last executing test programs:

1m3.599056109s ago: executing program 2 (id=85):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00'}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
lstat(&(0x7f0000003040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x0)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, r2, 0xd, r1, 0x2)
r3 = socket$nl_route(0x10, 0x3, 0x0)
setns(0xffffffffffffffff, 0x10000080)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000700)={0x11, 0x4, 0x0, &(0x7f0000000200)='syzkaller\x00', 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000780)=[{{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f0000000580)="15", 0x1}], 0x1, &(0x7f0000000040)=ANY=[], 0xd0}}], 0x1, 0x4c040)
close(0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x0)
r5 = socket$can_raw(0x1d, 0x3, 0x1)
socket$tipc(0x1e, 0x2, 0x0)
syz_io_uring_setup(0x497, 0x0, 0x0, 0x0)
r6 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000180)={'ip6tnl0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001540)=@newqdisc={0x40, 0x24, 0xf0b, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r7, {0x0, 0x3}, {0xffff, 0xffff}, {0xa, 0x8}}, [@qdisc_kind_options=@q_etf={{0x8}, {0x14, 0x2, @TCA_ETF_PARMS={0x10, 0x1, {0x0, 0xb, 0x5}}}}]}, 0x40}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000180)={'vcan0\x00', <r8=>0x0})
bind$can_raw(r5, &(0x7f0000000200)={0x1d, r8}, 0x10)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r8, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r10}, 0x10)
r11 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
read(r11, &(0x7f0000000b40)=""/4096, 0x1000)
write$UHID_CREATE(r11, &(0x7f0000000a00)={0x0, {'syz0\x00', 'syz1\x00', 'syz0\x00', &(0x7f0000000940)=""/3, 0x3, 0x3, 0x4, 0x0, 0xffffffff, 0xc08}}, 0x120)
sendmsg$nl_route_sched(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=@getchain={0x24, 0x11, 0x839, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r8, {0x1, 0x6}, {0xffff}, {0x1}}}, 0x24}}, 0x0)

1m3.353355403s ago: executing program 2 (id=87):
r0 = syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000240)='./bus\x00', 0xe, &(0x7f0000000100)={[{@resgid}, {@noacl}, {@jqfmt_vfsv0}]}, 0xff, 0x454, &(0x7f0000001080)="$eJzs281vFOUfAPDvzHbLjx9gK+ILL2oVjY0vLQVUDh7UaOIBExM96LFpC0EWamhNhBAFY/BkjIl349F/wZNejPFk4lXvhoQYLoCnNbM7Q3fL7tIuu93Cfj7JNM8zL32e7858d5+ZZzeAoTWR/UkitkfEnxExVq827zARUYqI61fPz924en4uiWr13X+S2n7Xrp6fK3YtjtuWVybTiPSLJPa2aHfp7LmTs5XKwpm8Pr186qPppbPnXjhxavb4wvGF0wePHDl8aObllw6+2JM4sz5d2/Pp4r7db33wzdtHv2qKf1UcPTLRaePT1WqPmxusHQ3lZGSAHWFdsrzOTle5lv9jUYqVkzcWb34+0M4BfVWtVqvb2m++UAXuYUk016U8DIvigz67/y2W1YOAV/s3/Bi4K6/Vb4CyuK/nS33LSKT5PuX8/rbUh/YnIuL9C/9+ly3Rn+cQAABNfsrGP8+3Gv+l8VDDfvflc0PjEXF/ROyMiAciYldEPBhR2/fhiHhkne03TJJcj5bjn/Ry18GtQTb+eyWf22oe/xWjvxgv5bUdtfjLybETlYUD+WsyGeUtWX2mQxs/v/HH1+22NY7/siVrvxgL5v24PLKl+Zj52eXZO4m50ZWLEXtGWsWf3JwJSCJid0Ts6bKNE8/+sK/dttvH30EP5pmq30c8Uz//F2JV/IWk8/zk9P+isnBgurgqbvXb75feadf+HcXfA9n5/3/L6/9m/ONJ43zt0vrbuPTXl23vabq9/keT92rl0XzdJ7PLy2dmIkaTo/VON64/uHJsUS/2z+Kf3N86/3fGyiuxNyKyi/jRiHgsIh7P+/5ERDwZEfs7xP/r60992H38/ZXFP7+u879SGI3Va1oXSid/+bGp0fFb4r/R+fwfrpUm8zVref9bS7+6u5oBAADg7pNGxPZI0qmb5TSdmqp/X35XRFpZXFp+7tjix6fn678RGI9IiyddYw3PQ2fy2/p6/WJE1L9aUGw/lD83/ra0tVafmluszA86eBhy29rkf+bvfnzhBdhc/F4Lhpf8h+El/2F4rSP/k372A9h4LfJ/6yD6AWy8Vp//nw2gH8DGW5X/pv1giHj+B8NL/sPwkv8wlJa2xu1/JN+xUPynLg+/ZwtR3hTd6Fsh0k3RjU1bKN/leTG49yQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBe+i8AAP//oRXeSQ==")
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="3c34000000000000040100c910fc02000000000000000000000000000107", @ANYRES32, @ANYRES8=r0, @ANYRES32], 0x1b0)
setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x36, 0x0, 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
rename(&(0x7f0000000140)='./bus\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
write$cgroup_int(r4, &(0x7f0000000000), 0xfffffd26)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x5, 0x4, 0x7fdf, 0x1}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfe}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = dup2(r6, r5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r7}, 0x10)
capget(&(0x7f0000001240)={0x19980330}, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r4, 0x401c5820, &(0x7f00000001c0)=0x8)
openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0/file0\x00', 0x10000, 0x11a)

1m3.213403375s ago: executing program 2 (id=88):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, &(0x7f0000000140), 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
connect$pppoe(0xffffffffffffffff, &(0x7f0000000040)={0x18, 0x0, {0x22, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x40}, 'ip_vti0\x00'}}, 0x1e)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000280)={'batadv_slave_0\x00', <r5=>0x0})
setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000040)={r5, 0x1, 0x6, @local}, 0x10)
setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000000)={r5, 0x11, 0x6, @broadcast}, 0x10)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001b00)=@getchain={0x24, 0x11, 0x1, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0x10}, {0x0, 0x6}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x20008050)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[], 0x0}, 0x94)
r6 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000040), 0x410a00)
read$qrtrtun(r6, &(0x7f0000000080)=""/221, 0xdd)
prlimit64(0x0, 0xe, &(0x7f0000000300)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
ioprio_set$uid(0x3, 0x0, 0x0)
pipe(&(0x7f00000008c0)={<r7=>0xffffffffffffffff})
read(r7, 0x0, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)=ANY=[@ANYBLOB="540000001000010471bc30b00000000100000000", @ANYRES32=0x0, @ANYBLOB="fff00000000000002c0012800e00010069703667726574617000000018000280140007002001001000000000000000000000000208000a00f0"], 0x54}}, 0x0)

1m2.980238508s ago: executing program 2 (id=90):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x1000007, 0x2172, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYRES16=r1], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000580)={{r2}, &(0x7f0000000500), &(0x7f0000000540)='%pB    \x00'}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r3}, 0x10)
r4 = socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$TIPC_CMD_GET_MAX_PORTS(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000180)={0x1c}, 0x1c}}, 0x0)
prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='cmdline\x00')
preadv(r5, &(0x7f0000000680)=[{&(0x7f0000001180)=""/4103, 0x1007}], 0x1, 0x200, 0xfffffff9)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r6 = openat$binfmt_register(0xffffff9c, &(0x7f0000000000), 0x1, 0x0)
pwrite64(r6, &(0x7f0000000640)="be08946b4cc4ea119fbbf4c9e57f55e808ff9d98d22f241f", 0x18, 0x85c9)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
renameat(r5, &(0x7f0000000300)='./file0\x00', 0xffffffffffffffff, &(0x7f00000004c0)='./file0/file0/file0/file0\x00')
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r7 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r7, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x891018, 0x0)
mount$bind(0x0, &(0x7f0000000400)='./file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x12f451, 0x0)
mount$bind(&(0x7f00000000c0)='.\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x80700e, 0x0)
socket$netlink(0x10, 0x3, 0x0)

1m2.939757959s ago: executing program 2 (id=91):
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @multicast2}, 0x2}}, 0x2e)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r2, &(0x7f00000000c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}, 0x2, 0x2}}, 0x26)
close_range(r1, 0xffffffffffffffff, 0x0)

1m2.349626438s ago: executing program 2 (id=98):
r0 = socket(0x10, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2, 0x0, 0x192}, 0x18)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r3, &(0x7f0000000300)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x1, &(0x7f0000000080)=@gcm_128={{0x304}, "a6341a1a379332f5", "1fd33c81cf7995313c09de00fd6ded74", "62266bd8", "d1b29b99d21d88a2"}, 0x28)
write$binfmt_script(r3, &(0x7f0000000780)={'#! ', './file0'}, 0xb)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f0000000040)=0x1, 0x4)
close_range(r0, r3, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000000000000080002000009500000000008c6861c1d740eef7f7f404940000"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r4}, 0x10)
r5 = signalfd(0xffffffffffffffff, &(0x7f0000000240)={[0xfffffffe]}, 0x8)
read(r5, &(0x7f0000000740)=""/384, 0x200008ca)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x2400, 0x3)
flistxattr(0xffffffffffffffff, 0x0, 0x2)

1m2.327081939s ago: executing program 32 (id=98):
r0 = socket(0x10, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2, 0x0, 0x192}, 0x18)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r3, &(0x7f0000000300)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x1, &(0x7f0000000080)=@gcm_128={{0x304}, "a6341a1a379332f5", "1fd33c81cf7995313c09de00fd6ded74", "62266bd8", "d1b29b99d21d88a2"}, 0x28)
write$binfmt_script(r3, &(0x7f0000000780)={'#! ', './file0'}, 0xb)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f0000000040)=0x1, 0x4)
close_range(r0, r3, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000000000000080002000009500000000008c6861c1d740eef7f7f404940000"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r4}, 0x10)
r5 = signalfd(0xffffffffffffffff, &(0x7f0000000240)={[0xfffffffe]}, 0x8)
read(r5, &(0x7f0000000740)=""/384, 0x200008ca)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x2400, 0x3)
flistxattr(0xffffffffffffffff, 0x0, 0x2)

2.519200031s ago: executing program 0 (id=1775):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
syz_usb_disconnect(0xffffffffffffffff)

2.404260864s ago: executing program 1 (id=1778):
r0 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000f00)={0x11, 0x7, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000300000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000020000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0xc800)
sendmsg$SMC_PNETID_DEL(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=r0, @ANYBLOB="270e000000000002000004"], 0x14}, 0x1, 0x40030000000000}, 0x0)

2.403927084s ago: executing program 1 (id=1779):
r0 = fsopen(&(0x7f0000000400)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000540)='\x00', &(0x7f0000001c80)='n', 0x1)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0x2}, 0x18)
fsconfig$FSCONFIG_SET_FD(r0, 0x5, &(0x7f00000005c0)='\x00\x00\x00', 0x0, r0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000040)='syzkaller\x00', &(0x7f0000001140)='\xf1\x95\xb3>-\x8c\xd4\r\x01\xfa\xe2{eED\x0e\xaaPV\x11\xff\xb6j\xd4~6\x82^\x9b b', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f00000002c0)='\x04\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000940)="ad", 0x1)
close(r0) (fail_nth: 1)

2.185043447s ago: executing program 1 (id=1780):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r2)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000240)='kfree\x00', r4, 0x0, 0x4ab}, 0x18)
r5 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
writev(r5, &(0x7f00000025c0)=[{&(0x7f0000000240)='4', 0x1}, {0x0, 0x900}], 0x2)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x4f0, 0x340, 0x25, 0x148, 0x0, 0x60, 0x458, 0x2a8, 0x2a8, 0x458, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0xd0, 0x118, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x8000, 'syz0\x00', {0x481c}}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x550)

2.038271209s ago: executing program 1 (id=1785):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x4c, &(0x7f0000000300), 0x4)
recvmmsg(0xffffffffffffffff, &(0x7f0000000500)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=""/8, 0x14}}], 0x4b, 0x0, 0x0)
r2 = fsopen(&(0x7f0000000400)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r2, 0x2, &(0x7f0000000540)='\x00', &(0x7f0000001c80)='n', 0x1)
close(r2)

2.037526199s ago: executing program 1 (id=1787):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=<r2=>r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f00000002c0)='reno\x00', 0x5)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(r3, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r3, &(0x7f00000018c0)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000380)="12", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000016c0)=[{&(0x7f0000000240)=' ', 0x1}], 0x1}}], 0x2, 0x48800)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="000000004d94eef928f170330000000000007a00", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
r5 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r2, @ANYRES32=r6, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r6}, &(0x7f0000000180), &(0x7f00000001c0)=r5}, 0x20)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x1, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)
r8 = openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
fcntl$setlease(r4, 0x400, 0x0)
write$selinux_validatetrans(r8, &(0x7f0000001cc0)=ANY=[@ANYBLOB='system_u:object_r:semanage_t system_u:object_r:fixed_disk_device_t:s0 00000000000w'], 0x79)
open(&(0x7f0000000080)='./file1\x00', 0x402fc1, 0xcd)
syz_io_uring_setup(0x1f87, &(0x7f0000000180)={0x0, 0x8404, 0x13580}, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
ioctl$int_in(r9, 0x5452, &(0x7f0000000340)=0x3)

1.898108241s ago: executing program 5 (id=1793):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa4ebbe25218875b3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0xb}]})
socket$inet6_sctp(0xa, 0x1, 0x84)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
mq_timedsend(0xffffffffffffffff, &(0x7f0000000580)="d05d8f83bb6d90f0086a822dd78de0fc30235d9b04c293c7c44b07b7675c305a425997aff4da6037cc52793135b48ab327d96cd684f9216a6e34bf1f25319888382a5ca90d62f9b0df679395ce72dbdc1dc28ed358a3", 0x56, 0x6, 0x0)
bind$bt_hci(r3, &(0x7f0000000000)={0x1f, 0xffff, 0x3}, 0x6)
close_range(r2, 0xffffffffffffffff, 0x0)

1.686511544s ago: executing program 0 (id=1799):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x4800)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24048010)
r1 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000280), 0x1, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x58)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$kcm(r2, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7400}, 0x0)
r4 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb)
r5 = gettid()
timer_create(0x0, 0x0, &(0x7f0000bbdffc)=<r6=>0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r1, &(0x7f00000001c0)="d3c9b8742ca429a6153cb120d7557bc2bbcab0", &(0x7f0000000500)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r7], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r8}, 0x10)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="580000001000010400000000000000000000ffff", @ANYRES32=0x0, @ANYBLOB="421c00000000000024001280090001007866726d00185253274be6fa5d8c31e500050014000200000008000200feffffff140003007866aa5a0d28416a955635960500"/84], 0x58}}, 0x0)
close(r4)
bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB, @ANYRES16=r1, @ANYRESHEX=r9], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f00000003c0)=ANY=[@ANYRES16=<r11=>r2, @ANYRESDEC=r5], &(0x7f0000000400)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x2d, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r12 = open(&(0x7f00000006c0)='./file0\x00', 0x420402, 0x183)
fcntl$setlease(r12, 0x400, 0x1)
execve(&(0x7f0000000840)='./file0\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0x7, &(0x7f00000002c0)=ANY=[@ANYRESOCT=r6, @ANYRESHEX=r11, @ANYRES64=r1, @ANYRESHEX=r3], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r8, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
writev(r1, &(0x7f0000000040)=[{&(0x7f0000002500)='\f7', 0x2}], 0x1)

1.651219604s ago: executing program 0 (id=1801):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000000008000000000000000001801000020207025000000007b2020207b1af8ff00000000bfa100000000000007010000f8ff00000000000008000000b7030000feff0f00860000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = fsopen(&(0x7f00000002c0)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000540)='\x00', &(0x7f0000001c80)='n', 0x1)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f0000000000)={@multicast2, @local}, 0xc)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f00000003c0)={0x6, {{0x2, 0x4e22, @multicast1}}}, 0x88)
setsockopt$inet_group_source_req(r2, 0x0, 0x2e, &(0x7f0000000140)={0x24, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @local}}}, 0x108)
getsockopt$inet_buf(r2, 0x0, 0x29, &(0x7f0000000000)=""/145, &(0x7f0000695ffc)=0x192)
r3 = socket$kcm(0x2, 0xa, 0x2)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @broadcast})
write$tun(r1, &(0x7f0000000540)=ANY=[@ANYBLOB="00000000ffffffffffffaaaaaaaaaabb0800450045ac00006000002f9078ac1e0001e00000010008655800189078040000000000001386dd"], 0xfdef)

1.589533006s ago: executing program 0 (id=1804):
r0 = socket$inet(0x2, 0x3, 0x1)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000002c0)='veth1_virt_wifi\x00', 0x10)
sendmsg$inet(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0x4e21, @private=0xa010104}, 0x10, &(0x7f0000000740)=[{&(0x7f0000000240)="68e81a59", 0x4}, {0x0}], 0x2, 0x0, 0x0, 0xe0000000}, 0x8854)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
memfd_create(&(0x7f0000000bc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F91 ^x\x85\x80[\xa3B\n#!\xc2R\xdd\xf4)\xba\x1e\xfb6U\xabc\xda\x9a)\xc3\x9a\x06\xc5\xccP)\xdf.\xa7-\x84\xdf8\xbf\xfc1^}B\xee\xccR/z\x1e\xe8\x1e\x99\x99\n\xf4u\xd4\xbd^L\xb2j\xda\xff\x1d\x10\xc8\xad\xbd_OI\xb1\xe8y\x003\a\x06\x92\x8e\n\x8b\xf3\xd4G\x85\xbd\x1a\x81+3\x99jq\xd1\xacK^\xef\xb6!8\xcd?\x1e\\\x16W2\xbd4$zn\xa9\x7f\x9dE\xaf\x0f\xdb\xe0\xfa\x10\xc3\xb2\xf8\x80\x8c\xec$\xda\xc0\x94y1\t\xc5`\xda\xca\xd1\xab:\x18\x10\x9b\xd0w', 0x0)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000001980)={0xb, {"a2e3ad214fc752f9192909094bf70e0dd038e7ff7fc6e5539b324c078b089b3b353b6d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31300d074c0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341adbe50861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357ca8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee532592897cd12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ffca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160eca6b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4cf8d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb17167fbeac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bc522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a935908001cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1f1d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd41d95af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f480f6f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d00000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000d71f00000000000000000000000000000000000600", 0x1000}}, 0x1006)
socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000008c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000e868495fb58d00b6ad1f50ad32d6ad25dfd73a015e0ca6a0f68a7d007dc6751dfb265a0e3ccae669e173a64bc1cfd514600650a58f145ff1205fc9ddaa275e687d452d64e7cc957d77578f4c25235138d5521f9453559c35da860e8efbc64e57cbb7aee976f2b54421eed73d5661cfeecf9c66c54c3b3ffe1b4ce25d7c983cd44c05bd0a48dfe3e26e7a23129d6606ed28a69989d552af6d9a9df2c3af36e0360070011bbecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f163d1a1a83109753f54b21cd027edd68149ee99eebc6f7d6dd4aed4af7588c8e1b44ccb19e810879b81a7000000e7ffffff00000000d7900a820b63278f4e9a217b98ef7042ad2a928903000000cbe43a1ed25268816b00000000000009d27d753a30a147b24a48435bd8a568669596e9e0867958e1dd7a0defb6670c06054002238260000000000040587c1ed797aa21a38e1e389f640a0b8b0000000000a835ad0f61ba739cd0c31b05c00fba8a4aee676d7caa2e53b91a68ff2e60da7b01a2e5785a238afa4aba70c08b0d71b6f72d6a8d87fb08533d97ad96d3943c4cc8306dac433a5cdf78b04963d679d5a5d07e618a1ef9057fec00f9e93021f5a8d30e716de8cde9c6000000000c3b64d10f0939b42b33ab2a8717096c58bb3bb1d457d8bb96870f5a7e2ba31fd69bb80235d957eaa9a40b764e5381ffa604aaafb76a980e72b408f686b185736693089213b4e140f8f38e5589663115093889deb646122a5dc5a9e5ba4d37749a36b880110e2bf524b79bc91105f1d3f7d0de694a9417d68694f17ba5e27ea1cec518b93fadcfe0de010ae9be3273ff73c34b5695080a35bfa5c69e3b533e1b939c81b3beda037b7191cb0000000000000000000010e5d683b8938db5c305cf7e6e62a6890ba9e1f4ee64f8202b59de5036569febfaa95f4633db108b2f786333ec7bacc927f4a1785165b5d2444b4c022bb5cff472e6a0c8ee9d6d8df83b704669147b732ac508c9b9f0ca0a1ce45319d43d4643eb285835daf2065b57bebd61ad6671296c27253a5f9688d57c91ccd40ffe2dbc5dd1613a2e6f5b363cc8d205ce6ef3c3c6ded7dd3dfdb39008d8997213f68cdc971c1d6fdacb7729a5560880a77525e9cfb94ef1735dfe74e6b948697f7e3580436b532a82e315d56b17a5dba98436cc24babaae409f0aab0b40af116001bc85492455956e853ead08b5793d4ecf72378a3dfd9cc837b1c66212d9a2be8fd6341c2f837c7fe09924a51ec42912856cce3d3b2d092c80813aad03e1e63a655f4138730f302df339f30a4fbd453c9a0fba381d071ad7cb80a52bec572e29b0b9b55c235806b97e166609f8083ce776075c"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x416d, 0x0)

1.572741006s ago: executing program 0 (id=1806):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x4800)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24048010)
openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000280), 0x1, 0x0)
socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x58)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'vcan0\x00'})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b40)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x2000c0, &(0x7f00000005c0), 0x1, 0x54e, &(0x7f0000000600)="$eJzs3U1oHOUbAPBnZrPtv23+pgUFlR6KChVKN0k/tHpKr2Kh0IPgpS6bbQjZZEN2U5uQQ3ovYkFR6aXe9OBR8eBBvHj06kXxLIgGhaYHiUx2N/1Isq61ydbO7wezfT+GPu+bmWey7zBDAsitI9lHGvFMRJxPIobu6huIdueR1n6rK0uV2ytLlSTW1i78mkQSEbdWliqd/ZP2vwciYjkino6Ib4oRx9LNcRsLi1PlWq06164PN6dnhxsLi8cnp8sT1YnqzMmXXzl95tTp0ROjD22u1368/s617167ef3Tzw4vV94vJzEWg+2+u+fxMLV+JsUYu6/91E4E66Ok3wPggRTaeV6MiKdiKArtrAcef2t7I9aAnErkP+RU53tAtv7tbLv5/eOXs60FSBZ3tb21egZa9ybif+trk/2/J/esTLL15sHdHCiPpeWrETEyMLD5/E/a59+DG3kYA2RHfX22daA2H/904/oTW1x/Bjv3Tv+lzvVvddP17078wjbXv/M9xvjzzZ8+2jb+1Yhnt4yfbMRPtoifRsRbPca/8caXZ7brW/s44mhsHb8j6X5/ePjSZK060vrcMsZXRw+/2m3++7eJP9Zl/lnbbI/z/+Lbz59b7hL/xee7H/+t4u+LiHd7jH/o1ievb9eXxR/fZv7d4mdtN3uM/9LYkR963BUAAAAAAAAAAPgH0vVn2ZK0tFFO01Kp9Q7vk7E/rdUbzWOX6vMz461n3g5GMe08aTXUqidZfbT9PG6nfuK++smIOBQR7xX2rddLlXptvN+TBwAAAAAAAAAAAAAAAAAAgEfEgfve//+j0Hr/H8gJf/Ib8kv+Q37dm/9J38YB7D6//yG/5D/kl/yH/JL/kF/yH/JL/kN+yX/IL/kPAAAAAAAAAAAAAAAAAAAAAAAAAAA74vy5c9m2dntlqZLVxy8vzE/VLx8frzamStPzlVKlPjdbmqjXJ2rVUqU+/Xf/X61enx2Jmfkrw81qozncWFi8OF2fn2lenJwuT1QvVou7MisAAAAAAAAAAAAAAAAAAAD4bxlc35K0FBHpejlNS6WI/0fEwSgmlyZr1ZGIeCIivi8U92b10X4PGgAAAAAAAAAAAAAAAAAAAB4zjYXFqXKtVp1T2FyIiOVHYBgKCn05+QEAAAAAAAAAAAAAAAAAgF1156Xffo8EAAAAAAAAAAAAAAAAAAAA8iz9OYmIbDs69MLg3T17I2JPslrIynsi4u0bFz64Um4250az9t822psftttP9GsOQC86edrJYwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCOxsLiVLlWq87tYKHfcwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4EH8FAAD//46R2W8=")
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000002c0), 0x400, 0x0)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=@getnexthop={0x20, 0x76, 0x401, 0x0, 0x0, {}, [@NHA_ID={0x8, 0x1, 0x8000}]}, 0x20}}, 0x0)
sendmsg$netlink(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)={0x114, 0x28, 0x1, 0x4, 0x25dfdbfc, "", [@nested={0x104, 0xf2, 0x0, 0x1, [@typed={0xc, 0x18, 0x0, 0x0, @u64=0xfac0a}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2d}}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82", @typed={0x4, 0xe6}]}]}, 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x70, &(0x7f0000000200)=ANY=[@ANYRES32=r3], 0x0, 0xfff, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, 0x0, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="12000000090000000800000002"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r6}, &(0x7f0000001d80), &(0x7f0000001d40)}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000002c0)={r6, &(0x7f0000000040), &(0x7f0000000280)=""/21}, 0x20)
utime(&(0x7f0000000000)='./file0\x00', 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)

1.523463507s ago: executing program 0 (id=1808):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
unshare(0x64008700)

1.062604764s ago: executing program 5 (id=1813):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
r5 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r5, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r5, &(0x7f00000020c0)={&(0x7f0000000800)={0x2, 0x4e20, @remote}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x20008011}, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r6, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c000200080001"], 0x3c}}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x5)
r9 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x84)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000740)={r9, 0xe0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000180)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x7, 0x1, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000500)=[0x0], <r10=>0x0, 0xb1, &(0x7f0000000540)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x40, 0x10, &(0x7f0000000580), &(0x7f00000005c0), 0x8, 0xd1, 0x8, 0x8, &(0x7f0000000600)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0xc, &(0x7f0000000980)=ANY=[@ANYRES16=r9, @ANYBLOB="dbd722473bbbf4e08df76b93f45f585d459463370ad90522e933a4295c392281d9aa8356ccaff2ed7f64103a5291718affe4ff326f0bb5ff7c4dde5844bd0aceafbf9d1f08a249e8ac1dd4140eca384072b8adff2318883b3e2072f1c539a5216d1f2eb7f072150a4f4d425793ad1943ab19644cb61a13b3d4db3f63d114aa2fabf097576fcb8f75247d5218ecaf0a439a30ce1eecda5c67af072f26", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002080)={&(0x7f0000000300)='kfree\x00', r11}, 0x10)
preadv(r9, &(0x7f0000000000)=[{&(0x7f0000000080)=""/242, 0xf2}], 0x1, 0x2, 0x2)
r12 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r12, &(0x7f0000000080)={0x0, 0xfe, &(0x7f00000001c0)=[{&(0x7f00000007c0)="d8000000180081054e81f782db4cb904021d0800fe00fe05e8fe55a10a0015000600142603600e1208000f007f370301a8fe1600a40002400f000100035c0461c1d67f6f94007134cf6edb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090014d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00350db798262f3d40fad95667e006dcdf63951f215c3f8b6ad2cba0e2375ee535e3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1}, 0x20000800)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newlink={0x3c, 0x10, 0x403, 0x70bd25, 0x0, {0x0, 0x0, 0x0, 0x0, 0x500}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @veth={{0x9}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_MASTER={0x8, 0xa, r8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000804}, 0x8000)
r13 = socket(0x1, 0x803, 0x0)
getsockname$packet(r13, &(0x7f0000000100)={0x11, 0x0, <r14=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="4c0000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="4606090000f4808c92fa941aeee36977b59a610000001c00128009000100766c616e000000b79157ab2615000c000280000000cb1e000100", @ANYRES32=r14, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r14, @ANYBLOB], 0x4c}, 0x1, 0x0, 0x0, 0x600}, 0x0)

834.500578ms ago: executing program 5 (id=1818):
r0 = syz_open_dev$vcsa(&(0x7f0000000000), 0x1, 0x1a2100)
poll(&(0x7f00000000c0)=[{r0, 0x8744}], 0x1, 0x0)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
ioctl$FS_IOC_RESVSP(r1, 0x40305839, &(0x7f0000000180)={0x0, 0x4, 0x0, 0x9})
write$selinux_user(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='system_u:object_r:auth_cache_t r'], 0x27)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000080)={r0}, 0x4)
syz_open_dev$tty20(0xc, 0x4, 0x0)

784.190758ms ago: executing program 5 (id=1820):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xc, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='sys_enter\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
select(0xff44, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x300}, 0x0, 0x0, &(0x7f0000000100)={0x77359400})
r1 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r1, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x4e21, @empty}}, 0x80, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$inet6(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000001100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000200)=@generic={0x0}, 0x18)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3fffff)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000004c0)={'ip6tnl0\x00', &(0x7f00000003c0)={'syztnl1\x00', 0x0, 0x4, 0x0, 0x3, 0x2, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}, @mcast1, 0x7, 0x7, 0x1202, 0x8}})
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x3, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f0000000600)={'syztnl1\x00', 0x0})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xfff, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xffffffffffffff30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
set_tid_address(0x0)

753.359759ms ago: executing program 5 (id=1822):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000580)='/sys/power/reserved_size', 0x169a82, 0x0)
sendfile(r0, r0, 0x0, 0x7)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34122, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext={0x5}, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, r0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000c40)='memory.current\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000001400), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000001080)='net/igmp\x00')
read$char_usb(r4, &(0x7f0000000040)=""/4109, 0x100d)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
bpf$TOKEN_CREATE(0x24, &(0x7f00000002c0)={0x0, r5}, 0x8)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
r7 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r7, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)
r8 = timerfd_create(0x0, 0x0)
timerfd_settime(r8, 0x0, &(0x7f0000000040)={{}, {0x0, 0x1c9c380}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0x100}, [@call={0x85, 0x0, 0x0, 0xd2}]}, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
readv(r8, &(0x7f0000000000)=[{&(0x7f00000020c0)=""/4100, 0x1004}], 0x1)

666.64491ms ago: executing program 1 (id=1823):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa4ebbe25218875b3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0xb}]})
socket$inet6_sctp(0xa, 0x1, 0x84)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
mq_timedsend(0xffffffffffffffff, &(0x7f0000000580)="d05d8f83bb6d90f0086a822dd78de0fc30235d9b04c293c7c44b07b7675c305a425997aff4da6037cc52793135b48ab327d96cd684f9216a6e34bf1f25319888382a5ca90d62f9b0df679395ce72dbdc1dc28ed358a3", 0x56, 0x6, 0x0)
bind$bt_hci(r3, &(0x7f0000000000)={0x1f, 0xffff, 0x3}, 0x6)
close_range(r2, 0xffffffffffffffff, 0x0)

423.583944ms ago: executing program 4 (id=1832):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='sys_enter\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
select(0xff44, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x300}, 0x0, 0x0, &(0x7f0000000100)={0x77359400})
r1 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r1, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x4e21, @empty}}, 0x80, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$inet6(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000001100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000200)=@generic={0x0}, 0x18)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3fffff)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000004c0)={'ip6tnl0\x00', &(0x7f00000003c0)={'syztnl1\x00', 0x0, 0x4, 0x0, 0x3, 0x2, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}, @mcast1, 0x7, 0x7, 0x1202, 0x8}})
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x3, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f0000000600)={'syztnl1\x00', 0x0})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xfff, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xffffffffffffff30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
set_tid_address(0x0)

416.050854ms ago: executing program 5 (id=1833):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=<r2=>r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f00000002c0)='reno\x00', 0x5)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(r3, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r3, &(0x7f00000018c0)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000380)="12", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000016c0)=[{&(0x7f0000000240)=' ', 0x1}], 0x1}}], 0x2, 0x48800)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="000000004d94eef928f170330000000000007a00", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
r5 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r2, @ANYRES32=r6, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r6}, &(0x7f0000000180), &(0x7f00000001c0)=r5}, 0x20)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x1, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)
r8 = openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
fcntl$setlease(r4, 0x400, 0x0)
write$selinux_validatetrans(r8, &(0x7f0000001cc0)=ANY=[@ANYBLOB='system_u:object_r:semanage_t system_u:object_r:fixed_disk_device_t:s0 00000000000w'], 0x79)
open(&(0x7f0000000080)='./file1\x00', 0x402fc1, 0xcd)
syz_io_uring_setup(0x1f87, &(0x7f0000000180)={0x0, 0x8404, 0x13580}, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
ioctl$int_in(r9, 0x5452, &(0x7f0000000340)=0x3)

316.808165ms ago: executing program 4 (id=1836):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000005000000010001000900000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000170000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000feffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
mlock(&(0x7f0000ffe000/0x2000)=nil, 0x2000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000200)='kmem_cache_free\x00', r1}, 0x10)
connect$pppoe(0xffffffffffffffff, &(0x7f0000000080)={0x18, 0x0, {0x4, @local, 'veth1_to_hsr\x00'}}, 0x1e)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$IMSETDEVNAME(0xffffffffffffffff, 0x80184947, 0x0)
perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x67a, 0x1, 0xfffffffe, 0x3}, 0x0, 0x9, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000340)={'netdevsim0\x00', &(0x7f0000000400)=@ethtool_flash={0x33, 0xea5, '.\x00'}})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

315.736016ms ago: executing program 4 (id=1837):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00'}, 0x10)
r0 = fsopen(&(0x7f00000002c0)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000540)='\x00', &(0x7f0000001c80)='n', 0x1)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f0000000000)={@multicast2, @local}, 0xc)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f00000003c0)={0x6, {{0x2, 0x4e22, @multicast1}}}, 0x88)
setsockopt$inet_group_source_req(r2, 0x0, 0x2e, &(0x7f0000000140)={0x24, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @local}}}, 0x108)
getsockopt$inet_buf(r2, 0x0, 0x29, &(0x7f0000000000)=""/145, &(0x7f0000695ffc)=0x192)
r3 = socket$kcm(0x2, 0xa, 0x2)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @broadcast})
write$tun(r1, &(0x7f0000000540)=ANY=[@ANYBLOB="00000000ffffffffffffaaaaaaaaaabb0800450045ac00006000002f9078ac1e0001e00000010008655800189078040000000000001386dd"], 0xfdef)

240.126027ms ago: executing program 3 (id=1839):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@minixdf}]}, 0x1, 0x503, &(0x7f0000000fc0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSG0EmKPILUhcaModhzFTmlCD+mZKxKVOMGRP4BzT9y5IHrjUg5I/IhADRIHoxlPUje1m6hJ7Gz8+UijeW/e1N/vazrvxS+NXwBD62pE7EbEWETcjojp7HouO+KT9pHc93Tv/tL+3v2lXLRan/0zl7Yn16LjzySuZK9ZjIgffS/ip7kX4za2d9YWq9XKZlafbdY2ZhvbOzdWa4srlZXKerm8ML8w99HND8tn1td3amNZ6atP/rj7rZ8naU1lVzr7cZbaXS8cxkmMRsQPziPYAIxk/RkbdCK8knxEvBkR76bP/3SMpF9NAOAya7WmozXdWQcALrt8ugaWy5eytYCpyOdLpfYa3lsxma/WG83rd+pb68vttbKZKOTvrFYrc9la4UwUckl9Pi0/q5eP1G9GxBsR8cvxibReWqpXlwf5jQ8ADLErR+b//4y3538A4JIrDjoBAKDvzP8AMHzM/wAwfMz/ADB82vP/xKDTAAD6yPt/ABg+5n8AGCo//PTT5GjtZ59/vXx3e2utfvfGcqWxVqptLZWW6psbpZV6fSX9zJ7aca9Xrdc35j+IrXsz395oNGcb2zu3avWt9eat9HO9b1UK6V27fegZANDLG+88epxLZuSPJ9IjOvZyKAw0M+C85QedADAwI4NOABgYu33B8DrFe3zLA3BJdNmi9znFbr8g1Gq1WueXEnDOrn3J+j8Mq471f/8LGIaM9X8YXtb/YXi1WrmT7vkfJ70RALjYrPEDPX7+/2Z2/l32w4GfLB+94+F5ZgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX28H+v6VsL/CpyOdLpYjXImImCrk7q9XKXES8HhF/Hi+MJ/X5AecMAJxW/m+5bP+va9PvTz3X9PaVw+JYRPzs15/96t5is7n5p4ix3L/GD643H2bXy/3PHgA43sE8nZ473sg/3bu/dHD0M5+/fzciiu34+3tjsX8YfzRG03MxChEx+e9cVm/LdaxdnMbug4j4Yrf+52IqXQNp73x6NH4S+7W+xs8/Fz+ftrXPyd/FF84gFxg2j5Lx55Nuz18+rqbn7s9/MR2hTi8b/5KXWtpPx8Bn8Q/Gv5Ee49/Vk8b44A/fb5cmXmx7EPHl0YiD2Psd489B/FyP+O+fMP5fvvL2u73aWr+JuBbd43fGmm3WNmYb2zs3VmuLK5WVynq5vDC/MPfRzQ/Ls+ka9Wzv2eAfH19/vVdb0v/JHvGLx/T/6yfs/2//d/vHX3tJ/G++1y1+Pt56SfxkTvzGCeMvTv6+2Kstib/co//Hff2vnzD+k7/uvLBtOAAwOI3tnbXFarWy+TkqPE6+pxl8Ggr9LyT/ZC9AGl0L3+lXrLHo3vSL99rP9JGmVuuVYvUaMc5i1Q24CA4f+oj476CTAQAAAAAAAAAAAAAAuurHbywNuo8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcXv8PAAD//+a4zis=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x1}, 0x48)
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000080)={0xa, 0x4e23, 0x0, @mcast2, 0x5}, 0x1c, &(0x7f00000000c0)=[{&(0x7f0000000200)="58d72150fcfb761b1af14ed223e7a9bfba8d22d01af994bdaaff201b218b6bcdad6ca2f4c1aed401df3735a44a7fe5955d614693273bd61cbb793e5924a8dd01427c766efd508b4e5e2716899d75847d8611ca1a2ec8a483ca1d400dd98dd3c6889a8e8afb89842965610df02e2b43295f7d30721b2465f4c693362046b293d06a44ee8a0bad6846a21d94196b911196f9b1c0f7e7d19e1a2de840dca4664ded07f9999d9a2518a15db51b", 0xab}], 0x1, &(0x7f00000002c0)=[@tclass={{0x14, 0x29, 0x43, 0x8}}, @hoplimit={{0x14, 0x29, 0x34, 0x8}}, @dstopts_2292={{0x110, 0x29, 0x4, {0x2e, 0x1e, '\x00', [@padn={0x1, 0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @calipso={0x7, 0x8, {0x0, 0x0, 0x8, 0xb}}, @generic={0x89, 0x80, "7634964de9acdced71aa1536bfdac876c0c2062564a28adda84f234b630bd571b52718d6b8b8fe986ac7cec158c714e317c0245686c220bff588049b42753b6c79b41bc563fe8e4e20e39560f00d6b3282931c32b8dae1bdd2a8b44af62582f62b7223e896d8d5184a73277a3bf2486572d89ca0931579de8ad5aabb61e6c34e"}, @jumbo={0xc2, 0x4, 0x5}, @calipso={0x7, 0x30, {0x2, 0xa, 0x4, 0x100, [0x9, 0x3, 0x9, 0x5, 0x6]}}, @calipso={0x7, 0x20, {0x1, 0x6, 0x5, 0x8, [0xa7, 0x7, 0x4]}}, @enc_lim={0x4, 0x1, 0x7}]}}}, @dstopts_2292={{0x158, 0x29, 0x4, {0x21, 0x28, '\x00', [@generic={0x2, 0x26, "00193b777efe18ea63ae9b8e3d95ee673cd0f22633b46a09a1e587e86fa78d2be41088c258ea"}, @calipso={0x7, 0x40, {0x0, 0xe, 0x6, 0x7, [0x6, 0xac, 0x5, 0x400, 0x101, 0x6, 0x3]}}, @generic={0x3, 0x28, "1ad8bf4d2ee0ae4b68a68be6c617a4443ca3adf3c35f0973c6286bd902730a95f13971504744f74e"}, @generic={0x2, 0x93, "c3e2d17ac8ca815f91a72404adde69cf1a3a4e04d9a8591c48c58983f477b56676d901f1c4adafb8e636fe3ec721f755cbc544ccaeb537b01bf6cfb53975529a31450771278cb9970244132f25e9b835bbfd43519069f98747f8f2f15ca6a3c3d44b07060bed29b60680e0e8520f2ce10091773ec4983c5e03737066f0bd552520af8542a1d98bee4716a7d7fa0b6d070a8ba1"}, @calipso={0x7, 0x10, {0x0, 0x2, 0x3, 0x3ff, [0xf3]}}, @padn={0x1, 0x3, [0x0, 0x0, 0x0]}]}}}, @rthdr_2292={{0x28, 0x29, 0x39, {0xff, 0x2, 0x0, 0x3, 0x0, [@ipv4={'\x00', '\xff\xff', @remote}]}}}], 0x2c0}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x48041, 0x0)
pwrite64(r1, &(0x7f0000000140)="f6", 0xffffff07, 0x8000c61)

238.854217ms ago: executing program 4 (id=1840):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2c}}, 0x10)
shutdown(r0, 0x1)
sendmmsg$inet(r0, &(0x7f0000004540)=[{{&(0x7f0000000040)={0x2, 0x4e22, @multicast1}, 0x10, 0x0}, 0xee0000b0}], 0x1, 0x10000000000)

214.972047ms ago: executing program 4 (id=1841):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f00000001c0)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', r0}, 0x10)
r1 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = getpid()
r3 = syz_pidfd_open(r2, 0x0)
setns(r3, 0x24020000)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r5 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r6}, &(0x7f0000000180), &(0x7f00000001c0)=r5}, 0x20)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='module_request\x00', r7}, 0x10)
socketpair(0x0, 0x0, 0x0, &(0x7f0000000140))
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r8}, 0x10)
close(r4)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2, 0x0, 0xfffe}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x13}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x10}, @NFTA_CT_DIRECTION={0x5}]}}}]}]}], {0x14}}, 0x80}, 0x1, 0x0, 0x0, 0x40000}, 0x8044)
r10 = fsmount(r1, 0x0, 0x0)
fchdir(r10)
r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='memory.swap.current\x00', 0x275a, 0x0)
write$binfmt_script(r11, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r11, 0x0)
preadv(r11, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffffff000}], 0x5, 0x0, 0x3f)

132.452108ms ago: executing program 3 (id=1842):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r0}, 0x18)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x20004002, 0x0, 0x0)

83.751109ms ago: executing program 3 (id=1843):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
fsopen(&(0x7f0000000400)='autofs\x00', 0x0)

56.752709ms ago: executing program 3 (id=1844):
openat2$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NFT_MSG_GETTABLE(r0, &(0x7f0000000380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB="30010000010a01020000000000000000050000028e00060027197623c630c186354232171a7217175f95bb35202eebc283c6869f98be04d6425824325ee2bbf3c493be170678bde36d1920b8922366d42824045224575019b3f9cca00422e6dc984d094de8dc98792fe5737ea3bd2f943816e6ba4dd543698705c8b21d8e5310bc5a04f15a8e84516b4b2a3d2a2b42b5494aa91211558fa208b0857dd9ca6aa414fe00000800024000000003f5ca044000000000000000010c0004400000000000000005580006006397cc2604d74a9afa0726b35a3230ee9a7c0ed997279610a3539651d7fdaa4a673590b5b65b34d2be11c2a11530ac403bb65001d40b6831e1be52b507aff95e939c1e854573135caf5f41f6b8e46f5060d8499b0c00044000000000000000040800024000000000"], 0x130}, 0x1, 0x0, 0x0, 0x400d4}, 0x80)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x80000e, &(0x7f0000000340)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@quota}, {@errors_remount}, {@barrier}]}, 0x3, 0x44a, &(0x7f0000000bc0)="$eJzs271vG2UYAPDn7CSlXyRU5aMfQKAgylfSpKV0YAGBxFAkJBjKGJK0CnUb1ASJVhEEhMqIKjGxIEYk/gImWBAwIbHCjipVKEsLk9HZd43t2E6dOnGpfz/p3Pe9O/d9nrt77ffujQPoW6PpSxKxKyL+iIjharV+h9HqPzdWlqb/WVmaTqJcfuvvpLLf9ZWl6XzX/H0788pAROGzJA40aXfh4qWzU6XS7IWsPr547v3xhYuXnp87N3Vm9szs+ckTJ44dnXjx+OQLXckzzev6/o/mD+57/Z0rb0yfuvLuL98lef4NeXTJaLuNT5bLXW6ut3bXlJOBHgZCR4rVbhqDlf4/HMVYPXnD8dqnPQ0O2FTlcrn8QOvNy2XgLpZEryMAeiP/ok/vf/Nli4Yed4RrL1dvgNK8b2RLdctAFLJ9Bhvub7tpNCJOLf/7dbrE5jyHAACo80M6/nmu2fivELXPhe7N5lBGIuK+iNgTEccjYm9E3B9R2ffBiHiow/YbJ0nWjn8KV2tr5aTDBtaRjv9eyua26sd/+egvRopZbXcl/8Hk9Fxp9kh2TA7H4La0PtGmjR9f/f2LVttqx3/pkrafjwWzOK4ObKt/z8zU4tTt5Fzr2icR+wca8j8ZlQm8fCYgPeT7ImL/BtuYe+bbg622rZ9/G12YZyp/E/FU9fwvR935X73Qkvbzk+P3RGn2yHh+Vaz162+X32zV/m3l3wXp+d/R9Pq/mf9IUjtfu9DJ//7V0+nr5T8/b3lPs9Hrfyh5u1IeytZ9OLW4eGEiYig5WQ26dv3k6nvzer5/mv/hQ837/55YPRIHIiK9iB+OiEci4tEs9sci4vGIONTmKPz8yhPvbTz/zZXmP9PR+V8tDEXjmuaF4tmfvq9rdKST/NPzf6xSOpytuZXPv1uJq9OrGQAAAP6vChGxK5LC2M1yoTA2Vv0b/r2xo1CaX1h89vT8B+dnqr8RGInBQv6ka7jmeehEdluf1ycb6kez58ZfFrdX6mPT86WZXicPfW5ni/6f+qvY6+iATef3WtC/9H/oX/o/9C/9H/pXk/6/vRdxAFuv2ff/xz2IA9h6Df3ftB/0Eff/0L820v99ZsDdoW1fHtq6OIAttbA91v+RvILCmkIU7ogwFDap0OtPJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgO74LwAA///lI+j0")
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000900)={{{@in=@initdev, @in=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in6}, 0x0, @in=@multicast2}}, &(0x7f00000005c0)=0xa7)
mount$cgroup(0x0, &(0x7f0000000600)='.\x00', &(0x7f0000000640), 0x2008000, &(0x7f0000000840)={[{@none}, {@xattr}], [{@hash}, {@permit_directio}, {@rootcontext={'rootcontext', 0x3d, 'staff_u'}}, {@subj_type={'subj_type', 0x3d, '[-[\xb0-{:+'}}]})
socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x4, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x21, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket(0x40000000015, 0x5, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r4)
sendmsg$NLBL_CIPSOV4_C_ADD(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01002bbd0000fbdbdf2501000000080001000300000014020480050003000100000005446824c20003000100000008000200"], 0x38}, 0x1, 0x0, 0x0, 0x8000}, 0x4000)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r2, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r6}, 0x18)
r7 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r7, 0x0, 0x48b, &(0x7f0000000000)={0x1, 'veth0_virt_wifi\x00', 0x2000000}, 0x18)
setsockopt$IP_VS_SO_SET_STOPDAEMON(r7, 0x0, 0x48c, &(0x7f00000002c0)={0x1, 'ipvlan1\x00', 0x100}, 0x18)
bind$inet(r3, &(0x7f00008a5ff0)={0x2, 0x0, @loopback}, 0x10)
getpid()
io_setup(0x3, &(0x7f0000000280))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r8}, 0x10)
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="2c00000010008100000000000080000000000000", @ANYRES32=0x0, @ANYBLOB="0a043cbf", @ANYRES32, @ANYBLOB="0a001b"], 0x2c}], 0x1}, 0x0)
recvmmsg(r3, &(0x7f0000004900)=[{{0x0, 0x0, 0x0}, 0xd57e}, {{0x0, 0x0, 0x0}, 0x85ae}], 0x2, 0x60010020, 0x0)
sendto$inet(r3, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x2, 0x0, @loopback}, 0x10)

56.191069ms ago: executing program 4 (id=1845):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0xfffffffffffffef2}}, 0x0) (async)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0xfffffffffffffef2}}, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x2})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000000000000000000000000195"], &(0x7f00000000c0)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='inet_sk_error_report\x00', r1}, 0x10)
syz_socket_connect_nvme_tcp()
readv(r0, &(0x7f00000001c0)=[{&(0x7f0000001400)=""/227, 0x10}], 0x4)
socket$kcm(0x2, 0xa, 0x2)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_NEW(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)={0x40, 0x0, 0x7, 0x201, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFACCT_PKTS={0xc, 0x2, 0x1, 0x0, 0x5}, @NFACCT_PKTS={0xc, 0x2, 0x1, 0x0, 0x28}, @NFACCT_NAME={0x9, 0x1, 'syz0\x00'}, @NFACCT_FLAGS={0x8, 0x5, 0x1, 0x0, 0x2}]}, 0x40}, 0x1, 0x0, 0x0, 0x44880}, 0x400c810)
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000000)={'syzkaller1\x00', @remote}) (async)
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000000)={'syzkaller1\x00', @remote})

315.83µs ago: executing program 3 (id=1846):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = fsopen(&(0x7f0000000400)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r2, 0x2, &(0x7f0000000540)='\x00', &(0x7f0000001c80)='n', 0x1)
fsconfig$FSCONFIG_SET_FD(r2, 0x5, &(0x7f00000005c0)='\x00\x00\x00', 0x0, r2)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000040)='syzkaller\x00', &(0x7f0000001140)='\xf1\x95\xb3>-\x8c\xd4\r\x01\xfa\xe2{eED\x0e\xaaPV\x11\xff\xb6j\xd4~6\x82^\x9b b', 0x0)
close(r2)

0s ago: executing program 3 (id=1847):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c)
listen(r1, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
pipe(0x0)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x28, r5, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}]}]}, 0x28}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000600), r4)
open(0x0, 0x20000, 0x0)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r6, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000080)=ANY=[@ANYBLOB="c2754f1df49487b5c7d70c689b8c0784000000", @ANYRES8=0x0, @ANYBLOB="010000000000fbdbdf250100000008000200000000000500050000000000080003000100000048000180050002002000000006000100020000000800060003000000080003d5697e0933e8c4216831ce1ffbec5a87ca19"], 0x84}}, 0x20000000)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r9 = syz_genetlink_get_family_id$batadv(&(0x7f0000000740), r3)
r10 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r11=>0x0})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d40)={0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x41100, 0x21, '\x00', r11, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000c40)={0x6, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000c80), &(0x7f0000000cc0), 0x10, 0x10000}, 0x94)
sendmsg$BATADV_CMD_TP_METER(r3, &(0x7f0000000800)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x34, r9, 0x100, 0x70bd2a, 0x25dfdbff, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r11}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0xc9}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000000}, 0x40)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_route_sched(r7, 0x0, 0x0)
r12 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x14, r12, 0x1, 0x70bd2b, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4000084}, 0x40)

kernel console output (not intermixed with test programs):

te your userspace.
[   57.775142][ T5200] netlink: 12 bytes leftover after parsing attributes in process `syz.0.554'.
[   57.828155][ T5203] sg_write: 1 callbacks suppressed
[   57.828170][ T5203] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   57.828170][ T5203]    program syz.0.555 not setting count and/or reply_len properly
[   57.955057][ T5206] smc: net device bond0 applied user defined pnetid SYZ2
[   58.017901][ T5208] smc: net device bond0 erased user defined pnetid SYZ2
[   58.152496][ T5218] netlink: 100 bytes leftover after parsing attributes in process `syz.0.560'.
[   58.264152][ T5216] SET target dimension over the limit!
[   58.338786][ T5230] netlink: 100 bytes leftover after parsing attributes in process `syz.5.566'.
[   58.541578][ T5235] SELinux: syz.1.569 (5235) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[   58.615678][ T5242] siw: device registration error -23
[   58.679804][ T5252] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   58.679804][ T5252]    program syz.3.575 not setting count and/or reply_len properly
[   58.758561][ T5257] netlink: 8 bytes leftover after parsing attributes in process `syz.1.577'.
[   58.767978][ T5259] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[   58.781350][ T5259] netlink: 28 bytes leftover after parsing attributes in process `syz.0.578'.
[   58.793575][ T5264] vhci_hcd: default hub control req: 0213 v0003 i0000 l0
[   58.793879][ T5259] IPVS: Error connecting to the multicast addr
[   58.816390][ T5259] netlink: 'syz.0.578': attribute type 27 has an invalid length.
[   58.965906][ T5278] SELinux: syz.5.587 (5278) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[   59.284922][ T5288] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   59.284922][ T5288]    program syz.5.590 not setting count and/or reply_len properly
[   59.363735][ T5290] netlink: 8 bytes leftover after parsing attributes in process `syz.5.591'.
[   59.486681][ T5294] netlink: 'syz.5.593': attribute type 1 has an invalid length.
[   59.494381][ T5294] netlink: 224 bytes leftover after parsing attributes in process `syz.5.593'.
[   59.610864][ T5300] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   59.610864][ T5300]    program syz.0.596 not setting count and/or reply_len properly
[   59.680096][   T29] kauditd_printk_skb: 1021 callbacks suppressed
[   59.680106][ T5307] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[   59.680110][   T29] audit: type=1400 audit(1751160987.138:5895): avc:  denied  { mounton } for  pid=5306 comm="syz.0.598" path="/136" dev="tmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   59.689001][ T5307] IPVS: Error connecting to the multicast addr
[   59.695052][   T29] audit: type=1400 audit(1751160987.138:5896): avc:  denied  { create } for  pid=5306 comm="syz.0.598" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   59.742309][   T29] audit: type=1400 audit(1751160987.138:5897): avc:  denied  { setopt } for  pid=5306 comm="syz.0.598" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   59.771165][ T5307] netlink: 'syz.0.598': attribute type 27 has an invalid length.
[   59.779762][   T29] audit: type=1400 audit(1751160987.228:5898): avc:  denied  { bind } for  pid=5306 comm="syz.0.598" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   59.809718][   T29] audit: type=1400 audit(1751160987.268:5899): avc:  denied  { read } for  pid=5306 comm="syz.0.598" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   59.843202][ T5312] syzkaller1: entered promiscuous mode
[   59.848769][ T5312] syzkaller1: entered allmulticast mode
[   59.860535][   T29] audit: type=1400 audit(1751160987.318:5900): avc:  denied  { write } for  pid=5306 comm="syz.0.598" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   59.906256][   T29] audit: type=1400 audit(1751160987.358:5901): avc:  denied  { create } for  pid=5313 comm="syz.4.601" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   59.934104][   T29] audit: type=1400 audit(1751160987.358:5902): avc:  denied  { create } for  pid=5313 comm="syz.4.601" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[   59.954783][   T29] audit: type=1400 audit(1751160987.388:5903): avc:  denied  { setopt } for  pid=5315 comm="syz.1.602" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   59.965159][ T5314] netlink: 'syz.4.601': attribute type 27 has an invalid length.
[   59.974464][   T29] audit: type=1400 audit(1751160987.408:5904): avc:  denied  { write } for  pid=5313 comm="syz.4.601" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   60.004189][ T5314] 8021q: adding VLAN 0 to HW filter on device bond0
[   60.012807][ T5314] 8021q: adding VLAN 0 to HW filter on device team0
[   60.022474][ T5314] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   60.048692][ T5323] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   60.048692][ T5323]    program syz.3.605 not setting count and/or reply_len properly
[   60.117053][ T5337] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   60.117053][ T5337]    program syz.1.609 not setting count and/or reply_len properly
[   60.292374][ T5352] SELinux: syz.4.617 (5352) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[   60.687444][ T5347] SET target dimension over the limit!
[   60.788313][ T5363] netlink: 'syz.5.621': attribute type 27 has an invalid length.
[   60.811478][ T5363] 8021q: adding VLAN 0 to HW filter on device bond0
[   60.819751][ T5363] 8021q: adding VLAN 0 to HW filter on device team0
[   60.829131][ T5363] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   60.866836][ T5368] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   60.866836][ T5368]    program syz.4.623 not setting count and/or reply_len properly
[   60.933140][ T5370] SELinux: syz.5.624 (5370) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[   61.082649][ T5382] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   61.082649][ T5382]    program syz.4.631 not setting count and/or reply_len properly
[   61.147538][ T5384] SELinux: syz.0.629 (5384) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[   61.181074][ T5391] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[   61.197038][ T5391] IPVS: Error connecting to the multicast addr
[   61.205354][ T5391] netlink: 'syz.1.630': attribute type 27 has an invalid length.
[   61.221902][ T5395] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[   61.231565][ T5397] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   61.231565][ T5397]    program syz.4.636 not setting count and/or reply_len properly
[   61.260207][ T5395] IPVS: Error connecting to the multicast addr
[   61.267977][ T5395] netlink: 'syz.0.635': attribute type 27 has an invalid length.
[   62.062725][ T5431] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[   62.072448][ T5431] __nla_validate_parse: 5 callbacks suppressed
[   62.072460][ T5431] netlink: 28 bytes leftover after parsing attributes in process `syz.4.651'.
[   62.096055][ T5431] IPVS: Error connecting to the multicast addr
[   62.104937][ T5431] netlink: 'syz.4.651': attribute type 27 has an invalid length.
[   62.170521][ T5440] netlink: 8 bytes leftover after parsing attributes in process `syz.1.654'.
[   62.375226][ T5445] 9pnet: p9_errstr2errno: server reported unknown error �@0x0000000000000005
[   62.602294][ T5468] SELinux: syz.5.664 (5468) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[   62.844260][ T5485] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[   62.850799][ T5485] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   62.858432][ T5485] vhci_hcd vhci_hcd.0: Device attached
[   62.872692][ T5486] vhci_hcd: connection closed
[   62.872847][  T414] vhci_hcd: stop threads
[   62.881817][  T414] vhci_hcd: release socket
[   62.886292][  T414] vhci_hcd: disconnect device
[   63.040654][ T5489] netlink: 8 bytes leftover after parsing attributes in process `syz.5.673'.
[   63.085281][ T5495] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   63.085281][ T5495]    program syz.5.676 not setting count and/or reply_len properly
[   63.125098][ T5497] syzkaller1: entered promiscuous mode
[   63.130693][ T5497] syzkaller1: entered allmulticast mode
[   63.251733][ T5503] netlink: 'syz.5.679': attribute type 1 has an invalid length.
[   63.259545][ T5503] netlink: 224 bytes leftover after parsing attributes in process `syz.5.679'.
[   63.329076][ T5511] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   63.329076][ T5511]    program syz.1.683 not setting count and/or reply_len properly
[   63.382499][ T5518] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   63.382499][ T5518]    program syz.5.686 not setting count and/or reply_len properly
[   63.383258][ T5517] netlink: 8 bytes leftover after parsing attributes in process `syz.1.685'.
[   63.431835][ T5520] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   63.431835][ T5520]    program syz.3.687 not setting count and/or reply_len properly
[   63.501542][ T5528] netlink: 'syz.3.691': attribute type 1 has an invalid length.
[   63.509370][ T5528] netlink: 224 bytes leftover after parsing attributes in process `syz.3.691'.
[   63.626686][ T5541] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   63.626686][ T5541]    program syz.5.696 not setting count and/or reply_len properly
[   63.713714][ T5547] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   63.713714][ T5547]    program syz.5.698 not setting count and/or reply_len properly
[   63.815885][ T5550] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[   63.822415][ T5550] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   63.830114][ T5550] vhci_hcd vhci_hcd.0: Device attached
[   63.891529][ T5552] vhci_hcd: connection closed
[   63.891747][  T383] vhci_hcd: stop threads
[   63.900717][  T383] vhci_hcd: release socket
[   63.905181][  T383] vhci_hcd: disconnect device
[   64.432364][ T5568] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   64.432364][ T5568]    program syz.3.706 not setting count and/or reply_len properly
[   64.488418][ T5572] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[   64.510152][ T5572] netlink: 28 bytes leftover after parsing attributes in process `syz.4.708'.
[   64.525254][ T5572] IPVS: Error connecting to the multicast addr
[   64.610725][ T5576] netlink: 'syz.3.710': attribute type 27 has an invalid length.
[   64.624873][ T5572] netlink: 'syz.4.708': attribute type 27 has an invalid length.
[   64.644503][ T5579] netlink: 8 bytes leftover after parsing attributes in process `syz.0.711'.
[   64.828481][   T29] kauditd_printk_skb: 905 callbacks suppressed
[   64.828493][   T29] audit: type=1400 audit(1751160992.288:6810): avc:  denied  { read } for  pid=5571 comm="syz.4.708" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   64.854614][ T5576] 8021q: adding VLAN 0 to HW filter on device bond0
[   64.869983][ T5576] 8021q: adding VLAN 0 to HW filter on device team0
[   64.892018][ T5576] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   64.928979][   T29] audit: type=1400 audit(1751160992.318:6811): avc:  denied  { write } for  pid=5571 comm="syz.4.708" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   64.982222][ T5585] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   64.982222][ T5585]    program syz.4.713 not setting count and/or reply_len properly
[   65.203296][ T5600] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   65.203296][ T5600]    program syz.4.720 not setting count and/or reply_len properly
[   65.271197][ T5607] netlink: 8 bytes leftover after parsing attributes in process `syz.1.722'.
[   65.284298][   T29] audit: type=1400 audit(1751160992.738:6812): avc:  denied  { read } for  pid=5605 comm="syz.4.723" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   65.301699][ T5592] SET target dimension over the limit!
[   65.307919][   T29] audit: type=1326 audit(1751160992.738:6813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5605 comm="syz.4.723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e9fa1e929 code=0x7ffc0000
[   65.336565][   T29] audit: type=1326 audit(1751160992.738:6814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5605 comm="syz.4.723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7f3e9fa1e929 code=0x7ffc0000
[   65.371840][   T29] audit: type=1326 audit(1751160992.818:6815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5605 comm="syz.4.723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e9fa1e929 code=0x7ffc0000
[   65.395199][   T29] audit: type=1326 audit(1751160992.818:6816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5605 comm="syz.4.723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e9fa1e929 code=0x7ffc0000
[   65.404321][ T5616] FAULT_INJECTION: forcing a failure.
[   65.404321][ T5616] name failslab, interval 1, probability 0, space 0, times 1
[   65.418625][   T29] audit: type=1326 audit(1751160992.818:6817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5605 comm="syz.4.723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3e9fa1e929 code=0x7ffc0000
[   65.431133][ T5616] CPU: 0 UID: 0 PID: 5616 Comm: syz.5.727 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   65.431179][ T5616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   65.431194][ T5616] Call Trace:
[   65.431201][ T5616]  <TASK>
[   65.431208][ T5616]  __dump_stack+0x1d/0x30
[   65.431229][ T5616]  dump_stack_lvl+0xe8/0x140
[   65.431313][ T5616]  dump_stack+0x15/0x1b
[   65.431392][ T5616]  should_fail_ex+0x265/0x280
[   65.431466][ T5616]  ? sctp_add_bind_addr+0x71/0x1e0
[   65.431486][ T5616]  should_failslab+0x8c/0xb0
[   65.431508][ T5616]  __kmalloc_cache_noprof+0x4c/0x320
[   65.431537][ T5616]  sctp_add_bind_addr+0x71/0x1e0
[   65.431673][ T5616]  sctp_copy_local_addr_list+0x199/0x220
[   65.431698][ T5616]  sctp_copy_one_addr+0x7f/0x280
[   65.431720][ T5616]  sctp_bind_addr_copy+0x79/0x290
[   65.431780][ T5616]  sctp_assoc_set_bind_addr_from_ep+0xce/0xe0
[   65.431883][ T5616]  sctp_connect_new_asoc+0x1c3/0x3a0
[   65.431913][ T5616]  sctp_sendmsg+0xf10/0x18d0
[   65.431940][ T5616]  ? selinux_socket_sendmsg+0x161/0x1b0
[   65.432021][ T5616]  ? __pfx_sctp_sendmsg+0x10/0x10
[   65.432077][ T5616]  inet_sendmsg+0xc5/0xd0
[   65.432095][ T5616]  __sock_sendmsg+0x102/0x180
[   65.432120][ T5616]  ____sys_sendmsg+0x345/0x4e0
[   65.432165][ T5616]  ___sys_sendmsg+0x17b/0x1d0
[   65.432281][ T5616]  __sys_sendmmsg+0x178/0x300
[   65.432309][ T5616]  __x64_sys_sendmmsg+0x57/0x70
[   65.432399][ T5616]  x64_sys_call+0x2f2f/0x2fb0
[   65.432420][ T5616]  do_syscall_64+0xd2/0x200
[   65.432492][ T5616]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   65.432517][ T5616]  ? clear_bhb_loop+0x40/0x90
[   65.432537][ T5616]  ? clear_bhb_loop+0x40/0x90
[   65.432610][ T5616]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   65.432631][ T5616] RIP: 0033:0x7fd8f9a9e929
[   65.432649][ T5616] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   65.432666][ T5616] RSP: 002b:00007fd8f8107038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   65.432684][ T5616] RAX: ffffffffffffffda RBX: 00007fd8f9cc5fa0 RCX: 00007fd8f9a9e929
[   65.432763][ T5616] RDX: 0000000000000002 RSI: 0000200000000880 RDI: 0000000000000003
[   65.432775][ T5616] RBP: 00007fd8f8107090 R08: 0000000000000000 R09: 0000000000000000
[   65.432786][ T5616] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   65.432798][ T5616] R13: 0000000000000000 R14: 00007fd8f9cc5fa0 R15: 00007fff1be1a1e8
[   65.432816][ T5616]  </TASK>
[   65.697038][   T29] audit: type=1326 audit(1751160992.818:6818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5605 comm="syz.4.723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e9fa1e929 code=0x7ffc0000
[   65.720320][   T29] audit: type=1326 audit(1751160992.818:6819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5605 comm="syz.4.723" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3e9fa1e929 code=0x7ffc0000
[   65.802053][ T5637] netlink: 8 bytes leftover after parsing attributes in process `syz.1.734'.
[   65.837928][ T5643] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   65.837928][ T5643]    program syz.0.737 not setting count and/or reply_len properly
[   66.023779][ T5656] smc: net device bond0 applied user defined pnetid SYZ2
[   66.064774][ T5656] smc: net device bond0 erased user defined pnetid SYZ2
[   66.272361][ T5670] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[   66.278991][ T5670] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   66.286610][ T5670] vhci_hcd vhci_hcd.0: Device attached
[   66.324479][ T5673] vhci_hcd: connection closed
[   66.326895][   T12] vhci_hcd: stop threads
[   66.335841][   T12] vhci_hcd: release socket
[   66.340379][   T12] vhci_hcd: disconnect device
[   66.349145][ T5679] netlink: 'syz.1.751': attribute type 1 has an invalid length.
[   66.437109][ T5679] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link
[   66.463418][ T5679] veth5: entered promiscuous mode
[   66.520793][ T5697] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[   66.569247][ T5697] IPVS: stopping master sync thread 4732 ...
[   66.582290][ T5705] ip6t_srh: unknown srh invflags 7D00
[   66.597858][ T5697] netlink: 'syz.3.757': attribute type 27 has an invalid length.
[   66.613960][ T5709] netlink: 'syz.1.762': attribute type 27 has an invalid length.
[   66.651608][ T5709] 8021q: adding VLAN 0 to HW filter on device $Hÿ
[   66.659729][ T5709] 8021q: adding VLAN 0 to HW filter on device team0
[   66.669231][ T5709] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   66.767344][ T5732] smc: net device bond0 applied user defined pnetid SYZ2
[   66.774728][ T5732] smc: net device bond0 erased user defined pnetid SYZ2
[   66.893377][ T5741] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[   66.917317][ T5741] IPVS: Error connecting to the multicast addr
[   66.925616][ T5741] netlink: 'syz.0.777': attribute type 27 has an invalid length.
[   66.988694][ T5756] smc: net device bond0 applied user defined pnetid SYZ2
[   66.995974][ T5756] smc: net device bond0 erased user defined pnetid SYZ2
[   67.019380][ T5759] syzkaller1: entered promiscuous mode
[   67.024879][ T5759] syzkaller1: entered allmulticast mode
[   67.167176][ T5764] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[   67.173751][ T5764] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   67.181321][ T5764] vhci_hcd vhci_hcd.0: Device attached
[   67.188817][ T5765] vhci_hcd: connection closed
[   67.189374][  T414] vhci_hcd: stop threads
[   67.198300][  T414] vhci_hcd: release socket
[   67.202727][  T414] vhci_hcd: disconnect device
[   67.362577][ T5768] __nla_validate_parse: 4 callbacks suppressed
[   67.362586][ T5768] netlink: 28 bytes leftover after parsing attributes in process `syz.3.788'.
[   67.465793][ T5776] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   67.482926][ T5776] 9pnet_fd: Insufficient options for proto=fd
[   67.493535][ T5778] netlink: 'syz.3.793': attribute type 1 has an invalid length.
[   67.501437][ T5778] netlink: 224 bytes leftover after parsing attributes in process `syz.3.793'.
[   67.551451][ T5786] FAULT_INJECTION: forcing a failure.
[   67.551451][ T5786] name failslab, interval 1, probability 0, space 0, times 0
[   67.562345][ T5782] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[   67.564171][ T5786] CPU: 0 UID: 0 PID: 5786 Comm: syz.5.796 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   67.564198][ T5786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   67.564216][ T5786] Call Trace:
[   67.564221][ T5786]  <TASK>
[   67.564228][ T5786]  __dump_stack+0x1d/0x30
[   67.564252][ T5786]  dump_stack_lvl+0xe8/0x140
[   67.564272][ T5786]  dump_stack+0x15/0x1b
[   67.564286][ T5786]  should_fail_ex+0x265/0x280
[   67.564313][ T5786]  should_failslab+0x8c/0xb0
[   67.564336][ T5786]  kmem_cache_alloc_noprof+0x50/0x310
[   67.564380][ T5786]  ? __anon_vma_prepare+0x70/0x2f0
[   67.564409][ T5786]  ? __alloc_frozen_pages_noprof+0x188/0x360
[   67.564457][ T5786]  __anon_vma_prepare+0x70/0x2f0
[   67.564502][ T5786]  do_wp_page+0x1838/0x2400
[   67.564523][ T5786]  ? __rcu_read_lock+0x37/0x50
[   67.564623][ T5786]  handle_mm_fault+0x77d/0x2be0
[   67.564644][ T5786]  ? mas_walk+0xf2/0x120
[   67.564677][ T5786]  do_user_addr_fault+0x636/0x1090
[   67.564719][ T5786]  ? fpregs_assert_state_consistent+0xb4/0xe0
[   67.564805][ T5786]  exc_page_fault+0x62/0xa0
[   67.564869][ T5786]  asm_exc_page_fault+0x26/0x30
[   67.564889][ T5786] RIP: 0033:0x7fd8f9960ca3
[   67.564903][ T5786] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
[   67.564919][ T5786] RSP: 002b:00007fd8f81064a0 EFLAGS: 00010202
[   67.564954][ T5786] RAX: 0000000000000400 RBX: 00007fd8f8106540 RCX: 00007fd8efce7000
[   67.564967][ T5786] RDX: 00007fd8f81066e0 RSI: 0000000000000011 RDI: 00007fd8f81065e0
[   67.564979][ T5786] RBP: 00000000000000f9 R08: 0000000000000009 R09: 00000000000001c3
[   67.564990][ T5786] R10: 00000000000001d4 R11: 00007fd8f8106540 R12: 0000000000000001
[   67.565002][ T5786] R13: 00007fd8f9b3c200 R14: 0000000000000020 R15: 00007fd8f81065e0
[   67.565103][ T5786]  </TASK>
[   67.565112][ T5786] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[   67.572180][ T5782] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[   67.773276][ T5788] syzkaller1: entered promiscuous mode
[   67.778784][ T5788] syzkaller1: entered allmulticast mode
[   67.805465][ T5792] smc: net device bond0 applied user defined pnetid SYZ2
[   67.812936][ T5792] smc: net device bond0 erased user defined pnetid SYZ2
[   67.839857][ T5794] syzkaller1: entered promiscuous mode
[   67.845429][ T5794] syzkaller1: entered allmulticast mode
[   67.876899][ T5798] netlink: 'syz.3.802': attribute type 27 has an invalid length.
[   67.897205][ T5798] 8021q: adding VLAN 0 to HW filter on device bond0
[   67.905257][ T5798] 8021q: adding VLAN 0 to HW filter on device team0
[   67.907280][ T5801] netlink: 20 bytes leftover after parsing attributes in process `syz.4.803'.
[   67.920800][ T5801] netlink: 20 bytes leftover after parsing attributes in process `syz.4.803'.
[   67.930026][ T5798] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   67.946174][ T5801] FAULT_INJECTION: forcing a failure.
[   67.946174][ T5801] name failslab, interval 1, probability 0, space 0, times 0
[   67.958892][ T5801] CPU: 1 UID: 0 PID: 5801 Comm: syz.4.803 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   67.958990][ T5801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   67.959002][ T5801] Call Trace:
[   67.959008][ T5801]  <TASK>
[   67.959015][ T5801]  __dump_stack+0x1d/0x30
[   67.959033][ T5801]  dump_stack_lvl+0xe8/0x140
[   67.959144][ T5801]  dump_stack+0x15/0x1b
[   67.959160][ T5801]  should_fail_ex+0x265/0x280
[   67.959189][ T5801]  should_failslab+0x8c/0xb0
[   67.959208][ T5801]  kmem_cache_alloc_noprof+0x50/0x310
[   67.959231][ T5801]  ? mm_alloc+0x2b/0xa0
[   67.959317][ T5801]  mm_alloc+0x2b/0xa0
[   67.959333][ T5801]  alloc_bprm+0x20e/0x350
[   67.959361][ T5801]  do_execveat_common+0x12e/0x750
[   67.959485][ T5801]  __x64_sys_execve+0x5c/0x70
[   67.959512][ T5801]  x64_sys_call+0x13ab/0x2fb0
[   67.959575][ T5801]  do_syscall_64+0xd2/0x200
[   67.959590][ T5801]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   67.959612][ T5801]  ? clear_bhb_loop+0x40/0x90
[   67.959633][ T5801]  ? clear_bhb_loop+0x40/0x90
[   67.959653][ T5801]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.959729][ T5801] RIP: 0033:0x7f3e9fa1e929
[   67.959741][ T5801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   67.959754][ T5801] RSP: 002b:00007f3e9e087038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[   67.959769][ T5801] RAX: ffffffffffffffda RBX: 00007f3e9fc45fa0 RCX: 00007f3e9fa1e929
[   67.959779][ T5801] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000840
[   67.959789][ T5801] RBP: 00007f3e9e087090 R08: 0000000000000000 R09: 0000000000000000
[   67.959799][ T5801] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   67.959808][ T5801] R13: 0000000000000000 R14: 00007f3e9fc45fa0 R15: 00007fff69b0f8b8
[   67.959878][ T5801]  </TASK>
[   68.225010][ T5816] capability: warning: `syz.3.810' uses deprecated v2 capabilities in a way that may be insecure
[   68.302617][ T5828] netlink: 'syz.0.816': attribute type 27 has an invalid length.
[   68.321697][ T5828] 8021q: adding VLAN 0 to HW filter on device bond0
[   68.329369][ T5828] 8021q: adding VLAN 0 to HW filter on device team0
[   68.337879][ T5828] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   68.416175][ T5838] FAULT_INJECTION: forcing a failure.
[   68.416175][ T5838] name failslab, interval 1, probability 0, space 0, times 0
[   68.428892][ T5838] CPU: 1 UID: 0 PID: 5838 Comm: syz.0.820 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   68.428973][ T5838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   68.428984][ T5838] Call Trace:
[   68.428989][ T5838]  <TASK>
[   68.429055][ T5838]  __dump_stack+0x1d/0x30
[   68.429074][ T5838]  dump_stack_lvl+0xe8/0x140
[   68.429089][ T5838]  dump_stack+0x15/0x1b
[   68.429106][ T5838]  should_fail_ex+0x265/0x280
[   68.429150][ T5838]  ? alloc_netdev_mqs+0x829/0xab0
[   68.429177][ T5838]  should_failslab+0x8c/0xb0
[   68.429201][ T5838]  __kmalloc_cache_noprof+0x4c/0x320
[   68.429252][ T5838]  alloc_netdev_mqs+0x829/0xab0
[   68.429283][ T5838]  rtnl_create_link+0x239/0x710
[   68.429338][ T5838]  rtnl_newlink_create+0x14c/0x620
[   68.429364][ T5838]  ? security_capable+0x83/0x90
[   68.429399][ T5838]  ? netlink_ns_capable+0x86/0xa0
[   68.429445][ T5838]  rtnl_newlink+0xf29/0x12d0
[   68.429512][ T5838]  ? xas_load+0x413/0x430
[   68.429537][ T5838]  ? __memcg_slab_free_hook+0x135/0x230
[   68.429563][ T5838]  ? __kfree_skb+0x109/0x150
[   68.429618][ T5838]  ? __rcu_read_unlock+0x4f/0x70
[   68.429704][ T5838]  ? avc_has_perm_noaudit+0x1b1/0x200
[   68.429721][ T5838]  ? selinux_capable+0x1f9/0x270
[   68.429738][ T5838]  ? security_capable+0x83/0x90
[   68.429751][ T5838]  ? ns_capable+0x7d/0xb0
[   68.429789][ T5838]  ? __pfx_rtnl_newlink+0x10/0x10
[   68.429800][ T5838]  rtnetlink_rcv_msg+0x5fe/0x6d0
[   68.429814][ T5838]  netlink_rcv_skb+0x123/0x220
[   68.429831][ T5838]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   68.429921][ T5838]  rtnetlink_rcv+0x1c/0x30
[   68.429938][ T5838]  netlink_unicast+0x59e/0x670
[   68.429954][ T5838]  netlink_sendmsg+0x58b/0x6b0
[   68.429965][ T5838]  ? __pfx_netlink_sendmsg+0x10/0x10
[   68.430021][ T5838]  __sock_sendmsg+0x145/0x180
[   68.430034][ T5838]  ____sys_sendmsg+0x31e/0x4e0
[   68.430053][ T5838]  ___sys_sendmsg+0x17b/0x1d0
[   68.430081][ T5838]  __x64_sys_sendmsg+0xd4/0x160
[   68.430100][ T5838]  x64_sys_call+0x2999/0x2fb0
[   68.430112][ T5838]  do_syscall_64+0xd2/0x200
[   68.430121][ T5838]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   68.430209][ T5838]  ? clear_bhb_loop+0x40/0x90
[   68.430252][ T5838]  ? clear_bhb_loop+0x40/0x90
[   68.430321][ T5838]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.430333][ T5838] RIP: 0033:0x7f98c3c6e929
[   68.430342][ T5838] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   68.430351][ T5838] RSP: 002b:00007f98c22d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   68.430362][ T5838] RAX: ffffffffffffffda RBX: 00007f98c3e95fa0 RCX: 00007f98c3c6e929
[   68.430397][ T5838] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000003
[   68.430404][ T5838] RBP: 00007f98c22d7090 R08: 0000000000000000 R09: 0000000000000000
[   68.430410][ T5838] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   68.430418][ T5838] R13: 0000000000000000 R14: 00007f98c3e95fa0 R15: 00007fff392dfde8
[   68.430428][ T5838]  </TASK>
[   68.784839][ T5853] netlink: 'syz.0.826': attribute type 3 has an invalid length.
[   68.996230][ T5875] 8021q: adding VLAN 0 to HW filter on device bond1
[   69.009263][ T5875] netlink: 176 bytes leftover after parsing attributes in process `syz.5.834'.
[   69.022889][ T5875] veth3: entered promiscuous mode
[   69.031663][ T5875] netlink: 44 bytes leftover after parsing attributes in process `syz.5.834'.
[   69.111075][ T5884] netdevsim netdevsim4: Direct firmware load for ÿÿÿÿ failed with error -2
[   69.254294][ T5898] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[   69.262529][ T5898] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[   69.439113][ T5921] netlink: 24 bytes leftover after parsing attributes in process `syz.3.855'.
[   69.673921][ T5950] bridge_slave_0: left allmulticast mode
[   69.679786][ T5950] bridge_slave_0: left promiscuous mode
[   69.685561][ T5950] bridge0: port 1(bridge_slave_0) entered disabled state
[   69.693507][ T5950] bridge_slave_1: left allmulticast mode
[   69.699184][ T5950] bridge_slave_1: left promiscuous mode
[   69.704826][ T5950] bridge0: port 2(bridge_slave_1) entered disabled state
[   69.713957][ T5950] bond0: (slave bond_slave_0): Releasing backup interface
[   69.725217][ T5950] bond0: (slave bond_slave_1): Releasing backup interface
[   69.738419][ T5950] team0: Port device team_slave_0 removed
[   69.746599][ T5950] team0: Port device team_slave_1 removed
[   69.752844][ T5950] batman_adv: batadv0: Removing interface: batadv_slave_1
[   69.830592][ T5968] validate_nla: 2 callbacks suppressed
[   69.830606][ T5968] netlink: 'syz.0.876': attribute type 1 has an invalid length.
[   69.857937][   T29] kauditd_printk_skb: 1114 callbacks suppressed
[   69.857952][   T29] audit: type=1400 audit(1751160997.308:7934): avc:  denied  { create } for  pid=5967 comm="syz.0.876" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=0
[   69.893618][   T29] audit: type=1400 audit(1751160997.308:7935): avc:  denied  { map_create } for  pid=5967 comm="syz.0.876" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   69.912815][   T29] audit: type=1400 audit(1751160997.308:7936): avc:  denied  { prog_load } for  pid=5967 comm="syz.0.876" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   69.931856][   T29] audit: type=1400 audit(1751160997.308:7937): avc:  denied  { prog_load } for  pid=5967 comm="syz.0.876" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   69.950819][   T29] audit: type=1400 audit(1751160997.318:7938): avc:  denied  { prog_load } for  pid=5971 comm="syz.1.877" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   69.969797][   T29] audit: type=1400 audit(1751160997.318:7939): avc:  denied  { create } for  pid=5971 comm="syz.1.877" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=0
[   69.990586][   T29] audit: type=1400 audit(1751160997.338:7940): avc:  denied  { map_create } for  pid=5971 comm="syz.1.877" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   70.009787][   T29] audit: type=1400 audit(1751160997.338:7941): avc:  denied  { prog_load } for  pid=5971 comm="syz.1.877" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   70.023334][ T5990] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[   70.028799][   T29] audit: type=1400 audit(1751160997.338:7942): avc:  denied  { write } for  pid=5971 comm="syz.1.877" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=0
[   70.036936][ T5990] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[   70.060405][   T29] audit: type=1400 audit(1751160997.338:7943): avc:  denied  { map_create } for  pid=5973 comm="syz.0.878" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   70.190772][ T6004] netlink: 12 bytes leftover after parsing attributes in process `syz.0.893'.
[   70.311475][ T6010] SET target dimension over the limit!
[   70.950578][ T6078] netlink: 'syz.4.927': attribute type 27 has an invalid length.
[   70.969031][ T6078] 8021q: adding VLAN 0 to HW filter on device bond0
[   70.976758][ T6078] 8021q: adding VLAN 0 to HW filter on device team0
[   70.985333][ T6078] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   71.125550][ T6089] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[   71.133779][ T6089] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[   71.165294][ T6094] netlink: 260 bytes leftover after parsing attributes in process `syz.5.934'.
[   71.174953][ T6094] netlink: 40 bytes leftover after parsing attributes in process `syz.5.934'.
[   71.187482][ T6094] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   71.196325][ T6094] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   71.205236][ T6094] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   71.214056][ T6094] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   71.282831][ T6104] netlink: 'syz.5.939': attribute type 27 has an invalid length.
[   71.309538][ T6104] veth3: left promiscuous mode
[   71.314632][ T6104] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   71.323566][ T6104] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   71.332508][ T6104] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   71.341412][ T6104] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   71.365163][ T6108] 8021q: adding VLAN 0 to HW filter on device bond0
[   71.373277][ T6108] 8021q: adding VLAN 0 to HW filter on device team0
[   71.382715][ T6108] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   71.446423][ T6119] SET target dimension over the limit!
[   71.593003][ T6146] SET target dimension over the limit!
[   71.724598][ T6160] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=6160 comm=syz.5.965
[   71.784202][ T6171] SET target dimension over the limit!
[   71.864981][ T6176] FAULT_INJECTION: forcing a failure.
[   71.864981][ T6176] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   71.878796][ T6176] CPU: 1 UID: 0 PID: 6176 Comm: syz.5.971 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   71.878819][ T6176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   71.878847][ T6176] Call Trace:
[   71.878853][ T6176]  <TASK>
[   71.878861][ T6176]  __dump_stack+0x1d/0x30
[   71.878883][ T6176]  dump_stack_lvl+0xe8/0x140
[   71.878903][ T6176]  dump_stack+0x15/0x1b
[   71.878916][ T6176]  should_fail_ex+0x265/0x280
[   71.879025][ T6176]  should_fail+0xb/0x20
[   71.879049][ T6176]  should_fail_usercopy+0x1a/0x20
[   71.879081][ T6176]  _copy_from_iter+0xcf/0xe40
[   71.879125][ T6176]  ? rep_movs_alternative+0x4a/0x90
[   71.879148][ T6176]  ? _copy_from_iter+0x16d/0xe40
[   71.879177][ T6176]  copy_page_from_iter+0x178/0x2a0
[   71.879193][ T6176]  skb_copy_datagram_from_iter+0x232/0x490
[   71.879283][ T6176]  unix_stream_sendmsg+0x45e/0x8e0
[   71.879312][ T6176]  ? __pfx_unix_stream_sendmsg+0x10/0x10
[   71.879336][ T6176]  __sock_sendmsg+0x145/0x180
[   71.879366][ T6176]  ____sys_sendmsg+0x31e/0x4e0
[   71.879432][ T6176]  ___sys_sendmsg+0x17b/0x1d0
[   71.879523][ T6176]  __x64_sys_sendmsg+0xd4/0x160
[   71.879556][ T6176]  x64_sys_call+0x2999/0x2fb0
[   71.879577][ T6176]  do_syscall_64+0xd2/0x200
[   71.879593][ T6176]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   71.879620][ T6176]  ? clear_bhb_loop+0x40/0x90
[   71.879673][ T6176]  ? clear_bhb_loop+0x40/0x90
[   71.879727][ T6176]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.879748][ T6176] RIP: 0033:0x7fd8f9a9e929
[   71.879841][ T6176] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   71.879857][ T6176] RSP: 002b:00007fd8f80e6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   71.879875][ T6176] RAX: ffffffffffffffda RBX: 00007fd8f9cc6080 RCX: 00007fd8f9a9e929
[   71.879886][ T6176] RDX: 0000000000000000 RSI: 0000200000000500 RDI: 0000000000000004
[   71.879897][ T6176] RBP: 00007fd8f80e6090 R08: 0000000000000000 R09: 0000000000000000
[   71.879908][ T6176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   71.879918][ T6176] R13: 0000000000000001 R14: 00007fd8f9cc6080 R15: 00007fff1be1a1e8
[   71.879934][ T6176]  </TASK>
[   72.132421][ T6184] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[   72.140824][ T6184] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[   72.167327][ T6186] x_tables: ip6_tables: mh match: only valid for protocol 135
[   73.138873][ T6240] ip6gre1: entered allmulticast mode
[   73.297218][ T6271] netlink: 'syz.0.1013': attribute type 27 has an invalid length.
[   73.343244][ T6271] 8021q: adding VLAN 0 to HW filter on device bond0
[   73.352563][ T6271] 8021q: adding VLAN 0 to HW filter on device team0
[   73.362159][ T6271] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   73.731242][ T6314] syz.4.1034 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   73.997781][ T6326] netlink: 'syz.5.1039': attribute type 1 has an invalid length.
[   74.012650][ T6326] 8021q: adding VLAN 0 to HW filter on device bond2
[   74.025299][ T6326] netlink: 'syz.5.1039': attribute type 21 has an invalid length.
[   74.035508][ T6326] netlink: 'syz.5.1039': attribute type 1 has an invalid length.
[   74.043362][ T6326] netlink: 144 bytes leftover after parsing attributes in process `syz.5.1039'.
[   74.058503][ T6326] veth5: entered promiscuous mode
[   74.067712][ T6326] vlan2: entered allmulticast mode
[   74.072892][ T6326] bond2: entered allmulticast mode
[   74.219339][ T6340] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(5)
[   74.225882][ T6340] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   74.233396][ T6340] vhci_hcd vhci_hcd.0: Device attached
[   74.251043][ T6343] vhci_hcd: connection closed
[   74.251979][  T414] vhci_hcd: stop threads
[   74.260938][  T414] vhci_hcd: release socket
[   74.265352][  T414] vhci_hcd: disconnect device
[   74.289839][ T6333] SET target dimension over the limit!
[   74.310296][ T6351] FAULT_INJECTION: forcing a failure.
[   74.310296][ T6351] name failslab, interval 1, probability 0, space 0, times 0
[   74.323117][ T6351] CPU: 0 UID: 0 PID: 6351 Comm: syz.1.1049 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   74.323171][ T6351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   74.323183][ T6351] Call Trace:
[   74.323190][ T6351]  <TASK>
[   74.323198][ T6351]  __dump_stack+0x1d/0x30
[   74.323220][ T6351]  dump_stack_lvl+0xe8/0x140
[   74.323289][ T6351]  dump_stack+0x15/0x1b
[   74.323305][ T6351]  should_fail_ex+0x265/0x280
[   74.323356][ T6351]  should_failslab+0x8c/0xb0
[   74.323379][ T6351]  kmem_cache_alloc_node_noprof+0x57/0x320
[   74.323483][ T6351]  ? __alloc_skb+0x101/0x320
[   74.323512][ T6351]  __alloc_skb+0x101/0x320
[   74.323549][ T6351]  netlink_ack+0xfd/0x500
[   74.323578][ T6351]  netlink_rcv_skb+0x192/0x220
[   74.323678][ T6351]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   74.323706][ T6351]  rtnetlink_rcv+0x1c/0x30
[   74.323726][ T6351]  netlink_unicast+0x59e/0x670
[   74.323834][ T6351]  netlink_sendmsg+0x58b/0x6b0
[   74.323855][ T6351]  ? __pfx_netlink_sendmsg+0x10/0x10
[   74.323875][ T6351]  __sock_sendmsg+0x145/0x180
[   74.323895][ T6351]  ____sys_sendmsg+0x31e/0x4e0
[   74.323978][ T6351]  ___sys_sendmsg+0x17b/0x1d0
[   74.324042][ T6351]  __x64_sys_sendmsg+0xd4/0x160
[   74.324078][ T6351]  x64_sys_call+0x2999/0x2fb0
[   74.324097][ T6351]  do_syscall_64+0xd2/0x200
[   74.324112][ T6351]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   74.324172][ T6351]  ? clear_bhb_loop+0x40/0x90
[   74.324191][ T6351]  ? clear_bhb_loop+0x40/0x90
[   74.324208][ T6351]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.324225][ T6351] RIP: 0033:0x7ff1c238e929
[   74.324278][ T6351] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.324292][ T6351] RSP: 002b:00007ff1c09f7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   74.324307][ T6351] RAX: ffffffffffffffda RBX: 00007ff1c25b5fa0 RCX: 00007ff1c238e929
[   74.324347][ T6351] RDX: 00000000200400d4 RSI: 0000200000006040 RDI: 0000000000000007
[   74.324360][ T6351] RBP: 00007ff1c09f7090 R08: 0000000000000000 R09: 0000000000000000
[   74.324372][ T6351] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   74.324385][ T6351] R13: 0000000000000000 R14: 00007ff1c25b5fa0 R15: 00007ffc5be046b8
[   74.324403][ T6351]  </TASK>
[   74.357974][ T6353] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1050'.
[   74.409484][ T6358] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1050'.
[   74.582007][ T6361] team0 (unregistering): Port device team_slave_0 removed
[   74.590233][ T6361] team0 (unregistering): Port device team_slave_1 removed
[   74.770895][ T6378] SET target dimension over the limit!
[   74.862402][   T29] kauditd_printk_skb: 1462 callbacks suppressed
[   74.862416][   T29] audit: type=1400 audit(1751161002.318:9406): avc:  denied  { map_create } for  pid=6402 comm="syz.5.1071" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   74.888788][   T29] audit: type=1400 audit(1751161002.328:9407): avc:  denied  { prog_load } for  pid=6402 comm="syz.5.1071" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   74.907900][   T29] audit: type=1400 audit(1751161002.328:9408): avc:  denied  { create } for  pid=6402 comm="syz.5.1071" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[   74.928439][   T29] audit: type=1400 audit(1751161002.328:9409): avc:  denied  { create } for  pid=6402 comm="syz.5.1071" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[   74.949003][   T29] audit: type=1400 audit(1751161002.328:9410): avc:  denied  { create } for  pid=6402 comm="syz.5.1071" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=0
[   74.964271][ T6407] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1073'.
[   74.968372][   T29] audit: type=1400 audit(1751161002.328:9411): avc:  denied  { prog_load } for  pid=6402 comm="syz.5.1071" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   74.977311][ T6407] netlink: 11 bytes leftover after parsing attributes in process `syz.4.1073'.
[   74.996285][   T29] audit: type=1400 audit(1751161002.328:9412): avc:  denied  { prog_load } for  pid=6402 comm="syz.5.1071" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   74.996335][   T29] audit: type=1400 audit(1751161002.328:9413): avc:  denied  { map_create } for  pid=6402 comm="syz.5.1071" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   75.043522][   T29] audit: type=1400 audit(1751161002.328:9414): avc:  denied  { prog_load } for  pid=6402 comm="syz.5.1071" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   75.062638][   T29] audit: type=1400 audit(1751161002.348:9415): avc:  denied  { map_create } for  pid=6404 comm="syz.4.1072" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   75.066767][ T6412] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=123 sclass=netlink_route_socket pid=6412 comm=syz.5.1075
[   75.156774][ T6415] netlink: 'syz.4.1077': attribute type 27 has an invalid length.
[   75.176342][ T6415] ip6gre1: left allmulticast mode
[   75.202795][ T6415] 8021q: adding VLAN 0 to HW filter on device bond0
[   75.210584][ T6415] 8021q: adding VLAN 0 to HW filter on device team0
[   75.219469][ T6415] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   75.586083][ T6446] netlink: 'syz.0.1091': attribute type 1 has an invalid length.
[   75.619413][ T6451] netlink: 'syz.5.1093': attribute type 27 has an invalid length.
[   75.643611][ T6451] veth5: left promiscuous mode
[   75.649173][ T6453] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[   75.657386][ T6453] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[   75.714509][ T6469] $Hÿ: renamed from bond0
[   75.720697][ T6469] $Hÿ: entered promiscuous mode
[   75.725717][ T6469] bond_slave_0: entered promiscuous mode
[   75.731543][ T6469] bond_slave_1: entered promiscuous mode
[   75.838191][ T6481] netlink: 'syz.0.1105': attribute type 29 has an invalid length.
[   75.846126][ T6481] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1105'.
[   75.957460][ T6485] netlink: 'syz.0.1107': attribute type 1 has an invalid length.
[   76.114311][ T6504] FAULT_INJECTION: forcing a failure.
[   76.114311][ T6504] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   76.127440][ T6504] CPU: 1 UID: 0 PID: 6504 Comm: syz.4.1116 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   76.127464][ T6504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   76.127471][ T6504] Call Trace:
[   76.127475][ T6504]  <TASK>
[   76.127479][ T6504]  __dump_stack+0x1d/0x30
[   76.127492][ T6504]  dump_stack_lvl+0xe8/0x140
[   76.127502][ T6504]  dump_stack+0x15/0x1b
[   76.127586][ T6504]  should_fail_ex+0x265/0x280
[   76.127662][ T6504]  should_fail+0xb/0x20
[   76.127748][ T6504]  should_fail_usercopy+0x1a/0x20
[   76.127822][ T6504]  _copy_to_user+0x20/0xa0
[   76.127833][ T6504]  simple_read_from_buffer+0xb5/0x130
[   76.127903][ T6504]  proc_fail_nth_read+0x100/0x140
[   76.127922][ T6504]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   76.128005][ T6504]  vfs_read+0x19d/0x6f0
[   76.128115][ T6504]  ? __rcu_read_unlock+0x4f/0x70
[   76.128127][ T6504]  ? __fget_files+0x184/0x1c0
[   76.128199][ T6504]  ksys_read+0xda/0x1a0
[   76.128226][ T6504]  __x64_sys_read+0x40/0x50
[   76.128242][ T6504]  x64_sys_call+0x2d77/0x2fb0
[   76.128294][ T6504]  do_syscall_64+0xd2/0x200
[   76.128304][ T6504]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   76.128318][ T6504]  ? clear_bhb_loop+0x40/0x90
[   76.128330][ T6504]  ? clear_bhb_loop+0x40/0x90
[   76.128375][ T6504]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.128395][ T6504] RIP: 0033:0x7f3e9fa1d33c
[   76.128410][ T6504] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   76.128426][ T6504] RSP: 002b:00007f3e9e087030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   76.128481][ T6504] RAX: ffffffffffffffda RBX: 00007f3e9fc45fa0 RCX: 00007f3e9fa1d33c
[   76.128495][ T6504] RDX: 000000000000000f RSI: 00007f3e9e0870a0 RDI: 0000000000000003
[   76.128507][ T6504] RBP: 00007f3e9e087090 R08: 0000000000000000 R09: 0000000000000000
[   76.128517][ T6504] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   76.128527][ T6504] R13: 0000000000000000 R14: 00007f3e9fc45fa0 R15: 00007fff69b0f8b8
[   76.128541][ T6504]  </TASK>
[   76.372687][ T6507] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1117'.
[   76.417098][ T6519] netlink: 'syz.4.1122': attribute type 1 has an invalid length.
[   76.754555][ T6544] netlink: 'syz.1.1134': attribute type 1 has an invalid length.
[   76.898412][ T6547] netlink: 'syz.5.1135': attribute type 27 has an invalid length.
[   76.911650][ T6551] netlink: 'syz.1.1137': attribute type 27 has an invalid length.
[   76.926246][ T6547] $Hÿ: left promiscuous mode
[   76.931101][ T6547] bond_slave_0: left promiscuous mode
[   76.936661][ T6547] bond_slave_1: left promiscuous mode
[   76.972556][ T6555] FAULT_INJECTION: forcing a failure.
[   76.972556][ T6555] name failslab, interval 1, probability 0, space 0, times 0
[   76.985327][ T6555] CPU: 1 UID: 0 PID: 6555 Comm: syz.3.1138 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   76.985357][ T6555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   76.985368][ T6555] Call Trace:
[   76.985374][ T6555]  <TASK>
[   76.985381][ T6555]  __dump_stack+0x1d/0x30
[   76.985445][ T6555]  dump_stack_lvl+0xe8/0x140
[   76.985528][ T6555]  dump_stack+0x15/0x1b
[   76.985545][ T6555]  should_fail_ex+0x265/0x280
[   76.985642][ T6555]  should_failslab+0x8c/0xb0
[   76.985707][ T6555]  kmem_cache_alloc_noprof+0x50/0x310
[   76.985749][ T6555]  ? _request_firmware+0x5b6/0xbb0
[   76.985835][ T6555]  ? prepare_kernel_cred+0x46d/0x680
[   76.985856][ T6555]  _request_firmware+0x5b6/0xbb0
[   76.985882][ T6555]  request_firmware+0x36/0x50
[   76.985910][ T6555]  devlink_compat_flash_update+0xb2/0x1b0
[   76.985971][ T6555]  dev_ethtool+0x148b/0x1650
[   76.986042][ T6555]  ? full_name_hash+0x92/0xe0
[   76.986068][ T6555]  dev_ioctl+0x2e0/0x960
[   76.986086][ T6555]  sock_do_ioctl+0x197/0x220
[   76.986107][ T6555]  sock_ioctl+0x41b/0x610
[   76.986124][ T6555]  ? __pfx_sock_ioctl+0x10/0x10
[   76.986141][ T6555]  __se_sys_ioctl+0xcb/0x140
[   76.986213][ T6555]  __x64_sys_ioctl+0x43/0x50
[   76.986261][ T6555]  x64_sys_call+0x19a8/0x2fb0
[   76.986279][ T6555]  do_syscall_64+0xd2/0x200
[   76.986300][ T6555]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   76.986418][ T6555]  ? clear_bhb_loop+0x40/0x90
[   76.986436][ T6555]  ? clear_bhb_loop+0x40/0x90
[   76.986454][ T6555]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.986501][ T6555] RIP: 0033:0x7fceefc7e929
[   76.986514][ T6555] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.986527][ T6555] RSP: 002b:00007fceee2e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   76.986677][ T6555] RAX: ffffffffffffffda RBX: 00007fceefea5fa0 RCX: 00007fceefc7e929
[   76.986687][ T6555] RDX: 0000200000000080 RSI: 0000000000008946 RDI: 0000000000000004
[   76.986698][ T6555] RBP: 00007fceee2e7090 R08: 0000000000000000 R09: 0000000000000000
[   76.986710][ T6555] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   76.986723][ T6555] R13: 0000000000000000 R14: 00007fceefea5fa0 R15: 00007ffdd012a888
[   76.986798][ T6555]  </TASK>
[   76.986807][ T6555] netdevsim netdevsim3: Direct firmware load for ÿÿÿÿ failed with error -12
[   76.995357][ T6547] 8021q: adding VLAN 0 to HW filter on device $Hÿ
[   77.229956][ T6547] 8021q: adding VLAN 0 to HW filter on device team0
[   77.239757][ T6547] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   77.340162][ T6566] SET target dimension over the limit!
[   77.489800][ T6587] netdevsim netdevsim5: loading /lib/firmware/. failed with error -22
[   77.498082][ T6587] netdevsim netdevsim5: Direct firmware load for . failed with error -22
[   77.587324][ T6599] netlink: 'syz.3.1158': attribute type 27 has an invalid length.
[   77.693283][ T6617] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1167'.
[   77.762148][ T6626] syz.3.1171 (6626): attempted to duplicate a private mapping with mremap.  This is not supported.
[   77.915197][ T6649] FAULT_INJECTION: forcing a failure.
[   77.915197][ T6649] name failslab, interval 1, probability 0, space 0, times 0
[   77.927920][ T6649] CPU: 1 UID: 0 PID: 6649 Comm: syz.5.1182 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   77.927968][ T6649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   77.927980][ T6649] Call Trace:
[   77.927986][ T6649]  <TASK>
[   77.927993][ T6649]  __dump_stack+0x1d/0x30
[   77.928014][ T6649]  dump_stack_lvl+0xe8/0x140
[   77.928031][ T6649]  dump_stack+0x15/0x1b
[   77.928098][ T6649]  should_fail_ex+0x265/0x280
[   77.928130][ T6649]  should_failslab+0x8c/0xb0
[   77.928150][ T6649]  kmem_cache_alloc_noprof+0x50/0x310
[   77.928194][ T6649]  ? getname_flags+0x80/0x3b0
[   77.928218][ T6649]  getname_flags+0x80/0x3b0
[   77.928302][ T6649]  user_path_at+0x28/0x130
[   77.928325][ T6649]  __se_sys_inotify_add_watch+0x102/0x7b0
[   77.928368][ T6649]  ? fput+0x8f/0xc0
[   77.928388][ T6649]  ? ksys_write+0x192/0x1a0
[   77.928417][ T6649]  __x64_sys_inotify_add_watch+0x43/0x50
[   77.928524][ T6649]  x64_sys_call+0x29a4/0x2fb0
[   77.928546][ T6649]  do_syscall_64+0xd2/0x200
[   77.928565][ T6649]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   77.928638][ T6649]  ? clear_bhb_loop+0x40/0x90
[   77.928659][ T6649]  ? clear_bhb_loop+0x40/0x90
[   77.928681][ T6649]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.928699][ T6649] RIP: 0033:0x7fd8f9a9e929
[   77.928764][ T6649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   77.928779][ T6649] RSP: 002b:00007fd8f8107038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fe
[   77.928799][ T6649] RAX: ffffffffffffffda RBX: 00007fd8f9cc5fa0 RCX: 00007fd8f9a9e929
[   77.928812][ T6649] RDX: 0000000062000011 RSI: 0000200000000000 RDI: 0000000000000003
[   77.928825][ T6649] RBP: 00007fd8f8107090 R08: 0000000000000000 R09: 0000000000000000
[   77.928837][ T6649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   77.928850][ T6649] R13: 0000000000000000 R14: 00007fd8f9cc5fa0 R15: 00007fff1be1a1e8
[   77.928864][ T6649]  </TASK>
[   78.204586][ T6663] 8021q: adding VLAN 0 to HW filter on device bond0
[   78.213758][ T6663] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   78.229850][ T6660] veth0_macvtap: left promiscuous mode
[   78.339759][ T6682] gretap0: entered promiscuous mode
[   78.347106][ T6682] netlink: 31 bytes leftover after parsing attributes in process `syz.0.1198'.
[   78.395915][ T6684] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6684 comm=syz.4.1199
[   78.419683][ T6691] $Hÿ: renamed from bond0 (while UP)
[   78.426801][ T6691] $Hÿ: entered promiscuous mode
[   78.432010][ T6691] bond_slave_0: entered promiscuous mode
[   78.437858][ T6691] bond_slave_1: entered promiscuous mode
[   78.457175][ T6695] tc_dump_action: action bad kind
[   78.661995][ T6721] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1213'.
[   78.942919][ T6739] netdevsim netdevsim3 netdevsim0: entered allmulticast mode
[   78.950536][ T6739] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[   79.081152][ T6748] FAULT_INJECTION: forcing a failure.
[   79.081152][ T6748] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   79.094508][ T6748] CPU: 0 UID: 0 PID: 6748 Comm: syz.3.1226 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   79.094532][ T6748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   79.094543][ T6748] Call Trace:
[   79.094549][ T6748]  <TASK>
[   79.094557][ T6748]  __dump_stack+0x1d/0x30
[   79.094576][ T6748]  dump_stack_lvl+0xe8/0x140
[   79.094620][ T6748]  dump_stack+0x15/0x1b
[   79.094636][ T6748]  should_fail_ex+0x265/0x280
[   79.094667][ T6748]  should_fail_alloc_page+0xf2/0x100
[   79.094689][ T6748]  __alloc_frozen_pages_noprof+0xff/0x360
[   79.094865][ T6748]  alloc_pages_mpol+0xb3/0x250
[   79.094957][ T6748]  alloc_migration_target_by_mpol+0x11b/0x280
[   79.094980][ T6748]  migrate_pages_batch+0x2e7/0x17d0
[   79.095009][ T6748]  ? __pfx_alloc_migration_target_by_mpol+0x10/0x10
[   79.095119][ T6748]  ? mas_ascend+0x1e9/0x560
[   79.095181][ T6748]  migrate_pages+0xf5f/0x1770
[   79.095196][ T6748]  ? __pfx_alloc_migration_target_by_mpol+0x10/0x10
[   79.095211][ T6748]  __se_sys_mbind+0x975/0xac0
[   79.095303][ T6748]  __x64_sys_mbind+0x78/0x90
[   79.095317][ T6748]  x64_sys_call+0x14af/0x2fb0
[   79.095414][ T6748]  do_syscall_64+0xd2/0x200
[   79.095467][ T6748]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   79.095482][ T6748]  ? clear_bhb_loop+0x40/0x90
[   79.095511][ T6748]  ? clear_bhb_loop+0x40/0x90
[   79.095522][ T6748]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.095618][ T6748] RIP: 0033:0x7fceefc7e929
[   79.095627][ T6748] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.095637][ T6748] RSP: 002b:00007fceee2e7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[   79.095648][ T6748] RAX: ffffffffffffffda RBX: 00007fceefea5fa0 RCX: 00007fceefc7e929
[   79.095655][ T6748] RDX: 0000000000000000 RSI: 0100000000004000 RDI: 00002000005b4000
[   79.095662][ T6748] RBP: 00007fceee2e7090 R08: 0000000000000000 R09: 0000000000000002
[   79.095669][ T6748] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   79.095711][ T6748] R13: 0000000000000000 R14: 00007fceefea5fa0 R15: 00007ffdd012a888
[   79.095720][ T6748]  </TASK>
[   79.336833][ T6751] $Hÿ: left promiscuous mode
[   79.341741][ T6751] bond_slave_0: left promiscuous mode
[   79.347375][ T6751] bond_slave_1: left promiscuous mode
[   79.355544][ T6751] netdevsim netdevsim3 netdevsim0: left allmulticast mode
[   79.377709][ T6751] 8021q: adding VLAN 0 to HW filter on device $Hÿ
[   79.387450][ T6751] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   79.511702][ T6774] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[   79.520043][ T6774] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[   79.673055][ T6807] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[   79.681395][ T6807] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[   79.830750][ T6835] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[   79.839099][ T6835] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[   79.869283][   T29] kauditd_printk_skb: 1685 callbacks suppressed
[   79.869295][   T29] audit: type=1400 audit(1751161007.328:11099): avc:  denied  { prog_load } for  pid=6838 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   79.915616][   T29] audit: type=1400 audit(1751161007.348:11100): avc:  denied  { create } for  pid=6842 comm="syz.1.1270" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=0
[   79.936905][   T29] audit: type=1400 audit(1751161007.348:11101): avc:  denied  { prog_load } for  pid=6842 comm="syz.1.1270" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   79.956285][   T29] audit: type=1400 audit(1751161007.348:11102): avc:  denied  { create } for  pid=6842 comm="syz.1.1270" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=0
[   79.976223][   T29] audit: type=1400 audit(1751161007.348:11103): avc:  denied  { prog_load } for  pid=6842 comm="syz.1.1270" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   79.995432][   T29] audit: type=1400 audit(1751161007.348:11104): avc:  denied  { prog_load } for  pid=6842 comm="syz.1.1270" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   80.014671][   T29] audit: type=1400 audit(1751161007.358:11105): avc:  denied  { kexec_image_load } for  pid=6838 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=0
[   80.034325][   T29] audit: type=1400 audit(1751161007.358:11106): avc:  denied  { prog_load } for  pid=6838 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   80.053085][   T29] audit: type=1326 audit(1751161007.358:11107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6842 comm="syz.1.1270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1c238e929 code=0x7ffc0000
[   80.076862][   T29] audit: type=1326 audit(1751161007.358:11108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6842 comm="syz.1.1270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff1c238e929 code=0x7ffc0000
[   80.145306][ T6846] SET target dimension over the limit!
[   80.155897][ T6859] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1276'.
[   80.257562][ T6874] FAULT_INJECTION: forcing a failure.
[   80.257562][ T6874] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   80.270700][ T6874] CPU: 0 UID: 0 PID: 6874 Comm: syz.1.1283 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   80.270779][ T6874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   80.270791][ T6874] Call Trace:
[   80.270797][ T6874]  <TASK>
[   80.270805][ T6874]  __dump_stack+0x1d/0x30
[   80.270827][ T6874]  dump_stack_lvl+0xe8/0x140
[   80.270843][ T6874]  dump_stack+0x15/0x1b
[   80.270857][ T6874]  should_fail_ex+0x265/0x280
[   80.270987][ T6874]  should_fail+0xb/0x20
[   80.271061][ T6874]  should_fail_usercopy+0x1a/0x20
[   80.271166][ T6874]  strncpy_from_user+0x25/0x230
[   80.271193][ T6874]  __x64_sys_getxattr+0xa5/0x140
[   80.271282][ T6874]  x64_sys_call+0x2f5b/0x2fb0
[   80.271302][ T6874]  do_syscall_64+0xd2/0x200
[   80.271320][ T6874]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   80.271347][ T6874]  ? clear_bhb_loop+0x40/0x90
[   80.271368][ T6874]  ? clear_bhb_loop+0x40/0x90
[   80.271428][ T6874]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.271446][ T6874] RIP: 0033:0x7ff1c238e929
[   80.271483][ T6874] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   80.271504][ T6874] RSP: 002b:00007ff1c09f7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bf
[   80.271524][ T6874] RAX: ffffffffffffffda RBX: 00007ff1c25b5fa0 RCX: 00007ff1c238e929
[   80.271537][ T6874] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000000
[   80.271553][ T6874] RBP: 00007ff1c09f7090 R08: 0000000000000000 R09: 0000000000000000
[   80.271563][ T6874] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   80.271576][ T6874] R13: 0000000000000001 R14: 00007ff1c25b5fa0 R15: 00007ffc5be046b8
[   80.271591][ T6874]  </TASK>
[   80.481137][ T6883] validate_nla: 5 callbacks suppressed
[   80.481149][ T6883] netlink: 'syz.5.1287': attribute type 3 has an invalid length.
[   80.684027][ T6894] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[   80.736917][ T6890] SET target dimension over the limit!
[   80.854673][ T6909] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1297'.
[   80.876094][ T6915] FAULT_INJECTION: forcing a failure.
[   80.876094][ T6915] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   80.889211][ T6915] CPU: 0 UID: 0 PID: 6915 Comm: syz.0.1302 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   80.889347][ T6915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   80.889359][ T6915] Call Trace:
[   80.889366][ T6915]  <TASK>
[   80.889372][ T6915]  __dump_stack+0x1d/0x30
[   80.889394][ T6915]  dump_stack_lvl+0xe8/0x140
[   80.889412][ T6915]  dump_stack+0x15/0x1b
[   80.889470][ T6915]  should_fail_ex+0x265/0x280
[   80.889531][ T6915]  should_fail+0xb/0x20
[   80.889609][ T6915]  should_fail_usercopy+0x1a/0x20
[   80.889636][ T6915]  _copy_to_user+0x20/0xa0
[   80.889658][ T6915]  simple_read_from_buffer+0xb5/0x130
[   80.889688][ T6915]  proc_fail_nth_read+0x100/0x140
[   80.889770][ T6915]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   80.889806][ T6915]  vfs_read+0x19d/0x6f0
[   80.889878][ T6915]  ? __rcu_read_unlock+0x4f/0x70
[   80.889897][ T6915]  ? __fget_files+0x184/0x1c0
[   80.889915][ T6915]  ksys_read+0xda/0x1a0
[   80.889946][ T6915]  __x64_sys_read+0x40/0x50
[   80.890027][ T6915]  x64_sys_call+0x2d77/0x2fb0
[   80.890046][ T6915]  do_syscall_64+0xd2/0x200
[   80.890065][ T6915]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   80.890118][ T6915]  ? clear_bhb_loop+0x40/0x90
[   80.890145][ T6915]  ? clear_bhb_loop+0x40/0x90
[   80.890167][ T6915]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.890293][ T6915] RIP: 0033:0x7f98c3c6d33c
[   80.890320][ T6915] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   80.890334][ T6915] RSP: 002b:00007f98c22d7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   80.890373][ T6915] RAX: ffffffffffffffda RBX: 00007f98c3e95fa0 RCX: 00007f98c3c6d33c
[   80.890386][ T6915] RDX: 000000000000000f RSI: 00007f98c22d70a0 RDI: 0000000000000003
[   80.890399][ T6915] RBP: 00007f98c22d7090 R08: 0000000000000000 R09: 0000000000000000
[   80.890412][ T6915] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   80.890482][ T6915] R13: 0000000000000000 R14: 00007f98c3e95fa0 R15: 00007fff392dfde8
[   80.890497][ T6915]  </TASK>
[   81.286951][ T6931] SET target dimension over the limit!
[   81.721402][ T6964] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1323'.
[   81.734589][ T6964] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1323'.
[   82.177207][ T6993] FAULT_INJECTION: forcing a failure.
[   82.177207][ T6993] name failslab, interval 1, probability 0, space 0, times 0
[   82.189856][ T6993] CPU: 1 UID: 0 PID: 6993 Comm: syz.1.1335 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   82.189879][ T6993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   82.189962][ T6993] Call Trace:
[   82.189968][ T6993]  <TASK>
[   82.189976][ T6993]  __dump_stack+0x1d/0x30
[   82.189995][ T6993]  dump_stack_lvl+0xe8/0x140
[   82.190013][ T6993]  dump_stack+0x15/0x1b
[   82.190029][ T6993]  should_fail_ex+0x265/0x280
[   82.190058][ T6993]  ? alloc_pipe_info+0xae/0x350
[   82.190074][ T6993]  should_failslab+0x8c/0xb0
[   82.190094][ T6993]  __kmalloc_cache_noprof+0x4c/0x320
[   82.190117][ T6993]  alloc_pipe_info+0xae/0x350
[   82.190183][ T6993]  splice_direct_to_actor+0x592/0x680
[   82.190211][ T6993]  ? kstrtouint_from_user+0x9f/0xf0
[   82.190238][ T6993]  ? __pfx_direct_splice_actor+0x10/0x10
[   82.190327][ T6993]  ? __rcu_read_unlock+0x4f/0x70
[   82.190346][ T6993]  ? get_pid_task+0x96/0xd0
[   82.190441][ T6993]  ? avc_policy_seqno+0x15/0x30
[   82.190476][ T6993]  ? selinux_file_permission+0x1e4/0x320
[   82.190500][ T6993]  do_splice_direct+0xda/0x150
[   82.190524][ T6993]  ? __pfx_direct_file_splice_eof+0x10/0x10
[   82.190564][ T6993]  do_sendfile+0x380/0x650
[   82.190589][ T6993]  __x64_sys_sendfile64+0x105/0x150
[   82.190610][ T6993]  x64_sys_call+0xb39/0x2fb0
[   82.190632][ T6993]  do_syscall_64+0xd2/0x200
[   82.190650][ T6993]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   82.190713][ T6993]  ? clear_bhb_loop+0x40/0x90
[   82.190733][ T6993]  ? clear_bhb_loop+0x40/0x90
[   82.190752][ T6993]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.190779][ T6993] RIP: 0033:0x7ff1c238e929
[   82.190793][ T6993] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   82.190862][ T6993] RSP: 002b:00007ff1c09f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   82.190880][ T6993] RAX: ffffffffffffffda RBX: 00007ff1c25b5fa0 RCX: 00007ff1c238e929
[   82.190892][ T6993] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003
[   82.190902][ T6993] RBP: 00007ff1c09f7090 R08: 0000000000000000 R09: 0000000000000000
[   82.190912][ T6993] R10: 000000000000000b R11: 0000000000000246 R12: 0000000000000001
[   82.190922][ T6993] R13: 0000000000000000 R14: 00007ff1c25b5fa0 R15: 00007ffc5be046b8
[   82.190938][ T6993]  </TASK>
[   82.613164][ T7013] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[   82.621443][ T7013] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[   82.777267][ T7022] xt_connbytes: Forcing CT accounting to be enabled
[   82.784526][ T7022] set match dimension is over the limit!
[   82.983228][ T7034] netlink: 'syz.3.1352': attribute type 27 has an invalid length.
[   83.042469][ T7034] 8021q: adding VLAN 0 to HW filter on device $Hÿ
[   83.063620][ T7034] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   83.089729][ T7045] netlink: 'syz.5.1357': attribute type 27 has an invalid length.
[   83.131079][ T7045] 8021q: adding VLAN 0 to HW filter on device $Hÿ
[   83.142031][ T7045] 8021q: adding VLAN 0 to HW filter on device team0
[   83.153278][ T7045] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   83.247118][ T7053] netlink: 'syz.5.1361': attribute type 1 has an invalid length.
[   83.284014][ T7047] netlink: 'syz.3.1358': attribute type 27 has an invalid length.
[   83.338689][ T7047] 8021q: adding VLAN 0 to HW filter on device $Hÿ
[   83.354874][ T7047] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   83.514560][ T7068] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   83.576240][ T7078] FAULT_INJECTION: forcing a failure.
[   83.576240][ T7078] name failslab, interval 1, probability 0, space 0, times 0
[   83.589068][ T7078] CPU: 1 UID: 0 PID: 7078 Comm: syz.3.1372 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   83.589092][ T7078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   83.589140][ T7078] Call Trace:
[   83.589146][ T7078]  <TASK>
[   83.589153][ T7078]  __dump_stack+0x1d/0x30
[   83.589175][ T7078]  dump_stack_lvl+0xe8/0x140
[   83.589195][ T7078]  dump_stack+0x15/0x1b
[   83.589215][ T7078]  should_fail_ex+0x265/0x280
[   83.589244][ T7078]  should_failslab+0x8c/0xb0
[   83.589267][ T7078]  kmem_cache_alloc_noprof+0x50/0x310
[   83.589292][ T7078]  ? getname_flags+0x80/0x3b0
[   83.589316][ T7078]  getname_flags+0x80/0x3b0
[   83.589337][ T7078]  do_sys_openat2+0x60/0x110
[   83.589379][ T7078]  __x64_sys_openat+0xf2/0x120
[   83.589405][ T7078]  x64_sys_call+0x1af/0x2fb0
[   83.589426][ T7078]  do_syscall_64+0xd2/0x200
[   83.589490][ T7078]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   83.589515][ T7078]  ? clear_bhb_loop+0x40/0x90
[   83.589535][ T7078]  ? clear_bhb_loop+0x40/0x90
[   83.589555][ T7078]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.589575][ T7078] RIP: 0033:0x7fceefc7d290
[   83.589618][ T7078] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[   83.589633][ T7078] RSP: 002b:00007fceee2e6f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[   83.589651][ T7078] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fceefc7d290
[   83.589663][ T7078] RDX: 0000000000000002 RSI: 00007fceee2e6fa0 RDI: 00000000ffffff9c
[   83.589676][ T7078] RBP: 00007fceee2e6fa0 R08: 0000000000000000 R09: 0000000000000000
[   83.589687][ T7078] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[   83.589709][ T7078] R13: 0000000000000000 R14: 00007fceefea5fa0 R15: 00007ffdd012a888
[   83.589726][ T7078]  </TASK>
[   83.815269][ T7093] netlink: 'syz.3.1379': attribute type 27 has an invalid length.
[   83.927486][ T7102] FAULT_INJECTION: forcing a failure.
[   83.927486][ T7102] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   83.940589][ T7102] CPU: 0 UID: 0 PID: 7102 Comm: syz.1.1383 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   83.940652][ T7102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   83.940723][ T7102] Call Trace:
[   83.940728][ T7102]  <TASK>
[   83.940734][ T7102]  __dump_stack+0x1d/0x30
[   83.940754][ T7102]  dump_stack_lvl+0xe8/0x140
[   83.940771][ T7102]  dump_stack+0x15/0x1b
[   83.940784][ T7102]  should_fail_ex+0x265/0x280
[   83.940809][ T7102]  should_fail+0xb/0x20
[   83.940857][ T7102]  should_fail_usercopy+0x1a/0x20
[   83.940918][ T7102]  _copy_to_user+0x20/0xa0
[   83.941030][ T7102]  simple_read_from_buffer+0xb5/0x130
[   83.941062][ T7102]  proc_fail_nth_read+0x100/0x140
[   83.941097][ T7102]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   83.941154][ T7102]  vfs_read+0x19d/0x6f0
[   83.941177][ T7102]  ? __rcu_read_unlock+0x4f/0x70
[   83.941198][ T7102]  ? __fget_files+0x184/0x1c0
[   83.941220][ T7102]  ksys_read+0xda/0x1a0
[   83.941250][ T7102]  __x64_sys_read+0x40/0x50
[   83.941335][ T7102]  x64_sys_call+0x2d77/0x2fb0
[   83.941357][ T7102]  do_syscall_64+0xd2/0x200
[   83.941435][ T7102]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   83.941462][ T7102]  ? clear_bhb_loop+0x40/0x90
[   83.941483][ T7102]  ? clear_bhb_loop+0x40/0x90
[   83.941526][ T7102]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.941543][ T7102] RIP: 0033:0x7ff1c238d33c
[   83.941555][ T7102] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   83.941568][ T7102] RSP: 002b:00007ff1c09f7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   83.941713][ T7102] RAX: ffffffffffffffda RBX: 00007ff1c25b5fa0 RCX: 00007ff1c238d33c
[   83.941796][ T7102] RDX: 000000000000000f RSI: 00007ff1c09f70a0 RDI: 0000000000000005
[   83.941837][ T7102] RBP: 00007ff1c09f7090 R08: 0000000000000000 R09: 0000000000000000
[   83.941850][ T7102] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   83.941862][ T7102] R13: 0000000000000000 R14: 00007ff1c25b5fa0 R15: 00007ffc5be046b8
[   83.941879][ T7102]  </TASK>
[   84.352553][ T7139] netlink: 'syz.3.1398': attribute type 27 has an invalid length.
[   84.430820][ T7166] netlink: 'syz.0.1414': attribute type 58 has an invalid length.
[   84.438695][ T7166] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1414'.
[   84.579657][ T7182] SET target dimension over the limit!
[   84.595561][ T7187] netlink: 'syz.3.1424': attribute type 27 has an invalid length.
[   84.642964][ T7193] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[   84.651224][ T7193] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[   84.673871][ T7197] netlink: 'syz.4.1427': attribute type 1 has an invalid length.
[   84.695367][ T7197] netlink: 144 bytes leftover after parsing attributes in process `syz.4.1427'.
[   84.711723][ T7197] veth3: entered promiscuous mode
[   84.722543][ T7164] SET target dimension over the limit!
[   84.757449][ T7202] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1427'.
[   84.878895][   T29] kauditd_printk_skb: 1239 callbacks suppressed
[   84.878909][   T29] audit: type=1400 audit(1751161012.338:12348): avc:  denied  { create } for  pid=7215 comm="syz.5.1437" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=0
[   84.927466][   T29] audit: type=1400 audit(1751161012.368:12349): avc:  denied  { prog_load } for  pid=7211 comm="syz.0.1436" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   84.946671][   T29] audit: type=1400 audit(1751161012.368:12350): avc:  denied  { create } for  pid=7211 comm="syz.0.1436" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=0
[   84.967462][   T29] audit: type=1400 audit(1751161012.368:12351): avc:  denied  { create } for  pid=7211 comm="syz.0.1436" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=0
[   84.988177][   T29] audit: type=1400 audit(1751161012.368:12352): avc:  denied  { prog_load } for  pid=7211 comm="syz.0.1436" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   85.007402][   T29] audit: type=1400 audit(1751161012.368:12353): avc:  denied  { read } for  pid=7211 comm="syz.0.1436" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=0
[   85.031922][   T29] audit: type=1400 audit(1751161012.378:12354): avc:  denied  { map_create } for  pid=7217 comm="syz.4.1438" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   85.051129][   T29] audit: type=1400 audit(1751161012.378:12355): avc:  denied  { prog_load } for  pid=7217 comm="syz.4.1438" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   85.243414][   T29] audit: type=1400 audit(1751161012.528:12356): avc:  denied  { create } for  pid=7215 comm="syz.5.1437" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=0
[   85.264190][   T29] audit: type=1326 audit(1751161012.538:12357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7209 comm="syz.3.1434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fceefc7e929 code=0x7ffc0000
[   85.513659][ T7238] validate_nla: 2 callbacks suppressed
[   85.513677][ T7238] netlink: 'syz.0.1446': attribute type 27 has an invalid length.
[   85.555574][ T7238] gretap0: left promiscuous mode
[   85.570437][ T7238] 8021q: adding VLAN 0 to HW filter on device bond0
[   85.578771][ T7238] 8021q: adding VLAN 0 to HW filter on device team0
[   85.605248][ T7238] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   85.622828][ T7247] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7247 comm=syz.1.1449
[   85.635713][ T7247] netlink: 5 bytes leftover after parsing attributes in process `syz.1.1449'.
[   85.645362][ T7247] 0ªX¹¦D: renamed from gretap0
[   85.677184][ T7247] 0ªX¹¦D: entered allmulticast mode
[   85.689174][ T7247] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[   85.761194][ T7257] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[   85.767773][ T7257] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   85.775273][ T7257] vhci_hcd vhci_hcd.0: Device attached
[   85.798969][ T7257] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   85.809279][ T7257] vhci_hcd vhci_hcd.0: pdev(3) rhport(2) sockfd(14)
[   85.815961][ T7257] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   85.823403][ T7257] vhci_hcd vhci_hcd.0: Device attached
[   85.834014][ T7257] vhci_hcd vhci_hcd.0: pdev(3) rhport(3) sockfd(16)
[   85.840616][ T7257] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   85.848238][ T7257] vhci_hcd vhci_hcd.0: Device attached
[   85.861455][ T7257] vhci_hcd vhci_hcd.0: pdev(3) rhport(4) sockfd(18)
[   85.868065][ T7257] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   85.875717][ T7257] vhci_hcd vhci_hcd.0: Device attached
[   85.908286][ T7257] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   85.933483][ T7257] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   85.963460][ T7273] vhci_hcd: connection closed
[   85.964285][   T58] vhci_hcd: stop threads
[   85.973478][   T58] vhci_hcd: release socket
[   85.978114][   T58] vhci_hcd: disconnect device
[   85.982859][ T3387] vhci_hcd: vhci_device speed not set
[   85.988595][ T7266] vhci_hcd: connection closed
[   85.988779][ T7269] vhci_hcd: connection closed
[   85.994833][ T7260] vhci_hcd: connection closed
[   86.009244][   T58] vhci_hcd: stop threads
[   86.018606][   T58] vhci_hcd: release socket
[   86.023017][   T58] vhci_hcd: disconnect device
[   86.028691][   T58] vhci_hcd: stop threads
[   86.032933][   T58] vhci_hcd: release socket
[   86.037337][   T58] vhci_hcd: disconnect device
[   86.048425][ T3387] usb 7-1: new low-speed USB device number 2 using vhci_hcd
[   86.056396][ T7262] vhci_hcd: sendmsg failed!, ret=-32 for 48
[   86.063284][   T58] vhci_hcd: stop threads
[   86.067584][   T58] vhci_hcd: release socket
[   86.072152][   T58] vhci_hcd: disconnect device
[   86.320492][ T7298] FAULT_INJECTION: forcing a failure.
[   86.320492][ T7298] name failslab, interval 1, probability 0, space 0, times 0
[   86.333196][ T7298] CPU: 1 UID: 0 PID: 7298 Comm: syz.1.1469 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   86.333244][ T7298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   86.333256][ T7298] Call Trace:
[   86.333262][ T7298]  <TASK>
[   86.333270][ T7298]  __dump_stack+0x1d/0x30
[   86.333347][ T7298]  dump_stack_lvl+0xe8/0x140
[   86.333373][ T7298]  dump_stack+0x15/0x1b
[   86.333469][ T7298]  should_fail_ex+0x265/0x280
[   86.333496][ T7298]  should_failslab+0x8c/0xb0
[   86.333515][ T7298]  __kvmalloc_node_noprof+0x123/0x4e0
[   86.333617][ T7298]  ? alloc_netdev_mqs+0x5ac/0xab0
[   86.333648][ T7298]  alloc_netdev_mqs+0x5ac/0xab0
[   86.333726][ T7298]  rtnl_create_link+0x239/0x710
[   86.333753][ T7298]  rtnl_newlink_create+0x14c/0x620
[   86.333774][ T7298]  ? security_capable+0x83/0x90
[   86.333852][ T7298]  ? netlink_ns_capable+0x86/0xa0
[   86.333908][ T7298]  rtnl_newlink+0xf29/0x12d0
[   86.333965][ T7298]  ? xas_load+0x413/0x430
[   86.333990][ T7298]  ? __rcu_read_unlock+0x4f/0x70
[   86.334011][ T7298]  ? xa_load+0xb1/0xe0
[   86.334052][ T7298]  ? __rcu_read_unlock+0x4f/0x70
[   86.334069][ T7298]  ? avc_has_perm_noaudit+0x1b1/0x200
[   86.334108][ T7298]  ? selinux_capable+0x1f9/0x270
[   86.334140][ T7298]  ? security_capable+0x83/0x90
[   86.334166][ T7298]  ? ns_capable+0x7d/0xb0
[   86.334186][ T7298]  ? __pfx_rtnl_newlink+0x10/0x10
[   86.334260][ T7298]  rtnetlink_rcv_msg+0x5fe/0x6d0
[   86.334280][ T7298]  ? avc_has_perm_noaudit+0x1b1/0x200
[   86.334306][ T7298]  netlink_rcv_skb+0x123/0x220
[   86.334382][ T7298]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   86.334446][ T7298]  rtnetlink_rcv+0x1c/0x30
[   86.334463][ T7298]  netlink_unicast+0x59e/0x670
[   86.334501][ T7298]  netlink_sendmsg+0x58b/0x6b0
[   86.334522][ T7298]  ? __pfx_netlink_sendmsg+0x10/0x10
[   86.334540][ T7298]  __sock_sendmsg+0x145/0x180
[   86.334562][ T7298]  ____sys_sendmsg+0x31e/0x4e0
[   86.334596][ T7298]  ___sys_sendmsg+0x17b/0x1d0
[   86.334669][ T7298]  __x64_sys_sendmsg+0xd4/0x160
[   86.334714][ T7298]  x64_sys_call+0x2999/0x2fb0
[   86.334733][ T7298]  do_syscall_64+0xd2/0x200
[   86.334815][ T7298]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   86.334883][ T7298]  ? clear_bhb_loop+0x40/0x90
[   86.334900][ T7298]  ? clear_bhb_loop+0x40/0x90
[   86.334933][ T7298]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.334951][ T7298] RIP: 0033:0x7ff1c238e929
[   86.334966][ T7298] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.334984][ T7298] RSP: 002b:00007ff1c09f7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   86.335003][ T7298] RAX: ffffffffffffffda RBX: 00007ff1c25b5fa0 RCX: 00007ff1c238e929
[   86.335016][ T7298] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000004
[   86.335099][ T7298] RBP: 00007ff1c09f7090 R08: 0000000000000000 R09: 0000000000000000
[   86.335109][ T7298] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   86.335181][ T7298] R13: 0000000000000000 R14: 00007ff1c25b5fa0 R15: 00007ffc5be046b8
[   86.335199][ T7298]  </TASK>
[   86.748981][ T7312] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1475'.
[   86.828508][ T7319] netdevsim netdevsim5: loading /lib/firmware/. failed with error -22
[   86.836726][ T7319] netdevsim netdevsim5: Direct firmware load for . failed with error -22
[   86.853873][ T7324] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[   86.862114][ T7324] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[   86.948218][ T7342] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1490'.
[   86.988751][ T7333] netlink: 'syz.1.1485': attribute type 27 has an invalid length.
[   86.997625][ T7333] 0ªX¹¦D: left allmulticast mode
[   87.017432][ T7333] 8021q: adding VLAN 0 to HW filter on device $Hÿ
[   87.026253][ T7333] 8021q: adding VLAN 0 to HW filter on device team0
[   87.036081][ T7333] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   87.071714][ T7353] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[   87.079994][ T7353] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[   87.194677][ T7369] x_tables: ip6_tables: mh match: only valid for protocol 135
[   87.243960][ T7376] FAULT_INJECTION: forcing a failure.
[   87.243960][ T7376] name failslab, interval 1, probability 0, space 0, times 0
[   87.256749][ T7376] CPU: 0 UID: 0 PID: 7376 Comm: syz.5.1505 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   87.256856][ T7376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   87.256928][ T7376] Call Trace:
[   87.256932][ T7376]  <TASK>
[   87.256938][ T7376]  __dump_stack+0x1d/0x30
[   87.256958][ T7376]  dump_stack_lvl+0xe8/0x140
[   87.256978][ T7376]  dump_stack+0x15/0x1b
[   87.256994][ T7376]  should_fail_ex+0x265/0x280
[   87.257024][ T7376]  ? tcp_sendmsg_fastopen+0x172/0x520
[   87.257073][ T7376]  should_failslab+0x8c/0xb0
[   87.257132][ T7376]  __kmalloc_cache_noprof+0x4c/0x320
[   87.257156][ T7376]  tcp_sendmsg_fastopen+0x172/0x520
[   87.257184][ T7376]  tcp_sendmsg_locked+0x27be/0x2cc0
[   87.257210][ T7376]  ? mntput_no_expire+0x6f/0x3c0
[   87.257242][ T7376]  ? mntput+0x4b/0x80
[   87.257262][ T7376]  ? __rcu_read_unlock+0x4f/0x70
[   87.257285][ T7376]  ? avc_has_perm_noaudit+0x1b1/0x200
[   87.257362][ T7376]  ? avc_has_perm+0xd3/0x150
[   87.257383][ T7376]  ? _raw_spin_unlock_bh+0x36/0x40
[   87.257405][ T7376]  ? __pfx_tcp_sendmsg+0x10/0x10
[   87.257430][ T7376]  tcp_sendmsg+0x2f/0x50
[   87.257514][ T7376]  inet6_sendmsg+0x76/0xd0
[   87.257538][ T7376]  __sock_sendmsg+0x8b/0x180
[   87.257587][ T7376]  __sys_sendto+0x268/0x330
[   87.257680][ T7376]  __x64_sys_sendto+0x76/0x90
[   87.257707][ T7376]  x64_sys_call+0x2eb6/0x2fb0
[   87.257724][ T7376]  do_syscall_64+0xd2/0x200
[   87.257738][ T7376]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   87.257770][ T7376]  ? clear_bhb_loop+0x40/0x90
[   87.257788][ T7376]  ? clear_bhb_loop+0x40/0x90
[   87.257806][ T7376]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.257824][ T7376] RIP: 0033:0x7fd8f9a9e929
[   87.257907][ T7376] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   87.257925][ T7376] RSP: 002b:00007fd8f8107038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   87.257942][ T7376] RAX: ffffffffffffffda RBX: 00007fd8f9cc5fa0 RCX: 00007fd8f9a9e929
[   87.257953][ T7376] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[   87.257963][ T7376] RBP: 00007fd8f8107090 R08: 0000000000000000 R09: 0000000000000000
[   87.257975][ T7376] R10: 0000000020004002 R11: 0000000000000246 R12: 0000000000000001
[   87.257987][ T7376] R13: 0000000000000000 R14: 00007fd8f9cc5fa0 R15: 00007fff1be1a1e8
[   87.258005][ T7376]  </TASK>
[   87.739907][ T7403] FAULT_INJECTION: forcing a failure.
[   87.739907][ T7403] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   87.753175][ T7403] CPU: 0 UID: 0 PID: 7403 Comm: syz.4.1516 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   87.753203][ T7403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   87.753215][ T7403] Call Trace:
[   87.753220][ T7403]  <TASK>
[   87.753228][ T7403]  __dump_stack+0x1d/0x30
[   87.753304][ T7403]  dump_stack_lvl+0xe8/0x140
[   87.753320][ T7403]  dump_stack+0x15/0x1b
[   87.753334][ T7403]  should_fail_ex+0x265/0x280
[   87.753403][ T7403]  should_fail+0xb/0x20
[   87.753430][ T7403]  should_fail_usercopy+0x1a/0x20
[   87.753457][ T7403]  _copy_to_user+0x20/0xa0
[   87.753481][ T7403]  simple_read_from_buffer+0xb5/0x130
[   87.753542][ T7403]  proc_fail_nth_read+0x100/0x140
[   87.753606][ T7403]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   87.753637][ T7403]  vfs_read+0x19d/0x6f0
[   87.753662][ T7403]  ? __rcu_read_unlock+0x4f/0x70
[   87.753679][ T7403]  ? __fget_files+0x184/0x1c0
[   87.753778][ T7403]  ksys_read+0xda/0x1a0
[   87.753804][ T7403]  __x64_sys_read+0x40/0x50
[   87.753834][ T7403]  x64_sys_call+0x2d77/0x2fb0
[   87.753900][ T7403]  do_syscall_64+0xd2/0x200
[   87.754016][ T7403]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   87.754079][ T7403]  ? clear_bhb_loop+0x40/0x90
[   87.754096][ T7403]  ? clear_bhb_loop+0x40/0x90
[   87.754155][ T7403]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.754175][ T7403] RIP: 0033:0x7f3e9fa1d33c
[   87.754242][ T7403] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   87.754257][ T7403] RSP: 002b:00007f3e9e087030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   87.754273][ T7403] RAX: ffffffffffffffda RBX: 00007f3e9fc45fa0 RCX: 00007f3e9fa1d33c
[   87.754317][ T7403] RDX: 000000000000000f RSI: 00007f3e9e0870a0 RDI: 0000000000000003
[   87.754376][ T7403] RBP: 00007f3e9e087090 R08: 0000000000000000 R09: 0000000000000000
[   87.754390][ T7403] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   87.754429][ T7403] R13: 0000000000000000 R14: 00007f3e9fc45fa0 R15: 00007fff69b0f8b8
[   87.754457][ T7403]  </TASK>
[   87.925184][ T7406] xt_l2tp: unknown flags: 17
[   88.108123][ T7429] netlink: 'syz.3.1528': attribute type 27 has an invalid length.
[   88.128924][ T7429] 8021q: adding VLAN 0 to HW filter on device $Hÿ
[   88.136622][ T7430] netlink: 'syz.4.1529': attribute type 27 has an invalid length.
[   88.145200][ T7429] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   88.197174][ T7430] 8021q: adding VLAN 0 to HW filter on device bond0
[   88.205824][ T7430] 8021q: adding VLAN 0 to HW filter on device team0
[   88.214995][ T7430] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   88.275307][ T7443] FAULT_INJECTION: forcing a failure.
[   88.275307][ T7443] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   88.288446][ T7443] CPU: 0 UID: 0 PID: 7443 Comm: syz.4.1533 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   88.288528][ T7443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   88.288540][ T7443] Call Trace:
[   88.288547][ T7443]  <TASK>
[   88.288554][ T7443]  __dump_stack+0x1d/0x30
[   88.288575][ T7443]  dump_stack_lvl+0xe8/0x140
[   88.288596][ T7443]  dump_stack+0x15/0x1b
[   88.288618][ T7443]  should_fail_ex+0x265/0x280
[   88.288663][ T7443]  should_fail+0xb/0x20
[   88.288702][ T7443]  should_fail_usercopy+0x1a/0x20
[   88.288742][ T7443]  _copy_to_user+0x20/0xa0
[   88.288761][ T7443]  simple_read_from_buffer+0xb5/0x130
[   88.288794][ T7443]  proc_fail_nth_read+0x100/0x140
[   88.288904][ T7443]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   88.288931][ T7443]  vfs_read+0x19d/0x6f0
[   88.288956][ T7443]  ? __rcu_read_unlock+0x4f/0x70
[   88.288975][ T7443]  ? __fget_files+0x184/0x1c0
[   88.288993][ T7443]  ksys_read+0xda/0x1a0
[   88.289060][ T7443]  __x64_sys_read+0x40/0x50
[   88.289096][ T7443]  x64_sys_call+0x2d77/0x2fb0
[   88.289189][ T7443]  do_syscall_64+0xd2/0x200
[   88.289208][ T7443]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   88.289239][ T7443]  ? clear_bhb_loop+0x40/0x90
[   88.289260][ T7443]  ? clear_bhb_loop+0x40/0x90
[   88.289277][ T7443]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.289295][ T7443] RIP: 0033:0x7f3e9fa1d33c
[   88.289307][ T7443] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   88.289389][ T7443] RSP: 002b:00007f3e9e087030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   88.289415][ T7443] RAX: ffffffffffffffda RBX: 00007f3e9fc45fa0 RCX: 00007f3e9fa1d33c
[   88.289426][ T7443] RDX: 000000000000000f RSI: 00007f3e9e0870a0 RDI: 0000000000000006
[   88.289437][ T7443] RBP: 00007f3e9e087090 R08: 0000000000000000 R09: 0000000000000000
[   88.289447][ T7443] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   88.289521][ T7443] R13: 0000000000000000 R14: 00007f3e9fc45fa0 R15: 00007fff69b0f8b8
[   88.289536][ T7443]  </TASK>
[   89.107196][ T7510] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1563'.
[   89.126814][ T7516] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[   89.135226][ T7516] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[   89.193361][ T7528] FAULT_INJECTION: forcing a failure.
[   89.193361][ T7528] name failslab, interval 1, probability 0, space 0, times 0
[   89.206056][ T7528] CPU: 1 UID: 0 PID: 7528 Comm: syz.4.1572 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   89.206131][ T7528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   89.206141][ T7528] Call Trace:
[   89.206147][ T7528]  <TASK>
[   89.206155][ T7528]  __dump_stack+0x1d/0x30
[   89.206177][ T7528]  dump_stack_lvl+0xe8/0x140
[   89.206247][ T7528]  dump_stack+0x15/0x1b
[   89.206261][ T7528]  should_fail_ex+0x265/0x280
[   89.206353][ T7528]  should_failslab+0x8c/0xb0
[   89.206373][ T7528]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[   89.206400][ T7528]  ? sidtab_sid2str_get+0xa0/0x130
[   89.206488][ T7528]  kmemdup_noprof+0x2b/0x70
[   89.206579][ T7528]  sidtab_sid2str_get+0xa0/0x130
[   89.206603][ T7528]  security_sid_to_context_core+0x1eb/0x2e0
[   89.206686][ T7528]  security_sid_to_context+0x27/0x40
[   89.206708][ T7528]  selinux_lsmprop_to_secctx+0x67/0xf0
[   89.206737][ T7528]  security_lsmprop_to_secctx+0x43/0x80
[   89.206789][ T7528]  audit_log_task_context+0x77/0x190
[   89.206884][ T7528]  audit_log_task+0xf4/0x250
[   89.206914][ T7528]  audit_seccomp+0x61/0x100
[   89.206941][ T7528]  ? __seccomp_filter+0x68c/0x10d0
[   89.207018][ T7528]  __seccomp_filter+0x69d/0x10d0
[   89.207043][ T7528]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   89.207076][ T7528]  ? vfs_write+0x75e/0x8e0
[   89.207118][ T7528]  ? __rcu_read_unlock+0x4f/0x70
[   89.207140][ T7528]  ? __rcu_read_unlock+0x4f/0x70
[   89.207161][ T7528]  __secure_computing+0x82/0x150
[   89.207179][ T7528]  syscall_trace_enter+0xcf/0x1e0
[   89.207217][ T7528]  do_syscall_64+0xac/0x200
[   89.207232][ T7528]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   89.207276][ T7528]  ? clear_bhb_loop+0x40/0x90
[   89.207296][ T7528]  ? clear_bhb_loop+0x40/0x90
[   89.207318][ T7528]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.207340][ T7528] RIP: 0033:0x7f3e9fa1d33c
[   89.207372][ T7528] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   89.207387][ T7528] RSP: 002b:00007f3e9e087030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   89.207410][ T7528] RAX: ffffffffffffffda RBX: 00007f3e9fc45fa0 RCX: 00007f3e9fa1d33c
[   89.207423][ T7528] RDX: 000000000000000f RSI: 00007f3e9e0870a0 RDI: 0000000000000005
[   89.207436][ T7528] RBP: 00007f3e9e087090 R08: 0000000000000000 R09: 0000000000000000
[   89.207450][ T7528] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   89.207462][ T7528] R13: 0000000000000000 R14: 00007f3e9fc45fa0 R15: 00007fff69b0f8b8
[   89.207478][ T7528]  </TASK>
[   89.549400][ T7540] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1577'.
[   89.916149][   T29] kauditd_printk_skb: 1309 callbacks suppressed
[   89.916164][   T29] audit: type=1400 audit(1751161017.368:13666): avc:  denied  { create } for  pid=7563 comm="syz.1.1588" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=0
[   89.942127][   T29] audit: type=1400 audit(1751161017.368:13667): avc:  denied  { create } for  pid=7563 comm="syz.1.1588" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=0
[   90.009660][   T29] audit: type=1400 audit(1751161017.468:13668): avc:  denied  { create } for  pid=7568 comm="syz.0.1589" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=0
[   90.029630][   T29] audit: type=1400 audit(1751161017.468:13669): avc:  denied  { map_create } for  pid=7568 comm="syz.0.1589" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   90.049077][   T29] audit: type=1400 audit(1751161017.468:13670): avc:  denied  { prog_load } for  pid=7568 comm="syz.0.1589" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   90.130278][   T29] audit: type=1400 audit(1751161017.588:13671): avc:  denied  { map_create } for  pid=7570 comm="syz.0.1590" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   90.149743][   T29] audit: type=1400 audit(1751161017.588:13672): avc:  denied  { prog_load } for  pid=7570 comm="syz.0.1590" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   90.173647][   T29] audit: type=1400 audit(1751161017.628:13673): avc:  denied  { create } for  pid=7572 comm="syz.0.1591" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[   90.194300][   T29] audit: type=1400 audit(1751161017.628:13674): avc:  denied  { map_create } for  pid=7572 comm="syz.0.1591" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   90.213763][   T29] audit: type=1400 audit(1751161017.628:13675): avc:  denied  { prog_load } for  pid=7572 comm="syz.0.1591" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   90.329985][ T7590] netlink: 'syz.0.1598': attribute type 27 has an invalid length.
[   90.425785][ T7604] xt_socket: unknown flags 0xc
[   90.564864][ T7615] netlink: 'syz.3.1611': attribute type 27 has an invalid length.
[   90.608315][ T7621] netdevsim netdevsim5: loading /lib/firmware/. failed with error -22
[   90.616717][ T7621] netdevsim netdevsim5: Direct firmware load for . failed with error -22
[   90.734432][ T7646] netlink: 'syz.1.1624': attribute type 27 has an invalid length.
[   90.799350][ T7655] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1628'.
[   90.808551][ T7655] netlink: 11 bytes leftover after parsing attributes in process `syz.0.1628'.
[   90.908100][ T7671] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=15 sclass=netlink_audit_socket pid=7671 comm=syz.3.1636
[   90.923605][ T7673] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=123 sclass=netlink_route_socket pid=7673 comm=syz.0.1637
[   90.987831][ T7685] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[   91.022682][ T7688] $Hÿ: entered promiscuous mode
[   91.027825][ T7688] bond_slave_0: entered promiscuous mode
[   91.033588][ T7688] bond_slave_1: entered promiscuous mode
[   91.086001][ T7700] xt_hashlimit: max too large, truncated to 1048576
[   91.108557][ T3387] usb 7-1: enqueue for inactive port 0
[   91.114253][ T3387] usb 7-1: enqueue for inactive port 0
[   91.189193][ T3387] vhci_hcd: vhci_device speed not set
[   91.222341][ T7723] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1653'.
[   91.231318][ T7723] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1653'.
[   91.280274][ T7722] netlink: 'syz.4.1661': attribute type 27 has an invalid length.
[   91.313763][ T7722] 8021q: adding VLAN 0 to HW filter on device bond0
[   91.324228][ T7722] 8021q: adding VLAN 0 to HW filter on device team0
[   91.334282][ T7722] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   92.058180][ T7756] netlink: 'syz.1.1676': attribute type 27 has an invalid length.
[   92.091710][ T7756] 8021q: adding VLAN 0 to HW filter on device $Hÿ
[   92.099972][ T7756] 8021q: adding VLAN 0 to HW filter on device team0
[   92.109357][ T7756] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   92.515993][ T7823] FAULT_INJECTION: forcing a failure.
[   92.515993][ T7823] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   92.529143][ T7823] CPU: 0 UID: 0 PID: 7823 Comm: syz.3.1705 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   92.529168][ T7823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   92.529178][ T7823] Call Trace:
[   92.529184][ T7823]  <TASK>
[   92.529191][ T7823]  __dump_stack+0x1d/0x30
[   92.529209][ T7823]  dump_stack_lvl+0xe8/0x140
[   92.529276][ T7823]  dump_stack+0x15/0x1b
[   92.529290][ T7823]  should_fail_ex+0x265/0x280
[   92.529314][ T7823]  should_fail+0xb/0x20
[   92.529337][ T7823]  should_fail_usercopy+0x1a/0x20
[   92.529446][ T7823]  _copy_to_user+0x20/0xa0
[   92.529463][ T7823]  simple_read_from_buffer+0xb5/0x130
[   92.529557][ T7823]  proc_fail_nth_read+0x100/0x140
[   92.529600][ T7823]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   92.529704][ T7823]  vfs_read+0x19d/0x6f0
[   92.529733][ T7823]  ? __rcu_read_unlock+0x4f/0x70
[   92.529795][ T7823]  ? __fget_files+0x184/0x1c0
[   92.529823][ T7823]  ksys_read+0xda/0x1a0
[   92.529852][ T7823]  __x64_sys_read+0x40/0x50
[   92.530038][ T7823]  x64_sys_call+0x2d77/0x2fb0
[   92.530059][ T7823]  do_syscall_64+0xd2/0x200
[   92.530077][ T7823]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   92.530102][ T7823]  ? clear_bhb_loop+0x40/0x90
[   92.530123][ T7823]  ? clear_bhb_loop+0x40/0x90
[   92.530174][ T7823]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.530195][ T7823] RIP: 0033:0x7fceefc7d33c
[   92.530210][ T7823] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   92.530227][ T7823] RSP: 002b:00007fceee2e7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   92.530256][ T7823] RAX: ffffffffffffffda RBX: 00007fceefea5fa0 RCX: 00007fceefc7d33c
[   92.530267][ T7823] RDX: 000000000000000f RSI: 00007fceee2e70a0 RDI: 0000000000000003
[   92.530280][ T7823] RBP: 00007fceee2e7090 R08: 0000000000000000 R09: 0000000000000000
[   92.530292][ T7823] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   92.530330][ T7823] R13: 0000000000000000 R14: 00007fceefea5fa0 R15: 00007ffdd012a888
[   92.530348][ T7823]  </TASK>
[   92.749568][ T7833] FAULT_INJECTION: forcing a failure.
[   92.749568][ T7833] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   92.762646][ T7833] CPU: 0 UID: 0 PID: 7833 Comm: syz.3.1709 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   92.762676][ T7833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   92.762755][ T7833] Call Trace:
[   92.762762][ T7833]  <TASK>
[   92.762770][ T7833]  __dump_stack+0x1d/0x30
[   92.762792][ T7833]  dump_stack_lvl+0xe8/0x140
[   92.762811][ T7833]  dump_stack+0x15/0x1b
[   92.762829][ T7833]  should_fail_ex+0x265/0x280
[   92.762868][ T7833]  should_fail+0xb/0x20
[   92.762893][ T7833]  should_fail_usercopy+0x1a/0x20
[   92.763005][ T7833]  _copy_from_user+0x1c/0xb0
[   92.763026][ T7833]  dev_ethtool+0x52/0x1650
[   92.763083][ T7833]  ? full_name_hash+0x92/0xe0
[   92.763231][ T7833]  ? strcmp+0x22/0x50
[   92.763251][ T7833]  dev_ioctl+0x2e0/0x960
[   92.763270][ T7833]  sock_do_ioctl+0x197/0x220
[   92.763294][ T7833]  sock_ioctl+0x41b/0x610
[   92.763318][ T7833]  ? __pfx_sock_ioctl+0x10/0x10
[   92.763410][ T7833]  __se_sys_ioctl+0xcb/0x140
[   92.763497][ T7833]  __x64_sys_ioctl+0x43/0x50
[   92.763524][ T7833]  x64_sys_call+0x19a8/0x2fb0
[   92.763545][ T7833]  do_syscall_64+0xd2/0x200
[   92.763562][ T7833]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   92.763605][ T7833]  ? clear_bhb_loop+0x40/0x90
[   92.763625][ T7833]  ? clear_bhb_loop+0x40/0x90
[   92.763643][ T7833]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.763735][ T7833] RIP: 0033:0x7fceefc7e929
[   92.763749][ T7833] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   92.763764][ T7833] RSP: 002b:00007fceee2e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   92.763780][ T7833] RAX: ffffffffffffffda RBX: 00007fceefea5fa0 RCX: 00007fceefc7e929
[   92.763792][ T7833] RDX: 0000200000000080 RSI: 0000000000008946 RDI: 0000000000000004
[   92.763820][ T7833] RBP: 00007fceee2e7090 R08: 0000000000000000 R09: 0000000000000000
[   92.763831][ T7833] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   92.763878][ T7833] R13: 0000000000000000 R14: 00007fceefea5fa0 R15: 00007ffdd012a888
[   92.763893][ T7833]  </TASK>
[   93.063889][ T7837] SET target dimension over the limit!
[   93.157191][ T7856] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[   93.165550][ T7856] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[   93.226677][ T7854] netlink: 'syz.4.1718': attribute type 27 has an invalid length.
[   93.266630][ T7854] 8021q: adding VLAN 0 to HW filter on device bond0
[   93.279117][ T7854] 8021q: adding VLAN 0 to HW filter on device team0
[   93.287748][ T7870] FAULT_INJECTION: forcing a failure.
[   93.287748][ T7870] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   93.301203][ T7870] CPU: 0 UID: 0 PID: 7870 Comm: syz.0.1727 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   93.301229][ T7870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   93.301239][ T7870] Call Trace:
[   93.301244][ T7870]  <TASK>
[   93.301250][ T7870]  __dump_stack+0x1d/0x30
[   93.301317][ T7870]  dump_stack_lvl+0xe8/0x140
[   93.301336][ T7870]  dump_stack+0x15/0x1b
[   93.301353][ T7870]  should_fail_ex+0x265/0x280
[   93.301383][ T7870]  should_fail_alloc_page+0xf2/0x100
[   93.301408][ T7870]  __alloc_frozen_pages_noprof+0xff/0x360
[   93.301477][ T7870]  alloc_pages_mpol+0xb3/0x250
[   93.301506][ T7870]  alloc_migration_target_by_mpol+0x11b/0x280
[   93.301538][ T7870]  migrate_pages_batch+0x2e7/0x17d0
[   93.301567][ T7870]  ? __pfx_alloc_migration_target_by_mpol+0x10/0x10
[   93.301590][ T7870]  ? mas_ascend+0x1e9/0x560
[   93.301611][ T7870]  migrate_pages+0xf5f/0x1770
[   93.301685][ T7870]  ? __pfx_alloc_migration_target_by_mpol+0x10/0x10
[   93.301749][ T7870]  __se_sys_mbind+0x975/0xac0
[   93.301781][ T7870]  __x64_sys_mbind+0x78/0x90
[   93.301824][ T7870]  x64_sys_call+0x14af/0x2fb0
[   93.301846][ T7870]  do_syscall_64+0xd2/0x200
[   93.301864][ T7870]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   93.301922][ T7870]  ? clear_bhb_loop+0x40/0x90
[   93.301943][ T7870]  ? clear_bhb_loop+0x40/0x90
[   93.301963][ T7870]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.302023][ T7870] RIP: 0033:0x7f98c3c6e929
[   93.302038][ T7870] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.302054][ T7870] RSP: 002b:00007f98c22d7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[   93.302073][ T7870] RAX: ffffffffffffffda RBX: 00007f98c3e95fa0 RCX: 00007f98c3c6e929
[   93.302085][ T7870] RDX: 0000000000000000 RSI: 0100000000004000 RDI: 00002000005b4000
[   93.302175][ T7870] RBP: 00007f98c22d7090 R08: 0000000000000000 R09: 0000000000000002
[   93.302186][ T7870] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   93.302250][ T7870] R13: 0000000000000000 R14: 00007f98c3e95fa0 R15: 00007fff392dfde8
[   93.302267][ T7870]  </TASK>
[   93.512746][ T7854] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   93.546553][ T7890] netlink: 'syz.4.1735': attribute type 58 has an invalid length.
[   93.554464][ T7890] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1735'.
[   93.563568][ T7890] FAULT_INJECTION: forcing a failure.
[   93.563568][ T7890] name failslab, interval 1, probability 0, space 0, times 0
[   93.576291][ T7890] CPU: 1 UID: 0 PID: 7890 Comm: syz.4.1735 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   93.576315][ T7890] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   93.576327][ T7890] Call Trace:
[   93.576332][ T7890]  <TASK>
[   93.576404][ T7890]  __dump_stack+0x1d/0x30
[   93.576424][ T7890]  dump_stack_lvl+0xe8/0x140
[   93.576441][ T7890]  dump_stack+0x15/0x1b
[   93.576454][ T7890]  should_fail_ex+0x265/0x280
[   93.576501][ T7890]  ? alloc_netdev_mqs+0x829/0xab0
[   93.576528][ T7890]  should_failslab+0x8c/0xb0
[   93.576625][ T7890]  __kmalloc_cache_noprof+0x4c/0x320
[   93.576652][ T7890]  alloc_netdev_mqs+0x829/0xab0
[   93.576693][ T7890]  rtnl_create_link+0x239/0x710
[   93.576775][ T7890]  rtnl_newlink_create+0x14c/0x620
[   93.576802][ T7890]  ? __schedule+0x6a8/0xb30
[   93.576848][ T7890]  rtnl_newlink+0xf29/0x12d0
[   93.576887][ T7890]  ? css_rstat_updated+0xcd/0x5b0
[   93.576952][ T7890]  ? __memcg_slab_free_hook+0x135/0x230
[   93.576985][ T7890]  ? __kfree_skb+0x109/0x150
[   93.577037][ T7890]  ? __rcu_read_unlock+0x4f/0x70
[   93.577072][ T7890]  ? avc_has_perm_noaudit+0x1b1/0x200
[   93.577117][ T7890]  ? selinux_capable+0x1f9/0x270
[   93.577149][ T7890]  ? security_capable+0x83/0x90
[   93.577175][ T7890]  ? ns_capable+0x7d/0xb0
[   93.577205][ T7890]  ? __pfx_rtnl_newlink+0x10/0x10
[   93.577285][ T7890]  rtnetlink_rcv_msg+0x5fe/0x6d0
[   93.577299][ T7890]  netlink_rcv_skb+0x123/0x220
[   93.577324][ T7890]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   93.577339][ T7890]  rtnetlink_rcv+0x1c/0x30
[   93.577395][ T7890]  netlink_unicast+0x59e/0x670
[   93.577412][ T7890]  netlink_sendmsg+0x58b/0x6b0
[   93.577423][ T7890]  ? __pfx_netlink_sendmsg+0x10/0x10
[   93.577434][ T7890]  __sock_sendmsg+0x145/0x180
[   93.577451][ T7890]  ____sys_sendmsg+0x31e/0x4e0
[   93.577469][ T7890]  ___sys_sendmsg+0x17b/0x1d0
[   93.577549][ T7890]  __x64_sys_sendmsg+0xd4/0x160
[   93.577568][ T7890]  x64_sys_call+0x2999/0x2fb0
[   93.577580][ T7890]  do_syscall_64+0xd2/0x200
[   93.577678][ T7890]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   93.577703][ T7890]  ? clear_bhb_loop+0x40/0x90
[   93.577743][ T7890]  ? clear_bhb_loop+0x40/0x90
[   93.577814][ T7890]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.577826][ T7890] RIP: 0033:0x7f3e9fa1e929
[   93.577835][ T7890] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.577846][ T7890] RSP: 002b:00007f3e9e087038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   93.577924][ T7890] RAX: ffffffffffffffda RBX: 00007f3e9fc45fa0 RCX: 00007f3e9fa1e929
[   93.577931][ T7890] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[   93.577938][ T7890] RBP: 00007f3e9e087090 R08: 0000000000000000 R09: 0000000000000000
[   93.577984][ T7890] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   93.577991][ T7890] R13: 0000000000000000 R14: 00007f3e9fc45fa0 R15: 00007fff69b0f8b8
[   93.578001][ T7890]  </TASK>
[   94.158104][ T7942] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[   94.166349][ T7942] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[   94.201911][ T7946] ip6gre1: entered allmulticast mode
[   94.345449][ T7960] netlink: 'syz.1.1766': attribute type 27 has an invalid length.
[   94.365656][ T7969] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[   94.373946][ T7969] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[   94.385770][ T7960] 8021q: adding VLAN 0 to HW filter on device $Hÿ
[   94.394587][ T7960] 8021q: adding VLAN 0 to HW filter on device team0
[   94.403533][ T7960] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   94.403756][ T7971] FAULT_INJECTION: forcing a failure.
[   94.403756][ T7971] name failslab, interval 1, probability 0, space 0, times 0
[   94.431646][ T7971] CPU: 0 UID: 0 PID: 7971 Comm: syz.0.1771 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   94.431749][ T7971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   94.431761][ T7971] Call Trace:
[   94.431768][ T7971]  <TASK>
[   94.431776][ T7971]  __dump_stack+0x1d/0x30
[   94.431795][ T7971]  dump_stack_lvl+0xe8/0x140
[   94.431897][ T7971]  dump_stack+0x15/0x1b
[   94.431914][ T7971]  should_fail_ex+0x265/0x280
[   94.431944][ T7971]  should_failslab+0x8c/0xb0
[   94.431967][ T7971]  __kmalloc_noprof+0xa5/0x3e0
[   94.431992][ T7971]  ? alloc_pipe_info+0x1c9/0x350
[   94.432087][ T7971]  alloc_pipe_info+0x1c9/0x350
[   94.432107][ T7971]  splice_direct_to_actor+0x592/0x680
[   94.432135][ T7971]  ? kstrtouint_from_user+0x9f/0xf0
[   94.432165][ T7971]  ? __pfx_direct_splice_actor+0x10/0x10
[   94.432196][ T7971]  ? __rcu_read_unlock+0x4f/0x70
[   94.432217][ T7971]  ? get_pid_task+0x96/0xd0
[   94.432236][ T7971]  ? avc_policy_seqno+0x15/0x30
[   94.432317][ T7971]  ? selinux_file_permission+0x1e4/0x320
[   94.432340][ T7971]  do_splice_direct+0xda/0x150
[   94.432368][ T7971]  ? __pfx_direct_file_splice_eof+0x10/0x10
[   94.432430][ T7971]  do_sendfile+0x380/0x650
[   94.432458][ T7971]  __x64_sys_sendfile64+0x105/0x150
[   94.432481][ T7971]  x64_sys_call+0xb39/0x2fb0
[   94.432506][ T7971]  do_syscall_64+0xd2/0x200
[   94.432524][ T7971]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   94.432548][ T7971]  ? clear_bhb_loop+0x40/0x90
[   94.432648][ T7971]  ? clear_bhb_loop+0x40/0x90
[   94.432749][ T7971]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.432770][ T7971] RIP: 0033:0x7f98c3c6e929
[   94.432786][ T7971] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.432802][ T7971] RSP: 002b:00007f98c22d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   94.432859][ T7971] RAX: ffffffffffffffda RBX: 00007f98c3e95fa0 RCX: 00007f98c3c6e929
[   94.432872][ T7971] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003
[   94.432945][ T7971] RBP: 00007f98c22d7090 R08: 0000000000000000 R09: 0000000000000000
[   94.432958][ T7971] R10: 000000000000000b R11: 0000000000000246 R12: 0000000000000001
[   94.432971][ T7971] R13: 0000000000000000 R14: 00007f98c3e95fa0 R15: 00007fff392dfde8
[   94.432989][ T7971]  </TASK>
[   94.794227][ T7983] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1777'.
[   94.808129][ T7987] FAULT_INJECTION: forcing a failure.
[   94.808129][ T7987] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   94.821344][ T7987] CPU: 1 UID: 0 PID: 7987 Comm: syz.1.1779 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   94.821369][ T7987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   94.821381][ T7987] Call Trace:
[   94.821388][ T7987]  <TASK>
[   94.821452][ T7987]  __dump_stack+0x1d/0x30
[   94.821472][ T7987]  dump_stack_lvl+0xe8/0x140
[   94.821495][ T7987]  dump_stack+0x15/0x1b
[   94.821509][ T7987]  should_fail_ex+0x265/0x280
[   94.821538][ T7987]  should_fail+0xb/0x20
[   94.821582][ T7987]  should_fail_usercopy+0x1a/0x20
[   94.821612][ T7987]  _copy_to_user+0x20/0xa0
[   94.821634][ T7987]  simple_read_from_buffer+0xb5/0x130
[   94.821663][ T7987]  proc_fail_nth_read+0x100/0x140
[   94.821716][ T7987]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   94.821790][ T7987]  vfs_read+0x19d/0x6f0
[   94.821830][ T7987]  ? __rcu_read_unlock+0x4f/0x70
[   94.821850][ T7987]  ? __fget_files+0x184/0x1c0
[   94.821878][ T7987]  ksys_read+0xda/0x1a0
[   94.821968][ T7987]  __x64_sys_read+0x40/0x50
[   94.821999][ T7987]  x64_sys_call+0x2d77/0x2fb0
[   94.822045][ T7987]  do_syscall_64+0xd2/0x200
[   94.822062][ T7987]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   94.822089][ T7987]  ? clear_bhb_loop+0x40/0x90
[   94.822108][ T7987]  ? clear_bhb_loop+0x40/0x90
[   94.822166][ T7987]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.822184][ T7987] RIP: 0033:0x7ff1c238d33c
[   94.822197][ T7987] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   94.822211][ T7987] RSP: 002b:00007ff1c09f7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   94.822229][ T7987] RAX: ffffffffffffffda RBX: 00007ff1c25b5fa0 RCX: 00007ff1c238d33c
[   94.822313][ T7987] RDX: 000000000000000f RSI: 00007ff1c09f70a0 RDI: 0000000000000004
[   94.822326][ T7987] RBP: 00007ff1c09f7090 R08: 0000000000000000 R09: 0000000000000000
[   94.822339][ T7987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   94.822349][ T7987] R13: 0000000000000000 R14: 00007ff1c25b5fa0 R15: 00007ffc5be046b8
[   94.822364][ T7987]  </TASK>
[   95.034006][   T29] kauditd_printk_skb: 1295 callbacks suppressed
[   95.034021][   T29] audit: type=1326 audit(1751161022.488:14971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7978 comm="syz.0.1775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98c3c6e929 code=0x7ffc0000
[   95.063982][   T29] audit: type=1326 audit(1751161022.488:14972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7978 comm="syz.0.1775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98c3c6e929 code=0x7ffc0000
[   95.096292][   T29] audit: type=1400 audit(1751161022.518:14973): avc:  denied  { map_create } for  pid=7988 comm="syz.1.1780" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   95.096316][   T29] audit: type=1400 audit(1751161022.518:14974): avc:  denied  { prog_load } for  pid=7988 comm="syz.1.1780" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   95.096405][   T29] audit: type=1400 audit(1751161022.518:14975): avc:  denied  { create } for  pid=7988 comm="syz.1.1780" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[   95.096462][   T29] audit: type=1400 audit(1751161022.518:14976): avc:  denied  { create } for  pid=7988 comm="syz.1.1780" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[   95.096484][   T29] audit: type=1400 audit(1751161022.518:14977): avc:  denied  { create } for  pid=7988 comm="syz.1.1780" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=0
[   95.096505][   T29] audit: type=1400 audit(1751161022.518:14978): avc:  denied  { prog_load } for  pid=7988 comm="syz.1.1780" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   95.096523][   T29] audit: type=1400 audit(1751161022.518:14979): avc:  denied  { map_create } for  pid=7988 comm="syz.1.1780" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   95.096542][   T29] audit: type=1400 audit(1751161022.518:14980): avc:  denied  { prog_load } for  pid=7988 comm="syz.1.1780" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   95.145038][ T7996] hsr0: entered promiscuous mode
[   95.421243][ T8027] netlink: 'syz.4.1796': attribute type 27 has an invalid length.
[   95.449982][ T8027] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.457591][ T8027] 8021q: adding VLAN 0 to HW filter on device team0
[   95.466359][ T8027] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   95.547778][ T8034] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1799'.
[   95.556789][ T8034] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1799'.
[   95.581522][ T8036] futex_wake_op: syz.4.1800 tries to shift op by -1; fix this program
[   95.646820][ T8046] netlink: 'syz.4.1805': attribute type 13 has an invalid length.
[   95.675239][ T8046] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   96.113772][ T8060] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[   96.122009][ T8060] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[   96.146566][ T8063] netlink: 'syz.4.1812': attribute type 21 has an invalid length.
[   96.169969][ T8063] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1812'.
[   96.179452][ T8063] netlink: 'syz.4.1812': attribute type 21 has an invalid length.
[   96.187540][ T8063] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1812'.
[   96.197118][ T8063] netlink: 'syz.4.1812': attribute type 21 has an invalid length.
[   96.205334][ T8063] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1812'.
[   96.214761][ T8063] netlink: 'syz.4.1812': attribute type 21 has an invalid length.
[   96.222878][ T8065] netlink: 'syz.5.1813': attribute type 1 has an invalid length.
[   96.233307][ T8063] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1812'.
[   96.243498][ T8063] netlink: 'syz.4.1812': attribute type 21 has an invalid length.
[   96.257586][ T8065] 8021q: adding VLAN 0 to HW filter on device bond0
[   96.265284][ T8063] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1812'.
[   96.268030][ T8065] netlink: 'syz.5.1813': attribute type 21 has an invalid length.
[   96.278540][ T8063] netlink: 'syz.4.1812': attribute type 21 has an invalid length.
[   96.282197][ T8065] netlink: 168 bytes leftover after parsing attributes in process `syz.5.1813'.
[   96.309095][ T8065] veth7: entered promiscuous mode
[   96.314249][ T8063] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1812'.
[   96.319379][ T8065] netlink: 44 bytes leftover after parsing attributes in process `syz.5.1813'.
[   96.323578][ T8063] netlink: 'syz.4.1812': attribute type 21 has an invalid length.
[   96.340458][ T8063] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1812'.
[   96.349804][ T8063] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1812'.
[   96.413874][ T8074] 8021q: adding VLAN 0 to HW filter on device bond1
[   96.434846][ T8074] veth5: entered promiscuous mode
[   96.596584][ T8078] SET target dimension over the limit!
[   96.779249][ T8107] $Hÿ: left promiscuous mode
[   96.784063][ T8107] bond_slave_0: left promiscuous mode
[   96.789618][ T8107] bond_slave_1: left promiscuous mode
[   96.795854][ T8107] hsr0: left promiscuous mode
[   96.811831][ T8107] veth5: left promiscuous mode
[   96.885479][ T8117] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[   96.893706][ T8117] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[   97.188756][ T8137] ==================================================================
[   97.196878][ T8137] BUG: KCSAN: data-race in selinux_inode_permission / selinux_inode_permission
[   97.205824][ T8137] 
[   97.208224][ T8137] write to 0xffff888103755834 of 4 bytes by task 8136 on cpu 0:
[   97.215841][ T8137]  selinux_inode_permission+0x4b8/0x620
[   97.221372][ T8137]  security_inode_permission+0x6d/0xb0
[   97.226818][ T8137]  inode_permission+0x106/0x310
[   97.231655][ T8137]  link_path_walk+0x162/0x900
[   97.236315][ T8137]  path_openat+0x1de/0x2170
[   97.240822][ T8137]  do_filp_open+0x109/0x230
[   97.245322][ T8137]  do_sys_openat2+0xa6/0x110
[   97.249905][ T8137]  __x64_sys_openat+0xf2/0x120
[   97.254672][ T8137]  x64_sys_call+0x1af/0x2fb0
[   97.259265][ T8137]  do_syscall_64+0xd2/0x200
[   97.263841][ T8137]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.269720][ T8137] 
[   97.272027][ T8137] read to 0xffff888103755834 of 4 bytes by task 8137 on cpu 1:
[   97.279553][ T8137]  selinux_inode_permission+0x2da/0x620
[   97.285082][ T8137]  security_inode_permission+0x6d/0xb0
[   97.290530][ T8137]  inode_permission+0x106/0x310
[   97.295367][ T8137]  link_path_walk+0x162/0x900
[   97.300027][ T8137]  path_openat+0x1de/0x2170
[   97.304514][ T8137]  do_filp_open+0x109/0x230
[   97.309010][ T8137]  do_sys_openat2+0xa6/0x110
[   97.313665][ T8137]  __x64_sys_openat+0xf2/0x120
[   97.318444][ T8137]  x64_sys_call+0x1af/0x2fb0
[   97.323020][ T8137]  do_syscall_64+0xd2/0x200
[   97.327593][ T8137]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.333485][ T8137] 
[   97.335790][ T8137] value changed: 0x00000034 -> 0x00000022
[   97.341486][ T8137] 
[   97.343791][ T8137] Reported by Kernel Concurrency Sanitizer on:
[   97.349919][ T8137] CPU: 1 UID: 0 PID: 8137 Comm: syz.4.1845 Not tainted 6.16.0-rc3-syzkaller-00319-gded779017ad7 #0 PREEMPT(voluntary) 
[   97.362310][ T8137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   97.372349][ T8137] ==================================================================