123][ T5102] netlink: 4 bytes leftover after parsing attributes in process `syz.1.553'. [ 62.604268][ T5102] netlink: 4 bytes leftover after parsing attributes in process `syz.1.553'. [ 62.632022][ T5102] netlink: 4 bytes leftover after parsing attributes in process `syz.1.553'. [ 62.640925][ T5102] netlink: 4 bytes leftover after parsing attributes in process `syz.1.553'. [ 62.650095][ T5102] netlink: 4 bytes leftover after parsing attributes in process `syz.1.553'. [ 62.675332][ T5102] netlink: 4 bytes leftover after parsing attributes in process `syz.1.553'. [ 62.684408][ T5102] netlink: 4 bytes leftover after parsing attributes in process `syz.1.553'. [ 62.693707][ T5102] netlink: 4 bytes leftover after parsing attributes in process `syz.1.553'. [ 63.449615][ T3421] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 63.457571][ T3421] hid-generic 0000:0000:0000.0016: hidraw0: HID v0.00 Device [syz1] on syz0 [ 63.693137][ T5188] usb usb8: selecting invalid altsetting 2047 [ 63.702951][ T3421] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 64.238586][ T3421] hid-generic 0000:0000:0000.0017: hidraw0: HID v0.00 Device [syz1] on syz0 [ 64.315610][ T29] kauditd_printk_skb: 128 callbacks suppressed [ 64.315626][ T29] audit: type=1326 audit(1764359547.934:1128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5228 comm="syz.5.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff71d5f749 code=0x7ffc0000 [ 64.346090][ T29] audit: type=1326 audit(1764359547.934:1129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5228 comm="syz.5.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff71d5f749 code=0x7ffc0000 [ 64.369660][ T29] audit: type=1326 audit(1764359547.934:1130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5228 comm="syz.5.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=127 compat=0 ip=0x7eff71d5f749 code=0x7ffc0000 [ 64.393165][ T29] audit: type=1326 audit(1764359547.934:1131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5228 comm="syz.5.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff71d5f749 code=0x7ffc0000 [ 64.699610][ T5249] netlink: 'syz.5.607': attribute type 1 has an invalid length. [ 64.710940][ T5249] netlink: 224 bytes leftover after parsing attributes in process `syz.5.607'. [ 64.735598][ T29] audit: type=1400 audit(1764359548.354:1132): avc: denied { connect } for pid=5252 comm="syz.5.609" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 64.804350][ T5260] usb usb8: selecting invalid altsetting 2047 [ 64.822558][ T3386] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 64.837671][ T3386] hid-generic 0000:0000:0000.0018: hidraw0: HID v0.00 Device [syz1] on syz0 [ 64.946630][ T5270] x_tables: duplicate underflow at hook 1 [ 64.955786][ T29] audit: type=1400 audit(1764359548.574:1133): avc: denied { write } for pid=5269 comm="syz.2.617" name="snmp" dev="proc" ino=4026532659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 65.037639][ T5272] netlink: 4356 bytes leftover after parsing attributes in process `syz.0.616'. [ 65.167278][ T5279] netlink: 'syz.0.619': attribute type 1 has an invalid length. [ 65.175159][ T5279] netlink: 224 bytes leftover after parsing attributes in process `syz.0.619'. [ 65.321395][ T5286] Cannot find del_set index 3 as target [ 65.329645][ T5287] netlink: 'syz.0.632': attribute type 1 has an invalid length. [ 65.383679][ T5292] usb usb8: selecting invalid altsetting 2047 [ 65.396985][ T5287] netlink: 224 bytes leftover after parsing attributes in process `syz.0.632'. [ 65.478069][ T5294] netlink: 12 bytes leftover after parsing attributes in process `syz.1.625'. [ 65.720394][ T5307] netlink: 4356 bytes leftover after parsing attributes in process `syz.5.629'. [ 65.846465][ T36] hid-generic 0000:0000:0000.0019: unknown main item tag 0x0 [ 65.856757][ T36] hid-generic 0000:0000:0000.0019: hidraw0: HID v0.00 Device [syz1] on syz0 [ 65.940697][ T5317] usb usb8: selecting invalid altsetting 2047 [ 65.953118][ T5319] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5319 comm=syz.5.637 [ 66.061594][ T5327] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5327 comm=syz.5.650 [ 66.234703][ T3370] hid-generic 0000:0000:0000.001A: unknown main item tag 0x0 [ 66.318130][ T5334] FAULT_INJECTION: forcing a failure. [ 66.318130][ T5334] name failslab, interval 1, probability 0, space 0, times 0 [ 66.324180][ T29] audit: type=1326 audit(1764359549.944:1134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5333 comm="syz.4.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f729d6cf749 code=0x7ffc0000 [ 66.330938][ T5334] CPU: 0 UID: 0 PID: 5334 Comm: syz.4.643 Not tainted syzkaller #0 PREEMPT(voluntary) [ 66.330965][ T5334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 66.330976][ T5334] Call Trace: [ 66.330984][ T5334] [ 66.330993][ T5334] __dump_stack+0x1d/0x30 [ 66.331061][ T5334] dump_stack_lvl+0xe8/0x140 [ 66.331140][ T5334] dump_stack+0x15/0x1b [ 66.331157][ T5334] should_fail_ex+0x265/0x280 [ 66.331176][ T5334] should_failslab+0x8c/0xb0 [ 66.331259][ T5334] kmem_cache_alloc_node_noprof+0x57/0x4a0 [ 66.331309][ T5334] ? __alloc_skb+0x101/0x320 [ 66.331337][ T5334] __alloc_skb+0x101/0x320 [ 66.331382][ T5334] ? audit_log_start+0x342/0x720 [ 66.331403][ T5334] audit_log_start+0x3a0/0x720 [ 66.331490][ T5334] ? kstrtouint+0x76/0xc0 [ 66.331583][ T5334] audit_seccomp+0x48/0x100 [ 66.331612][ T5334] ? __seccomp_filter+0x82d/0x1250 [ 66.331637][ T5334] __seccomp_filter+0x83e/0x1250 [ 66.331678][ T5334] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 66.331734][ T5334] ? vfs_write+0x7e8/0x960 [ 66.331816][ T5334] ? __rcu_read_unlock+0x4f/0x70 [ 66.331841][ T5334] ? __fget_files+0x184/0x1c0 [ 66.331869][ T5334] __secure_computing+0x82/0x150 [ 66.331935][ T5334] syscall_trace_enter+0xcf/0x1e0 [ 66.331962][ T5334] do_syscall_64+0xac/0x200 [ 66.332021][ T5334] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 66.332107][ T5334] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 66.332128][ T5334] RIP: 0033:0x7f729d6cf749 [ 66.332144][ T5334] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 66.332161][ T5334] RSP: 002b:00007f729c12f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000104 [ 66.332197][ T5334] RAX: ffffffffffffffda RBX: 00007f729d925fa0 RCX: 00007f729d6cf749 [ 66.332209][ T5334] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000006 [ 66.332222][ T5334] RBP: 00007f729c12f090 R08: 0000000000001000 R09: 0000000000000000 [ 66.332277][ T5334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 66.332288][ T5334] R13: 00007f729d926038 R14: 00007f729d925fa0 R15: 00007ffd30599848 [ 66.332307][ T5334] [ 66.332333][ T5334] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64 [ 66.354360][ T29] audit: type=1326 audit(1764359549.944:1135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5333 comm="syz.4.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f729d6cdf90 code=0x7ffc0000 [ 66.364175][ T5334] audit: out of memory in audit_log_start [ 66.579679][ T5341] netlink: 4356 bytes leftover after parsing attributes in process `syz.1.645'. [ 66.639471][ T3370] hid-generic 0000:0000:0000.001A: hidraw1: HID v0.00 Device [syz1] on syz0 [ 66.716011][ T5349] usb usb8: selecting invalid altsetting 2047 [ 66.816667][ T5369] netlink: 'syz.5.657': attribute type 39 has an invalid length. [ 66.825194][ T5371] netlink: 12 bytes leftover after parsing attributes in process `syz.0.653'. [ 66.971664][ T3421] hid-generic 0000:0000:0000.001B: unknown main item tag 0x0 [ 66.980296][ T3421] hid-generic 0000:0000:0000.001B: hidraw0: HID v0.00 Device [syz1] on syz0 [ 66.993499][ T5387] Cannot find del_set index 3 as target [ 67.239045][ T3421] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0 [ 67.692156][ T5411] netlink: 'syz.5.670': attribute type 39 has an invalid length. [ 67.747329][ T3421] hid-generic 0000:0000:0000.001C: hidraw1: HID v0.00 Device [syz1] on syz0 [ 67.871194][ T5425] netlink: 'syz.1.675': attribute type 39 has an invalid length. [ 67.900391][ T5429] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5429 comm=syz.0.678 [ 68.010513][ T5439] usb usb8: usbfs: process 5439 (syz.2.682) did not claim interface 0 before use [ 68.079369][ T3421] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0 [ 68.087675][ T3421] hid-generic 0000:0000:0000.001D: hidraw0: HID v0.00 Device [syz1] on syz0 [ 68.352170][ T5465] netlink: 'syz.5.689': attribute type 39 has an invalid length. [ 68.574378][ T3421] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0 [ 68.591628][ T5476] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5476 comm=syz.5.694 [ 68.864355][ T3421] hid-generic 0000:0000:0000.001E: hidraw1: HID v0.00 Device [syz1] on syz0 [ 69.273182][ T5500] usb usb8: usbfs: process 5500 (syz.4.701) did not claim interface 0 before use [ 69.308188][ T5512] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5512 comm=syz.5.705 [ 69.632479][ T3370] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0 [ 69.640675][ T3370] hid-generic 0000:0000:0000.001F: hidraw0: HID v0.00 Device [syz1] on syz0 [ 69.700176][ T5533] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5533 comm=syz.5.714 [ 69.734368][ T5533] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5533 comm=syz.5.714 [ 69.789619][ T3421] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0 [ 69.810522][ T3421] hid-generic 0000:0000:0000.0020: hidraw1: HID v0.00 Device [syz1] on syz0 [ 70.033954][ T29] kauditd_printk_skb: 238 callbacks suppressed [ 70.033972][ T29] audit: type=1326 audit(1764359553.654:1374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5543 comm="syz.1.717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4920cbf749 code=0x7ffc0000 [ 70.064443][ T29] audit: type=1326 audit(1764359553.654:1375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5543 comm="syz.1.717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4920cbf749 code=0x7ffc0000 [ 70.088025][ T29] audit: type=1326 audit(1764359553.654:1376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5543 comm="syz.1.717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4920cbf749 code=0x7ffc0000 [ 70.111714][ T29] audit: type=1326 audit(1764359553.654:1377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5543 comm="syz.1.717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4920cbf749 code=0x7ffc0000 [ 70.135161][ T29] audit: type=1326 audit(1764359553.654:1378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5543 comm="syz.1.717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4920cbf749 code=0x7ffc0000 [ 70.158617][ T29] audit: type=1326 audit(1764359553.654:1379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5543 comm="syz.1.717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=459 compat=0 ip=0x7f4920cbf749 code=0x7ffc0000 [ 70.182096][ T29] audit: type=1326 audit(1764359553.654:1380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5543 comm="syz.1.717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4920cbf749 code=0x7ffc0000 [ 70.205416][ T29] audit: type=1326 audit(1764359553.684:1381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5543 comm="syz.1.717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4920cbf749 code=0x7ffc0000 [ 70.259757][ T29] audit: type=1400 audit(1764359553.714:1382): avc: denied { mount } for pid=5545 comm="syz.4.718" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1 [ 70.281892][ T29] audit: type=1400 audit(1764359553.874:1383): avc: denied { unmount } for pid=3317 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1 [ 70.330209][ T5552] netlink: 12 bytes leftover after parsing attributes in process `syz.1.720'. [ 70.572769][ T5565] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5565 comm=syz.0.725 [ 70.586961][ T5565] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5565 comm=syz.0.725 [ 70.666656][ T5572] usb usb8: usbfs: process 5572 (syz.2.728) did not claim interface 0 before use [ 70.841708][ T5582] veth0: entered promiscuous mode [ 70.869271][ T5582] FAULT_INJECTION: forcing a failure. [ 70.869271][ T5582] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 70.882653][ T5582] CPU: 0 UID: 0 PID: 5582 Comm: syz.5.732 Not tainted syzkaller #0 PREEMPT(voluntary) [ 70.882682][ T5582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 70.882722][ T5582] Call Trace: [ 70.882729][ T5582] [ 70.882738][ T5582] __dump_stack+0x1d/0x30 [ 70.882763][ T5582] dump_stack_lvl+0xe8/0x140 [ 70.882785][ T5582] dump_stack+0x15/0x1b [ 70.882876][ T5582] should_fail_ex+0x265/0x280 [ 70.882898][ T5582] should_fail+0xb/0x20 [ 70.882914][ T5582] should_fail_usercopy+0x1a/0x20 [ 70.882934][ T5582] _copy_from_user+0x1c/0xb0 [ 70.883000][ T5582] packet_setsockopt+0x76e/0xfd0 [ 70.883034][ T5582] ? __pfx_packet_setsockopt+0x10/0x10 [ 70.883163][ T5582] __sys_setsockopt+0x184/0x200 [ 70.883198][ T5582] __x64_sys_setsockopt+0x64/0x80 [ 70.883288][ T5582] x64_sys_call+0x20ec/0x3000 [ 70.883310][ T5582] do_syscall_64+0xd2/0x200 [ 70.883332][ T5582] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 70.883361][ T5582] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 70.883410][ T5582] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.883502][ T5582] RIP: 0033:0x7eff71d5f749 [ 70.883518][ T5582] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 70.883535][ T5582] RSP: 002b:00007eff707c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 70.883557][ T5582] RAX: ffffffffffffffda RBX: 00007eff71fb5fa0 RCX: 00007eff71d5f749 [ 70.883571][ T5582] RDX: 0000000000000001 RSI: 0000000000000107 RDI: 0000000000000003 [ 70.883584][ T5582] RBP: 00007eff707c7090 R08: 0000000000000010 R09: 0000000000000000 [ 70.883656][ T5582] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001 [ 70.883667][ T5582] R13: 00007eff71fb6038 R14: 00007eff71fb5fa0 R15: 00007fff02725d18 [ 70.883686][ T5582] [ 71.079327][ T3419] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0 [ 71.152640][ T3419] hid-generic 0000:0000:0000.0021: hidraw0: HID v0.00 Device [syz1] on syz0 [ 71.347697][ T5581] veth0: left promiscuous mode [ 71.444837][ T3419] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0 [ 71.677224][ T3419] hid-generic 0000:0000:0000.0022: hidraw1: HID v0.00 Device [syz1] on syz0 [ 71.969548][ T5610] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5610 comm=syz.5.740 [ 72.013330][ T5610] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5610 comm=syz.5.740 [ 72.144945][ T5624] netlink: 'syz.0.746': attribute type 1 has an invalid length. [ 72.153446][ T5624] netlink: 224 bytes leftover after parsing attributes in process `syz.0.746'. [ 72.281055][ T5628] usb usb8: usbfs: process 5628 (syz.1.748) did not claim interface 0 before use [ 72.446513][ T5638] usb usb8: usbfs: process 5638 (syz.4.753) did not claim interface 0 before use [ 72.502417][ T3421] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0 [ 72.512189][ T3421] hid-generic 0000:0000:0000.0023: hidraw0: HID v0.00 Device [syz1] on syz0 [ 72.906846][ T5648] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5648 comm=syz.2.756 [ 73.086597][ T5655] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5655 comm=syz.2.758 [ 73.102666][ T5655] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5655 comm=syz.2.758 [ 73.571474][ T5676] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5676 comm=syz.5.767 [ 73.763644][ T5687] usb usb8: usbfs: process 5687 (syz.1.770) did not claim interface 0 before use [ 73.827395][ T3421] hid-generic 0000:0000:0000.0024: unknown main item tag 0x0 [ 73.866524][ T3421] hid-generic 0000:0000:0000.0024: hidraw0: HID v0.00 Device [syz1] on syz0 [ 73.900595][ T3421] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0 [ 73.909847][ T3370] hid-generic 0000:0000:0000.0026: unknown main item tag 0x0 [ 73.928982][ T3370] hid-generic 0000:0000:0000.0026: hidraw1: HID v0.00 Device [syz1] on syz0 [ 73.941158][ T3421] hid-generic 0000:0000:0000.0025: hidraw2: HID v0.00 Device [syz1] on syz0 [ 74.706525][ T5710] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5710 comm=syz.2.779 [ 75.105681][ T5732] FAULT_INJECTION: forcing a failure. [ 75.105681][ T5732] name failslab, interval 1, probability 0, space 0, times 0 [ 75.118392][ T5732] CPU: 0 UID: 0 PID: 5732 Comm: syz.4.786 Not tainted syzkaller #0 PREEMPT(voluntary) [ 75.118418][ T5732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 75.118428][ T5732] Call Trace: [ 75.118435][ T5732] [ 75.118443][ T5732] __dump_stack+0x1d/0x30 [ 75.118480][ T5732] dump_stack_lvl+0xe8/0x140 [ 75.118498][ T5732] dump_stack+0x15/0x1b [ 75.118513][ T5732] should_fail_ex+0x265/0x280 [ 75.118535][ T5732] should_failslab+0x8c/0xb0 [ 75.118604][ T5732] __kvmalloc_node_noprof+0x12e/0x670 [ 75.118632][ T5732] ? xt_alloc_entry_offsets+0x4d/0x60 [ 75.118738][ T5732] xt_alloc_entry_offsets+0x4d/0x60 [ 75.118771][ T5732] translate_table+0xa9/0xf90 [ 75.118794][ T5732] ? __rcu_read_unlock+0x4f/0x70 [ 75.118821][ T5732] ? __memcg_slab_post_alloc_hook+0x44c/0x580 [ 75.118851][ T5732] ? should_fail_ex+0xdb/0x280 [ 75.118874][ T5732] ? _copy_from_user+0x89/0xb0 [ 75.118904][ T5732] do_ipt_set_ctl+0x66f/0x820 [ 75.118927][ T5732] ? lock_sock_nested+0x112/0x140 [ 75.118962][ T5732] nf_setsockopt+0x199/0x1b0 [ 75.119026][ T5732] ip_setsockopt+0x102/0x110 [ 75.119147][ T5732] udp_setsockopt+0x99/0xb0 [ 75.119181][ T5732] sock_common_setsockopt+0x69/0x80 [ 75.119204][ T5732] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 75.119226][ T5732] __sys_setsockopt+0x184/0x200 [ 75.119312][ T5732] __x64_sys_setsockopt+0x64/0x80 [ 75.119349][ T5732] x64_sys_call+0x20ec/0x3000 [ 75.119371][ T5732] do_syscall_64+0xd2/0x200 [ 75.119404][ T5732] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 75.119431][ T5732] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 75.119460][ T5732] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.119561][ T5732] RIP: 0033:0x7f729d6cf749 [ 75.119578][ T5732] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 75.119594][ T5732] RSP: 002b:00007f729c0ed038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 75.119618][ T5732] RAX: ffffffffffffffda RBX: 00007f729d926180 RCX: 00007f729d6cf749 [ 75.119633][ T5732] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000006 [ 75.119669][ T5732] RBP: 00007f729c0ed090 R08: 0000000000000548 R09: 0000000000000000 [ 75.119681][ T5732] R10: 0000200000000fc0 R11: 0000000000000246 R12: 0000000000000001 [ 75.119692][ T5732] R13: 00007f729d926218 R14: 00007f729d926180 R15: 00007ffd30599848 [ 75.119709][ T5732] [ 75.477317][ T29] kauditd_printk_skb: 168 callbacks suppressed [ 75.477337][ T29] audit: type=1326 audit(1764359559.094:1552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5736 comm="syz.1.789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4920cbf749 code=0x7ffc0000 [ 75.551155][ T5737] netlink: 'syz.1.789': attribute type 1 has an invalid length. [ 75.558985][ T5737] netlink: 'syz.1.789': attribute type 6 has an invalid length. [ 75.566830][ T5737] netlink: 'syz.1.789': attribute type 3 has an invalid length. [ 75.574499][ T5737] netlink: 24 bytes leftover after parsing attributes in process `syz.1.789'. [ 75.717525][ T29] audit: type=1326 audit(1764359559.134:1553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5736 comm="syz.1.789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4920cbf749 code=0x7ffc0000 [ 75.741182][ T29] audit: type=1326 audit(1764359559.134:1554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5736 comm="syz.1.789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4920cbf749 code=0x7ffc0000 [ 75.764590][ T29] audit: type=1326 audit(1764359559.134:1556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5736 comm="syz.1.789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4920cbf749 code=0x7ffc0000 [ 75.788363][ T29] audit: type=1326 audit(1764359559.134:1555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5736 comm="syz.1.789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4920cbf749 code=0x7ffc0000 [ 75.812135][ T29] audit: type=1326 audit(1764359559.144:1557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5736 comm="syz.1.789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4920cbf749 code=0x7ffc0000 [ 75.835817][ T29] audit: type=1326 audit(1764359559.144:1558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5736 comm="syz.1.789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4920cbf749 code=0x7ffc0000 [ 75.859499][ T29] audit: type=1326 audit(1764359559.154:1559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5736 comm="syz.1.789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4920cbf749 code=0x7ffc0000 [ 75.883024][ T29] audit: type=1326 audit(1764359559.154:1561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5736 comm="syz.1.789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f4920cbf749 code=0x7ffc0000 [ 75.906601][ T29] audit: type=1326 audit(1764359559.154:1560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5736 comm="syz.1.789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4920cbf749 code=0x7ffc0000 [ 75.930748][ T3421] hid-generic 0000:0000:0000.0027: unknown main item tag 0x0 [ 75.957727][ T3421] hid-generic 0000:0000:0000.0027: hidraw0: HID v0.00 Device [syz1] on syz0 [ 75.969285][ T5746] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5746 comm=syz.4.793 [ 76.048054][ T5748] netlink: 'syz.2.794': attribute type 1 has an invalid length. [ 76.059323][ T5748] netlink: 224 bytes leftover after parsing attributes in process `syz.2.794'. [ 76.163023][ T5750] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5750 comm=syz.4.795 [ 76.240058][ T5762] FAULT_INJECTION: forcing a failure. [ 76.240058][ T5762] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 76.250273][ T5760] netlink: 'syz.1.799': attribute type 39 has an invalid length. [ 76.253537][ T5762] CPU: 1 UID: 0 PID: 5762 Comm: syz.4.800 Not tainted syzkaller #0 PREEMPT(voluntary) [ 76.253566][ T5762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 76.253577][ T5762] Call Trace: [ 76.253652][ T5762] [ 76.253659][ T5762] __dump_stack+0x1d/0x30 [ 76.253683][ T5762] dump_stack_lvl+0xe8/0x140 [ 76.253703][ T5762] dump_stack+0x15/0x1b [ 76.253720][ T5762] should_fail_ex+0x265/0x280 [ 76.253790][ T5762] should_fail_alloc_page+0xf2/0x100 [ 76.253819][ T5762] __alloc_frozen_pages_noprof+0xff/0x360 [ 76.253861][ T5762] alloc_pages_mpol+0xb3/0x260 [ 76.253963][ T5762] folio_alloc_mpol_noprof+0x39/0x80 [ 76.253984][ T5762] shmem_get_folio_gfp+0x3cf/0xd60 [ 76.254015][ T5762] ? simple_xattr_get+0xb9/0x120 [ 76.254079][ T5762] shmem_write_begin+0xa8/0x190 [ 76.254100][ T5762] generic_perform_write+0x184/0x490 [ 76.254170][ T5762] shmem_file_write_iter+0xc5/0xf0 [ 76.254268][ T5762] do_iter_readv_writev+0x4a1/0x540 [ 76.254297][ T5762] vfs_writev+0x2df/0x8b0 [ 76.254342][ T5762] __se_sys_pwritev2+0xfc/0x1c0 [ 76.254370][ T5762] __x64_sys_pwritev2+0x67/0x80 [ 76.254397][ T5762] x64_sys_call+0x2c59/0x3000 [ 76.254456][ T5762] do_syscall_64+0xd2/0x200 [ 76.254476][ T5762] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 76.254502][ T5762] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 76.254600][ T5762] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.254655][ T5762] RIP: 0033:0x7f729d6cf749 [ 76.254672][ T5762] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 76.254688][ T5762] RSP: 002b:00007f729c12f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148 [ 76.254725][ T5762] RAX: ffffffffffffffda RBX: 00007f729d925fa0 RCX: 00007f729d6cf749 [ 76.254738][ T5762] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000003 [ 76.254750][ T5762] RBP: 00007f729c12f090 R08: 0000000000000000 R09: 0000000000000003 [ 76.254762][ T5762] R10: 0000000000007c00 R11: 0000000000000246 R12: 0000000000000001 [ 76.254853][ T5762] R13: 00007f729d926038 R14: 00007f729d925fa0 R15: 00007ffd30599848 [ 76.254871][ T5762] [ 76.611426][ T5774] netlink: 'syz.5.806': attribute type 1 has an invalid length. [ 76.668774][ T5774] netlink: 224 bytes leftover after parsing attributes in process `syz.5.806'. [ 76.784362][ T3419] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 76.792410][ T3419] hid-generic 0000:0000:0000.0028: hidraw0: HID v0.00 Device [syz1] on syz0 [ 76.855490][ T5801] netlink: 4356 bytes leftover after parsing attributes in process `syz.2.814'. [ 77.005239][ T5809] 9pnet_fd: Insufficient options for proto=fd [ 77.017047][ T5809] x_tables: ip_tables: DNAT target: used from hooks POSTROUTING, but only usable from PREROUTING/OUTPUT [ 77.082191][ T5814] netlink: 44 bytes leftover after parsing attributes in process `syz.4.822'. [ 77.087773][ T36] hid-generic 0000:0000:0000.0029: unknown main item tag 0x0 [ 77.109652][ T36] hid-generic 0000:0000:0000.0029: hidraw0: HID v0.00 Device [syz1] on syz0 [ 77.202852][ T5817] netlink: 'syz.2.823': attribute type 1 has an invalid length. [ 77.216741][ T5817] netlink: 224 bytes leftover after parsing attributes in process `syz.2.823'. [ 77.275149][ T5824] FAULT_INJECTION: forcing a failure. [ 77.275149][ T5824] name failslab, interval 1, probability 0, space 0, times 0 [ 77.287946][ T5824] CPU: 1 UID: 0 PID: 5824 Comm: syz.2.826 Not tainted syzkaller #0 PREEMPT(voluntary) [ 77.288015][ T5824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 77.288028][ T5824] Call Trace: [ 77.288034][ T5824] [ 77.288042][ T5824] __dump_stack+0x1d/0x30 [ 77.288073][ T5824] dump_stack_lvl+0xe8/0x140 [ 77.288091][ T5824] dump_stack+0x15/0x1b [ 77.288122][ T5824] should_fail_ex+0x265/0x280 [ 77.288144][ T5824] should_failslab+0x8c/0xb0 [ 77.288177][ T5824] kmem_cache_alloc_noprof+0x50/0x480 [ 77.288202][ T5824] ? getname_flags+0x80/0x3b0 [ 77.288229][ T5824] getname_flags+0x80/0x3b0 [ 77.288261][ T5824] user_path_at+0x28/0x130 [ 77.288295][ T5824] __se_sys_quotactl+0xb6/0x670 [ 77.288322][ T5824] __x64_sys_quotactl+0x55/0x70 [ 77.288343][ T5824] x64_sys_call+0x15d6/0x3000 [ 77.288415][ T5824] do_syscall_64+0xd2/0x200 [ 77.288477][ T5824] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 77.288569][ T5824] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 77.288607][ T5824] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 77.288630][ T5824] RIP: 0033:0x7fa39637f749 [ 77.288698][ T5824] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 77.288713][ T5824] RSP: 002b:00007fa394ddf038 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3 [ 77.288732][ T5824] RAX: ffffffffffffffda RBX: 00007fa3965d5fa0 RCX: 00007fa39637f749 [ 77.288747][ T5824] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffff80000202 [ 77.288761][ T5824] RBP: 00007fa394ddf090 R08: 0000000000000000 R09: 0000000000000000 [ 77.288775][ T5824] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001 [ 77.288863][ T5824] R13: 00007fa3965d6038 R14: 00007fa3965d5fa0 R15: 00007ffe4bd6bad8 [ 77.288884][ T5824] [ 77.680226][ T5838] netlink: 'syz.4.832': attribute type 39 has an invalid length. [ 77.738477][ T5842] netlink: 24 bytes leftover after parsing attributes in process `syz.2.834'. [ 77.942109][ T5846] Falling back ldisc for ttyS3. [ 77.968220][ T5855] Illegal XDP return value 2613494055 on prog (id 499) dev N/A, expect packet loss! [ 78.151342][ T5870] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 78.162984][ T5870] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 78.231682][ T5869] netlink: 12 bytes leftover after parsing attributes in process `syz.0.843'. [ 78.282017][ T5874] netlink: 12 bytes leftover after parsing attributes in process `syz.2.844'. [ 78.428516][ T5876] FAULT_INJECTION: forcing a failure. [ 78.428516][ T5876] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 78.441681][ T5876] CPU: 1 UID: 0 PID: 5876 Comm: syz.1.845 Not tainted syzkaller #0 PREEMPT(voluntary) [ 78.441713][ T5876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 78.441726][ T5876] Call Trace: [ 78.441734][ T5876] [ 78.441744][ T5876] __dump_stack+0x1d/0x30 [ 78.441770][ T5876] dump_stack_lvl+0xe8/0x140 [ 78.441829][ T5876] dump_stack+0x15/0x1b [ 78.441849][ T5876] should_fail_ex+0x265/0x280 [ 78.441871][ T5876] should_fail+0xb/0x20 [ 78.441889][ T5876] should_fail_usercopy+0x1a/0x20 [ 78.441912][ T5876] _copy_from_user+0x1c/0xb0 [ 78.441991][ T5876] __sys_bpf+0x183/0x7c0 [ 78.442022][ T5876] __x64_sys_bpf+0x41/0x50 [ 78.442055][ T5876] x64_sys_call+0x2aee/0x3000 [ 78.442125][ T5876] do_syscall_64+0xd2/0x200 [ 78.442145][ T5876] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 78.442234][ T5876] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 78.442279][ T5876] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 78.442300][ T5876] RIP: 0033:0x7f4920cbf749 [ 78.442315][ T5876] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 78.442334][ T5876] RSP: 002b:00007f491f71f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 78.442365][ T5876] RAX: ffffffffffffffda RBX: 00007f4920f15fa0 RCX: 00007f4920cbf749 [ 78.442380][ T5876] RDX: 0000000000000050 RSI: 0000200000000600 RDI: 000000000000000a [ 78.442400][ T5876] RBP: 00007f491f71f090 R08: 0000000000000000 R09: 0000000000000000 [ 78.442413][ T5876] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 78.442425][ T5876] R13: 00007f4920f16038 R14: 00007f4920f15fa0 R15: 00007ffceefe4b68 [ 78.442444][ T5876] [ 78.840855][ T5887] usb usb8: selecting invalid altsetting 2047 [ 78.910764][ T5894] FAULT_INJECTION: forcing a failure. [ 78.910764][ T5894] name failslab, interval 1, probability 0, space 0, times 0 [ 78.923516][ T5894] CPU: 1 UID: 0 PID: 5894 Comm: syz.5.851 Not tainted syzkaller #0 PREEMPT(voluntary) [ 78.923554][ T5894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 78.923565][ T5894] Call Trace: [ 78.923572][ T5894] [ 78.923579][ T5894] __dump_stack+0x1d/0x30 [ 78.923664][ T5894] dump_stack_lvl+0xe8/0x140 [ 78.923686][ T5894] dump_stack+0x15/0x1b [ 78.923705][ T5894] should_fail_ex+0x265/0x280 [ 78.923728][ T5894] should_failslab+0x8c/0xb0 [ 78.923760][ T5894] kmem_cache_alloc_noprof+0x50/0x480 [ 78.923815][ T5894] ? getname_flags+0x80/0x3b0 [ 78.923849][ T5894] getname_flags+0x80/0x3b0 [ 78.923931][ T5894] __getname_maybe_null+0x66/0x1a0 [ 78.924018][ T5894] __se_sys_move_mount+0x1a3/0x490 [ 78.924043][ T5894] ? fput+0x8f/0xc0 [ 78.924079][ T5894] __x64_sys_move_mount+0x67/0x80 [ 78.924109][ T5894] x64_sys_call+0xcfe/0x3000 [ 78.924161][ T5894] do_syscall_64+0xd2/0x200 [ 78.924184][ T5894] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 78.924214][ T5894] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 78.924270][ T5894] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 78.924293][ T5894] RIP: 0033:0x7eff71d5f749 [ 78.924311][ T5894] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 78.924360][ T5894] RSP: 002b:00007eff707c7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ad [ 78.924382][ T5894] RAX: ffffffffffffffda RBX: 00007eff71fb5fa0 RCX: 00007eff71d5f749 [ 78.924396][ T5894] RDX: ffffffffffffff9c RSI: 0000200000000140 RDI: ffffffffffffffff [ 78.924409][ T5894] RBP: 00007eff707c7090 R08: 0000000000000262 R09: 0000000000000000 [ 78.924422][ T5894] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000001 [ 78.924439][ T5894] R13: 00007eff71fb6038 R14: 00007eff71fb5fa0 R15: 00007fff02725d18 [ 78.924459][ T5894] [ 79.135898][ T5896] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5896 comm=syz.1.852 [ 79.149094][ T5896] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5896 comm=syz.1.852 [ 79.406259][ T5911] usb usb8: selecting invalid altsetting 2047 [ 79.503253][ T5921] 9pnet_fd: Insufficient options for proto=fd [ 79.522097][ T5924] netlink: 4 bytes leftover after parsing attributes in process `syz.4.865'. [ 79.564955][ T5924] team0: Port device team_slave_1 removed [ 79.582099][ T5930] veth1_to_bridge: entered promiscuous mode [ 79.591964][ T5930] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.604971][ T5930] bridge_slave_1 (unregistering): left allmulticast mode [ 79.612311][ T5930] bridge_slave_1 (unregistering): left promiscuous mode [ 79.619313][ T5930] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.759871][ T5937] usb usb8: selecting invalid altsetting 2047 [ 79.877827][ T5943] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5943 comm=syz.1.873 [ 79.892246][ T5943] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5943 comm=syz.1.873 [ 80.082256][ T5955] x_tables: ip_tables: DNAT target: used from hooks POSTROUTING, but only usable from PREROUTING/OUTPUT [ 93.445177][ T29] kauditd_printk_skb: 279 callbacks suppressed [ 93.445194][ T29] audit: type=1326 audit(1764359577.064:1841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5961 comm="syz.4.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f729d6cf749 code=0x7ffc0000 [ 93.485816][ T29] audit: type=1400 audit(1764359577.064:1842): avc: denied { remount } for pid=5957 comm="syz.0.878" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 93.505799][ T29] audit: type=1400 audit(1764359577.074:1843): avc: denied { ioctl } for pid=5957 comm="syz.0.878" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=13922 ioctlcmd=0x943d scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 93.531663][ T29] audit: type=1400 audit(1764359577.074:1844): avc: denied { read } for pid=5957 comm="syz.0.878" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 93.550930][ T29] audit: type=1326 audit(1764359577.094:1845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5961 comm="syz.4.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f729d6cf749 code=0x7ffc0000 [ 93.570475][ T5970] netlink: 'syz.4.882': attribute type 39 has an invalid length. [ 93.574195][ T29] audit: type=1326 audit(1764359577.104:1846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5961 comm="syz.4.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f729d6cf749 code=0x7ffc0000 [ 93.605431][ T29] audit: type=1326 audit(1764359577.104:1847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5961 comm="syz.4.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f729d6cf749 code=0x7ffc0000 [ 93.628914][ T29] audit: type=1326 audit(1764359577.104:1848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5961 comm="syz.4.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f729d6cf749 code=0x7ffc0000 [ 93.652147][ T29] audit: type=1326 audit(1764359577.104:1849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5961 comm="syz.4.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f729d6cf749 code=0x7ffc0000 [ 93.675573][ T29] audit: type=1326 audit(1764359577.104:1850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5961 comm="syz.4.882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f729d6cf749 code=0x7ffc0000 [ 93.819351][ T5983] __nla_validate_parse: 1 callbacks suppressed [ 93.819368][ T5983] netlink: 12 bytes leftover after parsing attributes in process `syz.5.887'. [ 93.927908][ T3386] hid-generic 0000:0000:0000.002A: unknown main item tag 0x0 [ 93.935957][ T3386] hid-generic 0000:0000:0000.002A: hidraw0: HID v0.00 Device [syz1] on syz0 [ 94.072460][ T5995] tipc: Started in network mode [ 94.077684][ T5995] tipc: Node identity ac1414aa, cluster identity 4711 [ 94.100819][ T5995] tipc: Enabled bearer , priority 10 [ 94.291409][ T6000] tipc: Enabled bearer , priority 0 [ 94.381408][ T6010] netlink: 'syz.0.892': attribute type 1 has an invalid length. [ 94.414855][ T6010] netlink: 224 bytes leftover after parsing attributes in process `syz.0.892'. [ 94.553374][ T6020] capability: warning: `syz.1.896' uses 32-bit capabilities (legacy support in use) [ 94.571687][ T6020] ÿÿÿÿÿÿ: renamed from vlan1 (while UP) [ 94.579551][ T36] hid-generic 0000:0000:0000.002B: unknown main item tag 0x0 [ 94.595938][ T36] hid-generic 0000:0000:0000.002B: hidraw0: HID v0.00 Device [syz1] on syz0 [ 94.676201][ T6025] Ÿë: port 1(gretap0) entered blocking state [ 94.682422][ T6025] Ÿë: port 1(gretap0) entered disabled state [ 94.821517][ T6029] netlink: 32 bytes leftover after parsing attributes in process `syz.5.900'. [ 94.845183][ T3386] hid-generic 0000:0000:0000.002C: unknown main item tag 0x0 [ 94.876726][ T3386] hid-generic 0000:0000:0000.002C: hidraw1: HID v0.00 Device [syz1] on syz0 [ 94.887678][ T6025] gretap0: entered allmulticast mode [ 94.894993][ T6025] gretap0: entered promiscuous mode [ 94.904816][ T6030] Ÿë: port 2(veth0_to_team) entered blocking state [ 94.911647][ T6030] Ÿë: port 2(veth0_to_team) entered disabled state [ 94.945002][ T6030] veth0_to_team: entered allmulticast mode [ 94.957971][ T6030] veth0_to_team: entered promiscuous mode [ 95.105745][ T3421] hid-generic 0000:0000:0000.002D: unknown main item tag 0x0 [ 95.114028][ T3421] hid-generic 0000:0000:0000.002D: hidraw0: HID v0.00 Device [syz1] on syz0 [ 95.151382][ T6042] netlink: 4356 bytes leftover after parsing attributes in process `syz.0.903'. [ 95.207180][ T3386] hid-generic 0000:0000:0000.002E: unknown main item tag 0x0 [ 95.215177][ T3386] hid-generic 0000:0000:0000.002E: hidraw1: HID v0.00 Device [syz1] on syz0 [ 95.415442][ T3386] tipc: Node number set to 2886997162 [ 95.481232][ T6062] netlink: 32 bytes leftover after parsing attributes in process `syz.2.912'. [ 95.628157][ T6067] netlink: 12 bytes leftover after parsing attributes in process `syz.2.914'. [ 95.729717][ T3386] hid-generic 0000:0000:0000.002F: unknown main item tag 0x0 [ 95.777961][ T3386] hid-generic 0000:0000:0000.002F: hidraw2: HID v0.00 Device [syz1] on syz0 [ 95.834892][ T6074] netlink: 12 bytes leftover after parsing attributes in process `syz.5.917'. [ 95.844001][ T6074] netlink: 'syz.5.917': attribute type 11 has an invalid length. [ 95.854567][ T6074] netlink: 12 bytes leftover after parsing attributes in process `syz.5.917'. [ 95.863513][ T6074] netlink: 'syz.5.917': attribute type 11 has an invalid length. [ 95.932786][ T6083] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6083 comm=syz.5.921 [ 95.946752][ T6083] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6083 comm=syz.5.921 [ 95.989480][ T6085] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6085 comm=syz.4.922 [ 96.050693][ T6089] netlink: 4 bytes leftover after parsing attributes in process `syz.0.924'. [ 96.068183][ T6092] netlink: 'syz.4.925': attribute type 1 has an invalid length. [ 96.076670][ T6092] netlink: 224 bytes leftover after parsing attributes in process `syz.4.925'. [ 96.247676][ T6111] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6111 comm=syz.1.933 [ 96.370193][ T6121] usb usb8: usbfs: process 6121 (syz.0.938) did not claim interface 0 before use [ 96.381713][ T6119] usb usb8: selecting invalid altsetting 2047 [ 96.446284][ T6127] 9pnet_fd: Insufficient options for proto=fd [ 96.647011][ T6140] FAULT_INJECTION: forcing a failure. [ 96.647011][ T6140] name failslab, interval 1, probability 0, space 0, times 0 [ 96.660071][ T6140] CPU: 1 UID: 0 PID: 6140 Comm: syz.4.945 Not tainted syzkaller #0 PREEMPT(voluntary) [ 96.660102][ T6140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 96.660115][ T6140] Call Trace: [ 96.660123][ T6140] [ 96.660133][ T6140] __dump_stack+0x1d/0x30 [ 96.660159][ T6140] dump_stack_lvl+0xe8/0x140 [ 96.660182][ T6140] dump_stack+0x15/0x1b [ 96.660199][ T6140] should_fail_ex+0x265/0x280 [ 96.660217][ T6140] should_failslab+0x8c/0xb0 [ 96.660242][ T6140] kmem_cache_alloc_noprof+0x50/0x480 [ 96.660269][ T6140] ? vm_area_alloc+0x2c/0xb0 [ 96.660304][ T6140] vm_area_alloc+0x2c/0xb0 [ 96.660335][ T6140] mmap_region+0xa99/0x1620 [ 96.660358][ T6140] ? __rcu_read_unlock+0x4f/0x70 [ 96.660407][ T6140] do_mmap+0x9b3/0xbe0 [ 96.660432][ T6140] vm_mmap_pgoff+0x17a/0x2e0 [ 96.660468][ T6140] ksys_mmap_pgoff+0x268/0x310 [ 96.660491][ T6140] x64_sys_call+0x14a3/0x3000 [ 96.660513][ T6140] do_syscall_64+0xd2/0x200 [ 96.660535][ T6140] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 96.660560][ T6140] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 96.660589][ T6140] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 96.660608][ T6140] RIP: 0033:0x7f729d6cf749 [ 96.660625][ T6140] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 96.660643][ T6140] RSP: 002b:00007f729c12f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 96.660666][ T6140] RAX: ffffffffffffffda RBX: 00007f729d925fa0 RCX: 00007f729d6cf749 [ 96.660679][ T6140] RDX: 0000000000000005 RSI: 0000000000003000 RDI: 0000200000000000 [ 96.660690][ T6140] RBP: 00007f729c12f090 R08: 0000000000000006 R09: 0000000000000000 [ 96.660703][ T6140] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000001 [ 96.660716][ T6140] R13: 00007f729d926038 R14: 00007f729d925fa0 R15: 00007ffd30599848 [ 96.660738][ T6140] [ 96.895606][ T6143] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6143 comm=syz.5.946 [ 96.978564][ T6148] netlink: 'syz.2.948': attribute type 10 has an invalid length. [ 97.009598][ T6148] ipvlan2: entered promiscuous mode [ 97.021825][ T6148] bridge0: port 3(ipvlan2) entered blocking state [ 97.028453][ T6148] bridge0: port 3(ipvlan2) entered disabled state [ 97.037898][ T6148] ipvlan2: entered allmulticast mode [ 97.043254][ T6148] bridge0: entered allmulticast mode [ 97.051285][ T6148] ipvlan2: left allmulticast mode [ 97.056364][ T6148] bridge0: left allmulticast mode [ 97.111229][ T3386] hid-generic 0000:0000:0000.0030: unknown main item tag 0x0 [ 97.127851][ T3386] hid-generic 0000:0000:0000.0030: hidraw0: HID v0.00 Device [syz1] on syz0 [ 97.372088][ T6169] xt_connbytes: Forcing CT accounting to be enabled [ 97.398056][ T6169] set match dimension is over the limit! [ 97.778009][ T6182] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6182 comm=syz.2.962 [ 98.238262][ T6209] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6209 comm=syz.5.973 [ 98.371710][ T3421] hid-generic 0000:0000:0000.0031: unknown main item tag 0x0 [ 98.393098][ T3421] hid-generic 0000:0000:0000.0031: hidraw0: HID v0.00 Device [syz1] on syz0 [ 98.478737][ T3370] hid-generic FFFF:0007:0000.0032: unknown main item tag 0x0 [ 98.486210][ T3370] hid-generic FFFF:0007:0000.0032: unknown main item tag 0x0 [ 98.507987][ T3370] hid-generic FFFF:0007:0000.0032: hidraw1: HID vffffff.fe Device [syz0] on syz0 [ 98.748719][ T6240] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6240 comm=syz.1.986 [ 98.789572][ T29] kauditd_printk_skb: 135 callbacks suppressed [ 98.789590][ T29] audit: type=1326 audit(1764359582.414:1986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6242 comm="syz.1.987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4920cbf749 code=0x7ffc0000 [ 98.825828][ T29] audit: type=1326 audit(1764359582.444:1987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6242 comm="syz.1.987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4920cbf749 code=0x7ffc0000 [ 98.849570][ T29] audit: type=1326 audit(1764359582.444:1988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6242 comm="syz.1.987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4920cbf749 code=0x7ffc0000 [ 98.872884][ T29] audit: type=1326 audit(1764359582.444:1989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6242 comm="syz.1.987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4920cbf749 code=0x7ffc0000 [ 98.896424][ T29] audit: type=1326 audit(1764359582.444:1990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6242 comm="syz.1.987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4920cbf749 code=0x7ffc0000 [ 98.904083][ T6243] netlink: 'syz.1.987': attribute type 39 has an invalid length. [ 98.919869][ T29] audit: type=1326 audit(1764359582.444:1991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6242 comm="syz.1.987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f4920cbf749 code=0x7ffc0000 [ 98.951115][ T29] audit: type=1326 audit(1764359582.444:1992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6242 comm="syz.1.987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4920cbf749 code=0x7ffc0000 [ 98.974586][ T29] audit: type=1326 audit(1764359582.444:1993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6242 comm="syz.1.987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4920cbf749 code=0x7ffc0000 [ 98.998113][ T29] audit: type=1326 audit(1764359582.444:1994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6242 comm="syz.1.987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4920cbf749 code=0x7ffc0000 [ 99.021688][ T29] audit: type=1326 audit(1764359582.444:1995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6242 comm="syz.1.987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4920cbf749 code=0x7ffc0000 [ 99.395089][ T6267] netlink: 'syz.0.998': attribute type 1 has an invalid length. [ 99.403968][ T6267] __nla_validate_parse: 4 callbacks suppressed [ 99.404020][ T6267] netlink: 224 bytes leftover after parsing attributes in process `syz.0.998'. [ 99.448156][ T6274] netlink: 'syz.4.999': attribute type 39 has an invalid length. [ 99.492216][ T6263] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 99.512815][ T6263] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 99.578365][ T6287] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1007'. [ 99.681039][ T6293] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1010'. [ 99.969058][ T6300] 9pnet: Could not find request transport: fd0x0000000000000008 [ 100.099543][ T6309] FAULT_INJECTION: forcing a failure. [ 100.099543][ T6309] name failslab, interval 1, probability 0, space 0, times 0 [ 100.111660][ T3421] hid_parser_main: 10 callbacks suppressed [ 100.111679][ T3421] hid-generic 0000:0000:0000.0033: unknown main item tag 0x0 [ 100.112412][ T6309] CPU: 0 UID: 0 PID: 6309 Comm: syz.2.1015 Not tainted syzkaller #0 PREEMPT(voluntary) [ 100.112438][ T6309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 100.112449][ T6309] Call Trace: [ 100.112457][ T6309] [ 100.112465][ T6309] __dump_stack+0x1d/0x30 [ 100.112487][ T6309] dump_stack_lvl+0xe8/0x140 [ 100.112507][ T6309] dump_stack+0x15/0x1b [ 100.112572][ T6309] should_fail_ex+0x265/0x280 [ 100.112592][ T6309] should_failslab+0x8c/0xb0 [ 100.112682][ T6309] kmem_cache_alloc_node_noprof+0x57/0x4a0 [ 100.112754][ T6309] ? __alloc_skb+0x101/0x320 [ 100.112856][ T6309] __alloc_skb+0x101/0x320 [ 100.112881][ T6309] ? audit_log_start+0x342/0x720 [ 100.112903][ T6309] audit_log_start+0x3a0/0x720 [ 100.112932][ T6309] ? kstrtouint+0x76/0xc0 [ 100.112962][ T6309] audit_seccomp+0x48/0x100 [ 100.112990][ T6309] ? __seccomp_filter+0x82d/0x1250 [ 100.113038][ T6309] __seccomp_filter+0x83e/0x1250 [ 100.113117][ T6309] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 100.113146][ T6309] ? vfs_write+0x7e8/0x960 [ 100.113169][ T6309] ? __rcu_read_unlock+0x4f/0x70 [ 100.113193][ T6309] ? __fget_files+0x184/0x1c0 [ 100.113224][ T6309] __secure_computing+0x82/0x150 [ 100.113312][ T6309] syscall_trace_enter+0xcf/0x1e0 [ 100.113338][ T6309] do_syscall_64+0xac/0x200 [ 100.113418][ T6309] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 100.113548][ T6309] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.113569][ T6309] RIP: 0033:0x7fa39637f749 [ 100.113585][ T6309] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 100.113601][ T6309] RSP: 002b:00007fa394ddf038 EFLAGS: 00000246 ORIG_RAX: 00000000000000eb [ 100.113621][ T6309] RAX: ffffffffffffffda RBX: 00007fa3965d5fa0 RCX: 00007fa39637f749 [ 100.113655][ T6309] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 100.113666][ T6309] RBP: 00007fa394ddf090 R08: 0000000000000000 R09: 0000000000000000 [ 100.113677][ T6309] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 100.113688][ T6309] R13: 00007fa3965d6038 R14: 00007fa3965d5fa0 R15: 00007ffe4bd6bad8 [ 100.113707][ T6309] [ 100.342502][ T3421] hid-generic 0000:0000:0000.0033: hidraw0: HID v0.00 Device [syz1] on syz0 [ 100.405060][ T6315] netlink: 'syz.4.1017': attribute type 1 has an invalid length. [ 100.413529][ T6315] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1017'. [ 100.548355][ T6319] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1019'. [ 100.589130][ T6326] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1021'. [ 101.230377][ T6331] 9pnet: Could not find request transport: fd0x0000000000000008 [ 101.537055][ T6350] netlink: 'syz.2.1030': attribute type 1 has an invalid length. [ 101.545700][ T6350] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1030'. [ 101.645993][ T3370] hid-generic 0000:0000:0000.0034: unknown main item tag 0x0 [ 101.883112][ T6348] netlink: 4356 bytes leftover after parsing attributes in process `syz.0.1028'. [ 102.604846][ T3370] hid-generic 0000:0000:0000.0034: hidraw0: HID v0.00 Device [syz1] on syz0 [ 102.910500][ T6368] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6368 comm=syz.5.1034 [ 103.027774][ T6388] usb usb8: selecting invalid altsetting 2047 [ 103.046483][ T6390] netlink: 'syz.2.1041': attribute type 1 has an invalid length. [ 103.055360][ T6390] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1041'. [ 103.241334][ T3421] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0 [ 103.277491][ T3421] hid-generic 0000:0000:0000.0035: hidraw0: HID v0.00 Device [syz1] on syz0 [ 103.990271][ T29] kauditd_printk_skb: 324 callbacks suppressed [ 103.990290][ T29] audit: type=1326 audit(1764359587.614:2318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6423 comm="syz.1.1053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4920cbf749 code=0x7ffc0000 [ 104.061923][ T6424] netlink: 'syz.1.1053': attribute type 39 has an invalid length. [ 104.073113][ T29] audit: type=1326 audit(1764359587.664:2319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6423 comm="syz.1.1053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4920cbf749 code=0x7ffc0000 [ 104.096607][ T29] audit: type=1326 audit(1764359587.664:2320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6423 comm="syz.1.1053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4920cbf749 code=0x7ffc0000 [ 104.120173][ T29] audit: type=1326 audit(1764359587.664:2321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6423 comm="syz.1.1053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4920cbf749 code=0x7ffc0000 [ 104.132760][ T6427] netlink: 'syz.4.1055': attribute type 1 has an invalid length. [ 104.144258][ T29] audit: type=1326 audit(1764359587.664:2322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6423 comm="syz.1.1053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4920cbf749 code=0x7ffc0000 [ 104.144298][ T29] audit: type=1326 audit(1764359587.664:2323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6423 comm="syz.1.1053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f4920cbf749 code=0x7ffc0000 [ 104.144406][ T29] audit: type=1326 audit(1764359587.664:2324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6423 comm="syz.1.1053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4920cbf749 code=0x7ffc0000 [ 104.144589][ T29] audit: type=1326 audit(1764359587.664:2325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6423 comm="syz.1.1053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4920cbf749 code=0x7ffc0000 [ 104.144621][ T29] audit: type=1326 audit(1764359587.664:2326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6423 comm="syz.1.1053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4920cbf749 code=0x7ffc0000 [ 104.144657][ T29] audit: type=1326 audit(1764359587.664:2327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6423 comm="syz.1.1053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f4920cbf749 code=0x7ffc0000 [ 104.291999][ T6438] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1059'. [ 104.495298][ T6457] serio: Serial port ttyS3 [ 104.504683][ T6460] usb usb8: selecting invalid altsetting 2047 [ 104.551529][ T6457] __nla_validate_parse: 1 callbacks suppressed [ 104.551547][ T6457] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1066'. [ 104.566897][ T6457] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1066'. [ 104.580180][ T12] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 104.589280][ T12] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 104.598375][ T12] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 104.607267][ T12] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 104.682759][ T6469] netlink: 'syz.4.1071': attribute type 39 has an invalid length. [ 104.763461][ T6474] netlink: 'syz.4.1073': attribute type 1 has an invalid length. [ 104.771609][ T6474] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1073'. [ 104.870550][ T6482] netlink: 4356 bytes leftover after parsing attributes in process `syz.4.1074'. [ 104.922194][ T6489] usb usb8: selecting invalid altsetting 2047 [ 104.972822][ T6497] netlink: 'syz.4.1082': attribute type 39 has an invalid length. [ 105.394353][ T6520] usb usb8: selecting invalid altsetting 2047 [ 105.435002][ T6511] netlink: 4356 bytes leftover after parsing attributes in process `syz.2.1087'. [ 105.457047][ T6526] netlink: 'syz.0.1093': attribute type 39 has an invalid length. [ 105.470920][ T6525] 9pnet_fd: Insufficient options for proto=fd [ 105.519108][ T6533] tmpfs: Bad value for 'mpol' [ 105.680652][ T6547] FAULT_INJECTION: forcing a failure. [ 105.680652][ T6547] name failslab, interval 1, probability 0, space 0, times 0 [ 105.693381][ T6547] CPU: 1 UID: 0 PID: 6547 Comm: syz.0.1102 Not tainted syzkaller #0 PREEMPT(voluntary) [ 105.693412][ T6547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 105.693426][ T6547] Call Trace: [ 105.693433][ T6547] [ 105.693441][ T6547] __dump_stack+0x1d/0x30 [ 105.693523][ T6547] dump_stack_lvl+0xe8/0x140 [ 105.693544][ T6547] dump_stack+0x15/0x1b [ 105.693602][ T6547] should_fail_ex+0x265/0x280 [ 105.693623][ T6547] ? audit_log_d_path+0x8d/0x150 [ 105.693666][ T6547] should_failslab+0x8c/0xb0 [ 105.693700][ T6547] __kmalloc_cache_noprof+0x4c/0x4a0 [ 105.693735][ T6547] audit_log_d_path+0x8d/0x150 [ 105.693757][ T6547] audit_log_d_path_exe+0x42/0x70 [ 105.693779][ T6547] audit_log_task+0x1e9/0x250 [ 105.693843][ T6547] ? kstrtouint+0x76/0xc0 [ 105.693877][ T6547] audit_seccomp+0x61/0x100 [ 105.693953][ T6547] ? __seccomp_filter+0x82d/0x1250 [ 105.693983][ T6547] __seccomp_filter+0x83e/0x1250 [ 105.694065][ T6547] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 105.694099][ T6547] ? vfs_write+0x7e8/0x960 [ 105.694171][ T6547] __secure_computing+0x82/0x150 [ 105.694201][ T6547] syscall_trace_enter+0xcf/0x1e0 [ 105.694232][ T6547] do_syscall_64+0xac/0x200 [ 105.694262][ T6547] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 105.694290][ T6547] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 105.694357][ T6547] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 105.694431][ T6547] RIP: 0033:0x7f8d2a8bf749 [ 105.694449][ T6547] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 105.694465][ T6547] RSP: 002b:00007f8d2931f038 EFLAGS: 00000246 ORIG_RAX: 000000000000008c [ 105.694487][ T6547] RAX: ffffffffffffffda RBX: 00007f8d2ab15fa0 RCX: 00007f8d2a8bf749 [ 105.694580][ T6547] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 105.694593][ T6547] RBP: 00007f8d2931f090 R08: 0000000000000000 R09: 0000000000000000 [ 105.694606][ T6547] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 105.694620][ T6547] R13: 00007f8d2ab16038 R14: 00007f8d2ab15fa0 R15: 00007ffe47cde848 [ 105.694642][ T6547] [ 105.967793][ T6554] 9pnet_fd: Insufficient options for proto=fd [ 105.968596][ T6552] usb usb8: selecting invalid altsetting 2047 [ 106.003555][ T6558] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1108'. [ 106.034267][ T6562] netlink: 'syz.4.1109': attribute type 39 has an invalid length. [ 106.072797][ T6568] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1107'. [ 106.089423][ T6566] netlink: 'syz.4.1111': attribute type 1 has an invalid length. [ 106.106442][ T6566] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1111'. [ 106.378881][ T6580] netlink: 4356 bytes leftover after parsing attributes in process `syz.4.1116'. [ 106.458925][ T6584] usb usb8: selecting invalid altsetting 2047 [ 106.577053][ T6594] netlink: 'syz.4.1122': attribute type 1 has an invalid length. [ 106.592876][ T6594] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1122'. [ 106.705291][ T6606] FAULT_INJECTION: forcing a failure. [ 106.705291][ T6606] name failslab, interval 1, probability 0, space 0, times 0 [ 106.718205][ T6606] CPU: 0 UID: 0 PID: 6606 Comm: syz.4.1128 Not tainted syzkaller #0 PREEMPT(voluntary) [ 106.718242][ T6606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 106.718247][ T6606] Call Trace: [ 106.718251][ T6606] [ 106.718255][ T6606] __dump_stack+0x1d/0x30 [ 106.718269][ T6606] dump_stack_lvl+0xe8/0x140 [ 106.718279][ T6606] dump_stack+0x15/0x1b [ 106.718288][ T6606] should_fail_ex+0x265/0x280 [ 106.718375][ T6606] ? audit_log_d_path+0x8d/0x150 [ 106.718385][ T6606] should_failslab+0x8c/0xb0 [ 106.718400][ T6606] __kmalloc_cache_noprof+0x4c/0x4a0 [ 106.718416][ T6606] audit_log_d_path+0x8d/0x150 [ 106.718461][ T6606] audit_log_d_path_exe+0x42/0x70 [ 106.718472][ T6606] audit_log_task+0x1e9/0x250 [ 106.718563][ T6606] ? kstrtouint+0x76/0xc0 [ 106.718579][ T6606] audit_seccomp+0x61/0x100 [ 106.718592][ T6606] ? __seccomp_filter+0x82d/0x1250 [ 106.718624][ T6606] __seccomp_filter+0x83e/0x1250 [ 106.718637][ T6606] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 106.718668][ T6606] ? vfs_write+0x7e8/0x960 [ 106.718679][ T6606] ? __rcu_read_unlock+0x4f/0x70 [ 106.718722][ T6606] ? __fget_files+0x184/0x1c0 [ 106.718736][ T6606] __secure_computing+0x82/0x150 [ 106.718749][ T6606] syscall_trace_enter+0xcf/0x1e0 [ 106.718769][ T6606] do_syscall_64+0xac/0x200 [ 106.718792][ T6606] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 106.718904][ T6606] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 106.718919][ T6606] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 106.718929][ T6606] RIP: 0033:0x7f729d6cf749 [ 106.718938][ T6606] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 106.719001][ T6606] RSP: 002b:00007f729c12f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000103 [ 106.719014][ T6606] RAX: ffffffffffffffda RBX: 00007f729d925fa0 RCX: 00007f729d6cf749 [ 106.719020][ T6606] RDX: 0000000000000080 RSI: 0000200000000240 RDI: ffffffffffffffff [ 106.719026][ T6606] RBP: 00007f729c12f090 R08: 0000000000000000 R09: 0000000000000000 [ 106.719032][ T6606] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001 [ 106.719038][ T6606] R13: 00007f729d926038 R14: 00007f729d925fa0 R15: 00007ffd30599848 [ 106.719084][ T6606] [ 106.948122][ T6558] syz.1.1108 (6558) used greatest stack depth: 9968 bytes left [ 106.976484][ T6611] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6611 comm=syz.1.1130 [ 106.990109][ T6611] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6611 comm=syz.1.1130 [ 107.230843][ T6621] netlink: 'syz.0.1133': attribute type 1 has an invalid length. [ 107.248295][ T3386] hid-generic 0000:0000:0000.0036: unknown main item tag 0x0 [ 107.254472][ T3406] hid-generic 0000:0000:0000.0037: unknown main item tag 0x0 [ 107.266074][ T3386] hid-generic 0000:0000:0000.0036: hidraw0: HID v0.00 Device [syz1] on syz0 [ 107.279666][ T3406] hid-generic 0000:0000:0000.0037: hidraw1: HID v0.00 Device [syz1] on syz0 [ 107.393938][ T6637] usb usb8: selecting invalid altsetting 2047 [ 107.524690][ T3406] hid-generic 0000:0000:0000.0038: unknown main item tag 0x0 [ 107.954983][ T6655] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6655 comm=syz.4.1145 [ 107.968236][ T6655] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6655 comm=syz.4.1145 [ 108.007348][ T3406] hid-generic 0000:0000:0000.0038: hidraw2: HID v0.00 Device [syz1] on syz0 [ 108.289535][ T6671] usb usb8: usbfs: process 6671 (syz.2.1153) did not claim interface 0 before use [ 108.380296][ T3386] hid-generic 0000:0000:0000.0039: unknown main item tag 0x0 [ 108.409216][ T3386] hid-generic 0000:0000:0000.0039: hidraw0: HID v0.00 Device [syz1] on syz0 [ 108.655679][ T3386] hid-generic 0000:0000:0000.003A: unknown main item tag 0x0 [ 108.664736][ T3386] hid-generic 0000:0000:0000.003A: hidraw1: HID v0.00 Device [syz1] on syz0 [ 108.732407][ T6683] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6683 comm=syz.5.1157 [ 108.769494][ T6683] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6683 comm=syz.5.1157 [ 109.363402][ T6703] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6703 comm=syz.1.1166 [ 109.386955][ T29] kauditd_printk_skb: 400 callbacks suppressed [ 109.386974][ T29] audit: type=1326 audit(1764359593.004:2728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6699 comm="syz.5.1164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff71d5f749 code=0x7ffc0000 [ 109.416672][ T29] audit: type=1326 audit(1764359593.004:2729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6699 comm="syz.5.1164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff71d5f749 code=0x7ffc0000 [ 109.426606][ T3386] hid-generic 0000:0000:0000.003B: unknown main item tag 0x0 [ 109.455054][ T6705] validate_nla: 1 callbacks suppressed [ 109.455068][ T6705] netlink: 'syz.5.1164': attribute type 39 has an invalid length. [ 109.508683][ T3386] hid-generic 0000:0000:0000.003B: hidraw0: HID v0.00 Device [syz1] on syz0 [ 109.518511][ T29] audit: type=1326 audit(1764359593.014:2730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6699 comm="syz.5.1164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7eff71d5f749 code=0x7ffc0000 [ 109.542256][ T29] audit: type=1326 audit(1764359593.014:2731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6699 comm="syz.5.1164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff71d5f749 code=0x7ffc0000 [ 109.565966][ T29] audit: type=1326 audit(1764359593.014:2732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6699 comm="syz.5.1164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff71d5f749 code=0x7ffc0000 [ 109.581820][ T6710] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6710 comm=syz.5.1168 [ 109.589485][ T29] audit: type=1326 audit(1764359593.064:2733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6699 comm="syz.5.1164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7eff71d5f749 code=0x7ffc0000 [ 109.625561][ T29] audit: type=1326 audit(1764359593.064:2734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6699 comm="syz.5.1164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff71d5f749 code=0x7ffc0000 [ 109.628286][ T6710] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6710 comm=syz.5.1168 [ 109.649025][ T29] audit: type=1326 audit(1764359593.074:2735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6699 comm="syz.5.1164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7eff71d5f749 code=0x7ffc0000 [ 109.684996][ T29] audit: type=1326 audit(1764359593.074:2736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6699 comm="syz.5.1164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff71d5f749 code=0x7ffc0000 [ 109.708524][ T29] audit: type=1326 audit(1764359593.074:2737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6699 comm="syz.5.1164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7eff71d5f749 code=0x7ffc0000 [ 109.958461][ T3386] hid-generic 0000:0000:0000.003C: unknown main item tag 0x0 [ 110.124889][ T6729] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 110.133640][ T6729] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 110.197022][ T3386] hid-generic 0000:0000:0000.003C: hidraw1: HID v0.00 Device [syz1] on syz0 [ 110.292164][ T6736] xt_hashlimit: size too large, truncated to 1048576 [ 110.299010][ T6736] xt_hashlimit: max too large, truncated to 1048576 [ 110.417467][ T6748] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6748 comm=syz.0.1181 [ 110.432982][ T6748] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6748 comm=syz.0.1181 [ 110.596904][ T6756] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6756 comm=syz.0.1184 [ 110.678602][ T3386] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0 [ 110.696644][ T3386] hid-generic 0000:0000:0000.003D: hidraw0: HID v0.00 Device [syz1] on syz0 [ 110.707168][ T6766] netlink: 'syz.1.1189': attribute type 8 has an invalid length. [ 110.715281][ T6766] netlink: 'syz.1.1189': attribute type 7 has an invalid length. [ 110.723262][ T6766] __nla_validate_parse: 6 callbacks suppressed [ 110.723277][ T6766] netlink: 194488 bytes leftover after parsing attributes in process `syz.1.1189'. [ 110.752126][ T6766] Process accounting resumed [ 110.828140][ T6778] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 110.836588][ T6778] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 111.288101][ T6802] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3) [ 111.294773][ T6802] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 111.302246][ T6802] vhci_hcd vhci_hcd.0: Device attached [ 111.310210][ T6817] vhci_hcd: connection closed [ 111.310459][ T311] vhci_hcd: stop threads [ 111.319554][ T311] vhci_hcd: release socket [ 111.323970][ T311] vhci_hcd: disconnect device [ 111.346367][ T6820] erspan1: entered promiscuous mode [ 111.640207][ T6858] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 111.655277][ T6858] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 111.684145][ T6860] xt_CT: You must specify a L4 protocol and not use inversions on it [ 111.685394][ T6862] FAULT_INJECTION: forcing a failure. [ 111.685394][ T6862] name failslab, interval 1, probability 0, space 0, times 0 [ 111.705291][ T6862] CPU: 1 UID: 0 PID: 6862 Comm: syz.5.1218 Not tainted syzkaller #0 PREEMPT(voluntary) [ 111.705318][ T6862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 111.705331][ T6862] Call Trace: [ 111.705337][ T6862] [ 111.705413][ T6862] __dump_stack+0x1d/0x30 [ 111.705440][ T6862] dump_stack_lvl+0xe8/0x140 [ 111.705463][ T6862] dump_stack+0x15/0x1b [ 111.705483][ T6862] should_fail_ex+0x265/0x280 [ 111.705502][ T6862] should_failslab+0x8c/0xb0 [ 111.705539][ T6862] kmem_cache_alloc_lru_noprof+0x55/0x490 [ 111.705569][ T6862] ? __d_alloc+0x3d/0x340 [ 111.705650][ T6862] __d_alloc+0x3d/0x340 [ 111.705674][ T6862] ? mpol_shared_policy_init+0xbd/0x4c0 [ 111.705695][ T6862] d_alloc_pseudo+0x1e/0x80 [ 111.705775][ T6862] alloc_file_pseudo+0x71/0x160 [ 111.705795][ T6862] __shmem_file_setup+0x1de/0x210 [ 111.705859][ T6862] shmem_file_setup+0x3b/0x50 [ 111.705878][ T6862] __se_sys_memfd_create+0x2c3/0x590 [ 111.705920][ T6862] __x64_sys_memfd_create+0x31/0x40 [ 111.705941][ T6862] x64_sys_call+0x2ac2/0x3000 [ 111.706035][ T6862] do_syscall_64+0xd2/0x200 [ 111.706057][ T6862] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 111.706088][ T6862] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 111.706121][ T6862] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 111.706156][ T6862] RIP: 0033:0x7eff71d5f749 [ 111.706174][ T6862] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 111.706192][ T6862] RSP: 002b:00007eff707c6e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 111.706265][ T6862] RAX: ffffffffffffffda RBX: 000000000000051c RCX: 00007eff71d5f749 [ 111.706277][ T6862] RDX: 00007eff707c6ef0 RSI: 0000000000000000 RDI: 00007eff71de4960 [ 111.706314][ T6862] RBP: 0000200000000700 R08: 00007eff707c6bb7 R09: 00007eff707c6e40 [ 111.706326][ T6862] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000500 [ 111.706355][ T6862] R13: 00007eff707c6ef0 R14: 00007eff707c6eb0 R15: 00002000000002c0 [ 111.706378][ T6862] [ 112.330547][ T6891] ref_ctr increment failed for inode: 0x300 offset: 0x5 ref_ctr_offset: 0x1000 of mm: 0xffff88810a62f8c0 [ 112.389225][ T6899] FAULT_INJECTION: forcing a failure. [ 112.389225][ T6899] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 112.402537][ T6899] CPU: 0 UID: 0 PID: 6899 Comm: syz.4.1234 Not tainted syzkaller #0 PREEMPT(voluntary) [ 112.402565][ T6899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 112.402577][ T6899] Call Trace: [ 112.402638][ T6899] [ 112.402647][ T6899] __dump_stack+0x1d/0x30 [ 112.402671][ T6899] dump_stack_lvl+0xe8/0x140 [ 112.402692][ T6899] dump_stack+0x15/0x1b [ 112.402711][ T6899] should_fail_ex+0x265/0x280 [ 112.402732][ T6899] should_fail_alloc_page+0xf2/0x100 [ 112.402792][ T6899] __alloc_frozen_pages_noprof+0xff/0x360 [ 112.402833][ T6899] alloc_pages_mpol+0xb3/0x260 [ 112.402925][ T6899] folio_alloc_mpol_noprof+0x39/0x80 [ 112.402963][ T6899] shmem_get_folio_gfp+0x3cf/0xd60 [ 112.402992][ T6899] ? simple_xattr_get+0xb9/0x120 [ 112.403026][ T6899] shmem_write_begin+0xa8/0x190 [ 112.403098][ T6899] generic_perform_write+0x184/0x490 [ 112.403167][ T6899] shmem_file_write_iter+0xc5/0xf0 [ 112.403190][ T6899] do_iter_readv_writev+0x4a1/0x540 [ 112.403225][ T6899] vfs_writev+0x2df/0x8b0 [ 112.403288][ T6899] ? mutex_lock+0xd/0x30 [ 112.403314][ T6899] do_writev+0xe7/0x210 [ 112.403348][ T6899] __x64_sys_writev+0x45/0x50 [ 112.403433][ T6899] x64_sys_call+0x1e9a/0x3000 [ 112.403454][ T6899] do_syscall_64+0xd2/0x200 [ 112.403476][ T6899] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 112.403503][ T6899] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 112.403541][ T6899] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 112.403563][ T6899] RIP: 0033:0x7f729d6cf749 [ 112.403582][ T6899] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 112.403599][ T6899] RSP: 002b:00007f729c12f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 112.403673][ T6899] RAX: ffffffffffffffda RBX: 00007f729d925fa0 RCX: 00007f729d6cf749 [ 112.403688][ T6899] RDX: 0000000000000001 RSI: 0000200000000140 RDI: 0000000000000006 [ 112.403702][ T6899] RBP: 00007f729c12f090 R08: 0000000000000000 R09: 0000000000000000 [ 112.403782][ T6899] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 112.403797][ T6899] R13: 00007f729d926038 R14: 00007f729d925fa0 R15: 00007ffd30599848 [ 112.403819][ T6899] [ 112.798082][ T6928] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 112.798246][ T6928] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 112.839151][ T6929] tipc: Started in network mode [ 112.844099][ T6929] tipc: Node identity ac1414aa, cluster identity 4711 [ 112.859444][ T6929] tipc: Enabled bearer , priority 10 [ 112.878827][ T6929] tipc: Enabled bearer , priority 0 [ 113.028416][ T6937] netlink: 'syz.5.1249': attribute type 39 has an invalid length. [ 113.248359][ T6953] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1254'. [ 113.832146][ T6977] netlink: 82908 bytes leftover after parsing attributes in process `syz.5.1260'. [ 113.844204][ T6977] netlink: zone id is out of range [ 113.849578][ T6977] netlink: zone id is out of range [ 113.868911][ T6977] netlink: zone id is out of range [ 113.881719][ T6977] netlink: zone id is out of range [ 113.891991][ T6977] netlink: zone id is out of range [ 113.913830][ T6977] netlink: zone id is out of range [ 113.919034][ T6977] netlink: zone id is out of range [ 113.924262][ T6977] netlink: zone id is out of range [ 113.929435][ T6977] netlink: zone id is out of range [ 113.953312][ T6977] netlink: zone id is out of range [ 113.977426][ T3406] tipc: Node number set to 2886997162 [ 114.065963][ T6984] xt_CT: You must specify a L4 protocol and not use inversions on it [ 114.206659][ T6984] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1262'. [ 114.472678][ T3406] hid-generic 0000:0000:0000.003E: unknown main item tag 0x0 [ 114.480789][ T3406] hid-generic 0000:0000:0000.003E: hidraw0: HID v0.00 Device [syz1] on syz0 [ 114.595138][ T7006] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1272'. [ 114.796849][ T7013] netlink: 'syz.4.1273': attribute type 1 has an invalid length. [ 114.815384][ T7013] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1273'. [ 115.169326][ T29] kauditd_printk_skb: 191 callbacks suppressed [ 115.169420][ T29] audit: type=1400 audit(1764359598.784:2927): avc: denied { create } for pid=7028 comm="syz.0.1281" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 115.206802][ T7031] 9pnet_fd: Insufficient options for proto=fd [ 115.214936][ T7033] netlink: 256 bytes leftover after parsing attributes in process `syz.2.1282'. [ 115.231986][ T29] audit: type=1400 audit(1764359598.834:2928): avc: denied { name_bind } for pid=7032 comm="syz.2.1282" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 115.369385][ T7046] syzkaller0: entered promiscuous mode [ 115.374970][ T7046] syzkaller0: entered allmulticast mode [ 115.411877][ T7046] netlink: 'syz.4.1284': attribute type 10 has an invalid length. [ 115.431814][ T7046] ipvlan0: entered allmulticast mode [ 115.437226][ T7046] veth0_vlan: entered allmulticast mode [ 115.469177][ T7046] team0: Device ipvlan0 failed to register rx_handler [ 115.493240][ T7060] FAULT_INJECTION: forcing a failure. [ 115.493240][ T7060] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 115.506535][ T7060] CPU: 0 UID: 0 PID: 7060 Comm: syz.5.1292 Not tainted syzkaller #0 PREEMPT(voluntary) [ 115.506583][ T7060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 115.506594][ T7060] Call Trace: [ 115.506601][ T7060] [ 115.506610][ T7060] __dump_stack+0x1d/0x30 [ 115.506680][ T7060] dump_stack_lvl+0xe8/0x140 [ 115.506704][ T7060] dump_stack+0x15/0x1b [ 115.506721][ T7060] should_fail_ex+0x265/0x280 [ 115.506739][ T7060] should_fail+0xb/0x20 [ 115.506753][ T7060] should_fail_usercopy+0x1a/0x20 [ 115.506772][ T7060] _copy_from_user+0x1c/0xb0 [ 115.506819][ T7060] ___sys_sendmsg+0xc1/0x1d0 [ 115.506856][ T7060] __x64_sys_sendmsg+0xd4/0x160 [ 115.506883][ T7060] x64_sys_call+0x191e/0x3000 [ 115.506906][ T7060] do_syscall_64+0xd2/0x200 [ 115.506999][ T7060] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 115.507031][ T7060] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 115.507063][ T7060] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 115.507163][ T7060] RIP: 0033:0x7eff71d5f749 [ 115.507182][ T7060] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 115.507205][ T7060] RSP: 002b:00007eff707c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 115.507227][ T7060] RAX: ffffffffffffffda RBX: 00007eff71fb5fa0 RCX: 00007eff71d5f749 [ 115.507242][ T7060] RDX: 0000000000000040 RSI: 0000200000009b40 RDI: 0000000000000006 [ 115.507256][ T7060] RBP: 00007eff707c7090 R08: 0000000000000000 R09: 0000000000000000 [ 115.507270][ T7060] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 115.507284][ T7060] R13: 00007eff71fb6038 R14: 00007eff71fb5fa0 R15: 00007fff02725d18 [ 115.507306][ T7060] [ 115.659925][ T7064] selinux_netlink_send: 6 callbacks suppressed [ 115.659942][ T7064] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=7064 comm=syz.0.1293 [ 115.704247][ T7062] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=7062 comm=syz.0.1293 [ 115.717032][ T7063] tipc: Started in network mode [ 115.722055][ T7063] tipc: Node identity f24a0c8d708b, cluster identity 4711 [ 115.729441][ T7063] tipc: Enabled bearer , priority 0 [ 115.742628][ T7041] tipc: Resetting bearer [ 115.758807][ T7041] tipc: Disabling bearer [ 115.767598][ T7066] 9pnet_fd: Insufficient options for proto=fd [ 115.807901][ T29] audit: type=1400 audit(1764359599.434:2929): avc: denied { connect } for pid=7071 comm="syz.1.1297" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 115.828190][ T29] audit: type=1400 audit(1764359599.434:2930): avc: denied { write } for pid=7071 comm="syz.1.1297" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 115.848744][ T7046] syz.4.1284 (7046) used greatest stack depth: 9824 bytes left [ 116.003094][ T7088] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1303'. [ 116.029532][ T29] audit: type=1400 audit(1764359599.644:2931): avc: denied { listen } for pid=7092 comm="syz.0.1305" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 116.032242][ T7096] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1302'. [ 116.049346][ T29] audit: type=1400 audit(1764359599.644:2932): avc: denied { accept } for pid=7092 comm="syz.0.1305" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 116.078333][ T29] audit: type=1400 audit(1764359599.654:2933): avc: denied { setopt } for pid=7092 comm="syz.0.1305" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 116.087957][ T7097] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1302'. [ 116.098025][ T29] audit: type=1400 audit(1764359599.654:2934): avc: denied { connect } for pid=7092 comm="syz.0.1305" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 116.440637][ T29] audit: type=1400 audit(1764359600.064:2935): avc: denied { read } for pid=7118 comm="syz.5.1312" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 116.460081][ T29] audit: type=1400 audit(1764359600.064:2936): avc: denied { write } for pid=7118 comm="syz.5.1312" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 116.533404][ T7128] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 116.854251][ T7148] FAULT_INJECTION: forcing a failure. [ 116.854251][ T7148] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 116.867426][ T7148] CPU: 0 UID: 0 PID: 7148 Comm: syz.0.1315 Not tainted syzkaller #0 PREEMPT(voluntary) [ 116.867523][ T7148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 116.867537][ T7148] Call Trace: [ 116.867544][ T7148] [ 116.867554][ T7148] __dump_stack+0x1d/0x30 [ 116.867580][ T7148] dump_stack_lvl+0xe8/0x140 [ 116.867602][ T7148] dump_stack+0x15/0x1b [ 116.867620][ T7148] should_fail_ex+0x265/0x280 [ 116.867714][ T7148] should_fail+0xb/0x20 [ 116.867732][ T7148] should_fail_usercopy+0x1a/0x20 [ 116.867754][ T7148] _copy_from_iter+0xd2/0xe80 [ 116.867777][ T7148] ? __build_skb_around+0x1ab/0x200 [ 116.867884][ T7148] ? __alloc_skb+0x223/0x320 [ 116.867920][ T7148] netlink_sendmsg+0x471/0x6b0 [ 116.868014][ T7148] ? __pfx_netlink_sendmsg+0x10/0x10 [ 116.868058][ T7148] __sock_sendmsg+0x145/0x180 [ 116.868085][ T7148] ____sys_sendmsg+0x31e/0x4e0 [ 116.868114][ T7148] ___sys_sendmsg+0x17b/0x1d0 [ 116.868166][ T7148] __x64_sys_sendmsg+0xd4/0x160 [ 116.868193][ T7148] x64_sys_call+0x191e/0x3000 [ 116.868218][ T7148] do_syscall_64+0xd2/0x200 [ 116.868237][ T7148] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 116.868326][ T7148] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 116.868436][ T7148] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 116.868500][ T7148] RIP: 0033:0x7f8d2a8bf749 [ 116.868514][ T7148] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 116.868531][ T7148] RSP: 002b:00007f8d292fe038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 116.868550][ T7148] RAX: ffffffffffffffda RBX: 00007f8d2ab16090 RCX: 00007f8d2a8bf749 [ 116.868605][ T7148] RDX: 0000000004000000 RSI: 0000200000000280 RDI: 0000000000000009 [ 116.868616][ T7148] RBP: 00007f8d292fe090 R08: 0000000000000000 R09: 0000000000000000 [ 116.868628][ T7148] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 116.868642][ T7148] R13: 00007f8d2ab16128 R14: 00007f8d2ab16090 R15: 00007ffe47cde848 [ 116.868665][ T7148] [ 117.179623][ T7151] 9pnet_fd: Insufficient options for proto=fd [ 117.298036][ T7162] pimreg: tun_chr_ioctl cmd 1074025678 [ 117.303553][ T7162] pimreg: group set to 0 [ 117.472760][ T7181] usb usb8: selecting invalid altsetting 2047 [ 117.590197][ T7185] 9pnet_fd: Insufficient options for proto=fd [ 117.961426][ T7198] FAULT_INJECTION: forcing a failure. [ 117.961426][ T7198] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 117.974692][ T7198] CPU: 1 UID: 0 PID: 7198 Comm: syz.0.1334 Not tainted syzkaller #0 PREEMPT(voluntary) [ 117.974759][ T7198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 117.974772][ T7198] Call Trace: [ 117.974781][ T7198] [ 117.974790][ T7198] __dump_stack+0x1d/0x30 [ 117.974815][ T7198] dump_stack_lvl+0xe8/0x140 [ 117.974835][ T7198] dump_stack+0x15/0x1b [ 117.974927][ T7198] should_fail_ex+0x265/0x280 [ 117.974945][ T7198] should_fail+0xb/0x20 [ 117.974960][ T7198] should_fail_usercopy+0x1a/0x20 [ 117.975045][ T7198] strncpy_from_user+0x25/0x230 [ 117.975075][ T7198] ? kmem_cache_alloc_noprof+0x242/0x480 [ 117.975100][ T7198] ? getname_flags+0x80/0x3b0 [ 117.975132][ T7198] getname_flags+0xae/0x3b0 [ 117.975165][ T7198] path_removexattrat+0xf5/0x570 [ 117.975254][ T7198] __x64_sys_removexattr+0x38/0x50 [ 117.975285][ T7198] x64_sys_call+0x2433/0x3000 [ 117.975329][ T7198] do_syscall_64+0xd2/0x200 [ 117.975353][ T7198] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 117.975422][ T7198] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 117.975459][ T7198] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 117.975562][ T7198] RIP: 0033:0x7f8d2a8bf749 [ 117.975578][ T7198] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 117.975594][ T7198] RSP: 002b:00007f8d292fe038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c5 [ 117.975614][ T7198] RAX: ffffffffffffffda RBX: 00007f8d2ab16090 RCX: 00007f8d2a8bf749 [ 117.975628][ T7198] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000200000000080 [ 117.975642][ T7198] RBP: 00007f8d292fe090 R08: 0000000000000000 R09: 0000000000000000 [ 117.975656][ T7198] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 117.975723][ T7198] R13: 00007f8d2ab16128 R14: 00007f8d2ab16090 R15: 00007ffe47cde848 [ 117.975742][ T7198] [ 118.436435][ T3370] hid-generic 0000:0000:0000.003F: unknown main item tag 0x0 [ 118.448962][ T3370] hid-generic 0000:0000:0000.003F: hidraw0: HID v0.00 Device [syz1] on syz0 [ 118.474900][ T7226] netlink: 4348 bytes leftover after parsing attributes in process `syz.5.1342'. [ 118.501137][ T7224] netlink: 'syz.4.1343': attribute type 1 has an invalid length. [ 118.509760][ T7224] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1343'. [ 118.958853][ T7249] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=7249 comm=syz.0.1352 [ 119.008477][ T7249] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=7249 comm=syz.0.1352 [ 119.233815][ T7255] netlink: 'syz.1.1355': attribute type 1 has an invalid length. [ 119.242554][ T7255] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1355'. [ 119.384369][ T7270] netlink: 4348 bytes leftover after parsing attributes in process `syz.1.1356'. [ 119.483737][ T7276] syz.1.1362 uses obsolete (PF_INET,SOCK_PACKET) [ 119.524396][ T7282] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1365'. [ 119.612198][ T7284] netlink: 'syz.4.1366': attribute type 1 has an invalid length. [ 119.623468][ T7284] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1366'. [ 119.658200][ T7287] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=7287 comm=syz.1.1367 [ 119.693355][ T7291] usb usb8: usbfs: process 7291 (syz.4.1368) did not claim interface 0 before use [ 119.697964][ T7287] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=7287 comm=syz.1.1367 [ 119.707171][ T7291] usb usb8: selecting invalid altsetting 2047 [ 119.969944][ T7312] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1376'. [ 120.115259][ T7324] netlink: 'syz.5.1380': attribute type 39 has an invalid length. [ 120.135387][ T7326] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=7326 comm=syz.2.1381 [ 120.148877][ T7326] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=7326 comm=syz.2.1381 [ 120.166342][ T7332] mmap: syz.5.1384 (7332) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 120.224790][ T29] kauditd_printk_skb: 104 callbacks suppressed [ 120.224880][ T29] audit: type=1400 audit(1764359603.844:3041): avc: denied { getopt } for pid=7336 comm="syz.5.1386" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 120.265448][ T7328] usb usb8: usbfs: process 7328 (syz.4.1382) did not claim interface 0 before use [ 120.274659][ T29] audit: type=1326 audit(1764359603.884:3042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7338 comm="syz.5.1387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff71d5f749 code=0x7ffc0000 [ 120.298267][ T29] audit: type=1326 audit(1764359603.884:3043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7338 comm="syz.5.1387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff71d5f749 code=0x7ffc0000 [ 120.323255][ T29] audit: type=1326 audit(1764359603.934:3044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7338 comm="syz.5.1387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7eff71d5f749 code=0x7ffc0000 [ 120.346813][ T29] audit: type=1326 audit(1764359603.934:3045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7338 comm="syz.5.1387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff71d5f749 code=0x7ffc0000 [ 120.370360][ T29] audit: type=1326 audit(1764359603.934:3046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7338 comm="syz.5.1387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff71d5f749 code=0x7ffc0000 [ 120.393962][ T29] audit: type=1326 audit(1764359603.934:3047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7338 comm="syz.5.1387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7eff71d5f749 code=0x7ffc0000 [ 120.417465][ T29] audit: type=1326 audit(1764359603.934:3048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7338 comm="syz.5.1387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff71d5f749 code=0x7ffc0000 [ 120.441086][ T29] audit: type=1326 audit(1764359603.934:3049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7338 comm="syz.5.1387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff71d5f749 code=0x7ffc0000 [ 120.464567][ T29] audit: type=1326 audit(1764359603.934:3050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7338 comm="syz.5.1387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7eff71d5f749 code=0x7ffc0000 [ 120.561635][ T7353] 9pnet_fd: Insufficient options for proto=fd [ 120.815112][ T7363] netlink: 'syz.5.1394': attribute type 39 has an invalid length. [ 121.158516][ T7375] __nla_validate_parse: 4 callbacks suppressed [ 121.158534][ T7375] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1400'. [ 121.310421][ T7378] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=7378 comm=syz.0.1401 [ 121.471917][ T7380] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=7380 comm=syz.0.1401 [ 121.955408][ T7395] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1404'. [ 122.161756][ T7401] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1409'. [ 122.281262][ T7403] netlink: 'syz.2.1410': attribute type 39 has an invalid length. [ 122.330511][ T7385] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 122.355413][ T7407] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=7407 comm=syz.2.1412 [ 122.381410][ T7407] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=7407 comm=syz.2.1412 [ 122.524225][ T7413] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1414'. [ 122.576438][ T7419] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1414'. [ 122.599967][ T7419] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1414'. [ 122.632991][ T7413] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1414'. [ 122.777269][ T7436] netlink: 'syz.2.1424': attribute type 1 has an invalid length. [ 122.796799][ T7436] bond1: entered promiscuous mode [ 122.802440][ T7436] 8021q: adding VLAN 0 to HW filter on device bond1 [ 122.814148][ T7436] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1424'. [ 122.895505][ T7446] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=7446 comm=syz.2.1428 [ 122.944946][ T7446] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=7446 comm=syz.2.1428 [ 123.154595][ T7460] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 123.159088][ T7464] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=7464 comm=syz.0.1435 [ 123.247083][ T7468] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1437'. [ 123.256437][ T7468] net_ratelimit: 11 callbacks suppressed [ 123.256454][ T7468] openvswitch: netlink: Flow set message rejected, Key attribute missing. [ 123.276901][ T7460] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 123.350838][ T7470] infiniband syz!: set active [ 123.355568][ T7470] infiniband syz!: added team_slave_0 [ 123.362228][ T7460] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 123.366241][ T7476] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 123.378172][ T7470] RDS/IB: syz!: added [ 123.381771][ T7476] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 123.403570][ T7470] smc: adding ib device syz! with port count 1 [ 123.421986][ T7470] smc: ib device syz! port 1 has no pnetid [ 123.430802][ T7460] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 123.517050][ T31] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 123.543157][ T31] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 123.560574][ T31] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 123.580675][ T31] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 123.737981][ T1028] hid-generic 0000:0000:0000.0040: unknown main item tag 0x0 [ 123.759926][ T1028] hid-generic 0000:0000:0000.0040: hidraw0: HID v0.00 Device [syz1] on syz0 [ 123.915612][ T7501] usb usb8: usbfs: process 7501 (syz.1.1448) did not claim interface 0 before use [ 123.934156][ T7501] usb usb8: selecting invalid altsetting 2047 [ 124.048673][ T7518] netlink: 'syz.0.1449': attribute type 1 has an invalid length. [ 124.056497][ T7518] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1449'. [ 124.108533][ T7521] tipc: Enabling of bearer rejected, already enabled [ 124.209385][ T7528] netlink: 'syz.0.1458': attribute type 39 has an invalid length. [ 124.292858][ T7541] FAULT_INJECTION: forcing a failure. [ 124.292858][ T7541] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 124.306071][ T7541] CPU: 0 UID: 0 PID: 7541 Comm: syz.0.1460 Not tainted syzkaller #0 PREEMPT(voluntary) [ 124.306100][ T7541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 124.306114][ T7541] Call Trace: [ 124.306122][ T7541] [ 124.306131][ T7541] __dump_stack+0x1d/0x30 [ 124.306152][ T7541] dump_stack_lvl+0xe8/0x140 [ 124.306230][ T7541] dump_stack+0x15/0x1b [ 124.306250][ T7541] should_fail_ex+0x265/0x280 [ 124.306274][ T7541] should_fail+0xb/0x20 [ 124.306355][ T7541] should_fail_usercopy+0x1a/0x20 [ 124.306374][ T7541] strncpy_from_user+0x25/0x230 [ 124.306401][ T7541] strncpy_from_user_nofault+0x68/0xf0 [ 124.306445][ T7541] bpf_probe_read_user_str+0x2a/0x70 [ 124.306471][ T7541] bpf_prog_c14c0e36d24b4ee1+0x43/0x49 [ 124.306488][ T7541] bpf_trace_run3+0x10f/0x1d0 [ 124.306640][ T7541] ? security_file_free+0x61/0xa0 [ 124.306668][ T7541] ? security_file_free+0x61/0xa0 [ 124.306690][ T7541] __traceiter_kmem_cache_free+0x38/0x60 [ 124.306712][ T7541] ? security_file_free+0x61/0xa0 [ 124.306779][ T7541] kmem_cache_free+0x329/0x3d0 [ 124.306859][ T7541] security_file_free+0x61/0xa0 [ 124.306953][ T7541] __fput+0x478/0x650 [ 124.306976][ T7541] ____fput+0x1c/0x30 [ 124.306994][ T7541] task_work_run+0x131/0x1a0 [ 124.307050][ T7541] exit_to_user_mode_loop+0xed/0x110 [ 124.307074][ T7541] do_syscall_64+0x1d6/0x200 [ 124.307159][ T7541] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 124.307189][ T7541] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 124.307217][ T7541] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.307242][ T7541] RIP: 0033:0x7f8d2a8bf749 [ 124.307258][ T7541] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 124.307277][ T7541] RSP: 002b:00007f8d292fe038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 124.307299][ T7541] RAX: 0000000000000000 RBX: 00007f8d2ab16090 RCX: 00007f8d2a8bf749 [ 124.307313][ T7541] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000003 [ 124.307336][ T7541] RBP: 00007f8d292fe090 R08: 0000000000000000 R09: 0000000000000000 [ 124.307353][ T7541] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 124.307364][ T7541] R13: 00007f8d2ab16128 R14: 00007f8d2ab16090 R15: 00007ffe47cde848 [ 124.307386][ T7541] [ 124.534958][ T7538] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=7538 comm=syz.1.1463 [ 124.579994][ T7545] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=7545 comm=syz.4.1465 [ 124.605266][ T7538] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=7538 comm=syz.1.1463 [ 124.667074][ T7557] netlink: 'syz.4.1471': attribute type 39 has an invalid length. [ 124.798424][ T7565] x_tables: ip_tables: DNAT target: used from hooks POSTROUTING, but only usable from PREROUTING/OUTPUT [ 124.974402][ T7578] tipc: Enabled bearer , priority 10 [ 124.988685][ T7578] tipc: Enabled bearer , priority 0 [ 125.008875][ T1028] hid-generic 0000:0000:0000.0041: unknown main item tag 0x0 [ 125.029939][ T1028] hid-generic 0000:0000:0000.0041: hidraw0: HID v0.00 Device [syz1] on syz0 [ 125.058789][ T7585] netlink: 'syz.1.1485': attribute type 1 has an invalid length. [ 125.121055][ T7587] netlink: 'syz.4.1484': attribute type 39 has an invalid length. [ 125.416016][ T7603] 9pnet: Could not find request transport: ÿÿÿÿ [ 125.704044][ T7615] tipc: Enabling of bearer rejected, already enabled [ 125.949524][ T7615] tipc: Enabling of bearer rejected, already enabled [ 126.174759][ T3386] tipc: Node number set to 2193689741 [ 126.194346][ T7621] netlink: 'syz.5.1497': attribute type 1 has an invalid length. [ 126.210532][ T7621] __nla_validate_parse: 5 callbacks suppressed [ 126.215082][ T7621] netlink: 224 bytes leftover after parsing attributes in process `syz.5.1497'. [ 126.275769][ T7623] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1498'. [ 126.299372][ T29] kauditd_printk_skb: 457 callbacks suppressed [ 126.299399][ T29] audit: type=1326 audit(1764359609.914:3508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7624 comm="syz.2.1499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa39637f749 code=0x7ffc0000 [ 126.329294][ T29] audit: type=1326 audit(1764359609.914:3509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7624 comm="syz.2.1499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa39637f749 code=0x7ffc0000 [ 126.353158][ T29] audit: type=1326 audit(1764359609.914:3510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7624 comm="syz.2.1499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa39637f749 code=0x7ffc0000 [ 126.376564][ T29] audit: type=1326 audit(1764359609.914:3511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7624 comm="syz.2.1499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa39637f749 code=0x7ffc0000 [ 126.400088][ T29] audit: type=1326 audit(1764359609.914:3512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7624 comm="syz.2.1499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa39637f749 code=0x7ffc0000 [ 126.404886][ T7625] netlink: 'syz.2.1499': attribute type 39 has an invalid length. [ 126.423921][ T29] audit: type=1326 audit(1764359609.914:3513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7624 comm="syz.2.1499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fa39637f749 code=0x7ffc0000 [ 126.423993][ T29] audit: type=1326 audit(1764359609.914:3514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7624 comm="syz.2.1499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa39637f749 code=0x7ffc0000 [ 126.479314][ T29] audit: type=1326 audit(1764359609.914:3515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7624 comm="syz.2.1499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa39637f749 code=0x7ffc0000 [ 126.482398][ T7631] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1501'. [ 126.503176][ T29] audit: type=1326 audit(1764359609.914:3516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7624 comm="syz.2.1499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa39637f749 code=0x7ffc0000 [ 126.535507][ T29] audit: type=1326 audit(1764359609.914:3517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7624 comm="syz.2.1499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fa39637f749 code=0x7ffc0000 [ 126.597433][ T7638] SELinux: Context system_u:object is not valid (left unmapped). [ 126.616951][ T7638] netlink: 'syz.2.1504': attribute type 10 has an invalid length. [ 126.631381][ T7638] team0: Port device dummy0 added [ 126.641526][ T7638] netlink: 'syz.2.1504': attribute type 10 has an invalid length. [ 126.650242][ T7638] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 126.660095][ T7644] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1507'. [ 126.669779][ T7638] team0: Failed to send options change via netlink (err -105) [ 126.681628][ T7638] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 126.690964][ T7638] team0: Port device dummy0 removed [ 126.720431][ T7638] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 126.900362][ T7663] tipc: Started in network mode [ 126.905374][ T7663] tipc: Node identity aaaaaaaaaa38, cluster identity 4711 [ 126.912662][ T7663] tipc: Enabled bearer , priority 0 [ 126.952112][ T7657] usb usb8: usbfs: process 7657 (syz.5.1511) did not claim interface 0 before use [ 127.062805][ T7672] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1518'. [ 127.082271][ T7672] openvswitch: netlink: Key 0 has unexpected len 2 expected 0 [ 127.136765][ T3406] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0 [ 127.145398][ T3406] hid-generic 0000:0000:0000.0042: hidraw0: HID v0.00 Device [syz1] on syz0 [ 127.216318][ T7676] SELinux: Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped). [ 128.027437][ T3406] tipc: Node number set to 9611946 [ 128.038435][ T3406] hid-generic 0000:0000:0000.0043: unknown main item tag 0x0 [ 128.046382][ T3406] hid-generic 0000:0000:0000.0043: hidraw0: HID v0.00 Device [syz1] on syz0 [ 128.143744][ T7725] selinux_netlink_send: 1 callbacks suppressed [ 128.143771][ T7725] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=7725 comm=syz.0.1540 [ 128.309515][ T7733] SELinux: policydb magic number 0xf2539a25 does not match expected magic number 0xf97cff8c [ 128.348537][ T7733] SELinux: failed to load policy [ 128.390944][ T7737] x_tables: ip_tables: DNAT target: used from hooks POSTROUTING, but only usable from PREROUTING/OUTPUT [ 128.534096][ T7741] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1546'. [ 128.692373][ T7756] usb usb8: selecting invalid altsetting 2047 [ 128.736999][ T7758] 9pnet: Could not find request transport: fd0x0000000000000006 [ 129.010292][ T3421] hid-generic 0000:0000:0000.0044: unknown main item tag 0x0 [ 129.048166][ T3421] hid-generic 0000:0000:0000.0044: hidraw0: HID v0.00 Device [syz1] on syz0 [ 129.113950][ T7782] hsr0: entered promiscuous mode [ 129.127503][ T7782] macsec1: entered promiscuous mode [ 129.132955][ T7782] macsec1: entered allmulticast mode [ 129.138412][ T7782] hsr0: entered allmulticast mode [ 129.143653][ T7782] hsr_slave_0: entered allmulticast mode [ 129.149357][ T7782] hsr_slave_1: entered allmulticast mode [ 129.197592][ T7782] hsr0: left allmulticast mode [ 129.202663][ T7782] hsr_slave_0: left allmulticast mode [ 129.208155][ T7782] hsr_slave_1: left allmulticast mode [ 129.243454][ T7783] macsec1: entered promiscuous mode [ 129.248881][ T7783] macsec1: entered allmulticast mode [ 129.254238][ T7783] hsr0: entered allmulticast mode [ 129.259400][ T7783] hsr_slave_0: entered allmulticast mode [ 129.265055][ T7783] hsr_slave_1: entered allmulticast mode [ 129.296803][ T7783] hsr0: left allmulticast mode [ 129.301686][ T7783] hsr_slave_0: left allmulticast mode [ 129.307204][ T7783] hsr_slave_1: left allmulticast mode [ 129.414062][ T7796] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=7796 comm=syz.1.1568 [ 129.515226][ T3419] hid-generic 0000:0000:0000.0045: unknown main item tag 0x0 [ 129.775067][ T3419] hid-generic 0000:0000:0000.0045: hidraw0: HID v0.00 Device [syz1] on syz0 [ 129.803271][ T7819] netlink: 'syz.1.1577': attribute type 39 has an invalid length. [ 129.883908][ T7827] x_tables: ip_tables: DNAT target: used from hooks POSTROUTING, but only usable from PREROUTING/OUTPUT [ 129.935684][ T3419] hid-generic 0000:0000:0000.0046: unknown main item tag 0x0 [ 130.026423][ T3421] hid-generic 0000:0000:0000.0047: unknown main item tag 0x0 [ 130.089055][ T7839] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1585'. [ 130.149915][ T7846] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=7846 comm=syz.4.1588 [ 130.164054][ T7846] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=7846 comm=syz.4.1588 [ 130.263699][ T3419] hid-generic 0000:0000:0000.0046: hidraw1: HID v0.00 Device [syz1] on syz0 [ 130.267118][ T3421] hid-generic 0000:0000:0000.0047: hidraw2: HID v0.00 Device [syz1] on syz0 [ 130.415471][ T7860] FAULT_INJECTION: forcing a failure. [ 130.415471][ T7860] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 130.428740][ T7860] CPU: 1 UID: 0 PID: 7860 Comm: syz.2.1592 Not tainted syzkaller #0 PREEMPT(voluntary) [ 130.428782][ T7860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 130.428837][ T7860] Call Trace: [ 130.428845][ T7860] [ 130.428855][ T7860] __dump_stack+0x1d/0x30 [ 130.428877][ T7860] dump_stack_lvl+0xe8/0x140 [ 130.428896][ T7860] dump_stack+0x15/0x1b [ 130.428952][ T7860] should_fail_ex+0x265/0x280 [ 130.429034][ T7860] should_fail+0xb/0x20 [ 130.429052][ T7860] should_fail_usercopy+0x1a/0x20 [ 130.429074][ T7860] strncpy_from_user+0x25/0x230 [ 130.429105][ T7860] strncpy_from_user_nofault+0x68/0xf0 [ 130.429132][ T7860] bpf_probe_read_user_str+0x2a/0x70 [ 130.429177][ T7860] bpf_prog_c14c0e36d24b4ee1+0x43/0x49 [ 130.429228][ T7860] bpf_trace_run3+0x10f/0x1d0 [ 130.429337][ T7860] ? getname_flags+0x2be/0x3b0 [ 130.429369][ T7860] ? strncpy_from_user+0x177/0x230 [ 130.429400][ T7860] ? getname_flags+0x2be/0x3b0 [ 130.429473][ T7860] __traceiter_kmem_cache_free+0x38/0x60 [ 130.429499][ T7860] ? getname_flags+0x2be/0x3b0 [ 130.429528][ T7860] kmem_cache_free+0x329/0x3d0 [ 130.429620][ T7860] getname_flags+0x2be/0x3b0 [ 130.429651][ T7860] __se_sys_acct+0x6a/0x530 [ 130.429687][ T7860] __x64_sys_acct+0x1f/0x30 [ 130.429767][ T7860] x64_sys_call+0x2f3a/0x3000 [ 130.429875][ T7860] do_syscall_64+0xd2/0x200 [ 130.429899][ T7860] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 130.429990][ T7860] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 130.430022][ T7860] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 130.430074][ T7860] RIP: 0033:0x7fa39637f749 [ 130.430091][ T7860] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 130.430187][ T7860] RSP: 002b:00007fa394ddf038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3 [ 130.430210][ T7860] RAX: ffffffffffffffda RBX: 00007fa3965d5fa0 RCX: 00007fa39637f749 [ 130.430223][ T7860] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 9999999999999999 [ 130.430235][ T7860] RBP: 00007fa394ddf090 R08: 0000000000000000 R09: 0000000000000000 [ 130.430246][ T7860] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 130.430257][ T7860] R13: 00007fa3965d6038 R14: 00007fa3965d5fa0 R15: 00007ffe4bd6bad8 [ 130.430274][ T7860] [ 130.670032][ T7854] policy can only be matched on NF_INET_PRE_ROUTING [ 130.670045][ T7854] unable to load match [ 130.729310][ T7864] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1595'. [ 130.741954][ T7867] usb usb8: selecting invalid altsetting 2047 [ 130.886856][ T7873] netlink: 'syz.1.1597': attribute type 39 has an invalid length. [ 131.057431][ C1] ================================================================== [ 131.065567][ C1] BUG: KCSAN: data-race in wq_worker_tick / wq_worker_tick [ 131.072788][ C1] [ 131.075127][ C1] read-write to 0xffff88810123c8b8 of 8 bytes by interrupt on cpu 0: [ 131.083295][ C1] wq_worker_tick+0x60/0x230 [ 131.087895][ C1] sched_tick+0x11a/0x270 [ 131.092242][ C1] update_process_times+0x15f/0x190 [ 131.097544][ C1] tick_nohz_handler+0x249/0x2d0 [ 131.102502][ C1] __hrtimer_run_queues+0x20f/0x5a0 [ 131.107760][ C1] hrtimer_interrupt+0x21a/0x460 [ 131.112721][ C1] __sysvec_apic_timer_interrupt+0x5f/0x1d0 [ 131.118652][ C1] sysvec_apic_timer_interrupt+0x6f/0x80 [ 131.124324][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 131.130341][ C1] kcsan_setup_watchpoint+0x415/0x430 [ 131.135748][ C1] bpf_trace_run3+0xfd/0x1d0 [ 131.140364][ C1] __traceiter_kmem_cache_free+0x38/0x60 [ 131.146015][ C1] kmem_cache_free+0x329/0x3d0 [ 131.150900][ C1] __io_req_caches_free+0xfe/0x210 [ 131.156032][ C1] io_req_caches_free+0x1f/0x60 [ 131.160950][ C1] io_ring_exit_work+0x26d/0x560 [ 131.165894][ C1] process_scheduled_works+0x4ce/0x9d0 [ 131.171359][ C1] worker_thread+0x582/0x770 [ 131.175949][ C1] kthread+0x489/0x510 [ 131.180022][ C1] ret_from_fork+0x122/0x1b0 [ 131.184630][ C1] ret_from_fork_asm+0x1a/0x30 [ 131.189415][ C1] [ 131.191755][ C1] read-write to 0xffff88810123c8b8 of 8 bytes by interrupt on cpu 1: [ 131.199820][ C1] wq_worker_tick+0x60/0x230 [ 131.204416][ C1] sched_tick+0x11a/0x270 [ 131.208748][ C1] update_process_times+0x15f/0x190 [ 131.214037][ C1] tick_nohz_handler+0x249/0x2d0 [ 131.218983][ C1] __hrtimer_run_queues+0x20f/0x5a0 [ 131.224192][ C1] hrtimer_interrupt+0x21a/0x460 [ 131.229131][ C1] __sysvec_apic_timer_interrupt+0x5f/0x1d0 [ 131.235119][ C1] sysvec_apic_timer_interrupt+0x6f/0x80 [ 131.240764][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 131.246857][ C1] __sanitizer_cov_trace_pc+0x11/0x70 [ 131.252240][ C1] strncpy_from_user_nofault+0x1c/0xf0 [ 131.257703][ C1] bpf_probe_read_user_str+0x2a/0x70 [ 131.262993][ C1] bpf_prog_640d0361f19ec9d4+0x40/0x46 [ 131.268462][ C1] bpf_trace_run3+0x10f/0x1d0 [ 131.273147][ C1] __traceiter_kmem_cache_free+0x38/0x60 [ 131.278784][ C1] kmem_cache_free+0x329/0x3d0 [ 131.283561][ C1] __io_req_caches_free+0xfe/0x210 [ 131.288676][ C1] io_req_caches_free+0x1f/0x60 [ 131.293645][ C1] io_ring_exit_work+0x26d/0x560 [ 131.298588][ C1] process_scheduled_works+0x4ce/0x9d0 [ 131.304054][ C1] worker_thread+0x582/0x770 [ 131.308641][ C1] kthread+0x489/0x510 [ 131.312712][ C1] ret_from_fork+0x122/0x1b0 [ 131.317340][ C1] ret_from_fork_asm+0x1a/0x30 [ 131.322105][ C1] [ 131.324420][ C1] value changed: 0x0000000000264cb0 -> 0x00000000002673c0 [ 131.331519][ C1] [ 131.333838][ C1] Reported by Kernel Concurrency Sanitizer on: [ 131.339981][ C1] CPU: 1 UID: 0 PID: 31 Comm: kworker/u8:1 Not tainted syzkaller #0 PREEMPT(voluntary) [ 131.349702][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 131.359754][ C1] Workqueue: iou_exit io_ring_exit_work [ 131.365306][ C1] ================================================================== [ 131.374672][ T29] kauditd_printk_skb: 312 callbacks suppressed [ 131.374686][ T29] audit: type=1326 audit(1764359614.994:3830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7872 comm="syz.1.1597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4920cbf749 code=0x7ffc0000 [ 131.406852][ T29] audit: type=1326 audit(1764359615.024:3831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7872 comm="syz.1.1597" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4920cbf749 code=0x7ffc0000