last executing test programs:

20.736143731s ago: executing program 4 (id=7171):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a000000020000000110000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10)
personality(0x410000e)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
accept$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000040)=0x1c)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x20702, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pim6reg1\x00', 0xe511})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000100)={'veth0_to_bridge\x00', 0x400})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r4)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c)
listen(r5, 0x0)
syz_emit_ethernet(0xb1, &(0x7f0000000180)={@local, @random="416cee93a4a6", @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0xa3, 0x0, 0x0, 0xfd, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x18, 0x4, 0x2, 0x0, 0x0, {[@timestamp={0x8, 0xa, 0x6, 0x4000}, @generic={0x22, 0xf, "3abc6903030000000000000000"}, @window={0x3, 0x3, 0xac}, @timestamp={0x8, 0x2, 0x200, 0x9}, @mss, @fastopen={0x22, 0xe, "54df942f7e09586180bbb068"}, @sack_perm={0x4, 0x2}, @fastopen={0x22, 0x5, "8537c8"}, @exp_fastopen={0xfe, 0x4}]}}, {"3416af759b3c6a17234d4c2152b5ae2e004fddd386c9b64ad6f215535cc63e143334edc421ad322c3793882feede38"}}}}}}, 0x0)
write$cgroup_subtree(r1, &(0x7f00000001c0)=ANY=[], 0xfdef)

20.621777743s ago: executing program 4 (id=7176):
bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, 0x0, &(0x7f00000005c0)=r1}, 0x20)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000140)="2e00000011008188040f80ec59acbc0413a1810031000000000f000000028002002d1f00"/46, 0x2e}], 0x1}, 0x0)

20.505523085s ago: executing program 4 (id=7181):
r0 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$binfmt_aout(r1, &(0x7f0000000340)=ANY=[], 0xff2e)
r2 = socket$inet6(0xa, 0x2, 0x3a)
sendmmsg$inet6(r2, &(0x7f0000001940)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)="a0002883781ecc0e", 0x8}], 0x1}}], 0x1, 0x0)
writev(r2, &(0x7f0000000a00)=[{&(0x7f0000000b40)="9a3c5a5bd7da23b3b3199ee5c6125c29f200b75a211d1ff015059598a32c3e15d3495eaf5dac3026ed7455ce2b1739844e7c203d62903d46992e0061bf586e854401a53866bb75fbfe2f91686c6ba00d00de92d614f3435f6744fe9119fd0fd0b57e5571b1bce61cbe2ae03c1d54e2c5261e5ca74c2db3f7f57f2e84e692d00c61c6c01a8d51e3c0d2f5808746bf3e5e67d6296705fe8de7c14225be13e33fd3d8f41f1c70d3ee39958f20183023d45d90d026510347b48228c4551e82b77afa38e7f77fe872b3341d0b8565fefd6a5558117172ad2c25d794b59897f4778c", 0xdf}, {&(0x7f00000004c0)="1a83e661ba2c905b9cb64f2eab79907bc0e967f706ec110ef6cd7d015972b84faf90fc10f5de255fdf7267df8315f60476a05e052111e44da8ecc0111ba086b4492a5652495d1d25954463cbe39ccf9427a8b315a8028bd62de56480ff8406e342c1ffbc05a7aeed9001f1ff9c41908e598c1667cc40e141925869c5f79b067d57cee8fc9a4ae29ab8d61c338eca169cda1c6fe91cee0515b0ec10dcf765a4789d672603aca93bb225f60f941bd57355744f038f8d819a0be2a8ea61d6feea96be8ce49c148ddeb4e2f8490952ff6f7a4a9579ed18", 0xd5}, {&(0x7f00000002c0)="a82bd24b7647beb4d8c02f9c2cc322105f4288363c6b9cf501e8cd05cf572da30bc5e73367599b896aff8830397147d9b1e2312990544580ac3fe9cc700067f41c4758a231e92d0da7096e4d958d9bc70e1d4942aef369f9", 0x58}, {&(0x7f00000005c0)="c77df14bb868725b17fa7c957da683a1f1465e11875caeb8d37132e2021d412fc2b55f6281f8e2df8f77774c5570d0", 0x2f}, {&(0x7f0000000600)="eb4d465b0db1ddcd90889c0512f70dfbcdd8380c8072b5df377debea31673a1b7f5a7f27586ac5eee99bbdd879eb08edb04f78335b025b486114754b38c89f0f09625be4dc044a6146e1c4b600f7634a46d73b13e54e7e195fd7188edb0a788a8cb12c734e138b6ed7dc7d6dd37f27fb7cd1dc46fcf559da087dc4ecfc526009d77e2894c580b511", 0x88}, {&(0x7f0000000900)="5c25eee259439d315d0f8e3ab0c5a14cae2b5187", 0x1b}, {&(0x7f0000000700)="30c4f170fd1617fab46d98c5c671fd6948649d1d13d8060590880d4d6a2cffc1ba535eab5022d0be52f0e691d4c43ce7da60780e66e3fc9bfdd01d6670c56d528e07f053afc7c8da13a91e51264560ae07fd8603a2e9ef46baff3747108a0907f30d3ed8c88d3099f94413d90e0b4f86e0382c0122ede5212cb8aa735ff5cad63bf48c4836894bffcd026ce76a8565759ee5e82ecb35650ad5e4bd9627e5f718f63b1dfe4d71a29bdf8f40485c04ce68292486b5bdfd0af834673d05e5eabfaaee30a5a442d7b96ccd4384dd140b", 0xce}, {&(0x7f0000000800)="334b56cf1a72de178ab2622f8324f0a458e15ce66e4e0fed2e15a5a2781ab615038282299a8ccfd46947a4d9ef2eb6f3a6ac131dc73260ad2e5615b35c247d65ee50d50c11a3f5af9665e1ce19706ce493fa170a", 0xffffffffffffffae}, {&(0x7f0000000880)="5e38b4df99e174be7692138d477ce6f2ceb1326ec7102fd9dcdb494613353a2a3e0996059ad71f08dcf8067883e9380fb4c58c507bb699a52eb43d6fd013ea573ad74690ea427436149a16ad25", 0x4d}], 0x9)
ioctl$TCXONC(r1, 0x540a, 0x2)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100))
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x5, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1801000021000000000000003b81000085"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0xd, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r4, 0x0, 0xfffffffffffffffd}, 0x18)
ioctl$SG_IO(r3, 0x2285, &(0x7f0000001440)={0x53, 0xfffffffffffffffd, 0xcf, 0x5, @scatter={0x9, 0x0, &(0x7f0000001240)=[{&(0x7f0000000c40)=""/246, 0xf6}, {&(0x7f0000000940)=""/106, 0x6a}, {&(0x7f00000003c0)=""/26, 0x1a}, {&(0x7f0000000d40)=""/191, 0xbf}, {&(0x7f0000000e00)=""/203, 0xcb}, {&(0x7f0000000f40)=""/229, 0xe5}, {&(0x7f0000001040)=""/99, 0x63}, {&(0x7f00000010c0)=""/79, 0x4f}, {&(0x7f0000001140)=""/243, 0xf3}]}, &(0x7f0000001300)="8181b78ca853e48c217d69a1223301fad3c1d0fd088d75d2f5935b3aa821ed31d0904c781403aa76f3fe3595aa7edadad2b80170db9f294364f606c80aae6137ec6a83f7d9d786d8695b1c2b2da550cdce68038e9be4ec7c4c8a52c17820e20accd25047d6187adf4824b1bdea032e89734566cff51b6dbc4799352258a4d91af8149240c53bdd01f8fb9accf8ac0068443527f40257fb06a57ad76a1b8abf46fdbfc901e0c750c7c316d7272fa75050ac3ed332736f5534f514abfd76b0768e3130596ba8daf69bdbb347a5849b5d", &(0x7f00000006c0)=""/33, 0x2, 0x1, 0x2, &(0x7f0000001400)})
r5 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f00000001c0)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300", 0xffffffff}, 0x48, 0xffffffffffffffff)
r6 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
r7 = add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc2}, &(0x7f00000002c0)={0x0, "6035ae1e0fe721441705322225930e6c1e3e2a51a92fd780bc34d7cf6e0236805b4377f7ab1a9b01c103a4c6a7ef54e6763fd7264c39ea00c508ba6062696138", 0x18}, 0x48, 0xfffffffffffffffe)
keyctl$KEYCTL_MOVE(0x4, r7, r6, r6, 0x0)
keyctl$KEYCTL_MOVE(0x4, r5, r5, 0x0, 0x0)
close(r3)
r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000480)=ANY=[], 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000ffffffff000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r8, @ANYBLOB="0000000000000000b705000000000000850000006d00000095"], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001500)={r9, 0x0, 0x44, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r10 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r10, &(0x7f0000003900)={0x2, 0x4e24, @multicast1}, 0x10)
r11 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1810000000000000000000000000000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8b}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000014c0)={&(0x7f0000000100)='kmem_cache_free\x00', r12}, 0x18)

20.17507972s ago: executing program 4 (id=7187):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000680)={&(0x7f0000000140)='sched_switch\x00', r0, 0x0, 0xa}, 0x18)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000002c0)={'rose0\x00', 0x112})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000180)={'rose0\x00', 0x112})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000000}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{r3}, 0x0, &(0x7f00000002c0)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
arch_prctl$ARCH_GET_FS(0x1003, &(0x7f0000000280))
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x22004002, &(0x7f0000000140)={[{@jqfmt_vfsold}, {@nojournal_checksum}, {@noload}, {@noinit_itable}, {@usrjquota}, {@grpjquota, 0x2e}], [{@seclabel}]}, 0x81, 0x46c, &(0x7f00000004c0)="$eJzs3MtvG8UfAPDvrpP09ctD/ZVHH1BDQUQUkiYU6IELCKRekJDgAMeQhqrUbVETJFpVtCBUjoi/ADgi8RdwggsCTiCucEdIFeqFwgEtWnu3dWIndZwYN/jzkdae2YdnZmcnnp3xJoCBVc1fkogsIn6OiPFGdPkO1cbbjeuX5v+8fmk+iSx7+fekvt8f1y/Nl7uWx+0qIpNpRPpBEvvbpLt44eLpuVpt4XwRn14689b04oWLj586M3dy4eTC2dljx44+MfP0U7NPbko5R/O87nv33IG9x1/7+MX5LF7/7os8v/8rtjeXo2Fiw2lWo7r8XNaN1F8f3vCn31lGm8LJUB8zwrpUIiKvruF6+x+PStyqvPF44f2+Zg7oqSzLsm0taytl4EoG/Icl0e8cAP1RftHn97/l8i92P/ru2rONG6C83DeKpbFlKNL8bXvjjn20R+lXI+LVK399ki/RdhwCAGBzfZX3fx5r1/8bS+5u2m+smBuaiIjDEbE7Iv4fEXsi4q6IyPe9JyLuXWf61RXx1v7Pjzu6KliH8v7fM8Xc1vL+X1ruMlEpYqP18g8nb5yqLRwpzslkDG/L4zNrpPH18z99tNq25v5fvuTpl33BIh+/Da0YoDsxtzS3kTI3u/ZexL6hduVPbs4EJBGxNyL2dfH5+Tk79ejnB/Lw2K7W7QduW/41bMI8U/ZZxCON+r8SK8pfShoprTY/Ob09agtHpsurotX3P1x9qTk+3BS+ff33Vl7/O9te/0X5y2ZQztcurj+Nq798uOo9TbfX/0jySj08Uqx7Z25p6fxMxEixYtn62VvHlvFy/7z8k4falX8s2R3x96fFcfuLa/W+iLg/Ig4WeX8gIh6MiENrlP/b5x56c+0z1N/6P7FW/UdMJM3z9V0EKqe/+XK19Dur/6P10GSxppO/f51mcCPnDgAAALaKtP4b+CSduhlO06mpxm/498TOtHZucelwNd4+e6LxW/mJGE7Lka7xpvHQmWJsuIzProiXY15ZtqMen5o/V+vVnDrQmV2rtP/cr5V+5w7ouXXNo7U+0QZsYZ7XhMGl/cPg0v5hcGn/MLjatf/LETeaoj19CAPoH9//MLi0fxhc2j8MLu0fBlLrI/HlSF83T/rfCuw+vqHDByhQ6dEnR/M/7ehBINK+n7ruA+mdkI2DRWBbRHR61OWe1unK6wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDr+ycAAP//ENre5A==")
socket$nl_generic(0x10, 0x3, 0x10)
getrandom(0x0, 0x0, 0x2)
ioctl$TUNSETQUEUE(r2, 0x400454d9, &(0x7f0000000100)={'vlan0\x00', 0x400})

20.044677422s ago: executing program 4 (id=7188):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000072000000"], &(0x7f0000001480)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b40)={&(0x7f0000000380)='kfree\x00', r0}, 0x18)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000001a80)="d8000000180081064e81f782db4cb904021d0800fd007c05e8fe50a10a000600014002020c600e41b0000900ac000a0501000000160012000a00ff120048035c3b61c1d67f6f94007134cf6efb8007a007a290457f01a7cee4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5ae24e25ccca9e00360db79826835d3a71d95667daffffffffff1f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5b7276505de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9000001008af26c8b7b55f4d2a6823a45", 0xd8}], 0x1}, 0x894)

20.044055812s ago: executing program 4 (id=7189):
r0 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$VT_OPENQRY(r0, 0x5600, &(0x7f00000000c0))
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, &(0x7f0000000140)={0x0, 0x1, 0x0, 0x0, @vifc_lcl_ifindex, @private=0xffffffff}, 0x10)
ioperm(0x41, 0x9, 0xcfb572c)
fsopen(&(0x7f0000000280)='configfs\x00', 0x1)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000a00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
mq_open(0x0, 0x42, 0x24, 0x0)

20.027335103s ago: executing program 32 (id=7189):
r0 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$VT_OPENQRY(r0, 0x5600, &(0x7f00000000c0))
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, &(0x7f0000000140)={0x0, 0x1, 0x0, 0x0, @vifc_lcl_ifindex, @private=0xffffffff}, 0x10)
ioperm(0x41, 0x9, 0xcfb572c)
fsopen(&(0x7f0000000280)='configfs\x00', 0x1)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000a00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
mq_open(0x0, 0x42, 0x24, 0x0)

2.565313788s ago: executing program 1 (id=7448):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
mq_unlink(0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000002c0)='./file0\x00', 0xc0ed0040, &(0x7f0000000400)={[{@oldalloc}, {@nobh}, {@resgid}, {@noload}, {@journal_dev={'journal_dev', 0x3d, 0x3}}, {@auto_da_alloc}]}, 0xfe, 0x483, &(0x7f0000000dc0)="$eJzs3MtvG8UfAPDv2nn28Ut/pTxaWggURMUjadIHPXABceAAAgkORZyCk1alboOaINGqooVDEeKAKnFHHJH4CzjBBQEnJK5wR5UQ6qWFk9Hau2ns2iFxNnGLPx/J7czu2jNfz856diZ2AH1rPP0nidgWEb9GxFgj23zAeOO/m9cvVv66frGSRK32+p9J/bgb1y9WspdYet7WxoZaLcsPtyn3ylsRM9Xq3LksP7l45t3JhfMXnjl1Zubk3Mm5s9PHjh0+tG/o6PSRQuJM47qx54P5vbtfevPqK5XjV9/+8eu0vtuy/XkcRRpvvLttPV50YT22fVk6GehhRViTtN3S5hqs9/+xKMfo0r6xGP6op5UDNlStVqu1+3zOXK4B/2FJLCXLPa0IsMnyD/r0/jd/bNLQ447wx/ONG6A07pvZo7FnIErZMYMt97dF2hYRxy///UX6iA2ahwAAWO7bdPzzdLvxXynuW3bc/7I1lB0R8f+I2BkR90TEroi4N6J+7P0R8cAay29dIbl9/FO61lVgq5SO/57L1raax3/56C92lLPc9nr8g8mJU9W5g9l7ciAGh9P8VNNTmn334i+ftW77NJtmH182/ksfafn5WDCrx7WBlgm62ZnFmUKCT+P/MGLPQLv4k8iXcZKI2B0Re7os49STX+3ttO/f419BAetMtS8jnmi0/+VoiT+XdFyfnHr26PSRyZGozh2czM+K2/3085XXOpW/rvgLkLb/lrbnfyP+9B4xGYlYOH/hdH29dmHtZVz57eNK0mHfri7P/6HkjXp6KNv2/szi4rmpiKHk5TQ72rR9+tZz83x+fBr/gf3t+//OiJH8nXgwItKTeF9EPBQRD2dt90hEPBoR+1eI/4cXHnun077O7b/CrHyB0vhnV2j/9JKXpm61/9oT5dPff9Op/Nqq2v9wPXUg27Ka699qK7ie9w4AAADuFqX6GnRSmlhKl0oTE42/4d8VW0rV+YXFp07Mv3d2trFWvSMGS/lM19iy+dCpbG44z0+35A9l88afl0fr+YnKfHW218FDn9vaof+nfi/3unbAhvN9Lehf+j/0L/0f+pf+D/1L/4c+NdR+86XNrgfQE2v//B/ZkHoAm8/4H/qX/g/9S/+HvtTxu/GldX3l/25NDBT6gpciorgXHC065HJEdP/0KHVfev7bFr1u7qbEq580KnWn1CdPDKz6xyy6TAy33XXbpWJybHMvTQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIX4JwAA//8Qcd83")

2.516751459s ago: executing program 1 (id=7449):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0x1000000000000}, 0x18)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYRES8=r1], 0x0, 0x200, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x4, 0xc, &(0x7f00000005c0)=ANY=[@ANYRES8=r0, @ANYRES64=0x0, @ANYBLOB="5394eff7f2d20afc6e87dba6e1c938b4d54e5eb30057324e11d8ee31a592cce6825ddeb5e80beb2b2a44ffc7737169411353d352a83cd36a5f873679b74b6e676b615fe1a70a0b8359bb44dd9ca6526d886b53bbd9cdd561cacc495d13d06c451aad12cc8bcf03ac80e6414f2a73f062140ff98e8f77d7d5e3ec911c445a2d062200ce86f759c9cb4587c3b02c66ecedbb1c78dda58ff3faf8b9ca105082ddef5cd3a3b0003a667027264e4f8ba469693f96c53d82", @ANYRESDEC=r0, @ANYRESHEX=r0], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="5800000002060300000000000000000000000000110003ef31ef34d35256326bb94f00686173683a69702c706f7274000000000900020073797a31000000000c000780080012400ffffffc050005000a00000005000400010000000500010007000000"], 0x58}}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0xa00008, &(0x7f0000000140)={[{@min_batch_time={'min_batch_time', 0x3d, 0xd}}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@noblock_validity}]}, 0x1, 0x7ad, &(0x7f00000007c0)="$eJzs3c9rG1ceAPDvyD/jZNdeWNjNngwLu4YQeZ31JruwsFn2sBQaCLTnJEZWTGrZCpYcYmNIQin00kNLD4XmknPTprdc++PaXvo39FAS0tYJTemhuIw0SmRbcpzEklL8+cBY782M9N533sybZ82gCWDfGk//5CIORwykydFsfhLZjOiPOFlf7+H6WiGdktjYeOW7pLbOg/W1QjS9J3Uwy/wxIj57I+JIbnu5lZXV+ZlSqbiU5SerCxcnKyurRy8szMwV54qLx6emp4+d+MeJ43sX6w9frh66+/b///rRyZ9e/8Ottz5P4mQcypY1x7FXxmM82yYD6Sbc5H97XViPJb2uAM8kPTT76kd5HI7R6NuhJf/T1ZoBAJ1yJSI2AIB9JnH+B4B9pvE9wIP1tUJjivr1nKs9/WKiS+79NyKG6/E3rm/Wl/TXr9l9NVy7DjryIKldI2lIImJsD8ofj4jrt8/cTKfo0HVIgFauXouIc2PjW/v/tIfbes/C0/rbLtYZ35LX/0H3fJKOf/65ffwXkcuO/+Ha363jn6EWx+6zePLxn7uzKTuwB4U2Scd//266t+1hU/yZsb4s95vamG8gOX+hVEz7tt9GxEQMDKX5qR3KmLj/8/12y5rHf9+/89oHafnp6+M1cnf6hza/Z3amOvM8MTe7dy3iT/2t4k8etX/SZvx7epdlvPSvN99vtyyNP423MW2Pv7M2bkT8pWX7P74PKtnx/sTJ2u4w2dgpWvj46/dG2pXf3P7Xb6clrRUa/wt0Q9r+IzvHP5Y0369Zefoyvrgx+mm7ZZvjP3MzLX9z/K33/8Hk1Vp6MJt3eaZaXZqKGExe3j7/2OP3NvKN9dP4J/7c+vjfaf9Pu6FzWXrjCTc/9t/99sNnj7+z0vhn0/ZPsiCe2P5Pn7j1cL6vXfm7a//pWmoim7O9/+vf9rm7reBzbTwAAAAAAAAAAAAAAAAAAAAAAAAA2KVcRByKJJd/lM7l8vn6M7x/HyO5UrlSPXK+vLw4G7VnZY/FQK7xU5ejTb+HOpX9Hn4jf2xL/u8R8buIeHfoQC2fL5RLs70OHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyB9s8/z/1zVCvawcAdMxwrysAAHSd8z8A7D9tzv+DrWcf6GhdAIDuqJ3/k/5eVwMA6CLf/wPA/uP8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQIedPnUqnTZ+XF8rpPnZSyvL8+VLR2eLlfn8wnIhXygvXczPlctzpWK+UF5o+0FX6y+lcvnidCwuX56sFivVycrK6tmF8vJi9eyFhZm54tniQNciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDdq6yszs+USsUliZ0TV16IalzLmq3XW0PihUgMRUSnimjuJQ70pnMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+BX4JQAA//9qsh/Y")
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008000000"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0x8, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r7, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='inet_sock_set_state\x00', r8}, 0x18)
socket$inet(0x2, 0x1, 0x0)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.swap.current\x00', 0x275a, 0x0)
writev(r9, &(0x7f0000000380)=[{&(0x7f00000000c0)="6b5ea0cd187ede3e538bc3543948db9297109ca599cded039b156251280c7ab65af41be8ce62414fe0e3ec3ee9e934d857d01d2100604b4cb96352c190d2a873f0456fbfe4300bb80f3eb66e6a", 0x4d}], 0x1)
ioctl(r9, 0x1, &(0x7f0000000080))

1.640097253s ago: executing program 0 (id=7462):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000004d00000600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/17], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000001b40)='sched_switch\x00', r1}, 0x10)
r2 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x0)
openat$cgroup_procs(r3, &(0x7f0000000240)='cgroup.threads\x00', 0x2, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_SERVICE(r3, &(0x7f0000000580)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x63717339fee12f27}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x2c, r4, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x2}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x6}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x7}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000001)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x90)
socket$inet(0x2, 0x4000000000000001, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r5, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff53000000800395032303030"], 0x15)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x70, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
pipe2$9p(&(0x7f0000000000)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r7, &(0x7f0000000300)=ANY=[], 0x15)
r8 = dup(r7)
write$P9_RLERRORu(r8, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r8, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r8, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB=',wfdno=', @ANYRESHEX=r8])
chown(&(0x7f0000000240)='./file0\x00', 0xee00, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x40, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f0000001480)=@base={0x6, 0x4, 0x8, 0x8}, 0x50)

1.568080564s ago: executing program 3 (id=7465):
r0 = socket$inet(0x2, 0x2, 0x1)
syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x88e, &(0x7f00000000c0)={[{@noload}, {@mblk_io_submit}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@auto_da_alloc}, {@dioread_lock}, {@quota}]}, 0x3, 0x434, &(0x7f00000002c0)="$eJzs289rHFUcAPDv7CataVMTS/3RtGq0isEfSZPW2oMXRcGDgqCHeoxJWmK3jTQRbAkaRepRCt7Fo+Bf4Ekvop4Er3qXQpFcWj2tzO5MsrvZTbPpJlvdzwcmeW/mLe99d+btvjdvJ4CeNZr+SSIGI+L3iBiqZusLjFb/3Vpdnvl7dXkmiXL5rb+SSrmbq8szedH8dfvzTF9E4bMkjjSpd/HylfPTpdLcpSw/sXTh/YnFy1eem78wfW7u3NzFqdOnT56YfOHU1PMdiTON6+bIRwtHD7/2zrU3Zs5ce/fnb5M8/oY4OmR0s4NPlssdrq67DtSkk74uNoS2FKvdNPor/X8oirF+8obi1U+72jhgR5XL5fIDrQ+vlIH/sSS63QKgO/Iv+nT+m2+7NPS4K9x4qToBSuO+lW3VI31RyMr0N8xvO2k0Is6s/PNVusXO3IcAAKjzfTr+ebbZ+K8QtfeF7s3WUIYj4r6IOBgRpyLiUETcH1Ep+2BEPNRm/Y2LJBvHP4Xr2wpsi9Lx34vZ2lb9+C8f/cVwMcsdqMTfn5ydL80dz96Tsejfm+YnN6njh1d++6LVsdrxX7ql9edjwawd1/v21r9mdnpp+k5irnXjk4iRvmbxJ2srAUlEHI6IkW3WMf/0N0dbHbt9/JvowDpT+euIp6rnfyUa4s8lm69PTtwTpbnjE/lVsdEvv159s1X9dxR/B6Tnf1/T638t/uGkdr12sf06rv7xecs5zXav/z3J23X7PpxeWro0GbEneb3a6Nr9Uw3lptbLp/GPHWve/w/G+jtxJCLSi/jhiHgkIh7N2v5YRDweEcc2if+nl594r27H2GAb8e+sNP7Zts7/emJPNO5pniie//G7ukqHo4340/N/spIay/Zs5fNvK+3a3tUMAAAA/z2FiBiMpDC+li4Uxserv+E/FPsKpYXFpWfOLnxwcbb6jMBw9BfyO11DNfdDJ7NpfZ6fasifyO4bf1kcqOTHZxZKs90OHnrc/hb9P/VnsdutA3ac57Wgd+n/0Lv0f+hd+j/0rib9f6Ab7QB2X7Pv/4+70A5g9zX0f8t+0EPM/6F36f/Qu/R/6EmLA3H7h+QlJDYkonBXNENihxLd/mQCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADojH8DAAD//ygv5wk=")
r1 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
close_range(r0, r0, 0x2)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086607, &(0x7f00000001c0))
recvfrom(r0, &(0x7f00000001c0)=""/181, 0xb5, 0x100, &(0x7f0000000280)=@generic={0x26, "e74d5e72665fd55b67bbe4f30f1f0c5e20bf3af101e818ac9feb9327d0703b270b721046a60d4c64e7ee4d440005d10e3d2c028bb81d6ee7d7e35c6a984d7d5520841d47808ac029886bef4aa47d99d699af21aa8aeb12ae982c8f97c62f1b57ad72ac8c8d1f59670ea51f9a6516bb5787e16682869df160db0f1d85fd34"}, 0x80)
sendmsg$inet(r0, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0xffff, @multicast2}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000180)='\x00\x00\x00\x00\x00\x00', 0x6}], 0x3f, &(0x7f0000000100)=ANY=[@ANYRES8=r0], 0x40}, 0x4040000)

1.505498045s ago: executing program 3 (id=7467):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7"], 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r3}, 0x10)
r4 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r4, @ANYBLOB='\x00\x00'])

1.501011286s ago: executing program 5 (id=7468):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18)
r2 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x83, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x5}, 0x20, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000200)='!pu\t&0&&\t')
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, &(0x7f0000000300)='posixacl\x00', 0x0, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6(0xa, 0x80002, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(r3, 0x8916, &(0x7f00000003c0)={@remote, 0x1d})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000f00)='kfree\x00', r5, 0x0, 0x4}, 0x18)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000010900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000025940000000c0a01030000000000000000070000080900020073797a31000000000900010073797a30000000006800038064000080080003400000000258000b802c0001800a0001006c696d69740000001c0002800c00014000000000000000030c0002400000000000000010140001800c0001"], 0x118}, 0x1, 0x0, 0x0, 0x4000800}, 0x8004)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$inet6_mreq(r7, 0x29, 0x1b, &(0x7f0000000300)={@remote}, 0x14)
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0026}]})
close_range(r8, 0xffffffffffffffff, 0x0)

1.399352917s ago: executing program 0 (id=7470):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000140)="d80000001a0081044e81f782db4cb904021d0800ff007c05e8fe55a115000200fe80000000000000080005007a0104dea700160020000100e0000000035c0461c9ed7f6f940071342e875fab7cb6cedccf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c27c768252ee5a7cef4090000001fb791643a5ee4ce1b141993c034e653de8efe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9ee5350db798262f3d40fad95667e006dcdf6341b3413394e690b5692304343e44e5951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee", 0xd8}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x15, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40500000000040079103000000000001e500000000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3c0200001900010000ffea0010000000e0000001000000000000000000000000ac1414bb00000000000000000000000000000000ffff00000a00800000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000084010500ac1414aa000000000000000000000000000000003c00000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000ac1414aa000000000000000000000000000000003c00000000000000fe80000000000000000000000000000000000000000000000008000000000000000000007f000001000000000000000000000000000000003200000000000000e00000010000000000000000000000000000800003030000000000000000000000000000ff0100000000000000000000000000010000000033000000000000000a010101000000000000000000000000043500000000010000000000bf0a000000000000fe8000000000000000000000000000aa000004d533"], 0x23c}}, 0x0)

1.398439407s ago: executing program 3 (id=7471):
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000380)={[{@mpol={'mpol', 0x3d, {'local', '=static', @void}}}, {@huge_advise}, {@huge_never}, {@huge_advise}, {@noswap}, {@huge_advise}, {@noswap}, {@huge_advise}], [{@fowner_eq}, {@flag='rw'}]})
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])

1.274507209s ago: executing program 0 (id=7473):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000b80)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0xffffffff}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xf, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6(0x10, 0x2, 0x6)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x16}]}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000b80)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0xe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b40)={&(0x7f0000000080)='kfree\x00', r3, 0x0, 0x80000000000000}, 0x18)
sendto$inet6(r2, &(0x7f00000002c0)="100000001200050f0c1000000049b23e", 0x10, 0x0, 0x0, 0x0) (fail_nth: 3)

1.274037089s ago: executing program 5 (id=7474):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x2000013a, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020732600000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000300)='mm_page_alloc\x00', r0}, 0x18) (async)
prctl$PR_SET_NAME(0xf, &(0x7f0000000880)='+}[@\x00') (async)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000f40)=ANY=[@ANYBLOB="4000000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="81ffffff00000000180012800e000100776972656775617264"], 0x40}}, 0x0)

1.060381803s ago: executing program 1 (id=7475):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x2c, r3, 0x6a98047402e98331, 0x0, 0x0, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8040}, 0x4886)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
r5 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
sendfile(r4, r5, &(0x7f0000000480)=0x2, 0x4)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000340)={'syz_tun\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=@getchain={0x5c, 0x11, 0x1, 0x2000000, 0x0, {0x0, 0x0, 0x0, r7, {}, {0x7, 0xa}, {0xfff3}}, [{0x8, 0xb, 0x3ff}, {0x8, 0xb, 0x40004}, {0x8, 0xb, 0xffffffff}, {0x8, 0xb, 0x5}, {0x8, 0xb, 0x19e5}, {0x8, 0xb, 0x7}, {0x8, 0xb, 0x10001}]}, 0x5c}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000080)={'batadv0\x00', <r8=>0x0})
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r10, @ANYBLOB="0000000000000000b703000010000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xb8)
r11 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000000)={'veth0_vlan\x00', <r12=>0x0})
sendmsg$nl_route_sched(r11, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r12}}, 0x24}, 0x1, 0x0, 0x0, 0x8080}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x11}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0xc, &(0x7f00000000c0)={0x0, 0x1}, 0x8}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x811}, [@map_fd={0x18, 0x1, 0x1, 0x0, 0x1}, @map_val={0x18, 0x6, 0x2, 0x0, r10, 0x0, 0x0, 0x0, 0x1}, @call={0x85, 0x0, 0x0, 0x3b}, @map_val={0x18, 0x3, 0x2, 0x0, r9, 0x0, 0x0, 0x0, 0xffffffff}, @map_val={0x18, 0x7, 0x2, 0x0, r10, 0x0, 0x0, 0x0, 0xe}]}, &(0x7f0000000080)='GPL\x00', 0x4, 0xd7, &(0x7f00000004c0)=""/215, 0x41100, 0x2, '\x00', r12, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x2, 0x5}, 0x8, 0x10, &(0x7f0000000380)={0x2, 0xf, 0x2, 0x3}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000400)=[r10, r10, r10, r10, r9, r10], 0x0, 0x10, 0xd0ad}, 0x94)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x58, r3, 0x1, 0x70bd2c, 0x25dfdbfe, {}, [@ETHTOOL_A_LINKMODES_MASTER_SLAVE_CFG={0x5, 0x7, 0x6}, @ETHTOOL_A_LINKMODES_DUPLEX={0x5, 0x6, 0xc0}, @ETHTOOL_A_LINKMODES_HEADER={0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}]}, @ETHTOOL_A_LINKMODES_LANES={0x8, 0x9, 0x3}, @ETHTOOL_A_LINKMODES_AUTONEG={0x5, 0x2, 0x5}]}, 0x58}, 0x1, 0x0, 0x0, 0x800}, 0x800)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a40)={{0x14}, [@NFT_MSG_NEWRULE={0x60, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x34, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8}]}}}, {0x10, 0x1, 0x0, 0x1, @last={{0x9}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x88}}, 0x0)
close(r0)

1.038753913s ago: executing program 3 (id=7476):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'sit0\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r1, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x48801}, 0x0) (fail_nth: 1)

898.582385ms ago: executing program 0 (id=7477):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r1, 0x402, 0x8000001f)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
read$qrtrtun(r2, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000160000009575adff1a4fea182f3a4cea24ef3bffa335d9ae70d5a3255af8fbdd5ed4aecd6719641d0068f18819d238cbbf7a72d20673432154ec4c4d471b1d29a195af1441933b166958856f1b8c3a1961bc9b0c635f9eeddd2498c8b943c703077ce8458cf2927b275947fe8f7d9f8deba729ab5c9e03c224d804f5c8e01128e92059be83586f1cada0", @ANYRES32=r3, @ANYBLOB="1800000000000000000000000000000018110000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$TUNGETIFF(r1, 0x800454d2, &(0x7f0000000000)={'erspan0\x00'})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r4}, 0x10)
fcntl$notify(r1, 0x402, 0x3)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0700000004000000080200000e00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000c16d9d0cab000000000000000000000000f0bbd394a77fea7065af79486c9d5ff0b5a4f3f6bdc30f0f57eb59c09d00d3475b6c65d8d33633df3edd3941bc7a27314788a56ba140654cf154e5876daad46624e3afe12455c1137c521c04a9326aa12280d05bd7ea87337aa4384c2911cf4117c6e5aefe84caa71d12cd6c4cfa83f7d694257d4b56500874d5c47db278935f9663cacd0e978097cdce6f3d9ca53bf0435659dbaa2b597d6682f7896d4491f048ea22d4c9482fb172c105cb4b52f58a1d421837b6cd34e81a4314ed0a5e283b259f1b5164a98b517c1a00"/236], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7030000ec000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r7}, 0x18)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="17000000000000000084000001"], 0x48)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_DELETE_ELEM(0x15, &(0x7f0000000500)={r8, 0x0, 0x20000000}, 0x20)
r9 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
r11 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202)
eventfd2(0x8f, 0x80801)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r11, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00'})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r11, 0x4040534e, &(0x7f0000000180)={0x92, @time={0x65757100, 0x1316575}, 0x3, {0x1}})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r10, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
r12 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r13 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r12, @ANYBLOB="0000000000000000b708000000000e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000020850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sys_enter\x00', r13}, 0x18)

877.967626ms ago: executing program 2 (id=7478):
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='memory.events.local\x00', 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="8b3329bd70000000000005000000080003"], 0x2c}}, 0x0)
connect$unix(r0, &(0x7f00000000c0)=@abs={0x1, 0x0, 0x4e20}, 0x6e)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000001c0)={'sit0\x00', <r5=>0x0})
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071000000850000000800000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000005c0)='sys_enter\x00', r6}, 0x10)
clock_settime(0x7, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000600)=@delqdisc={0x110, 0x25, 0x200, 0x70bd29, 0x25dfdbff, {0x0, 0x0, 0x0, r5, {0x3, 0x4}, {0x10, 0xd}, {0x10, 0x10}}, [@qdisc_kind_options=@q_blackhole={0xe}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x3}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x8}, @TCA_STAB={0x38, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x8, 0xe6, 0x401, 0x8, 0x0, 0x400, 0x2, 0x9}}, {0x16, 0x2, [0x8, 0x8, 0x7, 0x5, 0xf, 0xa, 0x8, 0x101, 0x4]}}]}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x1000}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0xb1b3}, @TCA_STAB={0x7c, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x8, 0x5, 0x1, 0xfffffff8, 0x0, 0x10, 0x98, 0x4}}, {0xc, 0x2, [0x1, 0x401, 0x5, 0x1]}}, {{0x1c, 0x1, {0x3, 0xf2, 0x4, 0x0, 0x1, 0x0, 0x4062, 0x8}}, {0x14, 0x2, [0x7, 0xa03, 0x2, 0x1, 0x34f7, 0xc3, 0x0, 0xffff]}}, {{0x1c, 0x1, {0x9, 0x7, 0x6, 0x1, 0x0, 0x7ff, 0x6c}}, {0x4}}]}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x2}]}, 0x110}, 0x1, 0x0, 0x0, 0x48801}, 0x0)

621.738119ms ago: executing program 5 (id=7479):
r0 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000500)={'xfrm0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000005c0)=@newqdisc={0x34, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r1, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x0) (async, rerun: 64)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000400)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff9ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00010000850000000d000000b7000000000000009500000000000000496cf2827fb43a431ca711fcd0cdfa146ec56175037958e271f60d25b7937f02c8695e5a1b24df41dc10d1e8bf076d83923dd29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b318e2ec0e1a00897a74a0091ff110026e6d2ef831ab7ea0c34f17efd36ef3bb622003b538dfd8e012e79578e51bc53099e90fbdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e060e3670ef0e789f93781965f1328d6704902cbe7bc0cb82d2789cb132b8667c21476619f28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fbce841f8a97be6148ba532e6ea09c346dfebd31a08b32808b80200000000009dd27080e71113610e1019c12a73748b049604fa72c64ed858e8327ef01fb6c86adac12233f9a1fb9c2aec61ce63a3462fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2ed8576a3f7f3deadd7130856f756436303767d2e24f29e5dad9796edb697a6e97180aabc18cae2ed4b4390af9a9ceafd07ed00b0000002cab154ad029a119ca3c972780870014601c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f4b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a2a71bc85018e5ff2c910496f19afc91b47683db01a469398685211bbae0e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bde792c88c5b8dcdcc22ee17476d738992533ac2a9b5a699593f084419cae0b4183fb01c73f99857399537f5dc2acb72c7eae993fc9eb22d130665b6341da114f08cd0509d380578673fffffffd7917f23837a6b24db0e067345560942fa629fbef2461c96a08707671315c302fae29187d4f5c06a960fd37c10223fdae7ed04935c3c90d3add8eebc8619d73415e6adcda2130f5011e48455b588b90dfae158b94f50adab988dd8e12baf5cc9398c88607a08009c2977aab37d9a44cfc1c7b4000000000000fa47742f6c5b9c4b11e7d7262a1457c39495c826b956ba859ac8e3c177b91bd7d5ca1664fe2f3ced8468911806e8916dc15e21644db60c2498d5d16d7d915836ab26c169482008ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d4a3e1a9e90d76c1993e0799d4894ee7f8249dc1e342892129369ee1b85afa1a5be5f6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1038debd64cbe359454a3f2239cfe35f81b7aded448859968ff0e90501b0b07c0dd00490f167e6d5c1109681739dc33f75b20428d6474a0a91ee90b8de802c6b538622e6bbcb80f87b415263c401e64ed69a2f75409000000000000001d695c4559b82cabac3cccadc1e1c19af4e03020abf5ff0433d660f20898d2a045d009a0ffb20a77c9af2b80c05184a66d30bbea2ca45a4d6d6d1e6e79aef42355b17402a500587b603306a5af8d867d80a07f10b854b1c8c768c001496fa99ce5b5040be9194123e918914a71ad5a8521fb956dbc60f7d9719b55b3abb6bba3d113a680a8d46fe074c83fbe378a3889e8145b2eaceab05ef932c6e4f8ef0ed0d818a7b76d839cf3c6775e19f0b7e70803000000b168c38fa32e49563cfee3a7f0fc18bfa32c418cef875fb49e2989172a1bcd1e30280bc5867dd4e27b6ef206660090bb2164474cef378f97ca33fccf363361dcdba10c1547053453d0c9aec91a24079b21d52fb5516bf0c28ef37aa76442f6083dc99cd61afaf6be45d7b00d3639f2f10ac2d5c759c3e5468f5874c24411d415b6b085fb73a2d7c3852e0e658ffeb4e863428a792bee94f6cd895424360e0464f9d7ea425f2fa6aa0000000000000000532ff181c985f54b7ae20aa5e63055b4d6a36fa98a44e379d2bccf977c3e88538f406b598307c9912fb097601f3f88a2ea6fd1f9320cfe7f09aed4d1e72d26e5c7a93854c8e9f7f15f02e177ce23f43a154b42e26f037e8a01377cbd3f509e6e540c9ba9c2a589ac5d8ad67a65e9a44c576dc24452eafeffffffffffffff000000070000000000000000000000005333c6199c12dcd92689192727a7267c47cf897853d160100b39b613faefe16bd91fc105dddd77ab929b95032d3717fa9fbdc2bdc0e98ae2c3f23a6131e2879f0484ee3bfe30b92dd493be66c2242f8184733b80ba28e824910844df31f3d4bb2f89049c5f6d63956995747639964217aacfe548bc869098aa8e07e51dbc9e2d4db3c5f79fd355222ec2a00cf7f2ccd6dd6d2dc2a815d8314221a5472f1318a9dfbec5a759579caf3262129b14e99a40b5d91398e17df85c25ccae973eecc7d187168d5c9cd848d566cc1758763f0000009c927da38d83314480b15e23eb8c5b877a72bd4cf74a299df4fbfc8e6ea96939f15d254d9033c5a45706bda78ab602000000000000000000113a3065a478d1de98be3a66f6fbf68f2f5693050fa56db62e2f99cf916059ee36cdad078fc88d17cbde37a2270f90a60afe8548d4c579b09c333382c6e7a316ac03aa23d379836b96173a5541fa96c27e7fb6d2585d828aa330f3438d8487912bb7742be1502e706644f7a937451beb7a5f6ca3ef21e8cb8f841af6d54334d82a8b816b6daccf0c66162f897623ee325d714f9f10636a7573582ff31c7f9c6f767c806ef4af486cc19a5355bdc814cb5557c6fa6404179c865980b0815b907a7f268e97828c196f5ac033d395a217b4e1e45663023a0292003c36a3b7461fc2c8566e0f3f693bfacae26aa2b7d17962989ccb943633c080aacc9b7d311c251686fc66aa80bf41a5bf6cd72d5aa995820fb318fad61a79a61d0a969fd6018ac9f131fe02fe31d565723cbf9b63841e21417fc29a3e7a03886d80566ae001861799a4aad91c72139e681ced8625b675dfbd6d458d4b2d9e6d565430248172ad942cdb41639f4113896827c8806e049218cd1eef89d6b9b14dd707da40705c07f878263ff9b71ccf28ec50178c7aac83bef7bd10459e2f2e267f82bafd5b4c7b481ea5e4bcb6cfe05e2ac3e17c1f8f12ddf5b6770ce0da8cb3aba3a935a6b737b6d3ebf2c715dcc11c5759bd0acdecf333f2b77c52fb2251336bbd92f73ad1a30bb9162bd9d699c49d824b827f3e7c1096354946e09922db25904c83262c6dcb87457e4abefa0e9dcb17d79c173895b74aae2ed4419662690a16494e7b27d0d2688c69b4be3d21b783195f6a5e5dc5c07c73f0d0f0670db10ac9ef5b8295ff88df734e3c6ab8555c0390f962cbf559bce9c42e1034dba78997b2877b485d9d4ae2fcd3e757b84319879d0337785773c940af6e57d162f4606d101def01199325c8676a32e26303560271b720216d95e0013265a45b02bd2414bebda89b7b5e71e70e0000000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x94) (rerun: 64)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x18000000000002a0, 0xfe, 0x0, &(0x7f0000000100)="b9ff03006044238cb89e14f088a81bff88a800008100630677fbac141442e934a0a662079f4b4dfe87e5feca6aab845013f288a81a3908020b098da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000, 0x0, 0x91, &(0x7f0000000000), &(0x7f0000000e00)="bd170ac2b82cfea8642e9e41a13fa1da86c41eb5e57824b25979ea2a45e81c8c36d91b2e8f5cac26678558a6aff423a7c421a09c8aaa4d6ee5fa74b8ac2b6aa2638691ca618fd413526c3b06e1823a6e86f23d7f92f675f9e8a4b782309013c10103435568ae5b898f13e87b27c8ef59678b93370303d916862f35d634afb869c95fa93cb0cf4cec6a69dfe0ee6f357491"}, 0x50)

562.942971ms ago: executing program 2 (id=7480):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000140)="2e00000011008188040f80ec59acbc0413a1810031000000000f000000028002002d1f00"/46, 0x2e}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYRESHEX=r2], 0x0, 0x4, 0x0, 0x0, 0x0, 0x61, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{}, &(0x7f0000000180), &(0x7f00000001c0)}, 0x20)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000005000000080000000100000080000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYRES32=r2], 0x50)
close(r4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000580)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_NAME(0xf, &(0x7f0000000280)='+}[@\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
msync(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1)
add_key$keyring(&(0x7f0000000040), &(0x7f0000000300)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffff8)
r7 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000080)='kfree\x00', r8, 0x0, 0x2}, 0x18)
r9 = request_key(&(0x7f0000000340)='id_legacy\x00', &(0x7f0000000380)={'syz', 0x0}, &(0x7f00000003c0)='/dev/vsock\x00', 0xfffffffffffffffe)
request_key(&(0x7f00000008c0)='id_legacy\x00', &(0x7f0000000900)={'syz', 0x0}, 0x0, r9)
ioctl$SG_IO(r7, 0x2285, 0x0)
writev(r7, &(0x7f0000000400)=[{&(0x7f0000000080)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb010052f436dd2a", 0x2a}, {&(0x7f0000000040)="aa1d484ea0000000f7fc08fcd111fbdf23ea32db0e8f21d5bc27bd49eb067a0689fff2a41cfbf0e9d85e44", 0x2b}], 0x2)

562.185631ms ago: executing program 0 (id=7481):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000002300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000d00)='kfree\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x0)
r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x0)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="1c010000200180000000000000000000850000007b406cc2c87c32cc4ac953b2743299effe000095"], &(0x7f00000001c0)='GPL\x00', 0x4}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x4, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000fc00000000006301a200000000009500000000000000e7873653d1285bfab9dc6dd8ea40cc9ca79397549db729ff6b093caf4dbdeda2bc609c786639b2bac1cab508a2ecb012658e2cad5a35c1f24c785b8f7c81570bed3c03460f876e3d89ba62ab16438696c3f964217e85fab45dd870120d40488846a0839897f6a26f8fa3d166e16c8a24e5f8a9f7268f0b6c36fc1d76b48372"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r4 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
ioctl$USBDEVFS_IOCTL(r4, 0xc0105512, &(0x7f0000000200))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(0xffffffffffffffff, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
setsockopt$XDP_RX_RING(0xffffffffffffffff, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="300000001000010800"/20, @ANYRES32=0x0, @ANYBLOB="020000050000000008000a00", @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
preadv2(r2, &(0x7f0000001540)=[{0x0}, {&(0x7f0000001380)=""/129, 0x7ffff000}], 0x2, 0x0, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x3, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000093a68f29080000005d0fda710000000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r6}, 0x10)
r7 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff)
r8 = add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r8, 0x0, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000001100)='./bus\x00', 0xffffffffffffff9c, 0x0, 0x0)
keyctl$KEYCTL_MOVE(0x1e, r7, 0xffffffffffffffff, r8, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="183e000002000000000000000000000018240000", @ANYRES32=0x1, @ANYBLOB="0010de0880d4dd4701006f1bfbf81d"], &(0x7f0000000240)='syzkaller\x00', 0x8, 0x0, 0x0, 0x41000, 0x49, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x0, 0x3}, 0x8, 0x10, &(0x7f0000000300)={0x4, 0x4, 0x1ff, 0x4}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000340)=[0xffffffffffffffff, 0x1], &(0x7f0000000380)=[{0x5, 0x4, 0xf, 0x3}, {0x4, 0x3, 0x0, 0x1}, {0x3, 0x1, 0xf, 0xa}], 0x10, 0x2}, 0x94)

561.879401ms ago: executing program 3 (id=7482):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a000000020000000110000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10)
personality(0x410000e)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
accept$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000040)=0x1c)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x20702, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pim6reg1\x00', 0xe511})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000100)={'veth0_to_bridge\x00', 0x400})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00'}, 0x10)
syz_emit_ethernet(0xb1, &(0x7f0000000180)={@local, @random="416cee93a4a6", @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0xa3, 0x0, 0x0, 0xfd, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x18, 0x4, 0x2, 0x0, 0x0, {[@timestamp={0x8, 0xa, 0x6, 0x4000}, @generic={0x22, 0xf, "3abc6903030000000000000000"}, @window={0x3, 0x3, 0xac}, @timestamp={0x8, 0x2, 0x200, 0x9}, @mss, @fastopen={0x22, 0xe, "54df942f7e09586180bbb068"}, @sack_perm={0x4, 0x2}, @fastopen={0x22, 0x5, "8537c8"}, @exp_fastopen={0xfe, 0x4}]}}, {"3416af759b3c6a17234d4c2152b5ae2e004fddd386c9b64ad6f215535cc63e143334edc421ad322c3793882feede38"}}}}}}, 0x0)
socket(0x10, 0x80002, 0x0)
unshare(0xa000200)

561.730921ms ago: executing program 5 (id=7483):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x51}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2, 0x0, 0xfffffffffffffffe}, 0x18)
setsockopt$inet6_opts(r0, 0x29, 0x39, &(0x7f0000000280)=ANY=[], 0x18) (fail_nth: 1)

526.642401ms ago: executing program 1 (id=7484):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000140)="d80000001a0081044e81f782db4cb904021d0800ff007c05e8fe55a115000200fe80000000000000080005007a0104dea700160020000100e0000000035c0461c9ed7f6f940071342e875fab7cb6cedccf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c27c768252ee5a7cef4090000001fb791643a5ee4ce1b141993c034e653de8efe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9ee5350db798262f3d40fad95667e006dcdf6341b3413394e690b5692304343e44e5951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee", 0xd8}], 0x1}, 0x0)
sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3c0200001900010000ffea0010000000e0000001000000000000000000000000ac1414bb00000000000000000000000000000000ffff00000a00800000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000084010500ac1414aa000000000000000000000000000000003c00000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000ac1414aa000000000000000000000000000000003c00000000000000fe80000000000000000000000000000000000000000000000008000000000000000000007f000001000000000000000000000000000000003200000000000000e00000010000000000000000000000000000800003030000000000000000000000000000ff0100000000000000000000000000010000000033000000000000000a010101000000000000000000000000043500000000010000000000bf0a000000000000fe8000000000000000000000000000aa000004d533"], 0x23c}}, 0x0)

441.355863ms ago: executing program 5 (id=7485):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/uevent_seqnum', 0x101000, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c21000000000020202028fd7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000665787519cdb38d8c7cffca43e83ad8bc6495b10a13796678724b275d9e17aa6d721076ae5372df57fae598e174255502858857a3bb6c3e75cd0657aa710c8d5c4d28843775677ae385ac11e2251d971fc7e7cecd3337af18b107a6b2072deda9a27c6fb6b72b9cb85cc1aaf440a676646073a7f920237f5e80be060c06051fcd2a4b3cde2728b3a2c568235b71d48e508e26706fa754382b1aa453680b15c7cdff5cd61dda97ae373d64ec5144e45e4601c8ee24f8c390083fed4e4d0b718eebda5dbdaa831158ed37a18d3", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002340)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000000000850000000e000000850000000500000095000000000000"], &(0x7f0000000380)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
r5 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r5, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
sendmsg$rds(r5, &(0x7f0000000080)={&(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10, 0x0, 0x0, 0x0, 0xfffffffffffffed0}, 0x14)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x11, 0x5, &(0x7f0000000500)=ANY=[@ANYBLOB="18000800000000000000000000000000850000000e000000000095000000000000", @ANYRESOCT=r2, @ANYRES64=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
acct(0x0)
sendmsg$rds(r5, &(0x7f0000000680)={&(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}, 0x0)
setsockopt$RDS_CANCEL_SENT_TO(r5, 0x114, 0x1, &(0x7f0000000100)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00', r6}, 0x10)
removexattr(0x0, 0x0)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f00000002c0)=0x1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
r8 = shmget$private(0x0, 0x4000, 0x54000000, &(0x7f0000004000/0x4000)=nil)
shmctl$SHM_INFO(r8, 0xe, &(0x7f0000000140)=""/67)
capset(&(0x7f0000000c00)={0x20080522}, &(0x7f0000000280)={0x0, 0x3, 0x7, 0x0, 0x10040, 0x8f})
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000100)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1800"/13], &(0x7f0000001b80)='syzkaller\x00', 0xdeb, 0x0, 0x0, 0x41100, 0x54, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
timer_settime(0x0, 0x1, 0x0, 0x0)
syz_read_part_table(0x5fb, &(0x7f00000011c0)="$eJzs0zGIU3ccB/Bf0jOnghx2cmu4DLEuJ2S8XsGG9CEBcwSLDiK62SGLTh1iAoaKg2eHiOByDpbCGSq0TiKCIOLFQcgkinZREYciuFjFpuR8B+VaDgo5qPD5wHuP/+//+70vfx4v+Khl4/fhcJiJiOHkOm3D1uieW1v+ZqkSm/Pze+r7IzJxKCK+f/vHD6OdzOpg+tbpdP0kXZduTDTOLiWnF7rbdlzLv7uXjQ8B7YiV63n/4uG/BU2N46yM384Tu25l2oPt16txaXMsz25tHDzWK36e7d1/O9r+M/3cm9aM5ceVf3XuztSpzvHki1zEg6T5NHmRff0q2XdhcSZ3rlUvvtyd9h0ZV+AajfcHclcu3y53nm0p3a3Wat2fH50vNCs3OycH/cLDN2eOpn2P1/u7AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD439h5YtetzzKD7dercWn5y+XZrY2Dx3rFcqt3f/7Xr37M/zQdmZW+mQ3Kvzp3Z+pU53iy8N3ctw+S5tPkRfb1q2TfhcWZ3LlWvfhyd9p35F9mc2PIb7w/kLty+Xa582xL6W61VutuivOFZuVm5+SgX3j45szR+PSXcjXi8eQoLjuGRAAAAAAAAAAAAAAAAAAAAPinytd78/N76vsjMnEoImYX9z4a1YeTK9ufrPZNp88nH+pRujHROLuUnF7obttxLf/u3m9pvZ2NaEfE8/7Fw+snT2zMgfhP/goAAP//jsyHQA==")
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000007733337edc1cc8e1b1bb5fd8ef4650efb9568ce4ebab1209824ffe627ef0a5e25c47fbe044e0c5f808f604be85f358ec929800a5451b30751473bcc4a621f0e1fe711f0f98d32d62a56ca87f920fafa249a9ad4b73d6fdff9b01030adadc2c2d5cd1dd64d208e5063e97460d9b90f286abab52e095f58f88773c27dbd066c040a5106255c78278ab301c814db0d748", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/14], 0x48)

440.690273ms ago: executing program 2 (id=7486):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="0000000000000052e1d569c6f3f287fa00000002", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r1}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='percpu_create_chunk\x00', r2}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0xfffffffd}, 0x50)
unshare(0x22020600)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/power/wakeup_count', 0x141000, 0x20)
finit_module(r3, 0x0, 0x3)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
unshare(0x20000000)
bind$bt_hci(r5, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x2, &(0x7f0000002400)=<r6=>0x0)
io_submit(r6, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r5, &(0x7f0000000040)="0200ffff0000", 0x6, 0x0, 0x0, 0x2}])
ioctl$BLKTRACETEARDOWN(r3, 0x1276, 0x0)

203.621917ms ago: executing program 2 (id=7487):
r0 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000780)={'vxcan1\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f0000000300)={0x1d, r1, 0x3}, 0x18)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x1, r2}, 0x38)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
socket(0x10, 0x803, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3, 0x0, 0x2}, 0x18)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
sendmmsg$unix(r0, &(0x7f0000001080)=[{{&(0x7f00000001c0)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f00000002c0)=[{&(0x7f0000000240)="1a", 0x1}], 0x1, 0x0, 0x0, 0x4000010}}, {{&(0x7f00000004c0)=@file={0x1, './file0\x00'}, 0x6e, 0x0}}], 0x2, 0x80)

160.995227ms ago: executing program 2 (id=7488):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000200000a20000000000a03000000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000010700000000e0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000200003801c"], 0xf4}}, 0x0)

117.333618ms ago: executing program 2 (id=7489):
r0 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r0, &(0x7f0000000500)={0x2, 0x0, @multicast1}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x5, &(0x7f00000027c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000f0000009700000050000000"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x13}, 0x94)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f00000006c0), 0x1, 0x512, &(0x7f0000000c40)="$eJzs3W1rZFcdAPD/vcmk2d3UTFVkLdgWW9ktujNJY9so0lYQfVVQ6/s1JpMQMsmEzKRuQtEsfgBBRAU/gG8EP4Ag+xFEWND3oqKI7upL3St35kbzMJMMySSzTn4/OJlz7sP5n3PJ3LkPh3sDuLJeioh3ImIsIl6NiOlielqk2OukfLnHjz5YzFMSWfbe35JIimn7deXl8Yi4Uaw2GRFf/0rEt5LjcZs7u2sL9XptqyhXW+ub1ebO7p3V9YWV2kptY25u9o35N+dfn5/JCufqZzki3vrSn370/Z99+a1ffebbv7/7l9vfyZv1hY912h0Ri+cK0EOn7lJ7W+zLt9HWRQQbkrw/pbFhtwIAgH7kx/gfjohPto//p2OsfTQHAAAAjJLs7an4VxKRAQAAACMrjYipSNJKMRZgKtK0UumM4f1oXE/rjWbr08uN7Y2lfF5EOUrp8mq9NlOMFS5HKcnLs8UY2/3ya0fKcxHxXET8cPpau1xZbNSXhn3xAwAAAK6IGy8ePv//53TazgMAAAAjptyzAAAAAIwKp/wAAAAw+pz/AwAAwEj76rvv5inbf4/30vs722uN9+8s1ZprlfXtxcpiY2uzstJorLSf2bd+Wn31RmPzs7Gxfa/aqjVb1ebO7t31xvZG6+7qoVdgAwAAAJfouRcf/C6JiL3PX2unKJ4DCHDIH4fdAGCQxobdAGBoxofdAGBoSqcuYQ8Boy45Zf7xwTuda4Xx64tpDwAAMHi3Pn78/v9EMe/0awPA/zNjfQDg6nF3D66u0llHAN4cdEuAYflQ5+OZXvN7Pryjj/v/nWsMWXamhgEAAAMz1U5JWimO06ciTSuViGfbrwUoJcur9dpMcX7w2+nSM3l5tr1mcuqYYQAAAAAAAAAAAAAAAAAAAAAAAACgI8uSyAAAAICRFpH+OWk/zT/i1vQrU4evDhx569dP3/vxvYVWa2s2YiL5+3Q+aSIiWj8ppr+WeSUAAAAAPAU65+nF5+ywWwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn86IPF/XSZcf/6xYgod4s/HpPtz8koRcT1fyQxfmC9JCLGBhB/735E3OwWP4knWZaVi1Z0i3/tguOX25ume/w0Im4MID5cZQ/y/c873b5/abzU/uz+/Rsv0nn13v+l/93/jfXY/zx7pNzL8w9/Ue0Z/37E8+Pd9z/78ZNO/EMh8sLLffbxm9/Y3e0640CV3eIfjFVtrW9Wmzu7d1bXF1ZqK7WNubnZN+bfnH99fqa6vFqvFX+7hvnBJ3755KT+X+8Rv3y4/8e2/yt99T6Lfz+89+gjnUKpW/zbL3f//b3ZI35a/PZ9qsjn82/t5/c6+YNe+PlvXjip/0s9+j95Sv9v99X/+NyrX/veH7rOObY1AIDL0NzZXVuo12tbJ2Qm+1jmkjNvPx3NGGAmno5mDCuTfbfz/3i+es65+rFMdp7Vx2MAzZg49j0di7NWmETs5XX1+Q8JAACMmP8d9J90BwkAAAAAAAAAAAAAAAAAAAC4SGd8LNlkRPS98NGYe8PpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAif4TAAD//4RX0Xo=")
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
r3 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_buf(r3, 0x29, 0x39, &(0x7f0000000040)="ff02040000b5ffffffffffffffff2e2be82db1af00000000", 0x18)
connect$inet6(r3, &(0x7f0000000080)={0xa, 0x4e20, 0x74df82a6, @private1={0xfc, 0x1, '\x00', 0xa}, 0xae3e}, 0x1c)
sendmmsg$inet6(r3, &(0x7f0000002940)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}}], 0x62, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="010000000400000008000000"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000040)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_DAEMON(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="0100000000000000000009000000440003800800010002000000140002007663616e3000000000000000000000000800030000000000140006"], 0x58}}, 0x0)
readv(r4, &(0x7f0000000000)=[{&(0x7f0000001300)=""/244, 0x940}], 0x1)
ioctl$TIOCVHANGUP(r4, 0x5437, 0x0)
r9 = msgget(0x2, 0x0)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYRES32=r2], &(0x7f0000000100)='syzkaller\x00', 0x80000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000027c0)={&(0x7f00000001c0)='netlink_extack\x00', r10}, 0x18)
r11 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r11, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newsa={0x138, 0x1a, 0x713, 0x0, 0x0, {{@in6=@local, @in6=@mcast1, 0x0, 0x0, 0x0, 0x2}, {@in=@local, 0x0, 0x33}, @in=@dev, {}, {}, {}, 0x0, 0x0, 0xa, 0x2, 0x0, 0x60}, [@algo_auth={0x48, 0x1, {{'sha1\x00'}}}]}, 0x138}}, 0x0)
msgrcv(r9, &(0x7f0000000140)={0x0, ""/83}, 0x5b, 0x1, 0x2c00)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

115.728718ms ago: executing program 0 (id=7490):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0x6de4, &(0x7f0000000180)={0x0, 0x113a, 0x2, 0x2}, &(0x7f00000000c0), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS2(r2, 0xf, &(0x7f00000024c0)={0x2, 0x0, 0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000240)=""/191, 0xbf}], &(0x7f0000002480)=[0x0, 0x2]}, 0x20)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x6, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES16=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000001100)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r4}, 0x10)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000000000000000000a9000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r6}, 0x10)
ioctl$PIO_UNIMAPCLR(r5, 0x4b68, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000300000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r7}, &(0x7f0000000380), &(0x7f00000003c0)=r8}, 0x20)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
msgrcv(0x0, 0x0, 0x6, 0x0, 0x800)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00'}, 0x10)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$iso9660(&(0x7f0000000b00), &(0x7f0000000040)='./file0\x00', 0x4002, &(0x7f0000000140)=ANY=[@ANYBLOB='map=off,cruft,iocharset=ascii,block=0x0000000000000200,unhide,session=0x0000000000000011,uid=', @ANYRESDEC=0x0, @ANYBLOB="2c004238994fceef7f633ea81416b1324d35327f7ace27c590b7f9fb133af0ffd6dfc4d893195864142b1450fbace6795f6e181993255fbbca2cb54fcf79cc53b3a6c3704aed82da89741aad5205bb43ded29cfd65509ff9c85cbdb7337ef48b9412ff439da96bb3f5ac11273d94d3d75d"], 0x1, 0xa2f, &(0x7f0000001580)="$eJzs3ctvXNd9B/DvHfEl2lBlW3VVwbZGMmTTNkuRVC1B8KKWyKFEl4+WpAALbWEZllQIIurCbgHb6EIFiq5q1CiKAk02gZdZGXAW8SbQLlkFWWURIPF/EBhZKQGCCebOUOJjZihSFKnIn89gNPfxO+f87tw792iGM/eEP2b1er28b3P+0vd3M1kePecnv/78i08b93+/lb7sy+vFD5OBJNWk5/flsdI7MbkwP7tJRTeTK0luJ0WS/jQfO9i/Zu5Kiv/Ok/fmb6f4bg63KTawxY1jU3W+1fb6+AMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEfSxOTo6FiRmem5S29XOyuHAO+yfqW6r8pRv4uvVjfR16bZIika9wwMrAz1ffjQvdXPNv45nueac881R/4eyCdPPHvwjWd6KivluyS0Kz78+JOb7y4vX/vg3qLeTQv1P9yctqVve8Uu1OamF+enZ89dqFWnF+erZ0+fHj15cWqxOjWd2uLlxaXabHVioXZuaX6hOjTxSnXs7NlT1drI5flLcxcmR2ZqKwvP/MX46Ojp6lsjf1M7t7A4P3fyrZHFiYvTMzPTcxfKmMbqRsyZxoH419NL1aXaudlq9fqN5WunNkuyETTWdk1R3ZdVQeOb1TQ+Oj4+NjY+Pnb69bOvnxkd7dmwYHSdbIjY+4OWvfODh3IOh22qtPr/zGQ6c7mUt1Nte5vIZBYyn9kO61tW+v8TJ2td213d/6/08ofvrT6Ssv9/oTn3Qqf+v0Mum9/q9WbN2y2/cvswH+eT3My7Wc5yruWDB66xP+sy++2D1ti6VR98azfeLqSWuUxnMfOZzmzOlUuqrSXVnM3pnM5o3snFTGUx1UxlOjOpZTGXs5il1MojaiILqeVcljKfhVQzlIm8kmrGcjZncyrV1DKSy5nPpczlQiZzrqzlem6Uz/upLjneDRq7n6DxLkE73P/XH8X/CfKw7ej5Gx5EvdX/t3uP3gyor0wNTexaVgAAAMBO+vOf5MChp3/8y6Q3z5efy09Nz9RG9zotAAAAYAeVX9d7rvHQ25h6PoX3/wAAAPC4Kcrf2BVJBnO0OdX8JdS++BAAAAAAHhPl3/9faDwMNqaOprh7JZQre50bAAAAsDPuXmM/na6xu+lV+Ivhlcv/Vq82H6+2IlrX+R2cmp6pjUzMz7wxlpfKqwyUvzTYUNu+pOgtf37wao41o44NNh8H19Y40IgaG3ljLK/meGtDhl5sPLw41CZyvBn5cjPy5S6RpxqRAPC4O96lP77f/v/VDDcjho/09CXpOdKmZx3VswLAo2LzMXY2jSj+8t77/95WtWv6/6dz/WjzKwUjeS/vZzlXM1z+2qD8xsGaWv/+s9ZnBne/hjCa4U0+DViJ/dmZSoY7fB7Ql/X1jmd4k08EmrH5h+TUw98RALCLjnfoh7fS/w+vev+fje//7w4tdM1PCgHgkXB3BPuHOLHX2wgArKWXBgAAAAAAAAAAAAAAAAAAAAAAAAAAgJ23o1f7H9hm8V+1xvV7uMMQbJjY33oOtl/P/yTZvZyLRlv9O1dhZQfqqSfZrf21exM5mGz7WW17GPcl2fvt2srEXp6VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2C1Fsq/d8krSn2Q0ycndz2r7isYWdXFr1zLZbT/92w4r/mr1THEnd/JRDuxOTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3x6t6/9X0nx8orkoPZXkRJIrSf5ur3PcSXf2OoEdsn+b5VZd/7+xz1Mv0tPc7Sl6JyYX5mfL8RP6G+u//vyLTxv3VcX777edMrCybnCJVgvrY7/35MrUU2WpwclrH978l/f/uTp5PpX05fzS1Mzk7IWFN+8Vebb4MqmmeV+xku+/nfjRZ222/MvGlra3vt2p8smZ3Njun7Ur3b3dbm4sXxtvtLRUe3vpX//pxkerVj2dY8mLQ8nQ2pb+sXHv0NKx9HZrrfim+M/iQP4vV8r933g2inrR2EV/Um7//us3lq+NvPf+8tUOOR3M0SRXk4H7z+lo5wE5yqOu0ttodbQMavxzqF193cf0aFvjWIdteKo8ZAZb29B3X9tQ3SSBVc97pd36ZkanOmT0TF5qs6fr/UnnjF7qvqfbK74pflFczM/zH6vG/6g09v+JdH51rq2ijFx1pHSMrDQjyy0fX73infWRv/7/+8q+7TA1bNV/rXnxVlad/1v7aofOR/Wi6/loVYtbe12sa3HdUdHldVH2SIfWlWidfTqVaeV5qBnVIc8/zWtJz5FuZ8UNvfVrm53SVsq/2X71dl//3ymG8pvcMv4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw6CuSfe2WV5ITSQ6uzFeT+haq7e+0ojJYbDXFHXXr7j+PhcpWCxR3cicf5cDDSQcAAAAAAACA3XZ+8uvPv/i0cS//Hr/vTr3e+vt+NelJcrD43/2ZXJif3aSi3uRKktuN6YFOQb+rN61d2iiXJ+/N327MHW5bwcH73S4AoLM/BAAA///r9m7p")
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r9)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r9, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r10, @ANYBLOB='ya\x00\x00\x00\x00\x00\x00\x00\x00~'], 0x1c}}, 0x4000054)

115.188638ms ago: executing program 3 (id=7491):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000140)=ANY=[], 0x8)
setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000080)=ANY=[], 0x8)
recvmmsg(r0, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0)
sendto$inet6(r0, 0x0, 0x1008, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

60.735679ms ago: executing program 1 (id=7492):
r0 = openat$selinux_member(0xffffffffffffff9c, &(0x7f0000000640), 0x2, 0x0)
write$selinux_access(r0, &(0x7f0000000680)={'system_u:object_r:dhcp_etc_t:s0', 0x20, 'system_u:system_r:kernel_t:s0', 0x20, 0x1}, 0x53) (fail_nth: 4)

485.69µs ago: executing program 5 (id=7493):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10)
pipe(&(0x7f0000000040)) (async)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) (async)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0)
preadv(r3, &(0x7f0000004ec0), 0x0, 0x8000, 0x0)
r4 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setlease(r4, 0x400, 0x0)
fcntl$setlease(r4, 0x400, 0x2)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000004000000b703000008000040850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000002c0)='sys_enter\x00', r6}, 0x10)
munlockall()
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000e8ff0000000000ff000044850000000e0000003f0000000000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) (async)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000e8ff0000000000ff000044850000000e0000003f0000000000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000340)='kfree\x00', r7}, 0x18)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="d8000000180081054e81f783db4cb9040a1d080006007c03e8fc55a10a0015000600142603600e120800060000000401a80008002000000001000000035c0461c1d67f6f94007134cf6efb8000a007a290457f010400000700000000ceac3c2fb14c2ee5a7cef4090000001fb71b14d6d930dfe1d9d322fe7c9f8775820d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad9e3bf9ad809d5e1cace0d81ed0bffece0b42a9ecbee5de6ccd4e1ffffffffc1c9b6278754ca397c388b0dd6e4edef3d9300"/216, 0xd8}], 0x1}, 0x0) (async)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="d8000000180081054e81f783db4cb9040a1d080006007c03e8fc55a10a0015000600142603600e120800060000000401a80008002000000001000000035c0461c1d67f6f94007134cf6efb8000a007a290457f010400000700000000ceac3c2fb14c2ee5a7cef4090000001fb71b14d6d930dfe1d9d322fe7c9f8775820d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad9e3bf9ad809d5e1cace0d81ed0bffece0b42a9ecbee5de6ccd4e1ffffffffc1c9b6278754ca397c388b0dd6e4edef3d9300"/216, 0xd8}], 0x1}, 0x0)
io_getevents(0x0, 0x4, 0x4, &(0x7f00000000c0)=[{}, {}, {}, {}], 0x0)
io_submit(0x0, 0x1, &(0x7f0000000300)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r2, 0x0}])
io_destroy(0x0) (async)
io_destroy(0x0)
capget(0x0, 0x0) (async)
capget(0x0, 0x0)

0s ago: executing program 1 (id=7494):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x1, 0x0, 0x0, 0x0, 0x7}, 0x94)
setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000100)=0x1, 0x4)
setsockopt$inet6_tcp_int(r1, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36)
connect$inet6(r1, &(0x7f00000001c0)={0xa, 0x0, 0x0, @loopback}, 0x58)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8901, &(0x7f0000000040)={'macsec0\x00', @local})
pwrite64(r2, 0x0, 0x0, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000140), 0x4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000003c0)=0x1)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="1b0000000000000ce7d54e0000000400000000001daddc0b06defdd2da77c52ed932c7b91f6db4fceeffb1a110fc83136effe9a5f53b99ba74a073722f17949b99bc4b2857a88f9d476ae000eb3b9ba1647adb154fe2d1d99c98a27174c8e50b165e876f0ae82f834d54be76752bad66924ea3066de73925eafbdf870e41b1de55a4a52c0bbeee3933", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
syz_emit_ethernet(0x3e, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaa060000000000000096788379606410a600080001fc020000080000000000000000000000fe800000000000000000aa00000000aa89000104"], 0x0)
unshare(0x22020600)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000006c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f0000000300)={0x0, 0x0, 0x0, 0xfffffffffffffd52, &(0x7f0000000500)=ANY=[@ANYBLOB="2801000035ece4bd3bf471af01aff06f1c337a8539c8f5f926f221f0481eb184dc844377d7049d29217f1f5559d29322542eb4662c87f1ea1b762456f6907d8aef67af8354071ce595185fc037ce57314069ed2127038181d0b5ae051793"], 0x128}, 0x8000)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$inet(r7, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r6, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
newfstatat(0xffffffff0000005d, 0x0, 0x0, 0x1000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', 0xffffffffffffffff, 0x0, 0x10}, 0x18)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000002c0)='./file0\x00', 0x110010, &(0x7f0000000040)={[{@mb_optimize_scan}, {@nobarrier}]}, 0x1, 0x59d, &(0x7f0000001100)="$eJzs3c9vFGUfAPDvs7stlAItb97kfZGDTUiERG1pwWiMiRDx5sEfJJ5IrG0hhAUaWhNBjJDgf6B/gIk3E2M8EmOIevHqzcSriSESA714WzO7s2WB3f7cMsh8PsnQ55mnk+8zu3z7zDw7MxtAaY1l/1Qi9kbEfIoY6WirRd441vq9u3euzCzduTKTotF4568UKV/X/v2U/xzON94eEb/8kOI/1YfjLly6fHa6Xp+7mNcnFs/NTyxcuvz8mXPTp+dOz52fmnxx8oUjh6eOHOrLfu6KiJ/Gj9eun3pt3zczX+755LuvbqQ4Gjvz9s796JexGFt+TTplr+tL/Q5WkGq+P51vcaoV2CHWpf3+DUTE/2IkqnHvzRuJT98qtHPAlmqkiAZQUkn+Q0m1jwOy89/2UuwRCfCo3D7WmgC4m1pze0vL+V9rzQ3G9ubcwI6lFJ3TOiki+jEzl8WYfyaNZEts0Twc0N3VaxHx/27jf2rm5mhzFj/L/8p9+V+JiDfzn9n6tzcYf+yBuvyHR2cz+f9eR/6/v8H48h8AAAAAAAD65+axiHiu2+d/leXrf6LL9T/DEXG0D/FX//yvcqsPYYAubh+LeCUi2tf+LXXkf260mtd2Na8HGEinztTnDkXE7og4GAPbsvrkCjHG9v080LOt4/q/bMnit68FzPtxq7bt/m1mpxenN7PPQMvtaxFP1brlf1oe/1OX8T8b++fXGKNx/NUfe7Wtnv/AVml8EXGg6/h/78kVaeXnc0w0jwcm2kcFD/vo5I1ve8WX/1CcbPzfsXL+j6bO5/UsrD/Gx3/+ton87378P5hONB85M5iv+3B6cfHiZMRgeuPh9VPr7zM8idr50M6XLP8P7u9+/r/S8f9QRFxdY8wT379+vVeb8R+KM3QtYnZd4//6C/vf/fzvXvHXNv4faY7pB/M15v9gZWtN0KL7CQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/RpWI2BmpMr5crlTGxyOGI+K/saNSv7Cw+OypCx+cn83amt//X2l/0+9Iq57a3/8/2lGfeqB+OCL2RMRn1aFmfXzmQn226J0HAAAAAAAAAAAAAAAAAACAx8Rwj/v/M39Ui+4dsOVqRXcAKIz8h/KS/1Be8h/KS/5Decl/KC/5D+Ul/6G85D+UV7Xx9cmi+wAAAAAAAPTNnqdv/poi4urLQ80lM5i3DRTaM2CrHS26A0BhPOIHysulf1Beq53jmwOAJ19apX37hrcEAAAAAAAAAAAAAPrlwF73/0NZVYruAFCY3vf/ezIAPOnc/w/l5RwfcP8/AAAAAAAAAAAAADz+Fi5dPjtdr89d3Ghh2+Y2V1BYa+H33a3/s49Lf9ZfiNSHjHtEhaL/MgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG3/BAAA//9r5fVk")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000040000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0xffffffffffffff7d)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x38}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)

kernel console output (not intermixed with test programs):

=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  391.835272][   T29] audit: type=1400 audit(2000002832.034:38501): avc:  denied  { setopt } for  pid=2393 comm="syz.4.6706" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  391.854952][   T29] audit: type=1400 audit(2000002832.034:38502): avc:  denied  { bind } for  pid=2393 comm="syz.4.6706" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  391.874356][   T29] audit: type=1400 audit(2000002832.034:38503): avc:  denied  { name_bind } for  pid=2393 comm="syz.4.6706" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  391.896311][   T29] audit: type=1400 audit(2000002832.034:38504): avc:  denied  { node_bind } for  pid=2393 comm="syz.4.6706" saddr=::1 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1
[  391.918071][   T29] audit: type=1400 audit(2000002832.034:38505): avc:  denied  { write } for  pid=2393 comm="syz.4.6706" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  391.939556][   T29] audit: type=1400 audit(2000002832.034:38506): avc:  denied  { connect } for  pid=2393 comm="syz.4.6706" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  391.961328][   T29] audit: type=1400 audit(2000002832.034:38507): avc:  denied  { name_connect } for  pid=2393 comm="syz.4.6706" dest=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  391.983521][   T29] audit: type=1400 audit(2000002832.034:38508): avc:  denied  { map_create } for  pid=2393 comm="syz.4.6706" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  392.062098][ T2400] dvmrp9: entered allmulticast mode
[  392.075906][ T2400] dvmrp9: left allmulticast mode
[  392.313540][ T2408] __nla_validate_parse: 21 callbacks suppressed
[  392.313553][ T2408] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6711'.
[  392.428081][ T2421] netlink: 344 bytes leftover after parsing attributes in process `syz.1.6711'.
[  392.500606][ T2424] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6717'.
[  392.619187][ T2433] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6720'.
[  392.644584][ T2431] bond2: entered promiscuous mode
[  392.649725][ T2431] bond2: entered allmulticast mode
[  392.663491][ T2431] 8021q: adding VLAN 0 to HW filter on device bond2
[  392.687847][ T2431] bond2 (unregistering): Released all slaves
[  392.711235][ T2437] netlink: 'syz.1.6721': attribute type 6 has an invalid length.
[  392.742185][ T2426] block device autoloading is deprecated and will be removed.
[  392.822997][ T2441] netlink: 14 bytes leftover after parsing attributes in process `syz.1.6732'.
[  392.900347][ T2443] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  393.300358][ T2465] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6730'.
[  393.342817][ T2472] netlink: 14 bytes leftover after parsing attributes in process `syz.4.6734'.
[  393.358759][ T2472] hsr_slave_0: left promiscuous mode
[  393.369868][ T2472] hsr_slave_1: left promiscuous mode
[  393.393804][ T2473] netlink: 344 bytes leftover after parsing attributes in process `syz.3.6730'.
[  393.606183][ T2482] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[  393.612786][ T2482] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  393.620244][ T2482] vhci_hcd vhci_hcd.0: Device attached
[  393.629915][ T2488] netlink: 68 bytes leftover after parsing attributes in process `syz.4.6735'.
[  393.643959][ T2482] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  393.674300][ T2482] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  393.755524][ T2495] netlink: 24 bytes leftover after parsing attributes in process `syz.2.6739'.
[  393.790577][ T2492] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=2492 comm=syz.3.6738
[  393.818752][ T3413] vhci_hcd: vhci_device speed not set
[  393.829423][ T2492] netem: change failed
[  393.836244][ T2492] netlink: 'syz.3.6738': attribute type 21 has an invalid length.
[  393.883337][ T3413] usb 1-1: new full-speed USB device number 2 using vhci_hcd
[  393.897214][ T2499] FAULT_INJECTION: forcing a failure.
[  393.897214][ T2499] name failslab, interval 1, probability 0, space 0, times 0
[  393.909982][ T2499] CPU: 1 UID: 0 PID: 2499 Comm: syz.4.6740 Tainted: G        W           6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(voluntary) 
[  393.910041][ T2499] Tainted: [W]=WARN
[  393.910048][ T2499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  393.910061][ T2499] Call Trace:
[  393.910069][ T2499]  <TASK>
[  393.910077][ T2499]  __dump_stack+0x1d/0x30
[  393.910136][ T2499]  dump_stack_lvl+0xe8/0x140
[  393.910177][ T2499]  dump_stack+0x15/0x1b
[  393.910195][ T2499]  should_fail_ex+0x265/0x280
[  393.910225][ T2499]  should_failslab+0x8c/0xb0
[  393.910249][ T2499]  __kvmalloc_node_noprof+0x123/0x4e0
[  393.910274][ T2499]  ? vmemdup_user+0x26/0xd0
[  393.910345][ T2499]  ? __rcu_read_unlock+0x4f/0x70
[  393.910368][ T2499]  vmemdup_user+0x26/0xd0
[  393.910390][ T2499]  map_lookup_elem+0x18f/0x460
[  393.910465][ T2499]  ? security_bpf+0x2b/0x90
[  393.910485][ T2499]  __sys_bpf+0x3ae/0x790
[  393.910520][ T2499]  __x64_sys_bpf+0x41/0x50
[  393.910544][ T2499]  x64_sys_call+0x2478/0x2fb0
[  393.910589][ T2499]  do_syscall_64+0xd2/0x200
[  393.910609][ T2499]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  393.910635][ T2499]  ? clear_bhb_loop+0x40/0x90
[  393.910656][ T2499]  ? clear_bhb_loop+0x40/0x90
[  393.910750][ T2499]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  393.910843][ T2499] RIP: 0033:0x7f65e4e0e929
[  393.910859][ T2499] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  393.910877][ T2499] RSP: 002b:00007f65e3477038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  393.910896][ T2499] RAX: ffffffffffffffda RBX: 00007f65e5035fa0 RCX: 00007f65e4e0e929
[  393.910907][ T2499] RDX: 0000000000000020 RSI: 0000200000000080 RDI: 0000000000000001
[  393.910918][ T2499] RBP: 00007f65e3477090 R08: 0000000000000000 R09: 0000000000000000
[  393.910930][ T2499] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  393.910979][ T2499] R13: 0000000000000000 R14: 00007f65e5035fa0 R15: 00007ffd33279768
[  393.910995][ T2499]  </TASK>
[  394.128864][ T2485] vhci_hcd: connection reset by peer
[  394.159829][   T51] vhci_hcd: stop threads
[  394.164163][   T51] vhci_hcd: release socket
[  394.168580][   T51] vhci_hcd: disconnect device
[  394.185770][ T2507] FAULT_INJECTION: forcing a failure.
[  394.185770][ T2507] name failslab, interval 1, probability 0, space 0, times 0
[  394.198483][ T2507] CPU: 1 UID: 0 PID: 2507 Comm: syz.4.6743 Tainted: G        W           6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(voluntary) 
[  394.198517][ T2507] Tainted: [W]=WARN
[  394.198522][ T2507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  394.198533][ T2507] Call Trace:
[  394.198540][ T2507]  <TASK>
[  394.198548][ T2507]  __dump_stack+0x1d/0x30
[  394.198565][ T2507]  dump_stack_lvl+0xe8/0x140
[  394.198595][ T2507]  dump_stack+0x15/0x1b
[  394.198608][ T2507]  should_fail_ex+0x265/0x280
[  394.198703][ T2507]  should_failslab+0x8c/0xb0
[  394.198796][ T2507]  kmem_cache_alloc_noprof+0x50/0x310
[  394.198824][ T2507]  ? audit_log_start+0x365/0x6c0
[  394.198882][ T2507]  audit_log_start+0x365/0x6c0
[  394.198910][ T2507]  audit_seccomp+0x48/0x100
[  394.199043][ T2507]  ? __seccomp_filter+0x68c/0x10d0
[  394.199065][ T2507]  __seccomp_filter+0x69d/0x10d0
[  394.199085][ T2507]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  394.199194][ T2507]  ? vfs_write+0x75e/0x8e0
[  394.199224][ T2507]  ? __rcu_read_unlock+0x4f/0x70
[  394.199242][ T2507]  ? __fget_files+0x184/0x1c0
[  394.199266][ T2507]  __secure_computing+0x82/0x150
[  394.199383][ T2507]  syscall_trace_enter+0xcf/0x1e0
[  394.199407][ T2507]  do_syscall_64+0xac/0x200
[  394.199427][ T2507]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  394.199453][ T2507]  ? clear_bhb_loop+0x40/0x90
[  394.199507][ T2507]  ? clear_bhb_loop+0x40/0x90
[  394.199525][ T2507]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  394.199542][ T2507] RIP: 0033:0x7f65e4e0e929
[  394.199558][ T2507] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  394.199576][ T2507] RSP: 002b:00007f65e3477038 EFLAGS: 00000246 ORIG_RAX: 0000000000000081
[  394.199596][ T2507] RAX: ffffffffffffffda RBX: 00007f65e5035fa0 RCX: 00007f65e4e0e929
[  394.199682][ T2507] RDX: 0000000000000000 RSI: 000000000000001b RDI: 0000000000000000
[  394.199694][ T2507] RBP: 00007f65e3477090 R08: 0000000000000000 R09: 0000000000000000
[  394.199704][ T2507] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  394.199714][ T2507] R13: 0000000000000000 R14: 00007f65e5035fa0 R15: 00007ffd33279768
[  394.199730][ T2507]  </TASK>
[  394.953727][ T2528] netlink: 'syz.4.6749': attribute type 4 has an invalid length.
[  395.040432][ T3417] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  395.048240][ T3417] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  395.055675][ T3417] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  395.063151][ T3417] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  395.070565][ T3417] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  395.077945][ T3417] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  395.085357][ T3417] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  395.092821][ T3417] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  395.100202][ T3417] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  395.107677][ T3417] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  395.115112][ T3417] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  395.122511][ T3417] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  395.132418][ T2553] sch_fq: defrate 4294967295 ignored.
[  395.145093][ T3417] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  395.152529][ T3417] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  395.159954][ T3417] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  395.167825][ T3417] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  395.175356][ T3417] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  395.182827][ T3417] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  395.190262][ T3417] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  395.197668][ T3417] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  395.205083][ T3417] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  395.212506][ T3417] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  395.219908][ T3417] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  395.227364][ T3417] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  395.234849][ T3417] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  395.242263][ T3417] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  395.357184][ T3417] hid-generic 0000:0000:0000.0006: hidraw0: <UNKNOWN> HID v7.ff Device [syz1] on syz0
[  397.148957][   T29] kauditd_printk_skb: 1085 callbacks suppressed
[  397.148972][   T29] audit: type=1400 audit(2000002837.020:39590): avc:  denied  { prog_load } for  pid=2613 comm="syz.2.6778" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  397.174614][   T29] audit: type=1400 audit(2000002837.020:39591): avc:  denied  { bpf } for  pid=2613 comm="syz.2.6778" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  397.195247][   T29] audit: type=1400 audit(2000002837.020:39592): avc:  denied  { perfmon } for  pid=2613 comm="syz.2.6778" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  397.386249][   T29] audit: type=1400 audit(2000002837.245:39593): avc:  denied  { prog_load } for  pid=2617 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  397.404999][   T29] audit: type=1400 audit(2000002837.245:39594): avc:  denied  { bpf } for  pid=2617 comm="+}[@" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  397.425118][   T29] audit: type=1400 audit(2000002837.245:39595): avc:  denied  { perfmon } for  pid=2617 comm="+}[@" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  397.445648][   T29] audit: type=1400 audit(2000002837.245:39596): avc:  denied  { prog_load } for  pid=2617 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  397.475027][   T29] audit: type=1400 audit(2000002837.282:39597): avc:  denied  { prog_run } for  pid=2617 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  397.495084][   T29] audit: type=1400 audit(2000002837.339:39598): avc:  denied  { validate_trans } for  pid=2617 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  397.515290][   T29] audit: type=1400 audit(2000002837.339:39599): avc:  denied  { mounton } for  pid=2617 comm="+}[@" path="/237/file0" dev="tmpfs" ino=1250 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  397.665924][ T2636] 9pnet_fd: Insufficient options for proto=fd
[  397.718898][ T2640] IPv6: Can't replace route, no match found
[  397.724880][ T2642] __nla_validate_parse: 12 callbacks suppressed
[  397.724893][ T2642] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6788'.
[  397.809063][ T2646] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6789'.
[  397.980305][ T2651] netlink: 68 bytes leftover after parsing attributes in process `syz.2.6790'.
[  398.040270][ T2651] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6790'.
[  398.083962][ T2659] netlink: 14 bytes leftover after parsing attributes in process `syz.2.6791'.
[  398.638460][ T2680] FAULT_INJECTION: forcing a failure.
[  398.638460][ T2680] name failslab, interval 1, probability 0, space 0, times 0
[  398.651213][ T2680] CPU: 0 UID: 0 PID: 2680 Comm: syz.4.6798 Tainted: G        W           6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(voluntary) 
[  398.651303][ T2680] Tainted: [W]=WARN
[  398.651311][ T2680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  398.651323][ T2680] Call Trace:
[  398.651330][ T2680]  <TASK>
[  398.651339][ T2680]  __dump_stack+0x1d/0x30
[  398.651424][ T2680]  dump_stack_lvl+0xe8/0x140
[  398.651445][ T2680]  dump_stack+0x15/0x1b
[  398.651463][ T2680]  should_fail_ex+0x265/0x280
[  398.651491][ T2680]  should_failslab+0x8c/0xb0
[  398.651510][ T2680]  __kmalloc_noprof+0xa5/0x3e0
[  398.651603][ T2680]  ? usb_alloc_urb+0x42/0xc0
[  398.651628][ T2680]  usb_alloc_urb+0x42/0xc0
[  398.651697][ T2680]  do_proc_control+0x1a8/0x8b0
[  398.651714][ T2680]  ? should_fail_ex+0xdb/0x280
[  398.651738][ T2680]  proc_control_compat+0xae/0xe0
[  398.651773][ T2680]  usbdev_ioctl+0xee1/0x1710
[  398.651803][ T2680]  ? __pfx_usbdev_ioctl+0x10/0x10
[  398.651856][ T2680]  __se_sys_ioctl+0xce/0x140
[  398.651882][ T2680]  __x64_sys_ioctl+0x43/0x50
[  398.651940][ T2680]  x64_sys_call+0x19a8/0x2fb0
[  398.651959][ T2680]  do_syscall_64+0xd2/0x200
[  398.651975][ T2680]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  398.651996][ T2680]  ? clear_bhb_loop+0x40/0x90
[  398.652057][ T2680]  ? clear_bhb_loop+0x40/0x90
[  398.652162][ T2680]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  398.652179][ T2680] RIP: 0033:0x7f65e4e0e929
[  398.652192][ T2680] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  398.652207][ T2680] RSP: 002b:00007f65e3477038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  398.652300][ T2680] RAX: ffffffffffffffda RBX: 00007f65e5035fa0 RCX: 00007f65e4e0e929
[  398.652310][ T2680] RDX: 0000200000000000 RSI: 00000000c0105500 RDI: 0000000000000003
[  398.652321][ T2680] RBP: 00007f65e3477090 R08: 0000000000000000 R09: 0000000000000000
[  398.652397][ T2680] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  398.652410][ T2680] R13: 0000000000000000 R14: 00007f65e5035fa0 R15: 00007ffd33279768
[  398.652430][ T2680]  </TASK>
[  398.973777][ T2687] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6802'.
[  399.355055][ T3413] usb 1-1: enqueue for inactive port 0
[  399.360611][ T3413] usb 1-1: enqueue for inactive port 0
[  399.389672][ T2706] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6807'.
[  399.398640][ T2706] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6807'.
[  399.407919][ T2706] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6807'.
[  399.440497][ T3413] vhci_hcd: vhci_device speed not set
[  399.490424][ T2716] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6811'.
[  399.723805][ T2719] bridge0: port 2(bridge_slave_1) entered disabled state
[  399.731090][ T2719] bridge0: port 1(bridge_slave_0) entered disabled state
[  400.361912][ T2719] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  400.370894][ T2719] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  400.379774][ T2719] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  400.389597][ T2719] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  400.455813][ T2746] netlink: 'syz.0.6816': attribute type 6 has an invalid length.
[  400.674868][ T2757] pim6reg: entered allmulticast mode
[  400.688912][ T2756] pim6reg: left allmulticast mode
[  400.735070][ T2762] pim6reg: entered allmulticast mode
[  400.742015][ T2761] pim6reg: left allmulticast mode
[  400.851682][ T2771] netlink: 'syz.4.6825': attribute type 6 has an invalid length.
[  400.861766][ T2770] SELinux:  Context system_u:object_r:mouse_device_t:s0 is not valid (left unmapped).
[  401.137687][ T2795] tmpfs: Bad value for 'mpol'
[  401.244374][ T2804] FAULT_INJECTION: forcing a failure.
[  401.244374][ T2804] name failslab, interval 1, probability 0, space 0, times 0
[  401.257159][ T2804] CPU: 1 UID: 0 PID: 2804 Comm: syz.2.6835 Tainted: G        W           6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(voluntary) 
[  401.257275][ T2804] Tainted: [W]=WARN
[  401.257280][ T2804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  401.257314][ T2804] Call Trace:
[  401.257321][ T2804]  <TASK>
[  401.257329][ T2804]  __dump_stack+0x1d/0x30
[  401.257400][ T2804]  dump_stack_lvl+0xe8/0x140
[  401.257416][ T2804]  dump_stack+0x15/0x1b
[  401.257431][ T2804]  should_fail_ex+0x265/0x280
[  401.257459][ T2804]  should_failslab+0x8c/0xb0
[  401.257516][ T2804]  __kvmalloc_node_noprof+0x123/0x4e0
[  401.257544][ T2804]  ? page_pool_create_percpu+0x236/0x630
[  401.257652][ T2804]  page_pool_create_percpu+0x236/0x630
[  401.257685][ T2804]  page_pool_create+0x1a/0x30
[  401.257709][ T2804]  bpf_test_run_xdp_live+0x12e/0xfe0
[  401.257819][ T2804]  ? __perf_event_task_sched_in+0xa5b/0xac0
[  401.257851][ T2804]  ? xfd_validate_state+0x45/0xf0
[  401.257910][ T2804]  ? save_fpregs_to_fpstate+0x100/0x160
[  401.257937][ T2804]  ? _raw_spin_unlock+0x26/0x50
[  401.257960][ T2804]  ? finish_task_switch+0xad/0x2b0
[  401.257990][ T2804]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  401.258070][ T2804]  ? should_fail_ex+0xdb/0x280
[  401.258100][ T2804]  ? _copy_from_user+0x89/0xb0
[  401.258116][ T2804]  ? bpf_test_init+0x11a/0x160
[  401.258202][ T2804]  bpf_prog_test_run_xdp+0x4f5/0x910
[  401.258320][ T2804]  ? __rcu_read_unlock+0x4f/0x70
[  401.258377][ T2804]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  401.258407][ T2804]  bpf_prog_test_run+0x22a/0x390
[  401.258427][ T2804]  __sys_bpf+0x3dc/0x790
[  401.258461][ T2804]  __x64_sys_bpf+0x41/0x50
[  401.258497][ T2804]  x64_sys_call+0x2478/0x2fb0
[  401.258514][ T2804]  do_syscall_64+0xd2/0x200
[  401.258542][ T2804]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  401.258568][ T2804]  ? clear_bhb_loop+0x40/0x90
[  401.258589][ T2804]  ? clear_bhb_loop+0x40/0x90
[  401.258611][ T2804]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  401.258632][ T2804] RIP: 0033:0x7f4aeeb5e929
[  401.258723][ T2804] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  401.258740][ T2804] RSP: 002b:00007f4aed1c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  401.258760][ T2804] RAX: ffffffffffffffda RBX: 00007f4aeed85fa0 RCX: 00007f4aeeb5e929
[  401.258773][ T2804] RDX: 0000000000000050 RSI: 0000200000000340 RDI: 000000000000000a
[  401.258785][ T2804] RBP: 00007f4aed1c7090 R08: 0000000000000000 R09: 0000000000000000
[  401.258796][ T2804] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  401.258831][ T2804] R13: 0000000000000000 R14: 00007f4aeed85fa0 R15: 00007ffccbe08788
[  401.258849][ T2804]  </TASK>
[  401.523285][ T2804] page_pool_create_percpu() gave up with errno -12
[  401.720001][ T2812] netlink: 'syz.2.6838': attribute type 6 has an invalid length.
[  401.924725][ T2828] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  401.944131][ T2828] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  401.972328][ T2828] FAULT_INJECTION: forcing a failure.
[  401.972328][ T2828] name failslab, interval 1, probability 0, space 0, times 0
[  401.985050][ T2828] CPU: 1 UID: 0 PID: 2828 Comm: syz.4.6843 Tainted: G        W           6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(voluntary) 
[  401.985083][ T2828] Tainted: [W]=WARN
[  401.985090][ T2828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  401.985151][ T2828] Call Trace:
[  401.985158][ T2828]  <TASK>
[  401.985167][ T2828]  __dump_stack+0x1d/0x30
[  401.985188][ T2828]  dump_stack_lvl+0xe8/0x140
[  401.985208][ T2828]  dump_stack+0x15/0x1b
[  401.985224][ T2828]  should_fail_ex+0x265/0x280
[  401.985253][ T2828]  should_failslab+0x8c/0xb0
[  401.985322][ T2828]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  401.985394][ T2828]  ? sidtab_sid2str_get+0xa0/0x130
[  401.985418][ T2828]  kmemdup_noprof+0x2b/0x70
[  401.985499][ T2828]  sidtab_sid2str_get+0xa0/0x130
[  401.985522][ T2828]  security_sid_to_context_core+0x1eb/0x2e0
[  401.985546][ T2828]  security_sid_to_context+0x27/0x40
[  401.985567][ T2828]  selinux_lsmprop_to_secctx+0x67/0xf0
[  401.985614][ T2828]  security_lsmprop_to_secctx+0x43/0x80
[  401.985713][ T2828]  audit_log_task_context+0x77/0x190
[  401.985745][ T2828]  audit_log_task+0xf4/0x250
[  401.985796][ T2828]  audit_seccomp+0x61/0x100
[  401.985821][ T2828]  ? __seccomp_filter+0x68c/0x10d0
[  401.985884][ T2828]  __seccomp_filter+0x69d/0x10d0
[  401.985907][ T2828]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  401.985940][ T2828]  ? vfs_write+0x75e/0x8e0
[  401.985971][ T2828]  ? __rcu_read_unlock+0x4f/0x70
[  401.986040][ T2828]  ? __fget_files+0x184/0x1c0
[  401.986062][ T2828]  __secure_computing+0x82/0x150
[  401.986145][ T2828]  syscall_trace_enter+0xcf/0x1e0
[  401.986168][ T2828]  do_syscall_64+0xac/0x200
[  401.986185][ T2828]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  401.986218][ T2828]  ? clear_bhb_loop+0x40/0x90
[  401.986310][ T2828]  ? clear_bhb_loop+0x40/0x90
[  401.986331][ T2828]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  401.986351][ T2828] RIP: 0033:0x7f65e4e0e929
[  401.986366][ T2828] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  401.986452][ T2828] RSP: 002b:00007f65e3477038 EFLAGS: 00000246 ORIG_RAX: 000000000000001d
[  401.986471][ T2828] RAX: ffffffffffffffda RBX: 00007f65e5035fa0 RCX: 00007f65e4e0e929
[  401.986484][ T2828] RDX: 0000000000001000 RSI: 0000000000001000 RDI: 0000000000000000
[  401.986497][ T2828] RBP: 00007f65e3477090 R08: 0000000000000000 R09: 0000000000000000
[  401.986510][ T2828] R10: 0000200000003000 R11: 0000000000000246 R12: 0000000000000001
[  401.986523][ T2828] R13: 0000000000000000 R14: 00007f65e5035fa0 R15: 00007ffd33279768
[  401.986542][ T2828]  </TASK>
[  402.011559][ T2835] tmpfs: Bad value for 'mpol'
[  402.475444][ T2851] pim6reg: entered allmulticast mode
[  402.482718][ T2852] netlink: 'syz.0.6851': attribute type 6 has an invalid length.
[  402.536568][   T29] kauditd_printk_skb: 919 callbacks suppressed
[  402.536581][   T29] audit: type=1400 audit(2000002842.063:40516): avc:  denied  { prog_load } for  pid=2853 comm="syz.0.6852" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  402.561986][   T29] audit: type=1400 audit(2000002842.063:40517): avc:  denied  { bpf } for  pid=2853 comm="syz.0.6852" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  402.585653][   T29] audit: type=1400 audit(2000002842.110:40518): avc:  denied  { perfmon } for  pid=2853 comm="syz.0.6852" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  402.606798][   T29] audit: type=1400 audit(2000002842.110:40519): avc:  denied  { prog_run } for  pid=2853 comm="syz.0.6852" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  402.640025][   T29] audit: type=1400 audit(2000002842.157:40520): avc:  denied  { prog_load } for  pid=2853 comm="syz.0.6852" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  402.659284][   T29] audit: type=1400 audit(2000002842.157:40521): avc:  denied  { bpf } for  pid=2853 comm="syz.0.6852" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  402.679916][   T29] audit: type=1400 audit(2000002842.157:40522): avc:  denied  { perfmon } for  pid=2853 comm="syz.0.6852" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  402.701110][   T29] audit: type=1400 audit(2000002842.157:40523): avc:  denied  { bpf } for  pid=2853 comm="syz.0.6852" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  402.721782][   T29] audit: type=1400 audit(2000002842.157:40524): avc:  denied  { prog_run } for  pid=2853 comm="syz.0.6852" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  402.740844][   T29] audit: type=1400 audit(2000002842.157:40525): avc:  denied  { map_create } for  pid=2853 comm="syz.0.6852" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  402.773641][ T2859] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=83 sclass=netlink_route_socket pid=2859 comm=syz.2.6853
[  403.023155][ T2877] tmpfs: Bad value for 'mpol'
[  403.100446][ T2880] bridge0: entered promiscuous mode
[  403.105708][ T2880] macsec1: entered promiscuous mode
[  403.113511][ T2880] bridge0: port 3(macsec1) entered blocking state
[  403.120024][ T2880] bridge0: port 3(macsec1) entered disabled state
[  403.126899][ T2880] macsec1: entered allmulticast mode
[  403.132317][ T2880] bridge0: entered allmulticast mode
[  403.138009][ T2880] macsec1: left allmulticast mode
[  403.143070][ T2880] bridge0: left allmulticast mode
[  403.148600][ T2880] bridge0: left promiscuous mode
[  403.205586][ T2882] __nla_validate_parse: 32 callbacks suppressed
[  403.205603][ T2882] netlink: 68 bytes leftover after parsing attributes in process `syz.4.6861'.
[  403.273646][ T2889] netlink: 14 bytes leftover after parsing attributes in process `syz.1.6862'.
[  403.286670][ T2882] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6861'.
[  403.317459][ T2892] netlink: 'syz.1.6863': attribute type 1 has an invalid length.
[  403.331742][ T2892] 8021q: adding VLAN 0 to HW filter on device bond2
[  403.333245][ T2895] FAULT_INJECTION: forcing a failure.
[  403.333245][ T2895] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  403.346858][ T2892] bond2: (slave geneve2): making interface the new active one
[  403.351477][ T2895] CPU: 1 UID: 0 PID: 2895 Comm: syz.4.6864 Tainted: G        W           6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(voluntary) 
[  403.351519][ T2895] Tainted: [W]=WARN
[  403.351526][ T2895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  403.351537][ T2895] Call Trace:
[  403.351544][ T2895]  <TASK>
[  403.351552][ T2895]  __dump_stack+0x1d/0x30
[  403.351573][ T2895]  dump_stack_lvl+0xe8/0x140
[  403.351592][ T2895]  dump_stack+0x15/0x1b
[  403.351608][ T2895]  should_fail_ex+0x265/0x280
[  403.351698][ T2895]  should_fail+0xb/0x20
[  403.351726][ T2895]  should_fail_usercopy+0x1a/0x20
[  403.351755][ T2895]  _copy_from_user+0x1c/0xb0
[  403.351816][ T2895]  copy_from_sockptr_offset+0x66/0xa0
[  403.351839][ T2895]  do_arpt_set_ctl+0x5dd/0x9a0
[  403.351859][ T2895]  ? kstrtoull+0x111/0x140
[  403.351948][ T2895]  ? _raw_spin_unlock_bh+0x36/0x40
[  403.351975][ T2895]  nf_setsockopt+0x199/0x1b0
[  403.351995][ T2895]  ip_setsockopt+0x102/0x110
[  403.352028][ T2895]  udp_setsockopt+0x99/0xb0
[  403.352053][ T2895]  sock_common_setsockopt+0x69/0x80
[  403.352186][ T2895]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  403.352251][ T2895]  __sys_setsockopt+0x184/0x200
[  403.352281][ T2895]  __x64_sys_setsockopt+0x64/0x80
[  403.352306][ T2895]  x64_sys_call+0x2bd5/0x2fb0
[  403.352386][ T2895]  do_syscall_64+0xd2/0x200
[  403.352425][ T2895]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  403.352454][ T2895]  ? clear_bhb_loop+0x40/0x90
[  403.352474][ T2895]  ? clear_bhb_loop+0x40/0x90
[  403.352569][ T2895]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  403.352589][ T2895] RIP: 0033:0x7f65e4e0e929
[  403.352605][ T2895] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  403.352622][ T2895] RSP: 002b:00007f65e3477038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  403.352641][ T2895] RAX: ffffffffffffffda RBX: 00007f65e5035fa0 RCX: 00007f65e4e0e929
[  403.352654][ T2895] RDX: 0000000000000060 RSI: 0a02000000000000 RDI: 0000000000000003
[  403.352745][ T2895] RBP: 00007f65e3477090 R08: 0000000000000438 R09: 0000000000000000
[  403.352758][ T2895] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  403.352770][ T2895] R13: 0000000000000000 R14: 00007f65e5035fa0 R15: 00007ffd33279768
[  403.352789][ T2895]  </TASK>
[  403.391514][ T2897] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6865'.
[  403.394654][ T2892] bond2: (slave geneve2): Enslaving as an active interface with an up link
[  403.614630][ T2899] veth3: entered promiscuous mode
[  403.679001][ T2910] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  403.687793][ T2910] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  403.751155][ T2914] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6870'.
[  403.792195][ T2914] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6870'.
[  403.802502][ T2914] netlink: 344 bytes leftover after parsing attributes in process `syz.2.6870'.
[  403.846963][ T2919] netlink: 24 bytes leftover after parsing attributes in process `syz.1.6872'.
[  403.853071][ T2921] netlink: 14 bytes leftover after parsing attributes in process `syz.2.6873'.
[  404.330713][ T2942] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6880'.
[  404.898783][ T2948] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  404.905363][ T2948] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  404.913216][ T2948] vhci_hcd vhci_hcd.0: Device attached
[  404.955059][ T2951] vhci_hcd: connection closed
[  404.955226][   T51] vhci_hcd: stop threads
[  404.964273][   T51] vhci_hcd: release socket
[  404.968761][   T51] vhci_hcd: disconnect device
[  405.129452][ T2959] sch_fq: defrate 4294967295 ignored.
[  405.356260][ T2963] tmpfs: Bad value for 'mpol'
[  405.362800][ T2963] 9pnet_fd: Insufficient options for proto=fd
[  405.612925][ T2983] hub 8-0:1.0: USB hub found
[  405.618656][ T2983] hub 8-0:1.0: 8 ports detected
[  405.630034][ T2986] SELinux: syz.0.6891 (2986) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  405.852318][ T3001] tmpfs: Bad value for 'mpol'
[  405.857560][ T3001] 9pnet_fd: Insufficient options for proto=fd
[  406.012906][ T3014] FAULT_INJECTION: forcing a failure.
[  406.012906][ T3014] name failslab, interval 1, probability 0, space 0, times 0
[  406.025623][ T3014] CPU: 1 UID: 0 PID: 3014 Comm: syz.3.6901 Tainted: G        W           6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(voluntary) 
[  406.025654][ T3014] Tainted: [W]=WARN
[  406.025659][ T3014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  406.025682][ T3014] Call Trace:
[  406.025688][ T3014]  <TASK>
[  406.025696][ T3014]  __dump_stack+0x1d/0x30
[  406.025714][ T3014]  dump_stack_lvl+0xe8/0x140
[  406.025734][ T3014]  dump_stack+0x15/0x1b
[  406.025810][ T3014]  should_fail_ex+0x265/0x280
[  406.025909][ T3014]  should_failslab+0x8c/0xb0
[  406.026003][ T3014]  __kmalloc_noprof+0xa5/0x3e0
[  406.026025][ T3014]  ? usb_alloc_urb+0x42/0xc0
[  406.026090][ T3014]  usb_alloc_urb+0x42/0xc0
[  406.026120][ T3014]  do_proc_control+0x1a8/0x8b0
[  406.026138][ T3014]  ? should_fail_ex+0xdb/0x280
[  406.026168][ T3014]  proc_control_compat+0xae/0xe0
[  406.026247][ T3014]  usbdev_ioctl+0xee1/0x1710
[  406.026271][ T3014]  ? __pfx_usbdev_ioctl+0x10/0x10
[  406.026295][ T3014]  __se_sys_ioctl+0xce/0x140
[  406.026371][ T3014]  __x64_sys_ioctl+0x43/0x50
[  406.026438][ T3014]  x64_sys_call+0x19a8/0x2fb0
[  406.026461][ T3014]  do_syscall_64+0xd2/0x200
[  406.026477][ T3014]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  406.026500][ T3014]  ? clear_bhb_loop+0x40/0x90
[  406.026602][ T3014]  ? clear_bhb_loop+0x40/0x90
[  406.026620][ T3014]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  406.026637][ T3014] RIP: 0033:0x7efd3495e929
[  406.026651][ T3014] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  406.026738][ T3014] RSP: 002b:00007efd32fc7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  406.026757][ T3014] RAX: ffffffffffffffda RBX: 00007efd34b85fa0 RCX: 00007efd3495e929
[  406.026768][ T3014] RDX: 0000200000000000 RSI: 00000000c0105500 RDI: 0000000000000006
[  406.026779][ T3014] RBP: 00007efd32fc7090 R08: 0000000000000000 R09: 0000000000000000
[  406.026792][ T3014] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  406.026805][ T3014] R13: 0000000000000000 R14: 00007efd34b85fa0 R15: 00007fff0fc1c908
[  406.026863][ T3014]  </TASK>
[  406.376070][ T3032] tipc: Enabling of bearer <edp:s> rejected, media not registered
[  406.442911][ T3037] tmpfs: Bad value for 'mpol'
[  406.851285][ T3063] sch_fq: defrate 4294967295 ignored.
[  406.961368][ T3069] dvmrp0: entered allmulticast mode
[  407.030694][ T3073] tmpfs: Bad value for 'mpol'
[  407.081975][ T3076] FAULT_INJECTION: forcing a failure.
[  407.081975][ T3076] name failslab, interval 1, probability 0, space 0, times 0
[  407.094656][ T3076] CPU: 0 UID: 0 PID: 3076 Comm: syz.1.6923 Tainted: G        W           6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(voluntary) 
[  407.094685][ T3076] Tainted: [W]=WARN
[  407.094690][ T3076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  407.094709][ T3076] Call Trace:
[  407.094714][ T3076]  <TASK>
[  407.094723][ T3076]  __dump_stack+0x1d/0x30
[  407.094742][ T3076]  dump_stack_lvl+0xe8/0x140
[  407.094763][ T3076]  dump_stack+0x15/0x1b
[  407.094780][ T3076]  should_fail_ex+0x265/0x280
[  407.094863][ T3076]  ? tcf_exts_init_ex+0x9a/0x340
[  407.094911][ T3076]  should_failslab+0x8c/0xb0
[  407.094935][ T3076]  __kmalloc_cache_noprof+0x4c/0x320
[  407.094959][ T3076]  tcf_exts_init_ex+0x9a/0x340
[  407.095039][ T3076]  mall_change+0x1ae/0x480
[  407.095065][ T3076]  ? __pfx_mall_change+0x10/0x10
[  407.095174][ T3076]  tc_new_tfilter+0xde4/0x10a0
[  407.095281][ T3076]  ? __pfx_tc_new_tfilter+0x10/0x10
[  407.095299][ T3076]  rtnetlink_rcv_msg+0x5fe/0x6d0
[  407.095368][ T3076]  netlink_rcv_skb+0x123/0x220
[  407.095396][ T3076]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  407.095446][ T3076]  rtnetlink_rcv+0x1c/0x30
[  407.095488][ T3076]  netlink_unicast+0x59e/0x670
[  407.095518][ T3076]  netlink_sendmsg+0x58b/0x6b0
[  407.095536][ T3076]  ? __pfx_netlink_sendmsg+0x10/0x10
[  407.095555][ T3076]  __sock_sendmsg+0x145/0x180
[  407.095615][ T3076]  ____sys_sendmsg+0x31e/0x4e0
[  407.095743][ T3076]  ___sys_sendmsg+0x17b/0x1d0
[  407.095778][ T3076]  __x64_sys_sendmsg+0xd4/0x160
[  407.095839][ T3076]  x64_sys_call+0x2999/0x2fb0
[  407.095856][ T3076]  do_syscall_64+0xd2/0x200
[  407.095874][ T3076]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  407.095961][ T3076]  ? clear_bhb_loop+0x40/0x90
[  407.096009][ T3076]  ? clear_bhb_loop+0x40/0x90
[  407.096032][ T3076]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  407.096054][ T3076] RIP: 0033:0x7fa2e31ce929
[  407.096068][ T3076] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  407.096126][ T3076] RSP: 002b:00007fa2e1837038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  407.096151][ T3076] RAX: ffffffffffffffda RBX: 00007fa2e33f5fa0 RCX: 00007fa2e31ce929
[  407.096165][ T3076] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000007
[  407.096178][ T3076] RBP: 00007fa2e1837090 R08: 0000000000000000 R09: 0000000000000000
[  407.096192][ T3076] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  407.096205][ T3076] R13: 0000000000000000 R14: 00007fa2e33f5fa0 R15: 00007ffd524c1798
[  407.096278][ T3076]  </TASK>
[  407.632928][ T3101] netlink: 'syz.3.6930': attribute type 6 has an invalid length.
[  407.760515][ T3112] tmpfs: Bad value for 'mpol'
[  407.766595][ T3112] 9pnet_fd: Insufficient options for proto=fd
[  407.852437][ T3120] FAULT_INJECTION: forcing a failure.
[  407.852437][ T3120] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  407.865640][ T3120] CPU: 0 UID: 0 PID: 3120 Comm: syz.3.6939 Tainted: G        W           6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(voluntary) 
[  407.865742][ T3120] Tainted: [W]=WARN
[  407.865746][ T3120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  407.865754][ T3120] Call Trace:
[  407.865758][ T3120]  <TASK>
[  407.865763][ T3120]  __dump_stack+0x1d/0x30
[  407.865776][ T3120]  dump_stack_lvl+0xe8/0x140
[  407.865787][ T3120]  dump_stack+0x15/0x1b
[  407.865834][ T3120]  should_fail_ex+0x265/0x280
[  407.865851][ T3120]  should_fail+0xb/0x20
[  407.865908][ T3120]  should_fail_usercopy+0x1a/0x20
[  407.865925][ T3120]  _copy_from_iter+0xcf/0xe40
[  407.865976][ T3120]  ? __build_skb_around+0x1a0/0x200
[  407.866000][ T3120]  ? __alloc_skb+0x223/0x320
[  407.866016][ T3120]  netlink_sendmsg+0x471/0x6b0
[  407.866028][ T3120]  ? __pfx_netlink_sendmsg+0x10/0x10
[  407.866084][ T3120]  __sock_sendmsg+0x145/0x180
[  407.866098][ T3120]  ____sys_sendmsg+0x31e/0x4e0
[  407.866117][ T3120]  ___sys_sendmsg+0x17b/0x1d0
[  407.866217][ T3120]  __x64_sys_sendmsg+0xd4/0x160
[  407.866315][ T3120]  x64_sys_call+0x2999/0x2fb0
[  407.866424][ T3120]  do_syscall_64+0xd2/0x200
[  407.866471][ T3120]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  407.866486][ T3120]  ? clear_bhb_loop+0x40/0x90
[  407.866498][ T3120]  ? clear_bhb_loop+0x40/0x90
[  407.866565][ T3120]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  407.866577][ T3120] RIP: 0033:0x7efd3495e929
[  407.866586][ T3120] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  407.866674][ T3120] RSP: 002b:00007efd32fc7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  407.866685][ T3120] RAX: ffffffffffffffda RBX: 00007efd34b85fa0 RCX: 00007efd3495e929
[  407.866753][ T3120] RDX: 0000000004004050 RSI: 0000200000000180 RDI: 0000000000000003
[  407.866761][ T3120] RBP: 00007efd32fc7090 R08: 0000000000000000 R09: 0000000000000000
[  407.866768][ T3120] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  407.866775][ T3120] R13: 0000000000000000 R14: 00007efd34b85fa0 R15: 00007fff0fc1c908
[  407.866785][ T3120]  </TASK>
[  408.085969][   T29] kauditd_printk_skb: 1085 callbacks suppressed
[  408.085982][   T29] audit: type=1400 audit(2000002847.256:41609): avc:  denied  { prog_load } for  pid=3117 comm="syz.1.6938" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  408.111437][   T29] audit: type=1400 audit(2000002847.256:41610): avc:  denied  { bpf } for  pid=3117 comm="syz.1.6938" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  408.132043][   T29] audit: type=1400 audit(2000002847.256:41611): avc:  denied  { perfmon } for  pid=3117 comm="syz.1.6938" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  408.188462][   T29] audit: type=1400 audit(2000002847.340:41612): avc:  denied  { map_create } for  pid=3123 comm="syz.3.6940" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  408.207764][   T29] audit: type=1400 audit(2000002847.340:41613): avc:  denied  { map_read map_write } for  pid=3123 comm="syz.3.6940" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  408.243732][   T29] audit: type=1400 audit(2000002847.387:41614): avc:  denied  { read } for  pid=3123 comm="syz.3.6940" dev="nsfs" ino=4026533104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  408.265080][   T29] audit: type=1400 audit(2000002847.387:41615): avc:  denied  { open } for  pid=3123 comm="syz.3.6940" path="net:[4026533104]" dev="nsfs" ino=4026533104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  408.275751][ T3134] netlink: 'syz.0.6943': attribute type 6 has an invalid length.
[  408.288406][   T29] audit: type=1400 audit(2000002847.387:41616): avc:  denied  { create } for  pid=3123 comm="syz.3.6940" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  408.316265][   T29] audit: type=1400 audit(2000002847.387:41617): avc:  denied  { prog_load } for  pid=3125 comm="syz.0.6941" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  408.335613][   T29] audit: type=1400 audit(2000002847.387:41618): avc:  denied  { bpf } for  pid=3125 comm="syz.0.6941" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  408.386773][ T3127] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8)
[  408.393318][ T3127] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  408.400996][ T3127] vhci_hcd vhci_hcd.0: Device attached
[  408.408777][ T3141] vhci_hcd: connection closed
[  408.408956][   T51] vhci_hcd: stop threads
[  408.417874][   T51] vhci_hcd: release socket
[  408.422334][   T51] vhci_hcd: disconnect device
[  408.567233][ T3151] tmpfs: Bad value for 'mpol'
[  408.572456][ T3151] 9pnet_fd: Insufficient options for proto=fd
[  408.601362][ T3153] __nla_validate_parse: 28 callbacks suppressed
[  408.601378][ T3153] netlink: 14 bytes leftover after parsing attributes in process `syz.0.6949'.
[  408.681290][ T3159] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6952'.
[  408.748896][ T3164] netlink: 'syz.1.6954': attribute type 6 has an invalid length.
[  408.796462][ T3166] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6955'.
[  408.842437][ T3166] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6955'.
[  408.924585][ T3178] Invalid ELF header magic: != ELF
[  408.937420][ T3180] tmpfs: Bad value for 'mpol'
[  408.942750][ T3180] 9pnet_fd: Insufficient options for proto=fd
[  408.979138][ T3183] FAULT_INJECTION: forcing a failure.
[  408.979138][ T3183] name failslab, interval 1, probability 0, space 0, times 0
[  408.991871][ T3183] CPU: 1 UID: 0 PID: 3183 Comm: syz.4.6961 Tainted: G        W           6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(voluntary) 
[  408.991921][ T3183] Tainted: [W]=WARN
[  408.991927][ T3183] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  408.991937][ T3183] Call Trace:
[  408.991994][ T3183]  <TASK>
[  408.992008][ T3183]  __dump_stack+0x1d/0x30
[  408.992063][ T3183]  dump_stack_lvl+0xe8/0x140
[  408.992080][ T3183]  dump_stack+0x15/0x1b
[  408.992111][ T3183]  should_fail_ex+0x265/0x280
[  408.992140][ T3183]  should_failslab+0x8c/0xb0
[  408.992222][ T3183]  kmem_cache_alloc_node_noprof+0x57/0x320
[  408.992245][ T3183]  ? __alloc_skb+0x101/0x320
[  408.992280][ T3183]  __alloc_skb+0x101/0x320
[  408.992305][ T3183]  ? audit_log_start+0x365/0x6c0
[  408.992361][ T3183]  audit_log_start+0x380/0x6c0
[  408.992390][ T3183]  ? avc_perm_nonode+0x82/0xe0
[  408.992453][ T3183]  audit_seccomp+0x48/0x100
[  408.992482][ T3183]  ? __seccomp_filter+0x68c/0x10d0
[  408.992504][ T3183]  __seccomp_filter+0x69d/0x10d0
[  408.992559][ T3183]  ? commit_creds+0x70f/0x780
[  408.992648][ T3183]  __secure_computing+0x82/0x150
[  408.992670][ T3183]  syscall_trace_enter+0xcf/0x1e0
[  408.992690][ T3183]  do_syscall_64+0xac/0x200
[  408.992709][ T3183]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  408.992763][ T3183]  ? clear_bhb_loop+0x40/0x90
[  408.992808][ T3183]  ? clear_bhb_loop+0x40/0x90
[  408.992825][ T3183]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  408.992843][ T3183] RIP: 0033:0x7f65e4e0d33c
[  408.992856][ T3183] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  408.992871][ T3183] RSP: 002b:00007f65e3477030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  408.992961][ T3183] RAX: ffffffffffffffda RBX: 00007f65e5035fa0 RCX: 00007f65e4e0d33c
[  408.992997][ T3183] RDX: 000000000000000f RSI: 00007f65e34770a0 RDI: 0000000000000006
[  408.993012][ T3183] RBP: 00007f65e3477090 R08: 0000000000000000 R09: 0000000000000000
[  408.993061][ T3183] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  408.993073][ T3183] R13: 0000000000000000 R14: 00007f65e5035fa0 R15: 00007ffd33279768
[  408.993091][ T3183]  </TASK>
[  409.258006][ T3189] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6964'.
[  409.283218][ T3192] netlink: 'syz.1.6966': attribute type 6 has an invalid length.
[  409.367315][ T3199] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6968'.
[  409.426007][ T3199] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6968'.
[  409.448710][ T3206] bridge0: port 3(netdevsim1) entered blocking state
[  409.455602][ T3206] bridge0: port 3(netdevsim1) entered disabled state
[  409.477378][ T3206] netdevsim netdevsim4 netdevsim1: entered allmulticast mode
[  409.485648][ T3206] netdevsim netdevsim4 netdevsim1: entered promiscuous mode
[  409.493547][ T3206] bridge0: port 3(netdevsim1) entered blocking state
[  409.500284][ T3206] bridge0: port 3(netdevsim1) entered forwarding state
[  409.565239][ T3215] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6973'.
[  409.706966][ T3228] FAULT_INJECTION: forcing a failure.
[  409.706966][ T3228] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  409.720091][ T3228] CPU: 1 UID: 0 PID: 3228 Comm: syz.3.6977 Tainted: G        W           6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(voluntary) 
[  409.720180][ T3228] Tainted: [W]=WARN
[  409.720187][ T3228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  409.720200][ T3228] Call Trace:
[  409.720207][ T3228]  <TASK>
[  409.720214][ T3228]  __dump_stack+0x1d/0x30
[  409.720234][ T3228]  dump_stack_lvl+0xe8/0x140
[  409.720251][ T3228]  dump_stack+0x15/0x1b
[  409.720281][ T3228]  should_fail_ex+0x265/0x280
[  409.720311][ T3228]  should_fail+0xb/0x20
[  409.720336][ T3228]  should_fail_usercopy+0x1a/0x20
[  409.720361][ T3228]  _copy_from_user+0x1c/0xb0
[  409.720383][ T3228]  __sys_bpf+0x178/0x790
[  409.720476][ T3228]  __x64_sys_bpf+0x41/0x50
[  409.720501][ T3228]  x64_sys_call+0x2478/0x2fb0
[  409.720521][ T3228]  do_syscall_64+0xd2/0x200
[  409.720536][ T3228]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  409.720610][ T3228]  ? clear_bhb_loop+0x40/0x90
[  409.720629][ T3228]  ? clear_bhb_loop+0x40/0x90
[  409.720721][ T3228]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  409.720743][ T3228] RIP: 0033:0x7efd3495e929
[  409.720759][ T3228] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  409.720777][ T3228] RSP: 002b:00007efd32fc7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  409.720796][ T3228] RAX: ffffffffffffffda RBX: 00007efd34b85fa0 RCX: 00007efd3495e929
[  409.720820][ T3228] RDX: 0000000000000050 RSI: 00002000000002c0 RDI: 000000000000000a
[  409.720831][ T3228] RBP: 00007efd32fc7090 R08: 0000000000000000 R09: 0000000000000000
[  409.720842][ T3228] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  409.720901][ T3228] R13: 0000000000000000 R14: 00007efd34b85fa0 R15: 00007fff0fc1c908
[  409.720973][ T3228]  </TASK>
[  410.025203][ T3238] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6982'.
[  410.034236][ T3238] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6982'.
[  410.418767][ T3266] openvswitch: netlink: Message has 6 unknown bytes.
[  410.729922][ T3298] netlink: 'syz.3.6999': attribute type 6 has an invalid length.
[  411.014983][ T3311] FAULT_INJECTION: forcing a failure.
[  411.014983][ T3311] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  411.028148][ T3311] CPU: 0 UID: 0 PID: 3311 Comm: syz.3.7005 Tainted: G        W           6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(voluntary) 
[  411.028179][ T3311] Tainted: [W]=WARN
[  411.028184][ T3311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  411.028196][ T3311] Call Trace:
[  411.028236][ T3311]  <TASK>
[  411.028244][ T3311]  __dump_stack+0x1d/0x30
[  411.028263][ T3311]  dump_stack_lvl+0xe8/0x140
[  411.028279][ T3311]  dump_stack+0x15/0x1b
[  411.028293][ T3311]  should_fail_ex+0x265/0x280
[  411.028318][ T3311]  should_fail+0xb/0x20
[  411.028406][ T3311]  should_fail_usercopy+0x1a/0x20
[  411.028431][ T3311]  _copy_from_iter+0xcf/0xe40
[  411.028456][ T3311]  ? __build_skb_around+0x1a0/0x200
[  411.028510][ T3311]  ? __alloc_skb+0x223/0x320
[  411.028534][ T3311]  netlink_sendmsg+0x471/0x6b0
[  411.028565][ T3311]  ? __pfx_netlink_sendmsg+0x10/0x10
[  411.028585][ T3311]  __sock_sendmsg+0x145/0x180
[  411.028609][ T3311]  ____sys_sendmsg+0x31e/0x4e0
[  411.028709][ T3311]  ___sys_sendmsg+0x17b/0x1d0
[  411.028756][ T3311]  __x64_sys_sendmsg+0xd4/0x160
[  411.028792][ T3311]  x64_sys_call+0x2999/0x2fb0
[  411.028883][ T3311]  do_syscall_64+0xd2/0x200
[  411.028898][ T3311]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  411.028921][ T3311]  ? clear_bhb_loop+0x40/0x90
[  411.028941][ T3311]  ? clear_bhb_loop+0x40/0x90
[  411.028959][ T3311]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  411.029045][ T3311] RIP: 0033:0x7efd3495e929
[  411.029061][ T3311] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  411.029078][ T3311] RSP: 002b:00007efd32fc7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  411.029146][ T3311] RAX: ffffffffffffffda RBX: 00007efd34b85fa0 RCX: 00007efd3495e929
[  411.029157][ T3311] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000004
[  411.029167][ T3311] RBP: 00007efd32fc7090 R08: 0000000000000000 R09: 0000000000000000
[  411.029195][ T3311] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  411.029208][ T3311] R13: 0000000000000000 R14: 00007efd34b85fa0 R15: 00007fff0fc1c908
[  411.029227][ T3311]  </TASK>
[  411.290685][ T3314] 9pnet_fd: Insufficient options for proto=fd
[  411.557872][ T3345] netlink: 'syz.4.7019': attribute type 6 has an invalid length.
[  411.806927][ T3363] sch_fq: defrate 4294967295 ignored.
[  411.872854][ T3366] dvmrp0: entered allmulticast mode
[  411.961000][ T3377] FAULT_INJECTION: forcing a failure.
[  411.961000][ T3377] name failslab, interval 1, probability 0, space 0, times 0
[  411.973696][ T3377] CPU: 0 UID: 0 PID: 3377 Comm: syz.1.7029 Tainted: G        W           6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(voluntary) 
[  411.973801][ T3377] Tainted: [W]=WARN
[  411.973807][ T3377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  411.973820][ T3377] Call Trace:
[  411.973828][ T3377]  <TASK>
[  411.973836][ T3377]  __dump_stack+0x1d/0x30
[  411.973923][ T3377]  dump_stack_lvl+0xe8/0x140
[  411.973939][ T3377]  dump_stack+0x15/0x1b
[  411.973953][ T3377]  should_fail_ex+0x265/0x280
[  411.973977][ T3377]  should_failslab+0x8c/0xb0
[  411.974037][ T3377]  kmem_cache_alloc_noprof+0x50/0x310
[  411.974059][ T3377]  ? __anon_vma_prepare+0xcd/0x2f0
[  411.974167][ T3377]  __anon_vma_prepare+0xcd/0x2f0
[  411.974196][ T3377]  handle_mm_fault+0x1d19/0x2be0
[  411.974214][ T3377]  ? __rcu_read_unlock+0x4f/0x70
[  411.974307][ T3377]  do_user_addr_fault+0x3fe/0x1090
[  411.974376][ T3377]  ? __rcu_read_unlock+0x4f/0x70
[  411.974399][ T3377]  exc_page_fault+0x62/0xa0
[  411.974439][ T3377]  asm_exc_page_fault+0x26/0x30
[  411.974460][ T3377] RIP: 0010:__put_user_4+0xd/0x20
[  411.974492][ T3377] Code: 66 89 01 31 c9 0f 01 ca c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90
[  411.974510][ T3377] RSP: 0018:ffffc9000597fe78 EFLAGS: 00050206
[  411.974532][ T3377] RAX: 0000000000000004 RBX: 0000000000000000 RCX: 0000200000000000
[  411.974546][ T3377] RDX: ffff88811c5930c0 RSI: 0000000000000005 RDI: 0000000000000000
[  411.974559][ T3377] RBP: 0000000000000004 R08: 0001ffff86848a7f R09: 0000000000000000
[  411.974569][ T3377] R10: 000188810fcf05c0 R11: 000188810fcf05c7 R12: 0000200000000000
[  411.974626][ T3377] R13: 0000000000000000 R14: 0000000000000018 R15: 0000000000000000
[  411.974651][ T3377]  __sys_socketpair+0xa6/0x430
[  411.974678][ T3377]  ? ksys_write+0x192/0x1a0
[  411.974710][ T3377]  __x64_sys_socketpair+0x52/0x60
[  411.974770][ T3377]  x64_sys_call+0x23f2/0x2fb0
[  411.974793][ T3377]  do_syscall_64+0xd2/0x200
[  411.974812][ T3377]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  411.974836][ T3377]  ? clear_bhb_loop+0x40/0x90
[  411.974875][ T3377]  ? clear_bhb_loop+0x40/0x90
[  411.974895][ T3377]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  411.974993][ T3377] RIP: 0033:0x7fa2e31ce929
[  411.975008][ T3377] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  411.975022][ T3377] RSP: 002b:00007fa2e1837038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[  411.975037][ T3377] RAX: ffffffffffffffda RBX: 00007fa2e33f5fa0 RCX: 00007fa2e31ce929
[  411.975047][ T3377] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000018
[  411.975078][ T3377] RBP: 00007fa2e1837090 R08: 0000000000000000 R09: 0000000000000000
[  411.975091][ T3377] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  411.975101][ T3377] R13: 0000000000000001 R14: 00007fa2e33f5fa0 R15: 00007ffd524c1798
[  411.975119][ T3377]  </TASK>
[  412.479240][ T3387] 9pnet_fd: Insufficient options for proto=fd
[  412.556736][ T3401] netlink: 'syz.1.7036': attribute type 6 has an invalid length.
[  413.161046][ T3438] netlink: 'syz.4.7047': attribute type 6 has an invalid length.
[  413.481102][   T29] kauditd_printk_skb: 1612 callbacks suppressed
[  413.481117][   T29] audit: type=1400 audit(2000002852.308:43225): avc:  denied  { mounton } for  pid=3445 comm="syz.4.7050" path="/139/file0" dev="tmpfs" ino=741 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  413.481353][ T3446] tmpfs: Bad value for 'mpol'
[  413.538204][   T29] audit: type=1400 audit(2000002852.355:43226): avc:  denied  { mounton } for  pid=3445 comm="syz.4.7050" path="/139/file0" dev="tmpfs" ino=741 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  413.561137][   T29] audit: type=1326 audit(2000002852.355:43227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3444 comm="syz.4.7049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f65e4e0e929 code=0x7ffc0000
[  413.598064][ T3447] 9pnet_fd: Insufficient options for proto=fd
[  413.656895][   T29] audit: type=1400 audit(2000002852.467:43228): avc:  denied  { map_create } for  pid=3448 comm="syz.2.7051" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  413.674358][ T3451] dvmrp0: entered allmulticast mode
[  413.676168][   T29] audit: type=1400 audit(2000002852.467:43229): avc:  denied  { bpf } for  pid=3448 comm="syz.2.7051" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  413.702052][   T29] audit: type=1400 audit(2000002852.467:43230): avc:  denied  { map_read map_write } for  pid=3448 comm="syz.2.7051" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  413.821990][   T29] audit: type=1400 audit(2000002852.476:43231): avc:  denied  { create } for  pid=3449 comm="syz.4.7052" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  413.841793][   T29] audit: type=1400 audit(2000002852.486:43232): avc:  denied  { setopt } for  pid=3449 comm="syz.4.7052" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  413.862465][   T29] audit: type=1400 audit(2000002852.504:43233): avc:  denied  { mount } for  pid=3449 comm="syz.4.7052" name="/" dev="configfs" ino=382 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  413.885235][   T29] audit: type=1400 audit(2000002852.504:43234): avc:  denied  { map_create } for  pid=3449 comm="syz.4.7052" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  414.104504][ T3478] __nla_validate_parse: 51 callbacks suppressed
[  414.104517][ T3478] netlink: 24 bytes leftover after parsing attributes in process `syz.2.7062'.
[  414.114674][ T3475] netlink: 28 bytes leftover after parsing attributes in process `syz.0.7061'.
[  414.214223][ T3481] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7061'.
[  414.267619][ T3481] netlink: 344 bytes leftover after parsing attributes in process `syz.0.7061'.
[  414.332309][ T3487] netlink: 'syz.4.7064': attribute type 6 has an invalid length.
[  414.375022][ T3489] netlink: 14 bytes leftover after parsing attributes in process `syz.0.7065'.
[  414.448450][ T3493] netlink: 48 bytes leftover after parsing attributes in process `syz.0.7067'.
[  414.457449][ T3493] netlink: 48 bytes leftover after parsing attributes in process `syz.0.7067'.
[  414.748535][ T3497] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7078'.
[  414.757534][ T3497] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7078'.
[  414.809437][ T3497] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7078'.
[  415.176091][ T3513] pim6reg1: entered promiscuous mode
[  415.342069][ T3524] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  415.352865][ T3524] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  415.498056][ T3534] netlink: 'syz.2.7076': attribute type 6 has an invalid length.
[  416.080271][ T3561] 9pnet_fd: Insufficient options for proto=fd
[  416.161863][ T3566] FAULT_INJECTION: forcing a failure.
[  416.161863][ T3566] name failslab, interval 1, probability 0, space 0, times 0
[  416.174667][ T3566] CPU: 0 UID: 0 PID: 3566 Comm: syz.4.7088 Tainted: G        W           6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(voluntary) 
[  416.174702][ T3566] Tainted: [W]=WARN
[  416.174707][ T3566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  416.174718][ T3566] Call Trace:
[  416.174802][ T3566]  <TASK>
[  416.174811][ T3566]  __dump_stack+0x1d/0x30
[  416.174899][ T3566]  dump_stack_lvl+0xe8/0x140
[  416.174916][ T3566]  dump_stack+0x15/0x1b
[  416.174929][ T3566]  should_fail_ex+0x265/0x280
[  416.174985][ T3566]  ? audit_log_d_path+0x8d/0x150
[  416.175010][ T3566]  should_failslab+0x8c/0xb0
[  416.175095][ T3566]  __kmalloc_cache_noprof+0x4c/0x320
[  416.175125][ T3566]  audit_log_d_path+0x8d/0x150
[  416.175208][ T3566]  audit_log_d_path_exe+0x42/0x70
[  416.175239][ T3566]  audit_log_task+0x1e9/0x250
[  416.175269][ T3566]  audit_seccomp+0x61/0x100
[  416.175323][ T3566]  ? __seccomp_filter+0x68c/0x10d0
[  416.175344][ T3566]  __seccomp_filter+0x69d/0x10d0
[  416.175365][ T3566]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  416.175427][ T3566]  ? vfs_write+0x75e/0x8e0
[  416.175502][ T3566]  __secure_computing+0x82/0x150
[  416.175520][ T3566]  syscall_trace_enter+0xcf/0x1e0
[  416.175604][ T3566]  do_syscall_64+0xac/0x200
[  416.175623][ T3566]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  416.175644][ T3566]  ? clear_bhb_loop+0x40/0x90
[  416.175695][ T3566]  ? clear_bhb_loop+0x40/0x90
[  416.175715][ T3566]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  416.175732][ T3566] RIP: 0033:0x7f65e4e0e929
[  416.175817][ T3566] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  416.175836][ T3566] RSP: 002b:00007f65e3477038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  416.175853][ T3566] RAX: ffffffffffffffda RBX: 00007f65e5035fa0 RCX: 00007f65e4e0e929
[  416.175865][ T3566] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffffff
[  416.175877][ T3566] RBP: 00007f65e3477090 R08: 0000000000000000 R09: 0000000000000000
[  416.175890][ T3566] R10: 0000000000005412 R11: 0000000000000246 R12: 0000000000000001
[  416.175957][ T3566] R13: 0000000000000000 R14: 00007f65e5035fa0 R15: 00007ffd33279768
[  416.175977][ T3566]  </TASK>
[  417.659467][ T3619] dvmrp0: entered allmulticast mode
[  417.822442][ T3630] tmpfs: Bad value for 'mpol'
[  418.080364][ T3646] netlink: 'syz.3.7117': attribute type 6 has an invalid length.
[  418.573934][ T3681] dvmrp0: entered allmulticast mode
[  418.833860][   T29] kauditd_printk_skb: 1168 callbacks suppressed
[  418.833875][   T29] audit: type=1400 audit(2000002857.313:44397): avc:  denied  { open } for  pid=3702 comm="syz.2.7136" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  418.870418][   T29] audit: type=1400 audit(2000002857.313:44398): avc:  denied  { perfmon } for  pid=3702 comm="syz.2.7136" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  418.891483][   T29] audit: type=1400 audit(2000002857.313:44399): avc:  denied  { kernel } for  pid=3702 comm="syz.2.7136" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  418.911099][   T29] audit: type=1400 audit(2000002857.341:44400): avc:  denied  { module_request } for  pid=3697 comm="syz.4.7135" kmod="nft-expr-7-" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  418.932936][   T29] audit: type=1400 audit(2000002857.341:44401): avc:  denied  { write } for  pid=3690 comm="syz.0.7133" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  418.954048][   T29] audit: type=1400 audit(2000002857.369:44402): avc:  denied  { module_request } for  pid=3697 comm="syz.4.7135" kmod="nft-expr-" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  419.013408][ T3704] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3704 comm=syz.2.7136
[  419.018701][   T29] audit: type=1400 audit(2000002857.444:44403): avc:  denied  { open } for  pid=3702 comm="syz.2.7136" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  419.045251][   T29] audit: type=1400 audit(2000002857.444:44404): avc:  denied  { perfmon } for  pid=3702 comm="syz.2.7136" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  419.066279][   T29] audit: type=1400 audit(2000002857.444:44405): avc:  denied  { kernel } for  pid=3702 comm="syz.2.7136" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  419.085770][   T29] audit: type=1400 audit(2000002857.463:44406): avc:  denied  { perfmon } for  pid=3702 comm="syz.2.7136" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  419.533569][ T3732] __nla_validate_parse: 55 callbacks suppressed
[  419.533610][ T3732] netlink: 9 bytes leftover after parsing attributes in process `+}[@'.
[  419.551793][ T3734] netlink: 52 bytes leftover after parsing attributes in process `kfree'.
[  419.622670][ T3740] netlink: 'syz.0.7147': attribute type 2 has an invalid length.
[  419.630673][ T3740] netlink: 'syz.0.7147': attribute type 1 has an invalid length.
[  419.638562][ T3740] netlink: 132 bytes leftover after parsing attributes in process `syz.0.7147'.
[  419.654684][ T3740] tipc: Started in network mode
[  419.659587][ T3740] tipc: Node identity b66e8e8cab2e, cluster identity 4711
[  419.666751][ T3740] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  419.679237][ T3740] syzkaller0: entered promiscuous mode
[  419.684791][ T3740] syzkaller0: entered allmulticast mode
[  419.728990][ T3740] tipc: Resetting bearer <eth:syzkaller0>
[  419.752280][ T3739] tipc: Resetting bearer <eth:syzkaller0>
[  419.775710][ T3739] tipc: Disabling bearer <eth:syzkaller0>
[  419.878772][ T3750] netlink: 16 bytes leftover after parsing attributes in process `syz.2.7151'.
[  419.887854][ T3750] netlink: 16 bytes leftover after parsing attributes in process `syz.2.7151'.
[  419.896866][ T3750] netlink: 16 bytes leftover after parsing attributes in process `syz.2.7151'.
[  419.906453][ T3753] FAULT_INJECTION: forcing a failure.
[  419.906453][ T3753] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  419.919554][ T3753] CPU: 0 UID: 0 PID: 3753 Comm: syz.1.7150 Tainted: G        W           6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(voluntary) 
[  419.919712][ T3753] Tainted: [W]=WARN
[  419.919719][ T3753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  419.919730][ T3753] Call Trace:
[  419.919737][ T3753]  <TASK>
[  419.919743][ T3753]  __dump_stack+0x1d/0x30
[  419.919807][ T3753]  dump_stack_lvl+0xe8/0x140
[  419.919825][ T3753]  dump_stack+0x15/0x1b
[  419.919850][ T3753]  should_fail_ex+0x265/0x280
[  419.919879][ T3753]  should_fail+0xb/0x20
[  419.919904][ T3753]  should_fail_usercopy+0x1a/0x20
[  419.919934][ T3753]  _copy_from_user+0x1c/0xb0
[  419.919960][ T3753]  ___sys_sendmsg+0xc1/0x1d0
[  419.920002][ T3753]  __x64_sys_sendmsg+0xd4/0x160
[  419.920099][ T3753]  x64_sys_call+0x2999/0x2fb0
[  419.920117][ T3753]  do_syscall_64+0xd2/0x200
[  419.920134][ T3753]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  419.920225][ T3753]  ? clear_bhb_loop+0x40/0x90
[  419.920258][ T3753]  ? clear_bhb_loop+0x40/0x90
[  419.920340][ T3753]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  419.920361][ T3753] RIP: 0033:0x7fa2e31ce929
[  419.920376][ T3753] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  419.920391][ T3753] RSP: 002b:00007fa2e1837038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  419.920446][ T3753] RAX: ffffffffffffffda RBX: 00007fa2e33f5fa0 RCX: 00007fa2e31ce929
[  419.920458][ T3753] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003
[  419.920471][ T3753] RBP: 00007fa2e1837090 R08: 0000000000000000 R09: 0000000000000000
[  419.920482][ T3753] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  419.920492][ T3753] R13: 0000000000000000 R14: 00007fa2e33f5fa0 R15: 00007ffd524c1798
[  419.920507][ T3753]  </TASK>
[  420.107776][ T3748] sch_fq: defrate 4294967295 ignored.
[  420.180660][ T3759] pim6reg1: entered promiscuous mode
[  420.262632][ T3763] pim6reg1: entered promiscuous mode
[  420.334947][ T3767] netlink: 'syz.3.7158': attribute type 10 has an invalid length.
[  420.352927][ T3767] geneve1: entered promiscuous mode
[  420.361410][ T3767] bond0: (slave geneve1): Enslaving as an active interface with an up link
[  420.491987][ T3785] FAULT_INJECTION: forcing a failure.
[  420.491987][ T3785] name failslab, interval 1, probability 0, space 0, times 0
[  420.504924][ T3785] CPU: 0 UID: 0 PID: 3785 Comm: syz.1.7166 Tainted: G        W           6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(voluntary) 
[  420.505019][ T3785] Tainted: [W]=WARN
[  420.505027][ T3785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  420.505039][ T3785] Call Trace:
[  420.505044][ T3785]  <TASK>
[  420.505050][ T3785]  __dump_stack+0x1d/0x30
[  420.505068][ T3785]  dump_stack_lvl+0xe8/0x140
[  420.505084][ T3785]  dump_stack+0x15/0x1b
[  420.505098][ T3785]  should_fail_ex+0x265/0x280
[  420.505194][ T3785]  ? alloc_pipe_info+0xae/0x350
[  420.505211][ T3785]  should_failslab+0x8c/0xb0
[  420.505230][ T3785]  __kmalloc_cache_noprof+0x4c/0x320
[  420.505329][ T3779] netlink: 68 bytes leftover after parsing attributes in process `syz.3.7164'.
[  420.505329][ T3785]  alloc_pipe_info+0xae/0x350
[  420.505348][ T3785]  splice_direct_to_actor+0x592/0x680
[  420.505412][ T3785]  ? kstrtouint_from_user+0x9f/0xf0
[  420.505439][ T3785]  ? __pfx_direct_splice_actor+0x10/0x10
[  420.505467][ T3785]  ? __rcu_read_unlock+0x4f/0x70
[  420.505555][ T3785]  ? get_pid_task+0x96/0xd0
[  420.505573][ T3785]  ? avc_policy_seqno+0x15/0x30
[  420.505646][ T3785]  ? selinux_file_permission+0x1e4/0x320
[  420.505747][ T3785]  do_splice_direct+0xda/0x150
[  420.505774][ T3785]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  420.505806][ T3785]  do_sendfile+0x380/0x650
[  420.505891][ T3785]  __x64_sys_sendfile64+0xb8/0x150
[  420.505912][ T3785]  x64_sys_call+0xb39/0x2fb0
[  420.505941][ T3785]  do_syscall_64+0xd2/0x200
[  420.506057][ T3785]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  420.506081][ T3785]  ? clear_bhb_loop+0x40/0x90
[  420.506156][ T3785]  ? clear_bhb_loop+0x40/0x90
[  420.506177][ T3785]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  420.506197][ T3785] RIP: 0033:0x7fa2e31ce929
[  420.506266][ T3785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  420.506317][ T3785] RSP: 002b:00007fa2e1837038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  420.506336][ T3785] RAX: ffffffffffffffda RBX: 00007fa2e33f5fa0 RCX: 00007fa2e31ce929
[  420.506349][ T3785] RDX: 0000200000000000 RSI: 0000000000000006 RDI: 0000000000000006
[  420.506361][ T3785] RBP: 00007fa2e1837090 R08: 0000000000000000 R09: 0000000000000000
[  420.506374][ T3785] R10: 00000002000007ff R11: 0000000000000246 R12: 0000000000000001
[  420.506419][ T3785] R13: 0000000000000000 R14: 00007fa2e33f5fa0 R15: 00007ffd524c1798
[  420.506437][ T3785]  </TASK>
[  420.669809][ T3791] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7164'.
[  420.847058][ T3797] sch_fq: defrate 4294967295 ignored.
[  421.014454][ T3814] netlink: 14 bytes leftover after parsing attributes in process `syz.4.7176'.
[  421.200490][ T3822] infiniband syz!: set active
[  421.205246][ T3822] infiniband syz!: added team_slave_0
[  421.213334][ T3835] netlink: 'syz.0.7183': attribute type 21 has an invalid length.
[  421.221191][ T3835] IPv6: NLM_F_CREATE should be specified when creating new route
[  421.247497][ T3822] RDS/IB: syz!: added
[  421.259313][ T3837] Invalid ELF header magic: != ELF
[  421.262470][ T3822] smc: adding ib device syz! with port count 1
[  421.297726][ T3835] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7183'.
[  421.309331][ T3822] smc:    ib device syz! port 1 has pnetid 
[  421.340690][ T3846] tmpfs: Bad value for 'mpol'
[  421.357103][ T3835] team0 (unregistering): Port device team_slave_0 removed
[  421.392295][ T3835] team0 (unregistering): Port device team_slave_1 removed
[  421.515570][ T3329] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  421.590271][ T3329] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  421.644704][ T3329] bridge0: port 3(netdevsim1) entered disabled state
[  421.654902][ T3329] netdevsim netdevsim4 netdevsim1 (unregistering): left allmulticast mode
[  421.663488][ T3329] netdevsim netdevsim4 netdevsim1 (unregistering): left promiscuous mode
[  421.671978][ T3329] bridge0: port 3(netdevsim1) entered disabled state
[  421.680303][ T3329] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  421.743544][ T3329] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  421.805952][ T3329] bridge_slave_1: left allmulticast mode
[  421.811641][ T3329] bridge_slave_1: left promiscuous mode
[  421.817345][ T3329] bridge0: port 2(bridge_slave_1) entered disabled state
[  421.825295][ T3329] bridge_slave_0: left allmulticast mode
[  421.830948][ T3329] bridge_slave_0: left promiscuous mode
[  421.836670][ T3329] bridge0: port 1(bridge_slave_0) entered disabled state
[  421.884380][ T3329] dvmrp0 (unregistering): left allmulticast mode
[  421.952959][ T3329] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  421.962995][ T3329] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  421.972629][ T3329] bond0 (unregistering): Released all slaves
[  422.032530][ T3329] IPVS: stopping backup sync thread 2335 ...
[  422.044012][ T3879] tmpfs: Bad value for 'mpol'
[  422.089405][ T3329] veth1_macvtap: left promiscuous mode
[  422.095083][ T3329] veth0_macvtap: left promiscuous mode
[  422.193361][ T3329] team0 (unregistering): Port device team_slave_1 removed
[  422.218373][ T3329] team0 (unregistering): Port device team_slave_0 removed
[  422.276481][ T3857] chnl_net:caif_netlink_parms(): no params data found
[  422.360041][ T3895] xt_CT: No such helper "pptp"
[  422.461836][ T3857] bridge0: port 1(bridge_slave_0) entered blocking state
[  422.469168][ T3857] bridge0: port 1(bridge_slave_0) entered disabled state
[  422.479386][ T3857] bridge_slave_0: entered allmulticast mode
[  422.486265][ T3857] bridge_slave_0: entered promiscuous mode
[  422.516918][ T3857] bridge0: port 2(bridge_slave_1) entered blocking state
[  422.524113][ T3857] bridge0: port 2(bridge_slave_1) entered disabled state
[  422.531890][ T3857] bridge_slave_1: entered allmulticast mode
[  422.539494][ T3857] bridge_slave_1: entered promiscuous mode
[  422.580739][ T3857] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  422.604424][ T3857] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  422.630592][ T3857] team0: Port device team_slave_0 added
[  422.639138][ T3857] team0: Port device team_slave_1 added
[  422.667050][ T3857] batman_adv: batadv0: Adding interface: batadv_slave_0
[  422.674058][ T3857] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  422.700119][ T3857] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  422.711641][ T3857] batman_adv: batadv0: Adding interface: batadv_slave_1
[  422.718599][ T3857] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  422.744651][ T3857] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  422.774101][ T3857] hsr_slave_0: entered promiscuous mode
[  422.780132][ T3857] hsr_slave_1: entered promiscuous mode
[  422.861401][ T3857] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  422.871005][ T3857] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  422.879950][ T3857] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  422.889554][ T3857] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  422.908897][ T3857] bridge0: port 2(bridge_slave_1) entered blocking state
[  422.916016][ T3857] bridge0: port 2(bridge_slave_1) entered forwarding state
[  422.923391][ T3857] bridge0: port 1(bridge_slave_0) entered blocking state
[  422.930448][ T3857] bridge0: port 1(bridge_slave_0) entered forwarding state
[  422.959881][ T3857] 8021q: adding VLAN 0 to HW filter on device bond0
[  422.971350][   T58] bridge0: port 1(bridge_slave_0) entered disabled state
[  422.979649][   T58] bridge0: port 2(bridge_slave_1) entered disabled state
[  422.992844][ T3857] 8021q: adding VLAN 0 to HW filter on device team0
[  423.003252][ T3329] bridge0: port 1(bridge_slave_0) entered blocking state
[  423.010424][ T3329] bridge0: port 1(bridge_slave_0) entered forwarding state
[  423.020966][ T3329] bridge0: port 2(bridge_slave_1) entered blocking state
[  423.028041][ T3329] bridge0: port 2(bridge_slave_1) entered forwarding state
[  423.179551][ T3857] 8021q: adding VLAN 0 to HW filter on device batadv0
[  423.359347][ T3940] tmpfs: Bad value for 'mpol'
[  423.716418][ T3857] veth0_vlan: entered promiscuous mode
[  423.730359][ T3857] veth1_vlan: entered promiscuous mode
[  423.786934][ T3857] veth0_macvtap: entered promiscuous mode
[  423.813461][ T3857] veth1_macvtap: entered promiscuous mode
[  423.846743][ T3857] batman_adv: batadv0: Interface activated: batadv_slave_0
[  423.869549][ T3857] batman_adv: batadv0: Interface activated: batadv_slave_1
[  423.906342][ T3857] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  423.915175][ T3857] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  423.923921][ T3857] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  423.932675][ T3857] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  424.036588][ T3982] tmpfs: Bad value for 'mpol'
[  424.210570][   T29] kauditd_printk_skb: 1689 callbacks suppressed
[  424.210660][   T29] audit: type=1326 audit(2000002862.347:46096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3986 comm="syz.5.7221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd61a99e929 code=0x7ffc0000
[  424.275752][   T29] audit: type=1326 audit(2000002862.347:46097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3986 comm="syz.5.7221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=273 compat=0 ip=0x7fd61a99e929 code=0x7ffc0000
[  424.299390][   T29] audit: type=1326 audit(2000002862.347:46098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3986 comm="syz.5.7221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd61a99e929 code=0x7ffc0000
[  424.322986][   T29] audit: type=1326 audit(2000002862.347:46099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3986 comm="syz.5.7221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd61a99e929 code=0x7ffc0000
[  424.429291][ T3999] syzkaller1: entered promiscuous mode
[  424.434898][ T3999] syzkaller1: entered allmulticast mode
[  424.474059][   T29] audit: type=1400 audit(2000002862.412:46100): avc:  denied  { prog_load } for  pid=3985 comm="syz.2.7220" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  424.493256][   T29] audit: type=1400 audit(2000002862.412:46101): avc:  denied  { bpf } for  pid=3985 comm="syz.2.7220" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  424.513945][   T29] audit: type=1400 audit(2000002862.412:46102): avc:  denied  { perfmon } for  pid=3985 comm="syz.2.7220" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  424.534977][   T29] audit: type=1400 audit(2000002862.487:46103): avc:  denied  { create } for  pid=3993 comm="syz.5.7222" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  424.555750][   T29] audit: type=1400 audit(2000002862.534:46104): avc:  denied  { prog_load } for  pid=3998 comm="syz.5.7223" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  424.575084][   T29] audit: type=1400 audit(2000002862.534:46105): avc:  denied  { bpf } for  pid=3998 comm="syz.5.7223" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  424.645003][ T4004] netlink: 'syz.0.7224': attribute type 2 has an invalid length.
[  424.652889][ T4004] netlink: 'syz.0.7224': attribute type 1 has an invalid length.
[  424.703444][ T4008] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  424.710305][ T4007] syzkaller1: entered promiscuous mode
[  424.715806][ T4007] syzkaller1: entered allmulticast mode
[  424.732633][ T4004] syzkaller0: entered promiscuous mode
[  424.738249][ T4004] syzkaller0: entered allmulticast mode
[  424.776605][ T4003] tipc: Resetting bearer <eth:syzkaller0>
[  424.785310][ T4003] tipc: Disabling bearer <eth:syzkaller0>
[  424.894597][ T4016] FAULT_INJECTION: forcing a failure.
[  424.894597][ T4016] name failslab, interval 1, probability 0, space 0, times 0
[  424.907351][ T4016] CPU: 1 UID: 0 PID: 4016 Comm: syz.0.7227 Tainted: G        W           6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(voluntary) 
[  424.907406][ T4016] Tainted: [W]=WARN
[  424.907412][ T4016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  424.907422][ T4016] Call Trace:
[  424.907427][ T4016]  <TASK>
[  424.907434][ T4016]  __dump_stack+0x1d/0x30
[  424.907453][ T4016]  dump_stack_lvl+0xe8/0x140
[  424.907469][ T4016]  dump_stack+0x15/0x1b
[  424.907531][ T4016]  should_fail_ex+0x265/0x280
[  424.907555][ T4016]  should_failslab+0x8c/0xb0
[  424.907573][ T4016]  __kmalloc_noprof+0xa5/0x3e0
[  424.907593][ T4016]  ? security_sem_alloc+0x45/0x100
[  424.907623][ T4016]  security_sem_alloc+0x45/0x100
[  424.907643][ T4016]  newary+0x12b/0x620
[  424.907661][ T4016]  ? __rcu_read_unlock+0x4f/0x70
[  424.907679][ T4016]  ipcget+0x33a/0x4f0
[  424.907739][ T4016]  ? __pfx___bpf_trace_sys_enter+0x10/0x10
[  424.907758][ T4016]  ? __bpf_trace_sys_enter+0x10/0x30
[  424.907774][ T4016]  ? __traceiter_sys_enter+0x5c/0x80
[  424.907791][ T4016]  __x64_sys_semget+0xfb/0x130
[  424.907824][ T4016]  x64_sys_call+0x2731/0x2fb0
[  424.907841][ T4016]  do_syscall_64+0xd2/0x200
[  424.907855][ T4016]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  424.907874][ T4016]  ? clear_bhb_loop+0x40/0x90
[  424.907954][ T4016]  ? clear_bhb_loop+0x40/0x90
[  424.907971][ T4016]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  424.907987][ T4016] RIP: 0033:0x7f1a7232e929
[  424.908021][ T4016] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  424.908110][ T4016] RSP: 002b:00007f1a70997038 EFLAGS: 00000246 ORIG_RAX: 0000000000000040
[  424.908126][ T4016] RAX: ffffffffffffffda RBX: 00007f1a72555fa0 RCX: 00007f1a7232e929
[  424.908136][ T4016] RDX: 0000000000000401 RSI: 0000000000000002 RDI: 0000000000000000
[  424.908146][ T4016] RBP: 00007f1a70997090 R08: 0000000000000000 R09: 0000000000000000
[  424.908190][ T4016] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  424.908239][ T4016] R13: 0000000000000000 R14: 00007f1a72555fa0 R15: 00007ffda6d29fc8
[  424.908254][ T4016]  </TASK>
[  425.176991][ T4028] __nla_validate_parse: 31 callbacks suppressed
[  425.177006][ T4028] netlink: 24 bytes leftover after parsing attributes in process `syz.0.7230'.
[  425.225834][ T4030] tmpfs: Bad value for 'mpol'
[  425.326144][ T4038] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  425.449438][ T4044] dvmrp1: entered allmulticast mode
[  425.466554][ T4044] dvmrp0: left allmulticast mode
[  425.473009][ T4044] dvmrp1: left allmulticast mode
[  425.528661][ T4046] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7238'.
[  425.537678][ T4046] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7238'.
[  425.568183][ T4046] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7238'.
[  425.612976][ T4046] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7238'.
[  425.621945][ T4046] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7238'.
[  425.670351][ T4046] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7238'.
[  425.758857][ T4061] xt_hashlimit: max too large, truncated to 1048576
[  425.769518][ T4046] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7238'.
[  425.778505][ T4046] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7238'.
[  425.794026][ T4046] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7238'.
[  425.910752][ T4072] FAULT_INJECTION: forcing a failure.
[  425.910752][ T4072] name failslab, interval 1, probability 0, space 0, times 0
[  425.923541][ T4072] CPU: 0 UID: 0 PID: 4072 Comm: syz.2.7243 Tainted: G        W           6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(voluntary) 
[  425.923643][ T4072] Tainted: [W]=WARN
[  425.923649][ T4072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  425.923661][ T4072] Call Trace:
[  425.923668][ T4072]  <TASK>
[  425.923676][ T4072]  __dump_stack+0x1d/0x30
[  425.923698][ T4072]  dump_stack_lvl+0xe8/0x140
[  425.923716][ T4072]  dump_stack+0x15/0x1b
[  425.923731][ T4072]  should_fail_ex+0x265/0x280
[  425.923770][ T4072]  should_failslab+0x8c/0xb0
[  425.923826][ T4072]  kmem_cache_alloc_noprof+0x50/0x310
[  425.923852][ T4072]  ? prepare_creds+0x37/0x4c0
[  425.923874][ T4072]  ? bpf_trace_run2+0x124/0x1c0
[  425.923896][ T4072]  prepare_creds+0x37/0x4c0
[  425.923923][ T4072]  __se_sys_capset+0x2a3/0x450
[  425.923941][ T4072]  ? __bpf_trace_sys_enter+0x10/0x30
[  425.923966][ T4072]  __x64_sys_capset+0x31/0x40
[  425.924030][ T4072]  x64_sys_call+0x1426/0x2fb0
[  425.924069][ T4072]  do_syscall_64+0xd2/0x200
[  425.924163][ T4072]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  425.924187][ T4072]  ? clear_bhb_loop+0x40/0x90
[  425.924208][ T4072]  ? clear_bhb_loop+0x40/0x90
[  425.924228][ T4072]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  425.924296][ T4072] RIP: 0033:0x7f4aeeb5e929
[  425.924311][ T4072] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  425.924329][ T4072] RSP: 002b:00007f4aed1c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000007e
[  425.924348][ T4072] RAX: ffffffffffffffda RBX: 00007f4aeed85fa0 RCX: 00007f4aeeb5e929
[  425.924360][ T4072] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000200000000180
[  425.924379][ T4072] RBP: 00007f4aed1c7090 R08: 0000000000000000 R09: 0000000000000000
[  425.924391][ T4072] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  425.924407][ T4072] R13: 0000000000000000 R14: 00007f4aeed85fa0 R15: 00007ffccbe08788
[  425.924425][ T4072]  </TASK>
[  426.580454][ T4099] tmpfs: Bad value for 'mpol'
[  426.607467][ T4103] netlink: 'syz.3.7256': attribute type 6 has an invalid length.
[  426.681621][ T2723] hid-generic 0003:0004:0000.0007: unknown main item tag 0x0
[  426.689172][ T2723] hid-generic 0003:0004:0000.0007: unknown main item tag 0x0
[  426.696611][ T2723] hid-generic 0003:0004:0000.0007: unknown main item tag 0x0
[  426.715227][ T2723] hid-generic 0003:0004:0000.0007: hidraw0: USB HID vffffff.ff Device [syz0] on syz1
[  426.862223][ T4117] FAULT_INJECTION: forcing a failure.
[  426.862223][ T4117] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  426.875356][ T4117] CPU: 1 UID: 0 PID: 4117 Comm: syz.3.7258 Tainted: G        W           6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(voluntary) 
[  426.875459][ T4117] Tainted: [W]=WARN
[  426.875466][ T4117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  426.875479][ T4117] Call Trace:
[  426.875485][ T4117]  <TASK>
[  426.875492][ T4117]  __dump_stack+0x1d/0x30
[  426.875510][ T4117]  dump_stack_lvl+0xe8/0x140
[  426.875530][ T4117]  dump_stack+0x15/0x1b
[  426.875599][ T4117]  should_fail_ex+0x265/0x280
[  426.875631][ T4117]  should_fail+0xb/0x20
[  426.875653][ T4117]  should_fail_usercopy+0x1a/0x20
[  426.875678][ T4117]  strncpy_from_user+0x25/0x230
[  426.875716][ T4117]  ? kmem_cache_alloc_noprof+0x186/0x310
[  426.875737][ T4117]  ? getname_flags+0x80/0x3b0
[  426.875758][ T4117]  getname_flags+0xae/0x3b0
[  426.875827][ T4117]  do_sys_openat2+0x60/0x110
[  426.875854][ T4117]  __x64_sys_openat+0xf2/0x120
[  426.875878][ T4117]  x64_sys_call+0x1af/0x2fb0
[  426.875895][ T4117]  do_syscall_64+0xd2/0x200
[  426.875976][ T4117]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  426.876002][ T4117]  ? clear_bhb_loop+0x40/0x90
[  426.876067][ T4117]  ? clear_bhb_loop+0x40/0x90
[  426.876085][ T4117]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  426.876102][ T4117] RIP: 0033:0x7efd3495d290
[  426.876116][ T4117] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[  426.876143][ T4117] RSP: 002b:00007efd32f84f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  426.876163][ T4117] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007efd3495d290
[  426.876177][ T4117] RDX: 0000000000000002 RSI: 00007efd32f84fa0 RDI: 00000000ffffff9c
[  426.876187][ T4117] RBP: 00007efd32f84fa0 R08: 0000000000000000 R09: 0000000000000000
[  426.876198][ T4117] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  426.876208][ T4117] R13: 0000000000000000 R14: 00007efd34b86160 R15: 00007fff0fc1c908
[  426.876224][ T4117]  </TASK>
[  427.234103][ T4133] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  427.255687][ T4133] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  427.275300][ T4133] bond0 (unregistering): Released all slaves
[  427.308365][ T4129] (unnamed net_device) (uninitialized): option ad_user_port_key: invalid value (1728)
[  427.318137][ T4129] (unnamed net_device) (uninitialized): option ad_user_port_key: allowed values 0 - 1023
[  427.683601][ T4145] infiniband syz2: set active
[  427.688340][ T4145] infiniband syz2: added veth0_to_bond
[  427.743610][ T4145] RDS/IB: syz2: added
[  427.751848][ T4145] smc: adding ib device syz2 with port count 1
[  427.758121][ T4145] smc:    ib device syz2 port 1 has pnetid 
[  427.800115][ T1033] hid-generic 0003:0004:0000.0008: unknown main item tag 0x0
[  427.807565][ T1033] hid-generic 0003:0004:0000.0008: unknown main item tag 0x0
[  427.815003][ T1033] hid-generic 0003:0004:0000.0008: unknown main item tag 0x0
[  427.827161][ T4152] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present!
[  427.872174][ T1033] hid-generic 0003:0004:0000.0008: hidraw0: USB HID vffffff.ff Device [syz0] on syz1
[  428.100285][ T4174] tmpfs: Bad value for 'mpol'
[  428.110175][ T1033] hid-generic 0003:0004:0000.0009: unknown main item tag 0x0
[  428.117674][ T1033] hid-generic 0003:0004:0000.0009: unknown main item tag 0x0
[  428.125200][ T1033] hid-generic 0003:0004:0000.0009: unknown main item tag 0x0
[  428.163205][ T1033] hid-generic 0003:0004:0000.0009: hidraw0: USB HID vffffff.ff Device [syz0] on syz1
[  428.236045][ T4177] Invalid ELF header magic: != ELF
[  428.244340][ T4183] SELinux: syz.0.7282 (4183) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  428.654355][ T4203] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  429.038879][ T4224] SELinux: failed to load policy
[  429.290475][ T4248] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  429.299604][ T4248] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  429.376969][ T4252] FAULT_INJECTION: forcing a failure.
[  429.376969][ T4252] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  429.390149][ T4252] CPU: 1 UID: 0 PID: 4252 Comm: syz.0.7308 Tainted: G        W           6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(voluntary) 
[  429.390231][ T4252] Tainted: [W]=WARN
[  429.390245][ T4252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  429.390255][ T4252] Call Trace:
[  429.390261][ T4252]  <TASK>
[  429.390268][ T4252]  __dump_stack+0x1d/0x30
[  429.390301][ T4252]  dump_stack_lvl+0xe8/0x140
[  429.390319][ T4252]  dump_stack+0x15/0x1b
[  429.390442][ T4252]  should_fail_ex+0x265/0x280
[  429.390509][ T4252]  should_fail+0xb/0x20
[  429.390689][ T4252]  should_fail_usercopy+0x1a/0x20
[  429.390718][ T4252]  copy_to_user_nofault+0x7f/0x120
[  429.390866][ T4252]  bpf_probe_write_user+0x83/0xc0
[  429.390948][ T4252]  bpf_prog_6303d92f98284ad8+0x44/0x4c
[  429.390964][ T4252]  bpf_trace_run2+0x107/0x1c0
[  429.391074][ T4252]  ? skb_put+0xa9/0xf0
[  429.391106][ T4252]  ? audit_log_d_path+0xf4/0x150
[  429.391132][ T4252]  ? audit_log_n_string+0x26b/0x290
[  429.391254][ T4252]  ? audit_log_d_path+0xf4/0x150
[  429.391295][ T4252]  kfree+0x27b/0x320
[  429.391324][ T4252]  ? audit_log_untrustedstring+0xb6/0xd0
[  429.391401][ T4252]  audit_log_d_path+0xf4/0x150
[  429.391416][ T4242] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present!
[  429.391487][ T4252]  audit_log_d_path_exe+0x42/0x70
[  429.391595][ T4252]  audit_log_task+0x1e9/0x250
[  429.391624][ T4252]  audit_seccomp+0x61/0x100
[  429.391649][ T4252]  ? __seccomp_filter+0x68c/0x10d0
[  429.391740][ T4252]  __seccomp_filter+0x69d/0x10d0
[  429.391763][ T4252]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  429.391794][ T4252]  ? vfs_write+0x75e/0x8e0
[  429.391823][ T4252]  ? __rcu_read_unlock+0x4f/0x70
[  429.391902][ T4252]  ? __fget_files+0x184/0x1c0
[  429.391925][ T4252]  __secure_computing+0x82/0x150
[  429.391946][ T4252]  syscall_trace_enter+0xcf/0x1e0
[  429.391985][ T4252]  do_syscall_64+0xac/0x200
[  429.392005][ T4252]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  429.392100][ T4252]  ? clear_bhb_loop+0x40/0x90
[  429.392165][ T4252]  ? clear_bhb_loop+0x40/0x90
[  429.392187][ T4252]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  429.392230][ T4252] RIP: 0033:0x7f1a7232e929
[  429.392246][ T4252] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  429.392263][ T4252] RSP: 002b:00007f1a70997038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e0
[  429.392282][ T4252] RAX: ffffffffffffffda RBX: 00007f1a72555fa0 RCX: 00007f1a7232e929
[  429.392295][ T4252] RDX: 0000000000000000 RSI: 0000200000000380 RDI: 0000000000000000
[  429.392308][ T4252] RBP: 00007f1a70997090 R08: 0000000000000000 R09: 0000000000000000
[  429.392320][ T4252] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  429.392332][ T4252] R13: 0000000000000000 R14: 00007f1a72555fa0 R15: 00007ffda6d29fc8
[  429.392363][ T4252]  </TASK>
[  429.583302][   T29] kauditd_printk_skb: 1391 callbacks suppressed
[  429.583322][   T29] audit: type=1400 audit(2000002867.371:47497): avc:  denied  { write } for  pid=4258 comm="syz.0.7312" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  429.697488][   T29] audit: type=1400 audit(2000002867.399:47498): avc:  denied  { read } for  pid=4258 comm="syz.0.7312" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  429.721290][   T29] audit: type=1400 audit(2000002867.399:47499): avc:  denied  { open } for  pid=4258 comm="syz.0.7312" path="/dev/sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  429.745423][   T29] audit: type=1400 audit(2000002867.399:47500): avc:  denied  { map_create } for  pid=4258 comm="syz.0.7312" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  429.764685][   T29] audit: type=1400 audit(2000002867.399:47501): avc:  denied  { prog_load } for  pid=4258 comm="syz.0.7312" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  429.783838][   T29] audit: type=1400 audit(2000002867.399:47502): avc:  denied  { bpf } for  pid=4258 comm="syz.0.7312" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  429.804519][   T29] audit: type=1400 audit(2000002867.399:47503): avc:  denied  { perfmon } for  pid=4258 comm="syz.0.7312" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  429.825487][   T29] audit: type=1400 audit(2000002867.408:47504): avc:  denied  { prog_load } for  pid=4258 comm="syz.0.7312" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  429.844640][   T29] audit: type=1400 audit(2000002867.408:47505): avc:  denied  { bpf } for  pid=4258 comm="syz.0.7312" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  429.865254][   T29] audit: type=1400 audit(2000002867.408:47506): avc:  denied  { getopt } for  pid=4258 comm="syz.0.7312" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  429.888852][ T4267] ÿÿÿÿÿÿ: renamed from vlan1 (while UP)
[  430.740945][ T4297] tap0: tun_chr_ioctl cmd 1074025680
[  430.803818][ T4309] __nla_validate_parse: 15 callbacks suppressed
[  430.803833][ T4309] netlink: 48 bytes leftover after parsing attributes in process `syz.3.7332'.
[  430.819312][ T4310] netlink: 48 bytes leftover after parsing attributes in process `syz.2.7331'.
[  430.961799][ T4315] x_tables: duplicate underflow at hook 1
[  431.212331][ T4333] 9pnet_fd: Insufficient options for proto=fd
[  431.235747][ T4330] xt_CT: No such helper "pptp"
[  431.333319][ T4338] netlink: 36 bytes leftover after parsing attributes in process `syz.1.7337'.
[  431.978025][ T4349] netlink: 'syz.5.7341': attribute type 2 has an invalid length.
[  431.985812][ T4349] netlink: 'syz.5.7341': attribute type 1 has an invalid length.
[  431.993639][ T4349] netlink: 132 bytes leftover after parsing attributes in process `syz.5.7341'.
[  432.040512][ T4353] tipc: Started in network mode
[  432.045471][ T4353] tipc: Node identity 56defb302efe, cluster identity 4711
[  432.052656][ T4353] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  432.088162][ T4353] syzkaller0: entered promiscuous mode
[  432.093734][ T4353] syzkaller0: entered allmulticast mode
[  432.147662][ T4348] tipc: Resetting bearer <eth:syzkaller0>
[  432.155933][ T4348] tipc: Disabling bearer <eth:syzkaller0>
[  432.307930][ T4362] netlink: 14 bytes leftover after parsing attributes in process `syz.5.7346'.
[  432.343759][ T4362] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  432.367095][ T4362] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  432.377544][ T4366] futex_wake_op: syz.5.7346 tries to shift op by -1; fix this program
[  432.405512][ T4362] bond0 (unregistering): Released all slaves
[  432.441249][ T2720] syz2: Port: 1 Link DOWN
[  432.542968][ T4363] pim6reg1: entered promiscuous mode
[  432.605884][ T4365] $Hÿ: renamed from bond0 (while UP)
[  432.640997][ T4365] $Hÿ: entered promiscuous mode
[  432.646088][ T4365] bond_slave_0: entered promiscuous mode
[  432.651936][ T4365] bond_slave_1: entered promiscuous mode
[  432.845480][ T4384] FAULT_INJECTION: forcing a failure.
[  432.845480][ T4384] name failslab, interval 1, probability 0, space 0, times 0
[  432.858167][ T4384] CPU: 1 UID: 0 PID: 4384 Comm: syz.1.7352 Tainted: G        W           6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(voluntary) 
[  432.858249][ T4384] Tainted: [W]=WARN
[  432.858256][ T4384] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  432.858267][ T4384] Call Trace:
[  432.858273][ T4384]  <TASK>
[  432.858280][ T4384]  __dump_stack+0x1d/0x30
[  432.858299][ T4384]  dump_stack_lvl+0xe8/0x140
[  432.858315][ T4384]  dump_stack+0x15/0x1b
[  432.858329][ T4384]  should_fail_ex+0x265/0x280
[  432.858453][ T4384]  should_failslab+0x8c/0xb0
[  432.858473][ T4384]  __kmalloc_noprof+0xa5/0x3e0
[  432.858586][ T4384]  ? iter_file_splice_write+0xfe/0x970
[  432.858621][ T4384]  iter_file_splice_write+0xfe/0x970
[  432.858684][ T4384]  ? copy_splice_read+0x5ae/0x5f0
[  432.858708][ T4384]  ? copy_splice_read+0x5ae/0x5f0
[  432.858732][ T4384]  ? __traceiter_kfree+0x2b/0x50
[  432.858756][ T4384]  ? copy_splice_read+0x5ae/0x5f0
[  432.858782][ T4384]  ? copy_splice_read+0x5ae/0x5f0
[  432.858859][ T4384]  ? __pfx_iter_file_splice_write+0x10/0x10
[  432.858885][ T4384]  direct_splice_actor+0x153/0x2a0
[  432.858944][ T4384]  splice_direct_to_actor+0x30f/0x680
[  432.859033][ T4384]  ? __pfx_direct_splice_actor+0x10/0x10
[  432.859068][ T4384]  do_splice_direct+0xda/0x150
[  432.859112][ T4384]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  432.859141][ T4384]  do_sendfile+0x380/0x650
[  432.859269][ T4384]  __x64_sys_sendfile64+0x105/0x150
[  432.859293][ T4384]  x64_sys_call+0xb39/0x2fb0
[  432.859354][ T4384]  do_syscall_64+0xd2/0x200
[  432.859414][ T4384]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  432.859435][ T4384]  ? clear_bhb_loop+0x40/0x90
[  432.859457][ T4384]  ? clear_bhb_loop+0x40/0x90
[  432.859478][ T4384]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  432.859498][ T4384] RIP: 0033:0x7fa2e31ce929
[  432.859513][ T4384] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  432.859548][ T4384] RSP: 002b:00007fa2e1837038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  432.859581][ T4384] RAX: ffffffffffffffda RBX: 00007fa2e33f5fa0 RCX: 00007fa2e31ce929
[  432.859592][ T4384] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000006
[  432.859603][ T4384] RBP: 00007fa2e1837090 R08: 0000000000000000 R09: 0000000000000000
[  432.859615][ T4384] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  432.859673][ T4384] R13: 0000000000000000 R14: 00007fa2e33f5fa0 R15: 00007ffd524c1798
[  432.859692][ T4384]  </TASK>
[  433.253457][ T4396] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7358'.
[  433.287850][ T4396] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7358'.
[  433.299484][ T4401] netlink: 48 bytes leftover after parsing attributes in process `syz.5.7359'.
[  433.302851][ T4402] netlink: 24 bytes leftover after parsing attributes in process `syz.2.7357'.
[  433.717564][ T4424] netlink: 60 bytes leftover after parsing attributes in process `syz.0.7365'.
[  433.761093][ T4422] 9pnet_fd: Insufficient options for proto=fd
[  434.448147][ T4463] raw_sendmsg: syz.2.7379 forgot to set AF_INET. Fix it!
[  434.838062][ T4490] FAULT_INJECTION: forcing a failure.
[  434.838062][ T4490] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  434.851204][ T4490] CPU: 1 UID: 0 PID: 4490 Comm: syz.2.7387 Tainted: G        W           6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(voluntary) 
[  434.851235][ T4490] Tainted: [W]=WARN
[  434.851241][ T4490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  434.851252][ T4490] Call Trace:
[  434.851338][ T4490]  <TASK>
[  434.851346][ T4490]  __dump_stack+0x1d/0x30
[  434.851365][ T4490]  dump_stack_lvl+0xe8/0x140
[  434.851382][ T4490]  dump_stack+0x15/0x1b
[  434.851398][ T4490]  should_fail_ex+0x265/0x280
[  434.851488][ T4490]  should_fail+0xb/0x20
[  434.851514][ T4490]  should_fail_usercopy+0x1a/0x20
[  434.851556][ T4490]  _copy_from_user+0x1c/0xb0
[  434.851577][ T4490]  ___sys_sendmsg+0xc1/0x1d0
[  434.851701][ T4490]  __x64_sys_sendmsg+0xd4/0x160
[  434.851745][ T4490]  x64_sys_call+0x2999/0x2fb0
[  434.851765][ T4490]  do_syscall_64+0xd2/0x200
[  434.851781][ T4490]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  434.851864][ T4490]  ? clear_bhb_loop+0x40/0x90
[  434.851951][ T4490]  ? clear_bhb_loop+0x40/0x90
[  434.851971][ T4490]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  434.851990][ T4490] RIP: 0033:0x7f4aeeb5e929
[  434.852003][ T4490] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  434.852083][ T4490] RSP: 002b:00007f4aed1c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  434.852100][ T4490] RAX: ffffffffffffffda RBX: 00007f4aeed85fa0 RCX: 00007f4aeeb5e929
[  434.852111][ T4490] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000003
[  434.852121][ T4490] RBP: 00007f4aed1c7090 R08: 0000000000000000 R09: 0000000000000000
[  434.852132][ T4490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  434.852144][ T4490] R13: 0000000000000000 R14: 00007f4aeed85fa0 R15: 00007ffccbe08788
[  434.852162][ T4490]  </TASK>
[  435.039150][   T29] kauditd_printk_skb: 1357 callbacks suppressed
[  435.039164][   T29] audit: type=1400 audit(2000002872.479:48862): avc:  denied  { prog_load } for  pid=4491 comm="syz.0.7388" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  435.039675][ T4492] rdma_op ffff888118e2e180 conn xmit_rdma 0000000000000000
[  435.045588][   T29] audit: type=1400 audit(2000002872.479:48863): avc:  denied  { bpf } for  pid=4491 comm="syz.0.7388" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  435.092545][   T29] audit: type=1400 audit(2000002872.479:48864): avc:  denied  { perfmon } for  pid=4491 comm="syz.0.7388" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  435.113759][   T29] audit: type=1400 audit(2000002872.479:48865): avc:  denied  { map_create } for  pid=4491 comm="syz.0.7388" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  435.133097][   T29] audit: type=1400 audit(2000002872.479:48866): avc:  denied  { map_read map_write } for  pid=4491 comm="syz.0.7388" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  435.153003][   T29] audit: type=1400 audit(2000002872.479:48867): avc:  denied  { prog_run } for  pid=4491 comm="syz.0.7388" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  435.172129][   T29] audit: type=1400 audit(2000002872.479:48868): avc:  denied  { create } for  pid=4491 comm="syz.0.7388" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  435.191953][   T29] audit: type=1400 audit(2000002872.479:48869): avc:  denied  { bind } for  pid=4491 comm="syz.0.7388" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  435.211369][   T29] audit: type=1400 audit(2000002872.479:48870): avc:  denied  { write } for  pid=4491 comm="syz.0.7388" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  435.230828][   T29] audit: type=1400 audit(2000002872.554:48871): avc:  denied  { map_create } for  pid=4493 comm="syz.5.7389" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  435.268375][ T4494] lo speed is unknown, defaulting to 1000
[  435.289456][ T4494] lo speed is unknown, defaulting to 1000
[  435.301587][ T4494] lo speed is unknown, defaulting to 1000
[  435.312493][ T4494] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  435.328488][ T4494] lo speed is unknown, defaulting to 1000
[  435.342629][ T4494] lo speed is unknown, defaulting to 1000
[  435.384844][ T4494] lo speed is unknown, defaulting to 1000
[  435.400393][ T4494] lo speed is unknown, defaulting to 1000
[  435.408687][ T4494] lo speed is unknown, defaulting to 1000
[  435.415194][ T4494] lo speed is unknown, defaulting to 1000
[  435.422506][ T4494] lo speed is unknown, defaulting to 1000
[  436.097302][ T4526] FAULT_INJECTION: forcing a failure.
[  436.097302][ T4526] name failslab, interval 1, probability 0, space 0, times 0
[  436.110010][ T4526] CPU: 1 UID: 0 PID: 4526 Comm: syz.5.7400 Tainted: G        W           6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(voluntary) 
[  436.110039][ T4526] Tainted: [W]=WARN
[  436.110045][ T4526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  436.110055][ T4526] Call Trace:
[  436.110061][ T4526]  <TASK>
[  436.110067][ T4526]  __dump_stack+0x1d/0x30
[  436.110086][ T4526]  dump_stack_lvl+0xe8/0x140
[  436.110178][ T4526]  dump_stack+0x15/0x1b
[  436.110194][ T4526]  should_fail_ex+0x265/0x280
[  436.110218][ T4526]  should_failslab+0x8c/0xb0
[  436.110260][ T4526]  kmem_cache_alloc_noprof+0x50/0x310
[  436.110286][ T4526]  ? alloc_empty_file+0x76/0x200
[  436.110328][ T4526]  alloc_empty_file+0x76/0x200
[  436.110385][ T4526]  alloc_file_pseudo+0xc6/0x160
[  436.110441][ T4526]  __shmem_file_setup+0x1de/0x210
[  436.110470][ T4526]  shmem_file_setup+0x3b/0x50
[  436.110496][ T4526]  __se_sys_memfd_create+0x2c3/0x590
[  436.110572][ T4526]  __x64_sys_memfd_create+0x31/0x40
[  436.110643][ T4526]  x64_sys_call+0x122f/0x2fb0
[  436.110736][ T4526]  do_syscall_64+0xd2/0x200
[  436.110754][ T4526]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  436.110780][ T4526]  ? clear_bhb_loop+0x40/0x90
[  436.110874][ T4526]  ? clear_bhb_loop+0x40/0x90
[  436.110896][ T4526]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  436.110917][ T4526] RIP: 0033:0x7fd61a99e929
[  436.110934][ T4526] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  436.110952][ T4526] RSP: 002b:00007fd619006e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  436.111010][ T4526] RAX: ffffffffffffffda RBX: 000000000000050a RCX: 00007fd61a99e929
[  436.111023][ T4526] RDX: 00007fd619006ef0 RSI: 0000000000000000 RDI: 00007fd61aa214cc
[  436.111036][ T4526] RBP: 0000200000000940 R08: 00007fd619006bb7 R09: 00007fd619006e40
[  436.111048][ T4526] R10: 000000000000000a R11: 0000000000000202 R12: 00002000000001c0
[  436.111065][ T4526] R13: 00007fd619006ef0 R14: 00007fd619006eb0 R15: 00002000000008c0
[  436.111084][ T4526]  </TASK>
[  436.191771][ T4531] __nla_validate_parse: 34 callbacks suppressed
[  436.191808][ T4531] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7402'.
[  436.397272][ T4537] netlink: 28 bytes leftover after parsing attributes in process `syz.2.7403'.
[  436.485514][ T4537] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7403'.
[  436.508778][ T4537] netlink: 344 bytes leftover after parsing attributes in process `syz.2.7403'.
[  436.601096][ T4546] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7407'.
[  436.610112][ T4546] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7407'.
[  436.669090][ T4546] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7407'.
[  436.744499][ T4546] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7407'.
[  436.753492][ T4546] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7407'.
[  436.763402][ T4554] netlink: 60 bytes leftover after parsing attributes in process `syz.2.7409'.
[  436.843781][ T4566] SELinux: syz.1.7406 (4566) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  436.867364][ T4568] block device autoloading is deprecated and will be removed.
[  437.057716][ T4579] siw: device registration error -23
[  437.195422][ T4586] netlink: 'syz.2.7415': attribute type 10 has an invalid length.
[  437.208892][ T4586] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  437.879985][ T4619] netlink: 'syz.5.7427': attribute type 2 has an invalid length.
[  437.887803][ T4619] netlink: 'syz.5.7427': attribute type 1 has an invalid length.
[  437.918892][ T4619] syzkaller0: entered promiscuous mode
[  437.924473][ T4619] syzkaller0: entered allmulticast mode
[  438.004643][ T4622] sctp: [Deprecated]: syz.0.7428 (pid 4622) Use of struct sctp_assoc_value in delayed_ack socket option.
[  438.004643][ T4622] Use struct sctp_sack_info instead
[  438.512036][ T4654] netlink: 'syz.3.7439': attribute type 3 has an invalid length.
[  438.626286][ T4661] sg_write: process 791 (+}[@) changed security contexts after opening file descriptor, this is not allowed.
[  439.173601][ T4697] FAULT_INJECTION: forcing a failure.
[  439.173601][ T4697] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  439.186876][ T4697] CPU: 0 UID: 0 PID: 4697 Comm: syz.2.7450 Tainted: G        W           6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(voluntary) 
[  439.186977][ T4697] Tainted: [W]=WARN
[  439.186984][ T4697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  439.186996][ T4697] Call Trace:
[  439.187004][ T4697]  <TASK>
[  439.187012][ T4697]  __dump_stack+0x1d/0x30
[  439.187034][ T4697]  dump_stack_lvl+0xe8/0x140
[  439.187053][ T4697]  dump_stack+0x15/0x1b
[  439.187092][ T4697]  should_fail_ex+0x265/0x280
[  439.187160][ T4697]  should_fail+0xb/0x20
[  439.187238][ T4697]  should_fail_usercopy+0x1a/0x20
[  439.187332][ T4697]  strncpy_from_user+0x25/0x230
[  439.187402][ T4697]  ? __rcu_read_unlock+0x4f/0x70
[  439.187437][ T4697]  path_removexattrat+0x82/0x570
[  439.187469][ T4697]  __x64_sys_removexattr+0x38/0x50
[  439.187490][ T4697]  x64_sys_call+0x2c7a/0x2fb0
[  439.187511][ T4697]  do_syscall_64+0xd2/0x200
[  439.187587][ T4697]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  439.187612][ T4697]  ? clear_bhb_loop+0x40/0x90
[  439.187633][ T4697]  ? clear_bhb_loop+0x40/0x90
[  439.187654][ T4697]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  439.187683][ T4697] RIP: 0033:0x7f4aeeb5e929
[  439.187700][ T4697] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  439.187787][ T4697] RSP: 002b:00007f4aed1c7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c5
[  439.187805][ T4697] RAX: ffffffffffffffda RBX: 00007f4aeed85fa0 RCX: 00007f4aeeb5e929
[  439.187816][ T4697] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000200000000200
[  439.187881][ T4697] RBP: 00007f4aed1c7090 R08: 0000000000000000 R09: 0000000000000000
[  439.187894][ T4697] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  439.187904][ T4697] R13: 0000000000000000 R14: 00007f4aeed85fa0 R15: 00007ffccbe08788
[  439.187919][ T4697]  </TASK>
[  439.526960][ T4716] tmpfs: Unknown parameter 'fowner'
[  439.550611][ T4702] siw: device registration error -23
[  439.571578][ T4718] netlink: 'syz.2.7456': attribute type 2 has an invalid length.
[  439.579442][ T4718] netlink: 'syz.2.7456': attribute type 1 has an invalid length.
[  439.650228][ T4723] FAULT_INJECTION: forcing a failure.
[  439.650228][ T4723] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  439.663460][ T4723] CPU: 0 UID: 0 PID: 4723 Comm: syz.5.7458 Tainted: G        W           6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(voluntary) 
[  439.663495][ T4723] Tainted: [W]=WARN
[  439.663502][ T4723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  439.663514][ T4723] Call Trace:
[  439.663521][ T4723]  <TASK>
[  439.663563][ T4723]  __dump_stack+0x1d/0x30
[  439.663599][ T4723]  dump_stack_lvl+0xe8/0x140
[  439.663620][ T4723]  dump_stack+0x15/0x1b
[  439.663668][ T4723]  should_fail_ex+0x265/0x280
[  439.663695][ T4723]  should_fail+0xb/0x20
[  439.663716][ T4723]  should_fail_usercopy+0x1a/0x20
[  439.663844][ T4723]  _copy_from_user+0x1c/0xb0
[  439.663888][ T4723]  tls_setsockopt+0x3ec/0xce0
[  439.663912][ T4723]  sock_common_setsockopt+0x69/0x80
[  439.663934][ T4723]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  439.663961][ T4723]  __sys_setsockopt+0x184/0x200
[  439.663990][ T4723]  __x64_sys_setsockopt+0x64/0x80
[  439.664025][ T4723]  x64_sys_call+0x2bd5/0x2fb0
[  439.664063][ T4723]  do_syscall_64+0xd2/0x200
[  439.664079][ T4723]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  439.664100][ T4723]  ? clear_bhb_loop+0x40/0x90
[  439.664118][ T4723]  ? clear_bhb_loop+0x40/0x90
[  439.664138][ T4723]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  439.664240][ T4723] RIP: 0033:0x7fd61a99e929
[  439.664257][ T4723] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  439.664353][ T4723] RSP: 002b:00007fd619007038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  439.664373][ T4723] RAX: ffffffffffffffda RBX: 00007fd61abc5fa0 RCX: 00007fd61a99e929
[  439.664446][ T4723] RDX: 0000000000000002 RSI: 000000000000011a RDI: 0000000000000003
[  439.664457][ T4723] RBP: 00007fd619007090 R08: 0000000000000038 R09: 0000000000000000
[  439.664468][ T4723] R10: 0000200000000140 R11: 0000000000000246 R12: 0000000000000001
[  439.664537][ T4723] R13: 0000000000000000 R14: 00007fd61abc5fa0 R15: 00007ffeadd0f3b8
[  439.664611][ T4723]  </TASK>
[  440.224282][ T4753] tmpfs: Bad value for 'mpol'
[  440.228091][ T4754] netlink: 'syz.0.7470': attribute type 2 has an invalid length.
[  440.236782][ T4754] netlink: 'syz.0.7470': attribute type 1 has an invalid length.
[  440.320311][ T4757] FAULT_INJECTION: forcing a failure.
[  440.320311][ T4757] name failslab, interval 1, probability 0, space 0, times 0
[  440.333067][ T4757] CPU: 0 UID: 0 PID: 4757 Comm: syz.2.7472 Tainted: G        W           6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(voluntary) 
[  440.333100][ T4757] Tainted: [W]=WARN
[  440.333107][ T4757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  440.333158][ T4757] Call Trace:
[  440.333165][ T4757]  <TASK>
[  440.333172][ T4757]  __dump_stack+0x1d/0x30
[  440.333216][ T4757]  dump_stack_lvl+0xe8/0x140
[  440.333235][ T4757]  dump_stack+0x15/0x1b
[  440.333251][ T4757]  should_fail_ex+0x265/0x280
[  440.333280][ T4757]  should_failslab+0x8c/0xb0
[  440.333339][ T4757]  kmem_cache_alloc_noprof+0x50/0x310
[  440.333370][ T4757]  ? __se_sys_mbind+0x3d7/0xac0
[  440.333413][ T4757]  __se_sys_mbind+0x3d7/0xac0
[  440.333456][ T4757]  __x64_sys_mbind+0x78/0x90
[  440.333482][ T4757]  x64_sys_call+0x14af/0x2fb0
[  440.333503][ T4757]  do_syscall_64+0xd2/0x200
[  440.333519][ T4757]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  440.333619][ T4757]  ? clear_bhb_loop+0x40/0x90
[  440.333716][ T4757]  ? clear_bhb_loop+0x40/0x90
[  440.333733][ T4757]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  440.333792][ T4757] RIP: 0033:0x7f4aeeb5e929
[  440.333805][ T4757] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  440.333820][ T4757] RSP: 002b:00007f4aed1c7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[  440.333836][ T4757] RAX: ffffffffffffffda RBX: 00007f4aeed85fa0 RCX: 00007f4aeeb5e929
[  440.333846][ T4757] RDX: 0000000000000001 RSI: 0000000000600000 RDI: 0000200000000000
[  440.333857][ T4757] RBP: 00007f4aed1c7090 R08: 0000000000000000 R09: 0000000000000002
[  440.333867][ T4757] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  440.333880][ T4757] R13: 0000000000000000 R14: 00007f4aeed85fa0 R15: 00007ffccbe08788
[  440.333952][ T4757]  </TASK>
[  440.541528][ T4764] audit_log_lost: 1662 callbacks suppressed
[  440.541541][ T4764] audit: audit_lost=45 audit_rate_limit=0 audit_backlog_limit=64
[  440.548426][   T29] audit: type=1400 audit(2000002877.615:50534): avc:  denied  { map_create } for  pid=4760 comm="syz.0.7473" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  440.555201][ T4764] audit: out of memory in audit_log_start
[  440.574392][   T29] audit: type=1400 audit(2000002877.615:50535): avc:  denied  { map_read map_write } for  pid=4760 comm="syz.0.7473" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  440.600149][   T29] audit: type=1400 audit(2000002877.615:50536): avc:  denied  { prog_load } for  pid=4760 comm="syz.0.7473" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  440.619351][   T29] audit: type=1400 audit(2000002877.615:50537): avc:  denied  { bpf } for  pid=4760 comm="syz.0.7473" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  440.640042][   T29] audit: type=1400 audit(2000002877.615:50538): avc:  denied  { perfmon } for  pid=4760 comm="syz.0.7473" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  440.661019][   T29] audit: type=1400 audit(2000002877.615:50539): avc:  denied  { prog_run } for  pid=4760 comm="syz.0.7473" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  440.680344][   T29] audit: type=1400 audit(2000002877.615:50540): avc:  denied  { create } for  pid=4760 comm="syz.0.7473" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  440.700920][   T29] audit: type=1400 audit(2000002877.615:50541): avc:  denied  { setopt } for  pid=4760 comm="syz.0.7473" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  440.723618][ T4759] wireguard0: entered promiscuous mode
[  440.729150][ T4759] wireguard0: entered allmulticast mode
[  440.746509][ T4777] FAULT_INJECTION: forcing a failure.
[  440.746509][ T4777] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  440.759604][ T4777] CPU: 1 UID: 0 PID: 4777 Comm: syz.3.7476 Tainted: G        W           6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(voluntary) 
[  440.759709][ T4777] Tainted: [W]=WARN
[  440.759716][ T4777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  440.759728][ T4777] Call Trace:
[  440.759735][ T4777]  <TASK>
[  440.759743][ T4777]  __dump_stack+0x1d/0x30
[  440.759764][ T4777]  dump_stack_lvl+0xe8/0x140
[  440.759780][ T4777]  dump_stack+0x15/0x1b
[  440.759817][ T4777]  should_fail_ex+0x265/0x280
[  440.759846][ T4777]  should_fail+0xb/0x20
[  440.759868][ T4777]  should_fail_usercopy+0x1a/0x20
[  440.759962][ T4777]  _copy_from_user+0x1c/0xb0
[  440.759979][ T4777]  ___sys_sendmsg+0xc1/0x1d0
[  440.760019][ T4777]  __x64_sys_sendmsg+0xd4/0x160
[  440.760072][ T4777]  x64_sys_call+0x2999/0x2fb0
[  440.760091][ T4777]  do_syscall_64+0xd2/0x200
[  440.760242][ T4777]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  440.760265][ T4777]  ? clear_bhb_loop+0x40/0x90
[  440.760291][ T4777]  ? clear_bhb_loop+0x40/0x90
[  440.760324][ T4777]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  440.760343][ T4777] RIP: 0033:0x7efd3495e929
[  440.760357][ T4777] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  440.760373][ T4777] RSP: 002b:00007efd32fc7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  440.760392][ T4777] RAX: ffffffffffffffda RBX: 00007efd34b85fa0 RCX: 00007efd3495e929
[  440.760404][ T4777] RDX: 0000000000000000 RSI: 00002000000004c0 RDI: 0000000000000003
[  440.760515][ T4777] RBP: 00007efd32fc7090 R08: 0000000000000000 R09: 0000000000000000
[  440.760527][ T4777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  440.760539][ T4777] R13: 0000000000000000 R14: 00007efd34b85fa0 R15: 00007fff0fc1c908
[  440.760595][ T4777]  </TASK>
[  441.098226][ T4789] bridge0: port 2(bridge_slave_1) entered disabled state
[  441.105412][ T4789] bridge0: port 1(bridge_slave_0) entered disabled state
[  441.117256][ T4789] $Hÿ: left promiscuous mode
[  441.122103][ T4789] bond_slave_0: left promiscuous mode
[  441.127903][ T4789] bond_slave_1: left promiscuous mode
[  441.149561][ T4801] netlink: 'syz.1.7484': attribute type 2 has an invalid length.
[  441.157333][ T4801] netlink: 'syz.1.7484': attribute type 1 has an invalid length.
[  441.180982][ T4789] bridge_slave_0: left allmulticast mode
[  441.186721][ T4789] bridge_slave_0: left promiscuous mode
[  441.192689][ T4789] bridge0: port 1(bridge_slave_0) entered disabled state
[  441.226997][ T4789] bridge_slave_1: left allmulticast mode
[  441.232751][ T4789] bridge_slave_1: left promiscuous mode
[  441.238571][ T4789] bridge0: port 2(bridge_slave_1) entered disabled state
[  441.273029][ T4789] $Hÿ: (slave bond_slave_0): Releasing backup interface
[  441.303475][ T4789] $Hÿ: (slave bond_slave_1): Releasing backup interface
[  441.336792][ T4789] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  441.345813][ T4789] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  441.354795][ T4789] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  441.363852][ T4789] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  441.374830][ T4789] geneve2: left promiscuous mode
[  441.379849][ T4789] geneve2: left allmulticast mode
[  441.479499][ T4805] Falling back ldisc for ttyS3.
[  441.558029][ T4813] __nla_validate_parse: 63 callbacks suppressed
[  441.558045][ T4813] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7489'.
[  441.581229][ T4816] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7490'.
[  441.590481][ T4824] ==================================================================
[  441.598711][ T4824] BUG: KCSAN: data-race in selinux_inode_permission / selinux_inode_permission
[  441.607741][ T4824] 
[  441.610069][ T4824] write to 0xffff888101629fa0 of 4 bytes by task 4821 on cpu 0:
[  441.617709][ T4824]  selinux_inode_permission+0x31b/0x620
[  441.623264][ T4824]  security_inode_permission+0x6d/0xb0
[  441.628755][ T4824]  inode_permission+0x106/0x310
[  441.633626][ T4824]  link_path_walk+0x162/0x900
[  441.638324][ T4824]  path_openat+0x1de/0x2170
[  441.642847][ T4824]  do_filp_open+0x109/0x230
[  441.647352][ T4824]  do_sys_openat2+0xa6/0x110
[  441.651941][ T4824]  __x64_sys_openat+0xf2/0x120
[  441.656704][ T4824]  x64_sys_call+0x1af/0x2fb0
[  441.661286][ T4824]  do_syscall_64+0xd2/0x200
[  441.665781][ T4824]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  441.671665][ T4824] 
[  441.673982][ T4824] read to 0xffff888101629fa0 of 4 bytes by task 4824 on cpu 1:
[  441.681517][ T4824]  selinux_inode_permission+0x2a7/0x620
[  441.687079][ T4824]  security_inode_permission+0x6d/0xb0
[  441.692539][ T4824]  inode_permission+0x106/0x310
[  441.697395][ T4824]  link_path_walk+0x162/0x900
[  441.702079][ T4824]  path_openat+0x1de/0x2170
[  441.706586][ T4824]  do_filp_open+0x109/0x230
[  441.711088][ T4824]  do_sys_openat2+0xa6/0x110
[  441.715670][ T4824]  __x64_sys_openat+0xf2/0x120
[  441.720425][ T4824]  x64_sys_call+0x1af/0x2fb0
[  441.725007][ T4824]  do_syscall_64+0xd2/0x200
[  441.729499][ T4824]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  441.735385][ T4824] 
[  441.737723][ T4824] value changed: 0x00000000 -> 0x00000001
[  441.743426][ T4824] 
[  441.745738][ T4824] Reported by Kernel Concurrency Sanitizer on:
[  441.751883][ T4824] CPU: 1 UID: 0 PID: 4824 Comm: syz.5.7493 Tainted: G        W           6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(voluntary) 
[  441.765862][ T4824] Tainted: [W]=WARN
[  441.769662][ T4824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  441.779711][ T4824] ==================================================================
[  441.789296][ T4813] serio: Serial port ptm0
[  441.804702][ T4823] netlink: 'syz.5.7493': attribute type 21 has an invalid length.