last executing test programs:

1.317895289s ago: executing program 4 (id=17007):
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000b40)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x75)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket(0x10, 0x803, 0x0)
sendto(r1, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
setxattr$incfs_metadata(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0), &(0x7f0000000a00)="89240327a66caf4ed48ffb82636190ed19fe10e0c185f35dc5f9d7c27f82c13802a2ddb9a5a9585bd172c3d4432c6b08d8b2c509f48287875c16f7a525bddef376da74322ee29f923ecab964011ea1b86a2b244a8b9fbfd0054cac8c68b603e40dff651a4c13c3646cc2cf593f3334ef87b2a36882481b3e123fa911956a87cf8167818ead912fba528c5e477c4a5e4f1e228365cd2f79e68254cc583259cba1eeca35683afa0abd02c2775e83a0e8508365be3b752730bb799f4fff977e28c2356faf7fff0df78481d9f92378", 0xcd, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000040000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = inotify_init1(0x800)
inotify_add_watch(r3, &(0x7f0000000080)='.\x00', 0x2000775)
creat(&(0x7f00000002c0)='./file0\x00', 0x6)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r4 = dup(r3)
ioctl$sock_inet_udp_SIOCINQ(r4, 0x541b, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000780)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x8003}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x94, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x6c, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x22}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x94}]}}}, {0x34, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_BITWISE_XOR={0x8, 0x5, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x4}]}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x108}}, 0x0)
lremovexattr(&(0x7f0000000940)='./file0\x00', &(0x7f0000000b00)=@known='trusted.overlay.upper\x00')

1.27412058s ago: executing program 4 (id=17009):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xb, 0xb76e}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
open_tree(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x100)

1.252583591s ago: executing program 3 (id=17010):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b00"/11], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
getrlimit(0x1, &(0x7f0000000000))

1.223240071s ago: executing program 4 (id=17012):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000000400000004000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r2 = syz_io_uring_setup(0x5e05, &(0x7f00000000c0)={0x0, 0x79af, 0x3180, 0x7ffd, 0x155}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_MSG_RING={0x28, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r2, 0x627, 0x4c1, 0x43, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
r6 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r6, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
sendmsg$tipc(r6, &(0x7f00000005c0)={&(0x7f0000000000), 0x10, 0x0}, 0x0)

1.193202882s ago: executing program 3 (id=17013):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x5, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
socket$netlink(0x10, 0x3, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r2}, 0x10)
signalfd4(r2, &(0x7f0000000040)={[0x8000000000000001]}, 0x8, 0x80800)
umount2(&(0x7f0000000000)='./file0\x00', 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x4004944)
sendmsg$NFT_BATCH(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a1400000011"], 0x64}}, 0x0)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r4 = gettid()
r5 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
read$ptp(r5, 0x0, 0x0)
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='kfree\x00', r6, 0x0, 0x2000000000000000}, 0x18)

1.041920654s ago: executing program 4 (id=17016):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000003c0)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='sched_switch\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
r1 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r1, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb71658bda99b49720fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x0)

992.561874ms ago: executing program 4 (id=17018):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000640)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xb8b3, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f00000003c0)={[{@nolazytime}, {@lazytime}, {@journal_path={'journal_path', 0x3d, './file0'}}, {@bsdgroups}, {@lazytime}, {@noload}]}, 0x3, 0x460, &(0x7f0000002400)="$eJzs3MtvG8UfAPDv+pG+m/yq/oA+gCBAlAJJk5bSAxcQSBxAQoJDOYYkrUrdBjVBIlUFBaFyRJU4cUEckfgLOMEFASckLhzgjipVqJcWTkYb76a2a+dVP0j9+UjrzuyuO/P1ztizM7EDGFij6UMSsTMifo+I4Vq28YTR2j+3blya/vvGpekkqtU3/kpK6eGbNy5N56fmz9sREdVqtRqliMInSRxoUe784sWzU5XK7IUsP75w7t3x+cWLz5w5N3V69vTs+ckTJ44dnXju+OSzHYkzjevm/g/mDu575a2rr02fvPr2T98kefxNcXTI6EoHH69WO1xcf+2qS9daBptBMSLtplFe6v/DUYzbF284Xv64r5UDuir9nL6v/eHLVeAelkS/awD0R/5Bn97/5luPhh7/CddfqN0ApXHfyrbakVIUsnPKTfe3nTQaEScv//NlukV35iEAABp8l45/nm41/itE/bzQ7mwNZSQi/hcReyLieETsjYj/Ryyde39EPLDO8psXSe4c/xSubSiwNUrHf89na1uN47989BcjxSy3ayn+cnLqTGX2SPaaHIryljQ/sUIZ37/062ftjtWP/9ItLT8fC2b1uFba0vicmamFqbuJud71jyL2l1rFnyyvBCQRsS8i9m+wjDOHvz7Y7tjq8a+gA+tM1a8inqhd/8vRFH8uWXl9cnxrVGaPjOet4k4//3Ll9Xbl31X8HZBe/+0t2/9y/CNJ/Xrt/Hr+9y+eTB+v/PFp23uajbb/oeTNhn3vTy0sXJiIGEperVW6fv9k03mTt89P4z/0aOv+vyduvxIHIiJtxA9GxEMR8XBW90d+273qq/Dji4+9s/H4uyuNf2bt1786HJE3hMWhyBLLe1onimd/+Lah0JHW8e9ue/2PLaUOZXvW8v63lnqttzUDAADAZlWIiJ2RFMaW04XC2Fjtb/j3xvZCZW5+4alTc++dn6l9R2AkyoV8pmu4bj50Irutz/OTTfmj2bzx58VtS/mx6bnKTL+DhwG3o03/T/1Z7HftgK7zfS0YXPo/DC79HwbXnf1/a1/qAfRei8//bf2oB9B7rcb/H67liTs7Xxegt5r6v2U/GCDm/2BwbaT/e8+Ae0NppZ9sHuppVYDemd8Wq39JXmIzJfJfrulGEeW0tRyOiMWLUeh7pBJdTPT7nQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAz/g0AAP//H+zlZw==")
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), 0x400, 0x0)
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f0000000000)='./file0\x00', 0x1018000, &(0x7f00000002c0)=ANY=[@ANYRES8=0x0, @ANYBLOB="8fa25bfc83f54cce79168961c7c2dfd3af9e5a31f2e53ff05ce32b40dd981da3fb83f169b7c7a3a8d1f4e0da092a992c5e6c610c78ae50f34ad99e3c643f36009326349fa4ee3e659c666766404bddb5a198c273bbce285d3dbd4257ebe2bc21379d692e904e0ebc755ad3583cc233576b9b9ef976d934f58059fd13901aa80cbb1b95ce7cb46112900bc71e3359f8d2a1f0f8a1c65a5eb78c836396b2934308d139553d75b355563d6f8ce8c0", @ANYRES16, @ANYRESOCT, @ANYRES32, @ANYRESDEC], 0x1, 0x2f2, &(0x7f0000000b00)="$eJzs3M9PE1sUwPHTH5S2BMri5b28l7xwoxvdTKC6VhoDibGJBKnxR2IywFSbji3pNDU1RnTl1vhHuCAs2ZEo/wAbd7px446NiQtZGMd0OkNpO4CU0iJ8PwmZw9x7eu9tB3LuhGHrzuvH+aylZfWyBKNKAiIi2yKjEhRPwD0GnTgiu72Qi0PfPv5/6+69G6l0empWqenU3KWkUmpk7N2TZzG32/qgbI4+2Pqa/LL59+a/Wz/nHuUslbNUoVhWupovfi7r86ahFnNWXlNqxjR0y1C5gmWU6u3FenvWLC4tVZVeWByOL5UMy1J6oaryRlWVi6pcqqrQQz1XUJqmqeG44CCZldlZPdVh8kKXJ4NjUiql9JCIxNpaMit9mRAAAOir1vo/KKqb9f/quY3y0O21Ebf+X4/41f+XP9Vfq6n+j4qIb/3vje9b/+uHq//bK6Kz5Uj1P06GsUjbqUAjrDWWUnrc/fl1vLy/Ou4E1P8AAAAAAAAAAAAAAAAAAAAAAPwJtm07Ydt2wjt6X4MiEhUR73uf1JCIXO3DlNFFR/j8cQo0HtwLj4iYryqZSqZ+dDtsiIgphoxLQn4414OrFntPHqmaUXlvLrv5y5VMyGlJZSXn5E9IYkBa8217+np6akLVNecPSHx3flIS8pd/frItf3C5konIhfO78jVJyIcFKYopi848GvnPJ5S6djPdMn7M6QcAAAAAwGmgqR2++3dN26u9nr+zv269PxBq7K/Hfff3Yfkv3N+1AwAAAABwVljVp3ndNI3SPkFMDu7TeRA+plf2Vvi7Wd7fMhzfSvcJvMGbmqLuya6/LYFDvC17BEHpJGusthp11FV4t4326iMzk737BJum8c+bt9+7N8SVtegBK+08CO1/AQz07BcQAAAAgJ5pFP3emcn+TggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDOoF/8mrd9rBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE6KXwEAAP//ziYEEA==")
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)
r0 = gettid()
rt_sigaction(0x16, &(0x7f0000000080)={0x0, 0x90000000, 0x0}, 0x0, 0x8, &(0x7f0000000200))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="4800000010004b040000000000005f007a000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800b00010062726964676500001800028005002600020000000c002e"], 0x48}}, 0x0)
tkill(r0, 0x16)

852.506027ms ago: executing program 1 (id=17020):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000008385000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
unshare(0x22020600)
socket$inet_mptcp(0x2, 0x1, 0x106)
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000000000f3ffffff0000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000020000000000000000000000020000000000000000"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kfree\x00', r2}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x58, &(0x7f0000000980)={[{@inode_readahead_blks}, {@grpquota}, {@nomblk_io_submit}, {@stripe={'stripe', 0x3d, 0x4ffff}}, {@norecovery}, {@errors_remount}, {@max_batch_time={'max_batch_time', 0x3d, 0x814}}]}, 0xfe, 0x799, &(0x7f00000001c0)="$eJzs3c1rHGUYAPBnNp+m1UYQbL00Jy2UbtoaWwWh8SSChYKebcNmG2I22ZLdlCbkYBFBEEGLB0Evnv2oN28ievZv8CIiLVXTYsWDrMx+JJtukm7TTdI2vx9M8r4zs/PMs7Pzvu/uDLsB7FpD6Z9MxIGI+CiJ2Fefn0RET7XUHTFaW+/20mIunZKoVN74M6muc2tpMRdNj0ntqVf2R8SP70UczrTGLc0vTI0VCvnZen24PH1huDS/cGRyemwiP5GfOXFsZOT4yRdOnuhcrn//vLD3+sevPvfN6L/vPn31w5+SGI299WXNeXTKUAzVn5Oe9Cms+b7TUR4MyU7vAJuSnppdtbM8DsS+6KqWAIBHWdr/VwCAXSbR/wPALtP4HODW0mKuMe3sJxLb68YrEdFfy79xfbO2pLt+za6/eh104Fay6spIEhGDHYi/PyI+/+6tr9Iptug6JMBa3rkcEecGh1rb/2TlnoVNOtrGOkN31LV/sH1+SMc/L641/sssj39ijfFP3xrn7mYMRfTWN1fVev5nrq0K2nCqA8Hr47+Xa/e2pYk2jf+Wb1ob7KrXHk8rByNispBP27YnIuJQ9PSdnyzkj20Q49DN/26ut2yoafz315W3v0zjp/9X1shc6+5b/ZjxsfLY/eTc7MbliGe6V+7tu93S/jeOeuv498xGGz64Unztpfc/W2+1NP8038bUmv/WqnwR8WysnX9DsuH9icPp4T9a+7t2jG9//XRgvfjNxz+d0viN9wLbIT3+AxvnP5g0369Z6mz8u+e//Ppf3qH09d+bvFkt99bnXRorl2ePRfQmr7fOP76ytUa9sX6af23Di72xKv+V9i9Zo/1L3xOeazPH7ut/fL35/LdWmv/4PR3/ey9cvT3VtV789o7/SLV0qD6nnfav3R28n+cOAAAAAAAAAAAAAAAAAAAAAAAAANqViYi9kWSyy+VMJput/Yb3UzGQKRRL5cPni3Mz41H9rezB6Mk0vupyX62eNL7/dLCpfvyO+vMR8WREfNL3WLWezRUL4zudPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADU7Vnn9/9Tv/ft9N4BAFumv2VOpVKpNNdv5jdcDAA8dFr7fwDgUaf/B4DdR/8PALuP/h8Adh/9PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFvszOnT6VT5Z2kxl9bHL87PTRUvHhnPl6ay03O5bK44eyE7USxOFPLZXHH6btsrFIsXRmJm7tJwOV8qD5fmF85OF+dmymcnp8dOxdl8z7ZkBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3pjS/MDVWKORnH4nCBxHxAOyGQmcLvx35Zf9G61y5y8t4tI1Y/fUT4gFJeecLO9wwAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwk/g8AAP//Ez0kyA==")
chdir(&(0x7f0000000040)='./file0\x00')
r3 = open(&(0x7f00000000c0)='.\x00', 0x10000, 0x0)
getdents(r3, &(0x7f0000001fc0)=""/184, 0xb8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b80)={0x18, 0x13, &(0x7f0000000a40)=ANY=[@ANYBLOB="18010000756c6c2500000000002020207b86140aef6bfe47d65a0574ffe90100000000000000bfa100000000000007010000f8ffffffb702000008000000b70300000f00000085000000060000007451200001000000183b00000100000000000000000000001864000404000000000000000200000085000000450000001784e0ffffffffff85200000038000006894000004000000183a00000500"/166], &(0x7f0000000000)='syzkaller\x00', 0xffff, 0x40, &(0x7f0000000080)=""/64, 0x40f00, 0x8, '\x00', 0x0, 0x0, r3, 0x8, &(0x7f0000000b00)={0x8, 0x1}, 0x8, 0x10, &(0x7f0000000b40)={0x0, 0x0, 0x5, 0x40}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)

730.047089ms ago: executing program 1 (id=17023):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e000000000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000240)='kfree\x00', r1}, 0x18)
setsockopt$IP6T_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x29, 0x41, &(0x7f00000001c0)={'filter\x00', 0x4, [{}, {}, {}, {}]}, 0x68)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_mount_image$iso9660(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f0000000500)=ANY=[@ANYRES8=0x0, @ANYRES16, @ANYRESOCT, @ANYRES32, @ANYBLOB="b7ad7cd65c46a5be7840094fc88ed300444000f8ac89758d3a070000000000000096a99f88ba68f3377383de4de11c07aa5d22d9f4f3c58344d6011b6ea5ee82cf40e4ca5976370cb73c872e576f936791a0ffa5639ac237214be5926acea5405e00f1a144cf7a5240bc1e56ed617e19d6a5a268505f0012b4baf36d3a71eb34c8b67281dbba4b20c3d724ef150deff6f7d908bc72575a1f43b608e0d118", @ANYBLOB="a1fffd2e4c38a7b17fef1a78ad1943012e7b7711a1517cd8b4288a2fbb7d202d8c4a1809add074e6dde0703158125f2f114c49f5ee5f249d63ac0d851c212ccd8d82b7c694ead23c417021e8bc78d646d07e3513568bb81d2179a012dcdcb845b0a58b6d5e46a177de56e3e77ed573967e4eea299078019693ca486edbaa44e947802c7f46f1de18cf7f0e1af02964d04cc84d979855e8d3a3fda262f6a7d2b4b4849fd880c9b9af9be818ba05386754a3505e833ca0b9770f63e91f3a9a04e9fca51d88273d5491ed", @ANYRES8=0x0], 0x3, 0x7dc, &(0x7f0000000d80)="$eJzs3U9sHGcVAPC3rt0EF0VVqdIQpekkLVIqpe563bpYPbTb9diedr1r7a6RI0Bt1DiVFaetWipoDoRcWkBFiBPHwrU3LgiEBBIH4IRED1y4VeoJFQQSAiEko5nddfxnbSfN37a/nxXP55k3871vPJm3Y3tmAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACIUm26XB4vRT1rLC4l2wxFRHJvL3Z+2+K1tbW1bqu/vd9smuzSb0Qp/xf798eh7qxD915efDD/dDyOdL86Evvzyf64cNfBu5/8wvBQf/3tCV+zY1cYV4r4Tp7UudOrq8uv3YBEbqLv/2q3pcODZv6n+L7Ppo2s3czmq7NpkrWbydTkZPnRuZl2MpPV0/apdiedT2qttNpptpITtYeT8ampiSQdO9VcbMxOV+tpf+YTj1TK5cnk2bGLEdFuNh59dqxdm8vq9awxW8RUyt+MPOaJpDbdei7rJJ20Op8kZ1dWlyf2Gl0eNL7L8iMP3f3hGx/8c2U5PyB3Cir1DszK+HilMj75+NTjT5TLw5VyZfOM8haxHhFDEXnEDTlouX0Up8zdXJ8TN1wHQ736H/XIohGLsRTJgI+RqMV0tKIZ8/nXfx7ZFtHTr/9fevRvf9yt3431v1/lD11efDiK+n+0+9XRner/wFyv58dQL5+dlr8eb8aFOBenYzVWYzleu+EZXePH0BVHHvv8FUTNRhqNyKIdzchiPqrFnKQ3J4mpmIzJKMfzMRcz0Y4kZiKLeqTRjlPRjk6kxRFVi1akUY1ONKMVSZyIWjwcSYzHVEzFRCSRxlicimYsRiNmYzqqxVbOxkqx3ye25HXw2y/88qU/ffhu3l4PGt9lIKX8xVwe9I9dgraV+yuv/2vRi1D/P+uu8xkcPr61fv0HAAAAPrVKxU/f8+v/kbi/aM1k9fSrtzotAAAA4DoqfvN/JJ+M5K37o5Rf/5cHRL5/03MDAAAAro9ScY9dKSJG44Fuq3+71KAfAgAAAACfQMXv/4/mk9GIi8UM1/8AAADwKfPdnZ6x/0H/GbvthX2lX/89Wq2R0qWFpYdK56t5XPX8Hd31epOvrG+xM3O4tD+6Gym2NTl84a5SRAzX0iOl/tMv/7evO/2o+Hx4eH31nZ71X9qSwPoad2wdUp7AgQtbEjhYdPxOHOvGHDvTnZ7pxfWeSDw6k9XTsVqz/mTxSMT8X+eNl1e+FcXwv9eYP1CKsyury2MvvrJ6psjlUr6VS+d7D1Dc9hzFwbkUPa719kDcP3jEI8WNGL1+R7v9ljd+A4aeLlYf2r3P0sY+34rj3Zjjo93p6Obx78/7HB97cjyq1QNDnXSp88bahtH3shi/xpG/FQ92Yx488WB3MiCLyqYsXt6eRWVjFr2dsMe+2DOLkd6B9e6xi0v/+l2zlE7slcXEliz2X2UWALfK2eKpP5er0OeKKvTfta68/l+uu0k3oKd3lrtvfVP5Wa5fBrac5c7G+pL++htq3XBsq+5bX17Ell52OKOf6Mac6L6eGD48oK6UB5zRX1159fe9M/pj7/34J18/+oefffzq9l483I3pTeKe3+5QY/Mx/6AxP9rf6NJTvcZPd+y3Xa+UYiTijm+cfzUOvv7mhUdWzp9+afml5ZcrlYnJ8mPl8uOVGCleKvQmag8AA+z9Hjt7RpQe2+Oq+p71PykYixfjlViNM3GyuNsgIh4YvNXRDX+GcDKOR3GxvMNV6+iGd3g5uce15eXYyvbY/uuKbbETG/bYfT8qJv++gd8UALjBju9Rh6+k/p/c47p7cy3fcnUcO9fyQb58Q/cGAHw2pK2PSqOdt0utVrbw/PjU1Hi1M5cmrWbtuaSVTc+mSdbopK3aXLUxmyYLrWanWev/4Hg6bSftxYWFZquTzDRbyUKznS0V7/ye9N76vZ3OVxudrNZeqKfVdprUmo1OtdZJprN2LVm485l61p5LW8XK7YW0ls1ktWonazaSdnOxVUvHkqSdpsnCYj8wm04bnWwmy5uNZKGVzVdblyKivjifJtNpu9bKFjrN1hfzDdaaUfSVNWaarflis2Pbh//Xm72/AeB28PqbF86dXl1dfm1z40BsnbOlMRxF4y+7xfQbt3qMAMBmqjQAAAAAAAAAAAAAANz+tt+ul8/d85a+QY19cfVr7Yur6uIaG/nQenPe+fnXXvzYI/1kNPLh3QZp3NrGC089dW6nmGcuHpq7su0M/p8y6FbXtw9E3PmLH3bnPH2zRvr+5QP7alZfK+0Sc2vPSwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwyP8DAAD//82FVnI=")

725.445049ms ago: executing program 1 (id=17025):
r0 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x18)
sendmsg$tipc(r0, &(0x7f00000005c0)={&(0x7f0000000000), 0x10, 0x0}, 0x0)

705.631429ms ago: executing program 1 (id=17027):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0x109, &(0x7f0000000140)={0x0, 0x114df, 0x0, 0x1, 0x89}, &(0x7f00000003c0)=<r3=>0x0, &(0x7f0000000200)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x29c780})
io_uring_enter(r2, 0x3518, 0xaddf, 0x2, 0x0, 0x0)

648.49439ms ago: executing program 1 (id=17029):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000003c0)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='sched_switch\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
r1 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r1, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb71658bda99b49720fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x0)

612.58234ms ago: executing program 1 (id=17032):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000280), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, 0x0)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f00000700000000000000", @ANYRES32, @ANYBLOB, @ANYRES32, @ANYBLOB], 0x50)
r5 = openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$system_posix_acl(r5, 0x0, 0x0, 0x0, 0x1)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r6}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r4}, &(0x7f0000000380), &(0x7f0000000300)=r6}, 0x20)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f00000007c0)=ANY=[@ANYBLOB], 0x6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x2)
r7 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r7, 0x84, 0x85, &(0x7f0000000000)={0x0, @in={{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}, 0x27c0}, 0x90)

601.5801ms ago: executing program 0 (id=17033):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x6, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={0x10, 0x1403, 0x1, 0x70bd2d, 0x25dfdbff}, 0x10}, 0x1, 0x0, 0x0, 0x8081}, 0x20000010)

570.770751ms ago: executing program 0 (id=17034):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r3, r4, 0x5, 0x0, 0x0, @void, @value}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r3}, &(0x7f00000006c0), &(0x7f0000000700)=r2}, 0x20)
sendmsg$inet(r1, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1}, 0x3) (fail_nth: 7)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)=ANY=[@ANYRES32=r5, @ANYRES32, @ANYBLOB='&'], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r5}, &(0x7f0000000000), &(0x7f0000000080)}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000180), &(0x7f00000001c0)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00'}, 0x10)

544.543471ms ago: executing program 2 (id=17035):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$tipc(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000040)="fb6bba8839fe8bc048c0cdafd1f8a9918bc4055eaaeb6db4ee9bcb25b1811d", 0x1f}], 0x1}, 0x0)
recvmsg(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/60, 0x3c}], 0x1}, 0x40fd)

262.009406ms ago: executing program 2 (id=17036):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[], 0x48)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYRES32=r1, @ANYRES32=r2, @ANYRES32=r1, @ANYRES32], &(0x7f00000003c0)='syzkaller\x00', 0x10000, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
mq_getsetattr(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r0, &(0x7f00000001c0), &(0x7f0000000280)=@udp=r4}, 0x20)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000f2ffffffffffffff000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000740)=ANY=[@ANYBLOB="000000010000000018f0000000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000085000000b7000000000000009500000000000000"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000003200)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000000c0)='tlb_flush\x00'}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000000c0), 0xffffffffffffffff)

261.745325ms ago: executing program 0 (id=17037):
r0 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x18)
sendmsg$tipc(r0, &(0x7f00000005c0)={&(0x7f0000000000), 0x10, 0x0}, 0x0)

252.633316ms ago: executing program 2 (id=17038):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000080000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$kcm(0x29, 0x2, 0x0)
write$cgroup_pressure(r2, &(0x7f0000000140)={'full'}, 0xfffffdef)

230.485516ms ago: executing program 3 (id=17039):
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x5, 0x2, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000010000e1250000008600000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f00000000c0)=r3, 0x4)
sendmsg$unix(r2, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)
unshare(0x8000000)
semget$private(0x0, 0x4000, 0x555)
semtimedop(0x0, &(0x7f0000000440)=[{0x0, 0x0, 0x1000}], 0xf, 0x0)
r4 = semget$private(0x0, 0x6, 0x0)
semtimedop(r4, &(0x7f0000000140)=[{0xcde77a0cc719144, 0x9, 0x1000}], 0x1, 0x0)
unshare(0x2c040000)

228.517116ms ago: executing program 0 (id=17040):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0x109, &(0x7f0000000140)={0x0, 0x114df, 0x0, 0x1, 0x89}, &(0x7f00000003c0)=<r3=>0x0, &(0x7f0000000200)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x29c780})
io_uring_enter(r2, 0x3518, 0xaddf, 0x2, 0x0, 0x0)

172.927657ms ago: executing program 3 (id=17041):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000b40)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x75)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket(0x10, 0x803, 0x0)
sendto(r1, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
setxattr$incfs_metadata(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0), &(0x7f0000000a00)="89240327a66caf4ed48ffb82636190ed19fe10e0c185f35dc5f9d7c27f82c13802a2ddb9a5a9585bd172c3d4432c6b08d8b2c509f48287875c16f7a525bddef376da74322ee29f923ecab964011ea1b86a2b244a8b9fbfd0054cac8c68b603e40dff651a4c13c3646cc2cf593f3334ef87b2a36882481b3e123fa911956a87cf8167818ead912fba528c5e477c4a5e4f1e228365cd2f79e68254cc583259cba1eeca35683afa0abd02c2775e83a0e8508365be3b752730bb799f4fff977e28c2356faf7fff0df78481d9f92378", 0xcd, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000040000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = inotify_init1(0x800)
inotify_add_watch(r3, &(0x7f0000000080)='.\x00', 0x2000775)
creat(&(0x7f00000002c0)='./file0\x00', 0x6)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r4 = dup(r3)
ioctl$sock_inet_udp_SIOCINQ(r4, 0x541b, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000780)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x8003}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x94, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x6c, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x22}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x94}]}}}, {0x34, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_BITWISE_XOR={0x8, 0x5, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x4}]}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x108}}, 0x0)
lremovexattr(&(0x7f0000000940)='./file0\x00', &(0x7f0000000b00)=@known='trusted.overlay.upper\x00')

145.545048ms ago: executing program 0 (id=17042):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000003c0)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='sched_switch\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
r1 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r1, &(0x7f0000000040)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @local}}, 0x80, 0x0, 0x0, 0x0, 0x10b8}, 0x0)

120.029338ms ago: executing program 2 (id=17043):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="05000000040000000800000044"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1, 0x0, 0x5}, 0x18)
getresuid(&(0x7f00000004c0), 0x0, 0x0)

110.802238ms ago: executing program 3 (id=17044):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x6, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={0x10, 0x1403, 0x1, 0x70bd2d, 0x25dfdbff}, 0x10}, 0x1, 0x0, 0x0, 0x8081}, 0x20000010)

56.533719ms ago: executing program 0 (id=17045):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f0000000000)={<r1=>0x0, @in6={{0xa, 0x4e21, 0x3, @private1, 0xec00000}}, [0x7, 0x1, 0x401, 0x5, 0xffff, 0x2, 0xc, 0x8, 0x4, 0x3e8a, 0x3, 0x7, 0x3, 0x1, 0x100000000]}, &(0x7f0000000100)=0x100)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000140)=0x4594, 0x4)
mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r2=>r0}, './file0\x00'})
mkdirat(r2, &(0x7f00000001c0)='./file0\x00', 0x8)
clock_gettime(0x0, &(0x7f0000000200)={<r3=>0x0, <r4=>0x0})
clock_gettime(0x0, &(0x7f0000000240)={<r5=>0x0, <r6=>0x0})
write$evdev(r2, &(0x7f0000000280)=[{{r3, r4/1000+60000}, 0x0, 0x7ff, 0xb}, {{}, 0x15, 0x0, 0x8000}, {{r5, r6/1000+60000}, 0x0, 0x1, 0x1}], 0x48)
ioctl$AUTOFS_IOC_EXPIRE_MULTI(r0, 0x40049366, &(0x7f0000000300))
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x1, &(0x7f0000000340)=0x10000, 0x100000001, 0x1)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000380), r2)
mmap$IORING_OFF_CQ_RING(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8, 0x10010, r2, 0x8000000)
recvmsg$unix(r2, &(0x7f0000001a40)={0x0, 0x0, &(0x7f00000018c0)=[{&(0x7f00000003c0)=""/4096, 0x1000}, {&(0x7f00000013c0)=""/177, 0xb1}, {&(0x7f0000001480)=""/149, 0x95}, {&(0x7f0000001540)=""/182, 0xb6}, {&(0x7f0000001600)=""/237, 0xed}, {&(0x7f0000001700)=""/166, 0xa6}, {&(0x7f00000017c0)=""/198, 0xc6}], 0x7, &(0x7f0000001940)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [<r7=>0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, <r8=>0x0}}}, @cred={{0x1c, 0x1, 0x2, {0x0, <r9=>0x0}}}, @rights={{0x20, 0x1, 0x1, [<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, <r12=>0xffffffffffffffff, <r13=>0xffffffffffffffff, <r14=>0xffffffffffffffff, 0xffffffffffffffff]}}], 0xf8}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000001d80)={0x10, 0x16, &(0x7f0000001a80)=@raw=[@cb_func={0x18, 0xa, 0x4, 0x0, 0x6}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @generic={0x84, 0x4, 0x8, 0x2, 0x400}, @generic={0x0, 0x8, 0xe, 0x3, 0x9}, @map_idx_val={0x18, 0x4, 0x6, 0x0, 0xe, 0x0, 0x0, 0x0, 0x62a5}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, 0x1}}, @map_idx={0x18, 0x9, 0x5, 0x0, 0xe}], &(0x7f0000001b40)='syzkaller\x00', 0x1, 0xe3, &(0x7f0000001b80)=""/227, 0x41000, 0x2, '\x00', 0x0, @sk_msg, r12, 0x8, &(0x7f0000001c80)={0x3, 0x4}, 0x8, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x6, &(0x7f0000001cc0), &(0x7f0000001d00)=[{0x3, 0x1, 0x0, 0x6}, {0x4, 0x5, 0x3, 0xb}, {0x3, 0x3, 0x2, 0xd}, {0x0, 0x1, 0x7, 0x4}, {0x0, 0x5, 0x2, 0x4}, {0x5, 0x5, 0x4, 0xb}], 0x10, 0xffffffff, @void, @value}, 0x94)
setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r13, 0x84, 0x8, &(0x7f0000001e40)=0x6, 0x4)
accept$unix(r10, 0x0, &(0x7f0000001e80))
write$binfmt_script(r13, &(0x7f0000001ec0)={'#! ', './file0', [{}, {}, {0x20, 'mptcp_pm\x00'}, {0x20, '\x00'}, {0x20, '\x00'}], 0xa, "09b50499e5cc4eaf9ede22f713df24d6d2892b8d887231f5f1051b32b06addfb400036edd7cd2919e33d17dc3d"}, 0x48)
utimes(&(0x7f0000001f40)='./file0\x00', &(0x7f0000001f80)={{}, {0x77359400}})
ioctl$IOCTL_GET_NCIDEV_IDX(r7, 0x0, &(0x7f0000001fc0))
ioctl$sock_SIOCSIFVLAN_GET_VLAN_VID_CMD(0xffffffffffffffff, 0x8983, &(0x7f0000002000))
recvmsg$unix(0xffffffffffffffff, &(0x7f0000002280)={&(0x7f0000002040), 0x6e, &(0x7f0000002240)=[{&(0x7f00000020c0)=""/83, 0x53}, {&(0x7f0000002140)=""/233, 0xe9}], 0x2}, 0x2100)
sendmsg$NL80211_CMD_VENDOR(r14, &(0x7f0000002540)={&(0x7f00000022c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000002500)={&(0x7f0000002300)={0x1cc, 0x0, 0x20, 0x70bd29, 0x25dfdbfb, {{}, {@val={0x8, 0x1, 0x1f}, @val={0x8}, @val={0xc, 0x99, {0x1ff, 0x56}}}}, [@NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0xec}, @NL80211_ATTR_VENDOR_DATA={0xa6, 0xc5, "8ef4e92dd696d08904c04703681062205eb66b35d5cd7f0049da6e8d7748f591d016e2909b9e0833860c113d218d581d6a183ff453c0f69033fa3d3ceb93adf3fa38f6f6fb3ce803f6abc9df8d78986c312a5073735430230ebc63b53441ad908f6bf11f8cc9b2c40e029adeed7603a0f31cd59e72f49b0857e9dda0589f25c47a7026f8d57e6fdd6a1b77b79bfd08197dbc9b67c9674bf0a715e1a8636a4af3bea0"}, @NL80211_ATTR_VENDOR_DATA={0xd9, 0xc5, "f94fb3169c0e189506a41e1c8a46f898819163a23980b73920f6ab9f6192a12f03b5b922f5550e4437cd39c5f7110774eb312cb5a9be093f3aa72a69559f06218d8d5561b9c1177d36cf4f3c7343838fbf20bcaa695aefff0daa096162a3b45c3f0c026b50e7335fd935e0cb8a0530096285f967387b6d746f8d34848c0d0b312743890e6305a64957046328d6d2b9ddf210f9c2350b209f8b2bd701cd65569f3198a27ba0218bf847103bc99e7b7d995ed4efc19d25c55d96a0eee609f318c97c99994f61784868e8826649c29124e0cdc40734c3"}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x9}, @NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0xec2}]}, 0x1cc}, 0x1, 0x0, 0x0, 0x801}, 0x4c815)
mount$nfs(&(0x7f0000002580)='\x00', &(0x7f00000025c0)='./file0\x00', &(0x7f0000002600), 0x8, &(0x7f0000002640)={[{}, {'#! '}, {}, {']:]\\,-&/&)-'}, {'mptcp_pm\x00'}], [{@rootcontext={'rootcontext', 0x3d, 'user_u'}}, {@euid_gt={'euid>', r9}}, {@hash}, {@dont_appraise}, {@fowner_eq={'fowner', 0x3d, r8}}, {@fowner_gt={'fowner>', r8}}, {@flag='nolazytime'}, {@euid_eq={'euid', 0x3d, r8}}]})
socket$netlink(0x10, 0x3, 0x9)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r11, 0xc018937d, &(0x7f0000002700)={{0x1, 0x1, 0x18, <r15=>r2, {0x9}}, './file0\x00'})
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r15, 0x84, 0x6d, &(0x7f0000002740)={r1, 0xc6, "928ca8e24d6d181d00ffd6beca53ac77879691425115e74bdedd27d5584c4e2e47ccd57a321b48242f55b4f710f4acb5801f85af04c0b5d785aafe014d0f781274cd04a5d0f6eb63c0524e6e789486140393a2594c6eaf2ba4c604f8e6ebbcbeca501cd41b97afddb6455ac8a275bed64512c0fd252dedd47edfe70b8c07a29a68fd0545ce640a8847acdffcea9e4918aef3c9e68bfc67688d1fac723a5e38736554d94b29e7f72a8ce39e22e732b2862d999a19d4dacb65f0a686fbab9c75afe418f75dbc4d"}, &(0x7f0000002840)=0xce)
syz_usbip_server_init(0x3)
clock_nanosleep(0x7, 0x0, &(0x7f0000002880)={0x0, 0x989680}, 0x0)
futex_waitv(&(0x7f0000002e80)=[{0x5, &(0x7f00000028c0), 0x82}, {0x9, &(0x7f0000002900)=0x3, 0x2}, {0x5, &(0x7f0000002940)=0x7, 0x2}, {0xfffffffffffffffb, &(0x7f0000002980)=0x9, 0x2}, {0x4, &(0x7f00000029c0)=0x4, 0xc3}, {0x8, &(0x7f0000002a00)=0x1, 0x2}, {0x3, &(0x7f0000002a40)=0x1, 0x82}, {0x1ff, &(0x7f0000002a80), 0x2}, {0xc7, &(0x7f0000002ac0)=0x7, 0x2}, {0x6, &(0x7f0000002b00)=0x1, 0x82}, {0x28, &(0x7f0000002b40)=0x3, 0x2}, {0x10, &(0x7f0000002b80)=0xffffffffffffffff, 0x82}, {0xff, &(0x7f0000002bc0)=0x2, 0x2}, {0xfffffffffffffffe, &(0x7f0000002c00)=0x41a, 0x2}, {0x800, &(0x7f0000002c40)=0xffffffff, 0x2}, {0x99, &(0x7f0000002c80)=0x7fffffffffffffff, 0x82}, {0xd, &(0x7f0000002cc0)=0x6, 0x2}, {0xffffffff, &(0x7f0000002d00)=0x8, 0x82}, {0x0, &(0x7f0000002d40)=0x401, 0x2}, {0x7ff, &(0x7f0000002d80), 0x2}, {0x8001, &(0x7f0000002dc0)=0x78f, 0x2}, {0x0, &(0x7f0000002e00)=0x6, 0x80}, {0x2c00000, &(0x7f0000002e40)=0x4, 0x2}], 0x17, 0x0, &(0x7f00000030c0)={0x77359400}, 0x1)

56.233699ms ago: executing program 2 (id=17046):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e000000000000000500"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000240)='kfree\x00', r1}, 0x18)
setsockopt$IP6T_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x29, 0x41, &(0x7f00000001c0)={'filter\x00', 0x4, [{}, {}, {}, {}]}, 0x68)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_mount_image$iso9660(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f0000000500)=ANY=[@ANYRES8=0x0, @ANYRES16, @ANYRESOCT, @ANYRES32, @ANYBLOB="b7ad7cd65c46a5be7840094fc88ed300444000f8ac89758d3a070000000000000096a99f88ba68f3377383de4de11c07aa5d22d9f4f3c58344d6011b6ea5ee82cf40e4ca5976370cb73c872e576f936791a0ffa5639ac237214be5926acea5405e00f1a144cf7a5240bc1e56ed617e19d6a5a268505f0012b4baf36d3a71eb34c8b67281dbba4b20c3d724ef150deff6f7d908bc72575a1f43b608e0d118", @ANYBLOB="a1fffd2e4c38a7b17fef1a78ad1943012e7b7711a1517cd8b4288a2fbb7d202d8c4a1809add074e6dde0703158125f2f114c49f5ee5f249d63ac0d851c212ccd8d82b7c694ead23c417021e8bc78d646d07e3513568bb81d2179a012dcdcb845b0a58b6d5e46a177de56e3e77ed573967e4eea299078019693ca486edbaa44e947802c7f46f1de18cf7f0e1af02964d04cc84d979855e8d3a3fda262f6a7d2b4b4849fd880c9b9af9be818ba05386754a3505e833ca0b9770f63e91f3a9a04e9fca51d88273d5491ed", @ANYRES8=0x0], 0x3, 0x7dc, &(0x7f0000000d80)="$eJzs3U9sHGcVAPC3rt0EF0VVqdIQpekkLVIqpe563bpYPbTb9diedr1r7a6RI0Bt1DiVFaetWipoDoRcWkBFiBPHwrU3LgiEBBIH4IRED1y4VeoJFQQSAiEko5nddfxnbSfN37a/nxXP55k3871vPJm3Y3tmAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACIUm26XB4vRT1rLC4l2wxFRHJvL3Z+2+K1tbW1bqu/vd9smuzSb0Qp/xf798eh7qxD915efDD/dDyOdL86Evvzyf64cNfBu5/8wvBQf/3tCV+zY1cYV4r4Tp7UudOrq8uv3YBEbqLv/2q3pcODZv6n+L7Ppo2s3czmq7NpkrWbydTkZPnRuZl2MpPV0/apdiedT2qttNpptpITtYeT8ampiSQdO9VcbMxOV+tpf+YTj1TK5cnk2bGLEdFuNh59dqxdm8vq9awxW8RUyt+MPOaJpDbdei7rJJ20Op8kZ1dWlyf2Gl0eNL7L8iMP3f3hGx/8c2U5PyB3Cir1DszK+HilMj75+NTjT5TLw5VyZfOM8haxHhFDEXnEDTlouX0Up8zdXJ8TN1wHQ736H/XIohGLsRTJgI+RqMV0tKIZ8/nXfx7ZFtHTr/9fevRvf9yt3431v1/lD11efDiK+n+0+9XRner/wFyv58dQL5+dlr8eb8aFOBenYzVWYzleu+EZXePH0BVHHvv8FUTNRhqNyKIdzchiPqrFnKQ3J4mpmIzJKMfzMRcz0Y4kZiKLeqTRjlPRjk6kxRFVi1akUY1ONKMVSZyIWjwcSYzHVEzFRCSRxlicimYsRiNmYzqqxVbOxkqx3ye25HXw2y/88qU/ffhu3l4PGt9lIKX8xVwe9I9dgraV+yuv/2vRi1D/P+uu8xkcPr61fv0HAAAAPrVKxU/f8+v/kbi/aM1k9fSrtzotAAAA4DoqfvN/JJ+M5K37o5Rf/5cHRL5/03MDAAAAro9ScY9dKSJG44Fuq3+71KAfAgAAAACfQMXv/4/mk9GIi8UM1/8AAADwKfPdnZ6x/0H/GbvthX2lX/89Wq2R0qWFpYdK56t5XPX8Hd31epOvrG+xM3O4tD+6Gym2NTl84a5SRAzX0iOl/tMv/7evO/2o+Hx4eH31nZ71X9qSwPoad2wdUp7AgQtbEjhYdPxOHOvGHDvTnZ7pxfWeSDw6k9XTsVqz/mTxSMT8X+eNl1e+FcXwv9eYP1CKsyury2MvvrJ6psjlUr6VS+d7D1Dc9hzFwbkUPa719kDcP3jEI8WNGL1+R7v9ljd+A4aeLlYf2r3P0sY+34rj3Zjjo93p6Obx78/7HB97cjyq1QNDnXSp88bahtH3shi/xpG/FQ92Yx488WB3MiCLyqYsXt6eRWVjFr2dsMe+2DOLkd6B9e6xi0v/+l2zlE7slcXEliz2X2UWALfK2eKpP5er0OeKKvTfta68/l+uu0k3oKd3lrtvfVP5Wa5fBrac5c7G+pL++htq3XBsq+5bX17Ell52OKOf6Mac6L6eGD48oK6UB5zRX1159fe9M/pj7/34J18/+oefffzq9l483I3pTeKe3+5QY/Mx/6AxP9rf6NJTvcZPd+y3Xa+UYiTijm+cfzUOvv7mhUdWzp9+afml5ZcrlYnJ8mPl8uOVGCleKvQmag8AA+z9Hjt7RpQe2+Oq+p71PykYixfjlViNM3GyuNsgIh4YvNXRDX+GcDKOR3GxvMNV6+iGd3g5uce15eXYyvbY/uuKbbETG/bYfT8qJv++gd8UALjBju9Rh6+k/p/c47p7cy3fcnUcO9fyQb58Q/cGAHw2pK2PSqOdt0utVrbw/PjU1Hi1M5cmrWbtuaSVTc+mSdbopK3aXLUxmyYLrWanWev/4Hg6bSftxYWFZquTzDRbyUKznS0V7/ye9N76vZ3OVxudrNZeqKfVdprUmo1OtdZJprN2LVm485l61p5LW8XK7YW0ls1ktWonazaSdnOxVUvHkqSdpsnCYj8wm04bnWwmy5uNZKGVzVdblyKivjifJtNpu9bKFjrN1hfzDdaaUfSVNWaarflis2Pbh//Xm72/AeB28PqbF86dXl1dfm1z40BsnbOlMRxF4y+7xfQbt3qMAMBmqjQAAAAAAAAAAAAAANz+tt+ul8/d85a+QY19cfVr7Yur6uIaG/nQenPe+fnXXvzYI/1kNPLh3QZp3NrGC089dW6nmGcuHpq7su0M/p8y6FbXtw9E3PmLH3bnPH2zRvr+5QP7alZfK+0Sc2vPSwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwyP8DAAD//82FVnI=")

48.286529ms ago: executing program 2 (id=17047):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$tipc(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000040)="fb6bba8839fe8bc048c0cdafd1f8a9918bc4055eaaeb6db4ee9bcb25b1811d", 0x1f}], 0x1}, 0x0)
recvmsg(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/60, 0x3c}], 0x1}, 0x40fd)

24.884709ms ago: executing program 3 (id=17048):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000220000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000220000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000bc0)={0x11, 0x5, &(0x7f0000000100)=ANY=[], &(0x7f0000000b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94) (async)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000bc0)={0x11, 0x5, &(0x7f0000000100)=ANY=[], &(0x7f0000000b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000340)='mm_page_alloc\x00', r1, 0x0, 0xf29}, 0x18) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000340)='mm_page_alloc\x00', r1, 0x0, 0xf29}, 0x18)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r2, 0x84, 0x6d, &(0x7f0000000240)={0x0, 0x20, "d656c9a61490b7e8773ca55437fa234c0170c8cbe5ebdd2be9"}, &(0x7f0000000180)=0xfc86)
r3 = gettid()
process_vm_writev(r3, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) (async)
process_vm_writev(r3, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0xb94bd000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000000)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000024001280090001007866726d0000000014000280080001000400000008000200020000000a0002000000000000000000"], 0x50}}, 0x0) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000000)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000024001280090001007866726d0000000014000280080001000400000008000200020000000a0002000000000000000000"], 0x50}}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x4e22, @empty}}, 0x80, &(0x7f0000000140)=[{&(0x7f0000000ac0)="ee", 0xfffffe5e}], 0x1, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000000040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b57000000860f5878c37ffe36e1165814d435be5b317c6c8189587d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988ab013f40afe403041323110f62055394412158e7a3adb148d641aa40d4ab077fe34232aa8b31851466d0998a61d7da0c86d70000001010"], 0x10b8}, 0x8000)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000180), 0x8)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a50000000060a0b0400000000000000000200000024000480200001800700010063740000140002800800014000000002080002400000001e0900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000a27bca5416f6993a5aef0a7a42fd5beadfdb1dd62"], 0x78}}, 0x0) (async)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a50000000060a0b0400000000000000000200000024000480200001800700010063740000140002800800014000000002080002400000001e0900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000a27bca5416f6993a5aef0a7a42fd5beadfdb1dd62"], 0x78}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00'}, 0x18) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00'}, 0x18)
sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="5000000005140500000000000000000001003d0000000000080003000000000008003d00000000000800030000000000080001"], 0x50}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="f69678bf4b1c159376", @ANYRES16=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0xc, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='9p_client_res\x00', 0xffffffffffffffff, 0x0, 0x4}, 0x18) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='9p_client_res\x00', 0xffffffffffffffff, 0x0, 0x4}, 0x18)
dup(0xffffffffffffffff)
mq_open(0x0, 0x6e93ebbbcc0884f2, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0xffffd000)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) (async)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000)

0s ago: executing program 4 (id=17049):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[], 0x48)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYRES32=r1, @ANYRES32=r2, @ANYRES32=r1, @ANYRES32], &(0x7f00000003c0)='syzkaller\x00', 0x10000, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
mq_getsetattr(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r0, &(0x7f00000001c0), &(0x7f0000000280)=@udp=r4}, 0x20)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000f2ffffffffffffff000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000740)=ANY=[@ANYBLOB="000000010000000018f0000000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000085000000b7000000000000009500000000000000"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000003200)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000000c0)='tlb_flush\x00', r6}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000000c0), 0xffffffffffffffff)

kernel console output (not intermixed with test programs):

th.
[  838.273046][T11934] futex_wake_op: syz.3.15746 tries to shift op by -1; fix this program
[  838.284796][T11939] netlink: 'syz.2.15747': attribute type 4 has an invalid length.
[  838.371790][T11948] IPVS: Error connecting to the multicast addr
[  838.471286][T11953] netlink: 'syz.2.15754': attribute type 39 has an invalid length.
[  838.500504][T11953] __nla_validate_parse: 3 callbacks suppressed
[  838.500567][T11953] netlink: 16 bytes leftover after parsing attributes in process `syz.2.15754'.
[  838.597964][T11972] netlink: 33912 bytes leftover after parsing attributes in process `syz.3.15760'.
[  838.674120][T11978] netlink: 'syz.4.15762': attribute type 4 has an invalid length.
[  838.702402][T11978] netlink: 'syz.4.15762': attribute type 4 has an invalid length.
[  838.710791][T11980] futex_wake_op: syz.3.15763 tries to shift op by -1; fix this program
[  838.757664][T11986] 9pnet_virtio: no channels available for device 127.0.0.1
[  838.777335][T11988] IPVS: Error connecting to the multicast addr
[  838.875907][T11996] netlink: 'syz.2.15769': attribute type 4 has an invalid length.
[  838.906642][T11998] netlink: 'syz.3.15770': attribute type 39 has an invalid length.
[  838.931226][T11998] netlink: 16 bytes leftover after parsing attributes in process `syz.3.15770'.
[  839.001350][T12007] netlink: 256 bytes leftover after parsing attributes in process `syz.2.15774'.
[  839.014177][T12008] random: crng reseeded on system resumption
[  839.061195][T12014] netlink: 'syz.4.15777': attribute type 4 has an invalid length.
[  839.078765][T12014] netlink: 'syz.4.15777': attribute type 4 has an invalid length.
[  839.140233][T12023] IPVS: Error connecting to the multicast addr
[  839.177281][T12031] netlink: 'syz.4.15783': attribute type 39 has an invalid length.
[  839.217097][T12031] netlink: 16 bytes leftover after parsing attributes in process `syz.4.15783'.
[  839.260834][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  839.289175][T12045] netlink: 16 bytes leftover after parsing attributes in process `syz.3.15790'.
[  839.334150][T12049] netlink: 12 bytes leftover after parsing attributes in process `syz.3.15791'.
[  839.426985][T12057] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  839.440829][T12056] IPVS: stopping master sync thread 12057 ...
[  839.876024][T12077] infiniband srz1: RDMA CMA: cma_listen_on_dev, error -98
[  840.230258][T12118] netlink: 8 bytes leftover after parsing attributes in process `syz.4.15820'.
[  840.244187][T12112] netlink: 56 bytes leftover after parsing attributes in process `syz.3.15817'.
[  840.318787][T12128] netlink: 16 bytes leftover after parsing attributes in process `syz.4.15824'.
[  840.395671][T12136] futex_wake_op: syz.2.15825 tries to shift op by -1; fix this program
[  840.409955][T12137] futex_wake_op: syz.3.15823 tries to shift op by -1; fix this program
[  841.276856][   T29] kauditd_printk_skb: 622 callbacks suppressed
[  841.276871][   T29] audit: type=1326 audit(2000000383.671:57975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12161 comm="syz.1.15837" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd7b95e929 code=0x7ffc0000
[  841.307724][   T29] audit: type=1326 audit(2000000383.671:57976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12161 comm="syz.1.15837" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd7b95e929 code=0x7ffc0000
[  841.332128][   T29] audit: type=1326 audit(2000000383.671:57977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12161 comm="syz.1.15837" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efd7b95e929 code=0x7ffc0000
[  841.355911][   T29] audit: type=1326 audit(2000000383.671:57978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12161 comm="syz.1.15837" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd7b95e929 code=0x7ffc0000
[  841.380248][   T29] audit: type=1326 audit(2000000383.671:57979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12161 comm="syz.1.15837" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd7b95e929 code=0x7ffc0000
[  841.404720][   T29] audit: type=1326 audit(2000000383.671:57980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12161 comm="syz.1.15837" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efd7b95e929 code=0x7ffc0000
[  841.428441][   T29] audit: type=1326 audit(2000000383.671:57981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12161 comm="syz.1.15837" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd7b95e929 code=0x7ffc0000
[  841.453096][   T29] audit: type=1326 audit(2000000383.671:57982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12161 comm="syz.1.15837" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd7b95e929 code=0x7ffc0000
[  841.476781][   T29] audit: type=1326 audit(2000000383.671:57983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12161 comm="syz.1.15837" exe="/root/syz-executor" sig=0 arch=c000003e syscall=36 compat=0 ip=0x7efd7b95e929 code=0x7ffc0000
[  841.501343][   T29] audit: type=1326 audit(2000000383.671:57984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12161 comm="syz.1.15837" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd7b95e929 code=0x7ffc0000
[  841.561650][T12169] FAULT_INJECTION: forcing a failure.
[  841.561650][T12169] name failslab, interval 1, probability 0, space 0, times 0
[  841.574607][T12169] CPU: 1 UID: 0 PID: 12169 Comm: syz.3.15841 Not tainted 6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(voluntary) 
[  841.574645][T12169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  841.574661][T12169] Call Trace:
[  841.574669][T12169]  <TASK>
[  841.574677][T12169]  __dump_stack+0x1d/0x30
[  841.574835][T12169]  dump_stack_lvl+0xe8/0x140
[  841.574904][T12169]  dump_stack+0x15/0x1b
[  841.574926][T12169]  should_fail_ex+0x265/0x280
[  841.575002][T12169]  should_failslab+0x8c/0xb0
[  841.575032][T12169]  kmem_cache_alloc_noprof+0x50/0x310
[  841.575066][T12169]  ? flock_lock_inode+0x135/0xf60
[  841.575103][T12169]  flock_lock_inode+0x135/0xf60
[  841.575188][T12169]  ? file_has_perm+0x324/0x370
[  841.575216][T12169]  locks_lock_inode_wait+0x6f/0x2a0
[  841.575251][T12169]  ? selinux_file_lock+0x38/0x50
[  841.575283][T12169]  __se_sys_flock+0x2f1/0x3b0
[  841.575370][T12169]  __x64_sys_flock+0x31/0x40
[  841.575403][T12169]  x64_sys_call+0x2eed/0x2fb0
[  841.575438][T12169]  do_syscall_64+0xd2/0x200
[  841.575465][T12169]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  841.575497][T12169]  ? clear_bhb_loop+0x40/0x90
[  841.575525][T12169]  ? clear_bhb_loop+0x40/0x90
[  841.575553][T12169]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  841.575640][T12169] RIP: 0033:0x7f2506e1e929
[  841.575655][T12169] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  841.575673][T12169] RSP: 002b:00007f2505487038 EFLAGS: 00000246 ORIG_RAX: 0000000000000049
[  841.575703][T12169] RAX: ffffffffffffffda RBX: 00007f2507045fa0 RCX: 00007f2506e1e929
[  841.575720][T12169] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000003
[  841.575735][T12169] RBP: 00007f2505487090 R08: 0000000000000000 R09: 0000000000000000
[  841.575790][T12169] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  841.575805][T12169] R13: 0000000000000000 R14: 00007f2507045fa0 R15: 00007ffd3fa7c8c8
[  841.575825][T12169]  </TASK>
[  842.232177][T12213] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  842.425736][T12222] team0: Port device dummy0 added
[  842.501907][T12222] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  842.551655][T12222] team0: Failed to send options change via netlink (err -105)
[  842.577562][T12222] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  842.643912][T12222] team0: Port device dummy0 removed
[  842.676142][T12222] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  843.521025][T12261] futex_wake_op: syz.4.15877 tries to shift op by -1; fix this program
[  843.637940][T12271] validate_nla: 12 callbacks suppressed
[  843.637957][T12271] netlink: 'syz.1.15882': attribute type 39 has an invalid length.
[  843.698985][T12273] __nla_validate_parse: 5 callbacks suppressed
[  843.699022][T12273] netlink: 16 bytes leftover after parsing attributes in process `syz.1.15882'.
[  843.834842][T12281] netlink: 'syz.1.15886': attribute type 10 has an invalid length.
[  843.843602][T12281] netlink: 40 bytes leftover after parsing attributes in process `syz.1.15886'.
[  844.357332][T12310] netlink: 'syz.4.15899': attribute type 10 has an invalid length.
[  844.372463][T12310] 8021q: adding VLAN 0 to HW filter on device team0
[  844.382213][T12310] bond0: (slave team0): Enslaving as an active interface with an up link
[  844.402870][T12306] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  844.409471][T12306] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  844.417927][T12306] vhci_hcd vhci_hcd.0: Device attached
[  844.502767][T12311] vhci_hcd: connection closed
[  844.509898][ T3433] vhci_hcd: stop threads
[  844.518956][ T3433] vhci_hcd: release socket
[  844.523486][ T3433] vhci_hcd: disconnect device
[  844.671730][T12340] netlink: 'syz.4.15912': attribute type 10 has an invalid length.
[  844.899612][T12362] netlink: 'syz.4.15923': attribute type 10 has an invalid length.
[  844.907731][T12362] netlink: 40 bytes leftover after parsing attributes in process `syz.4.15923'.
[  844.973899][T12371] netlink: 4 bytes leftover after parsing attributes in process `syz.0.15927'.
[  845.001380][T12374] lo speed is unknown, defaulting to 1000
[  845.007306][T12374] lo speed is unknown, defaulting to 1000
[  845.018375][T12374] lo speed is unknown, defaulting to 1000
[  845.027229][T12374] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  845.045276][T12374] lo speed is unknown, defaulting to 1000
[  845.065094][T12374] lo speed is unknown, defaulting to 1000
[  845.074276][T12374] lo speed is unknown, defaulting to 1000
[  845.087056][T12374] lo speed is unknown, defaulting to 1000
[  845.100014][T12374] lo speed is unknown, defaulting to 1000
[  845.117090][T12374] lo speed is unknown, defaulting to 1000
[  845.130152][T12374] lo speed is unknown, defaulting to 1000
[  845.144571][T12374] lo speed is unknown, defaulting to 1000
[  845.159172][T12374] lo speed is unknown, defaulting to 1000
[  845.185572][T12391] netlink: 'syz.2.15935': attribute type 10 has an invalid length.
[  845.193608][T12391] netlink: 40 bytes leftover after parsing attributes in process `syz.2.15935'.
[  845.201337][T12374] lo speed is unknown, defaulting to 1000
[  845.205663][T12391] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  845.230823][T12374] lo speed is unknown, defaulting to 1000
[  845.451424][T12413] netlink: 'syz.2.15947': attribute type 10 has an invalid length.
[  845.452510][T12417] SELinux: security policydb version 18 (MLS) not backwards compatible
[  845.459384][T12413] netlink: 40 bytes leftover after parsing attributes in process `syz.2.15947'.
[  845.467795][T12413] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  845.495271][T12417] SELinux: failed to load policy
[  845.610930][T12419] netlink: 260 bytes leftover after parsing attributes in process `syz.4.15949'.
[  845.615895][T12433] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  845.693983][T12419] lo speed is unknown, defaulting to 1000
[  845.841951][T12451] SELinux:  policydb version 0 does not match my version range 15-34
[  845.861905][T12451] SELinux: failed to load policy
[  845.986898][T12470] FAULT_INJECTION: forcing a failure.
[  845.986898][T12470] name failslab, interval 1, probability 0, space 0, times 0
[  845.999601][T12470] CPU: 1 UID: 0 PID: 12470 Comm: syz.3.15972 Not tainted 6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(voluntary) 
[  845.999635][T12470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  845.999650][T12470] Call Trace:
[  845.999658][T12470]  <TASK>
[  845.999669][T12470]  __dump_stack+0x1d/0x30
[  845.999692][T12470]  dump_stack_lvl+0xe8/0x140
[  845.999714][T12470]  dump_stack+0x15/0x1b
[  845.999730][T12470]  should_fail_ex+0x265/0x280
[  845.999771][T12470]  should_failslab+0x8c/0xb0
[  845.999855][T12470]  kmem_cache_alloc_noprof+0x50/0x310
[  845.999950][T12470]  ? getname_kernel+0x3c/0x1f0
[  845.999983][T12470]  getname_kernel+0x3c/0x1f0
[  846.000016][T12470]  kern_path+0x23/0x130
[  846.000054][T12470]  create_local_trace_uprobe+0x53/0x2c0
[  846.000090][T12470]  perf_uprobe_init+0xc0/0x150
[  846.000196][T12470]  perf_uprobe_event_init+0xea/0x150
[  846.000224][T12470]  perf_try_init_event+0xd6/0x540
[  846.000273][T12470]  ? perf_event_alloc+0xb1c/0x1680
[  846.000335][T12470]  perf_event_alloc+0xb27/0x1680
[  846.000366][T12470]  __se_sys_perf_event_open+0x615/0x11c0
[  846.000401][T12470]  ? __rcu_read_unlock+0x4f/0x70
[  846.000436][T12470]  __x64_sys_perf_event_open+0x67/0x80
[  846.000542][T12470]  x64_sys_call+0x27ec/0x2fb0
[  846.000569][T12470]  do_syscall_64+0xd2/0x200
[  846.000640][T12470]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  846.000666][T12470]  ? clear_bhb_loop+0x40/0x90
[  846.000726][T12470]  ? clear_bhb_loop+0x40/0x90
[  846.000753][T12470]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  846.000780][T12470] RIP: 0033:0x7f2506e1e929
[  846.000823][T12470] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  846.000860][T12470] RSP: 002b:00007f2505487038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  846.000881][T12470] RAX: ffffffffffffffda RBX: 00007f2507045fa0 RCX: 00007f2506e1e929
[  846.000894][T12470] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000
[  846.000940][T12470] RBP: 00007f2505487090 R08: 0000000000000000 R09: 0000000000000000
[  846.001010][T12470] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[  846.001026][T12470] R13: 0000000000000000 R14: 00007f2507045fa0 R15: 00007ffd3fa7c8c8
[  846.001058][T12470]  </TASK>
[  846.302086][   T29] kauditd_printk_skb: 389 callbacks suppressed
[  846.302104][   T29] audit: type=1326 audit(2000000388.701:58374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12475 comm="syz.1.15974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd7b95e929 code=0x7ffc0000
[  846.410785][T12484] SELinux:  policydb version 0 does not match my version range 15-34
[  846.418231][   T29] audit: type=1326 audit(2000000388.731:58375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12475 comm="syz.1.15974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7efd7b95e929 code=0x7ffc0000
[  846.442931][   T29] audit: type=1326 audit(2000000388.731:58376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12475 comm="syz.1.15974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd7b95e929 code=0x7ffc0000
[  846.443036][T12484] SELinux: failed to load policy
[  846.472132][   T29] audit: type=1326 audit(2000000388.731:58377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12475 comm="syz.1.15974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd7b95e929 code=0x7ffc0000
[  846.524160][   T29] audit: type=1326 audit(2000000388.921:58378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12487 comm="syz.1.15980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd7b95e929 code=0x7ffc0000
[  846.548143][   T29] audit: type=1326 audit(2000000388.921:58379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12487 comm="syz.1.15980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd7b95e929 code=0x7ffc0000
[  846.572283][   T29] audit: type=1326 audit(2000000388.921:58380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12487 comm="syz.1.15980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7efd7b95e929 code=0x7ffc0000
[  846.596877][T12495] futex_wake_op: syz.3.15981 tries to shift op by -1; fix this program
[  846.606422][   T29] audit: type=1326 audit(2000000388.921:58381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12487 comm="syz.1.15980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd7b95e929 code=0x7ffc0000
[  846.631274][   T29] audit: type=1326 audit(2000000388.921:58382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12487 comm="syz.1.15980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efd7b95e929 code=0x7ffc0000
[  846.655125][   T29] audit: type=1326 audit(2000000388.921:58383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12487 comm="syz.1.15980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd7b95e929 code=0x7ffc0000
[  846.686489][T12490] netlink: 33912 bytes leftover after parsing attributes in process `syz.1.15980'.
[  846.813408][T12513] SELinux:  policydb version 0 does not match my version range 15-34
[  846.821655][T12513] SELinux: failed to load policy
[  847.118706][T12528] netlink: 'syz.4.15995': attribute type 10 has an invalid length.
[  847.127412][T12528] netlink: 40 bytes leftover after parsing attributes in process `syz.4.15995'.
[  847.232725][T12534] futex_wake_op: syz.1.15997 tries to shift op by -1; fix this program
[  847.584338][T12550] netlink: 44 bytes leftover after parsing attributes in process `syz.1.16000'.
[  849.237348][T12626] __nla_validate_parse: 2 callbacks suppressed
[  849.237444][T12626] netlink: 33912 bytes leftover after parsing attributes in process `syz.4.16030'.
[  849.434758][T12633] netlink: 'syz.4.16032': attribute type 10 has an invalid length.
[  849.442840][T12633] netlink: 40 bytes leftover after parsing attributes in process `syz.4.16032'.
[  849.542012][T12640] netlink: 'syz.4.16035': attribute type 39 has an invalid length.
[  849.575538][T12640] netlink: 16 bytes leftover after parsing attributes in process `syz.4.16035'.
[  849.779012][T12661] futex_wake_op: syz.2.16042 tries to shift op by -1; fix this program
[  849.809763][T12663] bond0: option mode: unable to set because the bond device has slaves
[  849.911827][T12668] netlink: 'syz.4.16045': attribute type 10 has an invalid length.
[  849.919856][T12668] netlink: 40 bytes leftover after parsing attributes in process `syz.4.16045'.
[  849.954449][T12675] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  849.985212][T12675] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  850.022949][T12683] x_tables: unsorted entry at hook 1
[  850.037588][T12686] netlink: 12 bytes leftover after parsing attributes in process `syz.2.16051'.
[  850.070151][T12685] netlink: 108 bytes leftover after parsing attributes in process `syz.2.16051'.
[  850.155787][T12701] netlink: 33912 bytes leftover after parsing attributes in process `syz.4.16058'.
[  850.341987][T12716] erspan0: entered promiscuous mode
[  850.342019][T12716] vlan2: entered promiscuous mode
[  850.591610][   T36] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  850.796617][T12743] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(12)
[  850.796644][T12743] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  850.796680][T12743] vhci_hcd vhci_hcd.0: Device attached
[  850.797059][T12753] vhci_hcd: connection closed
[  850.820798][ T3433] vhci_hcd: stop threads
[  850.833482][T12739] lo speed is unknown, defaulting to 1000
[  850.836752][ T3433] vhci_hcd: release socket
[  850.836764][ T3433] vhci_hcd: disconnect device
[  850.889571][T12761] FAULT_INJECTION: forcing a failure.
[  850.889571][T12761] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  850.903591][T12761] CPU: 1 UID: 0 PID: 12761 Comm: syz.4.16079 Not tainted 6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(voluntary) 
[  850.903625][T12761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  850.903639][T12761] Call Trace:
[  850.903646][T12761]  <TASK>
[  850.903686][T12761]  __dump_stack+0x1d/0x30
[  850.903712][T12761]  dump_stack_lvl+0xe8/0x140
[  850.903810][T12761]  dump_stack+0x15/0x1b
[  850.903825][T12761]  should_fail_ex+0x265/0x280
[  850.903865][T12761]  should_fail+0xb/0x20
[  850.903956][T12761]  should_fail_usercopy+0x1a/0x20
[  850.903981][T12761]  _copy_from_user+0x1c/0xb0
[  850.904009][T12761]  do_ipv6_setsockopt+0x220/0x22e0
[  850.904068][T12761]  ? kstrtoull+0x111/0x140
[  850.904105][T12761]  ? avc_has_perm_noaudit+0x1b1/0x200
[  850.904144][T12761]  ? selinux_netlbl_socket_setsockopt+0x1f9/0x2d0
[  850.904179][T12761]  ipv6_setsockopt+0x59/0x130
[  850.904267][T12761]  udpv6_setsockopt+0x99/0xb0
[  850.904294][T12761]  sock_common_setsockopt+0x66/0x80
[  850.904398][T12761]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  850.904437][T12761]  __sys_setsockopt+0x181/0x200
[  850.904562][T12761]  __x64_sys_setsockopt+0x64/0x80
[  850.904588][T12761]  x64_sys_call+0x2bd5/0x2fb0
[  850.904666][T12761]  do_syscall_64+0xd2/0x200
[  850.904740][T12761]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  850.904772][T12761]  ? clear_bhb_loop+0x40/0x90
[  850.904799][T12761]  ? clear_bhb_loop+0x40/0x90
[  850.904826][T12761]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  850.904929][T12761] RIP: 0033:0x7fb4fb32e929
[  850.904944][T12761] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  850.904963][T12761] RSP: 002b:00007fb4f9997038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  850.904987][T12761] RAX: ffffffffffffffda RBX: 00007fb4fb555fa0 RCX: 00007fb4fb32e929
[  850.905003][T12761] RDX: 0000000000000030 RSI: 0000000000000029 RDI: 0000000000000003
[  850.905081][T12761] RBP: 00007fb4f9997090 R08: 0000000000000110 R09: 0000000000000000
[  850.905099][T12761] R10: 0000200000000b00 R11: 0000000000000246 R12: 0000000000000001
[  850.905120][T12761] R13: 0000000000000000 R14: 00007fb4fb555fa0 R15: 00007ffdd7bc96a8
[  850.905148][T12761]  </TASK>
[  851.136047][T12768] FAULT_INJECTION: forcing a failure.
[  851.136047][T12768] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  851.213513][T12768] CPU: 1 UID: 0 PID: 12768 Comm: syz.4.16082 Not tainted 6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(voluntary) 
[  851.213549][T12768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  851.213599][T12768] Call Trace:
[  851.213607][T12768]  <TASK>
[  851.213617][T12768]  __dump_stack+0x1d/0x30
[  851.213643][T12768]  dump_stack_lvl+0xe8/0x140
[  851.213667][T12768]  dump_stack+0x15/0x1b
[  851.213688][T12768]  should_fail_ex+0x265/0x280
[  851.213776][T12768]  should_fail+0xb/0x20
[  851.213823][T12768]  should_fail_usercopy+0x1a/0x20
[  851.213853][T12768]  strncpy_from_user+0x25/0x230
[  851.213945][T12768]  ? kmem_cache_alloc_noprof+0x186/0x310
[  851.213983][T12768]  ? getname_flags+0x80/0x3b0
[  851.214019][T12768]  getname_flags+0xae/0x3b0
[  851.214082][T12768]  __x64_sys_link+0x33/0x70
[  851.214111][T12768]  x64_sys_call+0x2af9/0x2fb0
[  851.214191][T12768]  do_syscall_64+0xd2/0x200
[  851.214221][T12768]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  851.214257][T12768]  ? clear_bhb_loop+0x40/0x90
[  851.214295][T12768]  ? clear_bhb_loop+0x40/0x90
[  851.214327][T12768]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  851.214434][T12768] RIP: 0033:0x7fb4fb32e929
[  851.214463][T12768] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  851.214490][T12768] RSP: 002b:00007fb4f9997038 EFLAGS: 00000246 ORIG_RAX: 0000000000000056
[  851.214516][T12768] RAX: ffffffffffffffda RBX: 00007fb4fb555fa0 RCX: 00007fb4fb32e929
[  851.214535][T12768] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000040
[  851.214553][T12768] RBP: 00007fb4f9997090 R08: 0000000000000000 R09: 0000000000000000
[  851.214623][T12768] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  851.214640][T12768] R13: 0000000000000001 R14: 00007fb4fb555fa0 R15: 00007ffdd7bc96a8
[  851.214708][T12768]  </TASK>
[  851.332222][ T8549] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  851.455661][T12777] siw: device registration error -23
[  851.509197][T12783] netlink: 4 bytes leftover after parsing attributes in process `syz.3.16089'.
[  851.564820][   T29] kauditd_printk_skb: 396 callbacks suppressed
[  851.564838][   T29] audit: type=1400 audit(2000000393.961:58778): avc:  granted  { setsecparam } for  pid=12790 comm="syz.3.16093" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  851.614711][   T29] audit: type=1326 audit(2000000394.011:58779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12794 comm="syz.4.16095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4fb32e929 code=0x7ffc0000
[  851.639186][   T29] audit: type=1326 audit(2000000394.011:58780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12794 comm="syz.4.16095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4fb32e929 code=0x7ffc0000
[  851.640201][T12795] netlink: 33912 bytes leftover after parsing attributes in process `syz.4.16095'.
[  851.663915][   T29] audit: type=1326 audit(2000000394.011:58781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12794 comm="syz.4.16095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb4fb32e929 code=0x7ffc0000
[  851.696346][   T29] audit: type=1326 audit(2000000394.011:58782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12794 comm="syz.4.16095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4fb32e929 code=0x7ffc0000
[  851.720956][   T29] audit: type=1326 audit(2000000394.011:58783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12794 comm="syz.4.16095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4fb32e929 code=0x7ffc0000
[  851.744751][   T29] audit: type=1326 audit(2000000394.011:58784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12794 comm="syz.4.16095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb4fb32e929 code=0x7ffc0000
[  851.768689][   T29] audit: type=1326 audit(2000000394.011:58785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12794 comm="syz.4.16095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4fb32e929 code=0x7ffc0000
[  851.793169][   T29] audit: type=1326 audit(2000000394.011:58786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12794 comm="syz.4.16095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4fb32e929 code=0x7ffc0000
[  851.817043][   T29] audit: type=1326 audit(2000000394.011:58787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12794 comm="syz.4.16095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb4fb32e929 code=0x7ffc0000
[  851.850860][T12793] netlink: 'syz.2.16094': attribute type 1 has an invalid length.
[  851.858782][T12793] netlink: 224 bytes leftover after parsing attributes in process `syz.2.16094'.
[  851.923014][T12807] netlink: 'syz.4.16098': attribute type 39 has an invalid length.
[  851.978416][T12815] loop9: detected capacity change from 0 to 7
[  851.985167][T12815] Buffer I/O error on dev loop9, logical block 0, async page read
[  851.993270][T12815] Buffer I/O error on dev loop9, logical block 0, async page read
[  852.001589][T12815]  loop9: unable to read partition table
[  852.023110][T12815] loop_reread_partitions: partition scan of loop9 (þ被xüŸÑø éÚ¬§½dG¤´à–ƒÝ¡¯ �â·û
[  852.023110][T12815] 
) failed (rc=-5)
[  852.025526][T12817] netlink: 'syz.1.16102': attribute type 10 has an invalid length.
[  852.270005][T12842] netlink: 'syz.2.16111': attribute type 39 has an invalid length.
[  852.319426][T12844] SELinux: syz.4.16112 (12844) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  852.691120][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  853.107934][T12852] tmpfs: Bad value for 'mpol'
[  853.624783][T12885] SELinux: security policydb version 18 (MLS) not backwards compatible
[  853.634554][T12885] SELinux: failed to load policy
[  855.063402][T12916] SELinux: security policydb version 18 (MLS) not backwards compatible
[  855.100839][T12916] SELinux: failed to load policy
[  856.338154][T12956] __nla_validate_parse: 6 callbacks suppressed
[  856.338173][T12956] netlink: 12 bytes leftover after parsing attributes in process `syz.3.16152'.
[  856.354156][T12956] tc_dump_action: action bad kind
[  856.533469][T12956] lo speed is unknown, defaulting to 1000
[  856.732814][T12956] lo speed is unknown, defaulting to 1000
[  857.511155][T12963] netlink: 'syz.3.16156': attribute type 39 has an invalid length.
[  857.551966][T12963] netlink: 16 bytes leftover after parsing attributes in process `syz.3.16156'.
[  857.632689][   T29] kauditd_printk_skb: 114 callbacks suppressed
[  857.632705][   T29] audit: type=1326 audit(2000000400.031:58902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12971 comm="syz.3.16161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2506e1e929 code=0x7ffc0000
[  857.663544][   T29] audit: type=1400 audit(2000000400.031:58903): avc:  denied  { create } for  pid=12974 comm="syz.4.16162" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  857.684460][   T29] audit: type=1326 audit(2000000400.031:58904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12971 comm="syz.3.16161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2506e1e929 code=0x7ffc0000
[  857.709442][T12979] netlink: 33912 bytes leftover after parsing attributes in process `syz.3.16161'.
[  857.760679][   T29] audit: type=1326 audit(2000000400.031:58905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12971 comm="syz.3.16161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2506e1e929 code=0x7ffc0000
[  857.785192][   T29] audit: type=1326 audit(2000000400.031:58906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12971 comm="syz.3.16161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2506e1e929 code=0x7ffc0000
[  857.809609][   T29] audit: type=1326 audit(2000000400.031:58907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12971 comm="syz.3.16161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2506e1e929 code=0x7ffc0000
[  857.833424][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  857.842036][   T29] audit: type=1326 audit(2000000400.031:58908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12971 comm="syz.3.16161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2506e1e929 code=0x7ffc0000
[  857.866478][   T29] audit: type=1326 audit(2000000400.031:58909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12971 comm="syz.3.16161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2506e1e929 code=0x7ffc0000
[  857.890230][   T29] audit: type=1326 audit(2000000400.031:58910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12971 comm="syz.3.16161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2506e1e929 code=0x7ffc0000
[  857.914632][   T29] audit: type=1326 audit(2000000400.031:58911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12971 comm="syz.3.16161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2506e1e929 code=0x7ffc0000
[  857.969148][T12997] siw: device registration error -23
[  857.978780][T12989] futex_wake_op: syz.3.16166 tries to shift op by -1; fix this program
[  858.025342][T13007] netlink: 'syz.1.16172': attribute type 39 has an invalid length.
[  858.043906][T13007] netlink: 16 bytes leftover after parsing attributes in process `syz.1.16172'.
[  858.206602][T13020] netlink: 8 bytes leftover after parsing attributes in process `syz.3.16178'.
[  858.223645][T13021] SELinux: syz.1.16177 (13021) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  858.243237][T13020] hub 9-0:1.0: USB hub found
[  858.248103][T13020] hub 9-0:1.0: 8 ports detected
[  858.310089][T13029] SELinux: security policydb version 18 (MLS) not backwards compatible
[  858.320122][T13029] SELinux: failed to load policy
[  858.383018][T13031] futex_wake_op: syz.2.16183 tries to shift op by -1; fix this program
[  858.529468][T13050] SELinux: syz.2.16192 (13050) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  858.613741][T13058] netlink: 4 bytes leftover after parsing attributes in process `syz.3.16196'.
[  858.642163][T13060] futex_wake_op: syz.1.16197 tries to shift op by -1; fix this program
[  858.676372][T13068] FAULT_INJECTION: forcing a failure.
[  858.676372][T13068] name failslab, interval 1, probability 0, space 0, times 0
[  858.689123][T13068] CPU: 1 UID: 0 PID: 13068 Comm: syz.0.16201 Not tainted 6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(voluntary) 
[  858.689188][T13068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  858.689200][T13068] Call Trace:
[  858.689207][T13068]  <TASK>
[  858.689214][T13068]  __dump_stack+0x1d/0x30
[  858.689314][T13068]  dump_stack_lvl+0xe8/0x140
[  858.689332][T13068]  dump_stack+0x15/0x1b
[  858.689425][T13068]  should_fail_ex+0x265/0x280
[  858.689488][T13068]  should_failslab+0x8c/0xb0
[  858.689592][T13068]  __kmalloc_noprof+0xa5/0x3e0
[  858.689618][T13068]  ? sel_write_create+0x186/0x4f0
[  858.689651][T13068]  sel_write_create+0x186/0x4f0
[  858.689794][T13068]  selinux_transaction_write+0xc3/0x110
[  858.689825][T13068]  ? __pfx_selinux_transaction_write+0x10/0x10
[  858.689858][T13068]  vfs_write+0x269/0x8e0
[  858.689931][T13068]  ? __rcu_read_unlock+0x4f/0x70
[  858.689953][T13068]  ? __fget_files+0x184/0x1c0
[  858.689979][T13068]  ksys_write+0xda/0x1a0
[  858.689999][T13068]  __x64_sys_write+0x40/0x50
[  858.690098][T13068]  x64_sys_call+0x2cdd/0x2fb0
[  858.690124][T13068]  do_syscall_64+0xd2/0x200
[  858.690145][T13068]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  858.690202][T13068]  ? clear_bhb_loop+0x40/0x90
[  858.690224][T13068]  ? clear_bhb_loop+0x40/0x90
[  858.690245][T13068]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  858.690266][T13068] RIP: 0033:0x7f3261c9e929
[  858.690326][T13068] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  858.690344][T13068] RSP: 002b:00007f3260307038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  858.690363][T13068] RAX: ffffffffffffffda RBX: 00007f3261ec5fa0 RCX: 00007f3261c9e929
[  858.690375][T13068] RDX: 000000000000004c RSI: 0000200000000780 RDI: 0000000000000005
[  858.690446][T13068] RBP: 00007f3260307090 R08: 0000000000000000 R09: 0000000000000000
[  858.690458][T13068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  858.690470][T13068] R13: 0000000000000000 R14: 00007f3261ec5fa0 R15: 00007ffd1fad2da8
[  858.690490][T13068]  </TASK>
[  859.018118][T13078] FAULT_INJECTION: forcing a failure.
[  859.018118][T13078] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  859.031306][T13078] CPU: 0 UID: 0 PID: 13078 Comm: syz.2.16205 Not tainted 6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(voluntary) 
[  859.031381][T13078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  859.031450][T13078] Call Trace:
[  859.031458][T13078]  <TASK>
[  859.031469][T13078]  __dump_stack+0x1d/0x30
[  859.031496][T13078]  dump_stack_lvl+0xe8/0x140
[  859.031520][T13078]  dump_stack+0x15/0x1b
[  859.031537][T13078]  should_fail_ex+0x265/0x280
[  859.031649][T13078]  should_fail+0xb/0x20
[  859.031698][T13078]  should_fail_usercopy+0x1a/0x20
[  859.031720][T13078]  _copy_from_iter+0xcf/0xe40
[  859.031746][T13078]  ? __build_skb_around+0x1a0/0x200
[  859.031790][T13078]  ? __alloc_skb+0x223/0x320
[  859.031890][T13078]  netlink_sendmsg+0x471/0x6b0
[  859.031917][T13078]  ? __pfx_netlink_sendmsg+0x10/0x10
[  859.031940][T13078]  __sock_sendmsg+0x145/0x180
[  859.032051][T13078]  ____sys_sendmsg+0x31e/0x4e0
[  859.032082][T13078]  ___sys_sendmsg+0x17b/0x1d0
[  859.032130][T13078]  __x64_sys_sendmsg+0xd4/0x160
[  859.032219][T13078]  x64_sys_call+0x2999/0x2fb0
[  859.032241][T13078]  do_syscall_64+0xd2/0x200
[  859.032308][T13078]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  859.032334][T13078]  ? clear_bhb_loop+0x40/0x90
[  859.032356][T13078]  ? clear_bhb_loop+0x40/0x90
[  859.032434][T13078]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  859.032462][T13078] RIP: 0033:0x7fa4ffabe929
[  859.032487][T13078] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  859.032505][T13078] RSP: 002b:00007fa4fe127038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  859.032524][T13078] RAX: ffffffffffffffda RBX: 00007fa4ffce5fa0 RCX: 00007fa4ffabe929
[  859.032538][T13078] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  859.032554][T13078] RBP: 00007fa4fe127090 R08: 0000000000000000 R09: 0000000000000000
[  859.032571][T13078] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  859.032599][T13078] R13: 0000000000000000 R14: 00007fa4ffce5fa0 R15: 00007ffe09f79ee8
[  859.032674][T13078]  </TASK>
[  859.305216][T13090] SELinux: syz.0.16210 (13090) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  859.417322][T13096] futex_wake_op: syz.2.16212 tries to shift op by -1; fix this program
[  859.821191][T13104] lo speed is unknown, defaulting to 1000
[  859.975198][T13104] chnl_net:caif_netlink_parms(): no params data found
[  859.982885][T13128] FAULT_INJECTION: forcing a failure.
[  859.982885][T13128] name failslab, interval 1, probability 0, space 0, times 0
[  859.995685][T13128] CPU: 1 UID: 0 PID: 13128 Comm: syz.1.16219 Not tainted 6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(voluntary) 
[  859.995756][T13128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  859.995773][T13128] Call Trace:
[  859.995782][T13128]  <TASK>
[  859.995793][T13128]  __dump_stack+0x1d/0x30
[  859.995815][T13128]  dump_stack_lvl+0xe8/0x140
[  859.995834][T13128]  dump_stack+0x15/0x1b
[  859.995851][T13128]  should_fail_ex+0x265/0x280
[  859.996003][T13128]  should_failslab+0x8c/0xb0
[  859.996033][T13128]  kmem_cache_alloc_noprof+0x50/0x310
[  859.996117][T13128]  ? alloc_empty_file+0x76/0x200
[  859.996142][T13128]  ? mntput+0x4b/0x80
[  859.996170][T13128]  alloc_empty_file+0x76/0x200
[  859.996201][T13128]  path_openat+0x68/0x2170
[  859.996320][T13128]  ? _parse_integer_limit+0x170/0x190
[  859.996362][T13128]  ? kstrtoull+0x111/0x140
[  859.996531][T13128]  ? kstrtouint+0x76/0xc0
[  859.996570][T13128]  do_filp_open+0x109/0x230
[  859.996620][T13128]  do_sys_openat2+0xa6/0x110
[  859.996657][T13128]  __x64_sys_openat+0xf2/0x120
[  859.996761][T13128]  x64_sys_call+0x1af/0x2fb0
[  859.996788][T13128]  do_syscall_64+0xd2/0x200
[  859.996812][T13128]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  859.996892][T13128]  ? clear_bhb_loop+0x40/0x90
[  859.996919][T13128]  ? clear_bhb_loop+0x40/0x90
[  859.997077][T13128]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  859.997105][T13128] RIP: 0033:0x7efd7b95d290
[  859.997123][T13128] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[  859.997142][T13128] RSP: 002b:00007efd79fc6b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  859.997160][T13128] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007efd7b95d290
[  859.997172][T13128] RDX: 0000000000000000 RSI: 00007efd79fc6c10 RDI: 00000000ffffff9c
[  859.997184][T13128] RBP: 00007efd79fc6c10 R08: 0000000000000000 R09: 002367732f766564
[  859.997212][T13128] R10: 0000000000000000 R11: 0000000000000293 R12: cccccccccccccccd
[  859.997252][T13128] R13: 0000000000000000 R14: 00007efd7bb85fa0 R15: 00007ffe393e2b18
[  859.997273][T13128]  </TASK>
[  860.333666][T13104] bridge0: port 1(bridge_slave_0) entered blocking state
[  860.340951][T13104] bridge0: port 1(bridge_slave_0) entered disabled state
[  860.355472][T13141] FAULT_INJECTION: forcing a failure.
[  860.355472][T13141] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  860.364303][T13104] bridge_slave_0: entered allmulticast mode
[  860.368996][T13141] CPU: 0 UID: 0 PID: 13141 Comm: syz.0.16224 Not tainted 6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(voluntary) 
[  860.369037][T13141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  860.369055][T13141] Call Trace:
[  860.369062][T13141]  <TASK>
[  860.369074][T13141]  __dump_stack+0x1d/0x30
[  860.369155][T13141]  dump_stack_lvl+0xe8/0x140
[  860.369182][T13141]  dump_stack+0x15/0x1b
[  860.369204][T13141]  should_fail_ex+0x265/0x280
[  860.369295][T13141]  should_fail_alloc_page+0xf2/0x100
[  860.369331][T13141]  __alloc_frozen_pages_noprof+0xff/0x360
[  860.369391][T13141]  alloc_pages_mpol+0xb3/0x250
[  860.369509][T13141]  alloc_pages_noprof+0x90/0x130
[  860.369553][T13141]  __pud_alloc+0x47/0x4c0
[  860.369584][T13141]  handle_mm_fault+0x1882/0x2be0
[  860.369674][T13141]  ? __rcu_read_unlock+0x4f/0x70
[  860.369732][T13141]  do_user_addr_fault+0x3fe/0x1090
[  860.369905][T13141]  ? kstrtouint_from_user+0x9f/0xf0
[  860.369954][T13141]  exc_page_fault+0x62/0xa0
[  860.370001][T13141]  asm_exc_page_fault+0x26/0x30
[  860.370029][T13141] RIP: 0010:rep_movs_alternative+0x33/0x90
[  860.370133][T13141] Code: 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 4d eb 01 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb
[  860.370159][T13141] RSP: 0018:ffffc90002e0fe48 EFLAGS: 00050212
[  860.370181][T13141] RAX: 0000000077359592 RBX: 0000000000000010 RCX: 0000000000000010
[  860.370237][T13141] RDX: 0000000000000000 RSI: ffffc90002e0fe80 RDI: 00002000000011c0
[  860.370255][T13141] RBP: 0000000000000000 R08: 0000000000000299 R09: 0000000000000000
[  860.370324][T13141] R10: 0001c90002e0fe80 R11: 0001c90002e0fe8f R12: 00002000000011d0
[  860.370342][T13141] R13: 00007ffffffff000 R14: 00002000000011c0 R15: ffffc90002e0fe80
[  860.370371][T13141]  _copy_to_user+0x7c/0xa0
[  860.370408][T13141]  put_timespec64+0x63/0xb0
[  860.370438][T13141]  __x64_sys_clock_gettime+0x13d/0x180
[  860.370551][T13141]  x64_sys_call+0x687/0x2fb0
[  860.370623][T13141]  do_syscall_64+0xd2/0x200
[  860.370651][T13141]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  860.370700][T13141]  ? clear_bhb_loop+0x40/0x90
[  860.370730][T13141]  ? clear_bhb_loop+0x40/0x90
[  860.370806][T13141]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  860.370835][T13141] RIP: 0033:0x7f3261c9e929
[  860.370856][T13141] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  860.370881][T13141] RSP: 002b:00007f3260307038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e4
[  860.370910][T13141] RAX: ffffffffffffffda RBX: 00007f3261ec5fa0 RCX: 00007f3261c9e929
[  860.370929][T13141] RDX: 0000000000000000 RSI: 00002000000011c0 RDI: 0000000000000000
[  860.370946][T13141] RBP: 00007f3260307090 R08: 0000000000000000 R09: 0000000000000000
[  860.370964][T13141] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  860.370980][T13141] R13: 0000000000000001 R14: 00007f3261ec5fa0 R15: 00007ffd1fad2da8
[  860.371066][T13141]  </TASK>
[  860.425077][T13142] futex_wake_op: syz.4.16223 tries to shift op by -1; fix this program
[  860.430203][T13104] bridge_slave_0: entered promiscuous mode
[  860.563454][T13144] netlink: 4 bytes leftover after parsing attributes in process `syz.0.16225'.
[  860.574125][T13104] bridge0: port 2(bridge_slave_1) entered blocking state
[  860.709006][T13104] bridge0: port 2(bridge_slave_1) entered disabled state
[  860.719717][T13104] bridge_slave_1: entered allmulticast mode
[  860.761535][T13104] bridge_slave_1: entered promiscuous mode
[  860.770373][T13146] siw: device registration error -23
[  860.879977][T13104] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  860.906588][T13104] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  860.930568][T13163] netlink: 4 bytes leftover after parsing attributes in process `syz.4.16232'.
[  860.973144][T13104] team0: Port device team_slave_0 added
[  860.988821][T13104] team0: Port device team_slave_1 added
[  861.046444][T13104] batman_adv: batadv0: Adding interface: batadv_slave_0
[  861.053598][T13104] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  861.079798][T13104] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  861.113665][T13104] batman_adv: batadv0: Adding interface: batadv_slave_1
[  861.120992][T13104] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  861.147065][T13104] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  861.177790][T13175] siw: device registration error -23
[  861.217053][   T51] team0: Port device geneve1 removed
[  861.286409][   T51] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  861.296349][   T51] bond0 (unregistering): Released all slaves
[  861.349425][T13104] hsr_slave_0: entered promiscuous mode
[  861.357120][T13104] hsr_slave_1: entered promiscuous mode
[  861.372553][T13104] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  861.380232][T13104] Cannot create hsr debugfs directory
[  861.403709][T13183] netlink: 'syz.2.16240': attribute type 13 has an invalid length.
[  861.484154][T13183] gretap0: refused to change device tx_queue_len
[  861.490560][T13183] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  861.513514][   T51] hsr_slave_0: left promiscuous mode
[  861.519495][   T51] hsr_slave_1: left promiscuous mode
[  861.529654][   T51] pimreg3 (unregistering): left allmulticast mode
[  861.589119][ T6323] smc: removing ib device syz2
[  861.645821][T13191] futex_wake_op: syz.1.16243 tries to shift op by -1; fix this program
[  861.684395][T13193] netlink: 264 bytes leftover after parsing attributes in process `ext4'.
[  861.693128][T13193] netlink: 56 bytes leftover after parsing attributes in process `ext4'.
[  861.707998][ T8557] hid-generic 0006:0000:0000.0005: unknown main item tag 0x0
[  861.716186][ T8557] hid-generic 0006:0000:0000.0005: unknown main item tag 0x0
[  861.723644][ T8557] hid-generic 0006:0000:0000.0005: unknown main item tag 0x0
[  861.731152][ T8557] hid-generic 0006:0000:0000.0005: unknown main item tag 0x0
[  861.738586][ T8557] hid-generic 0006:0000:0000.0005: unknown main item tag 0x0
[  861.746727][ T8557] hid-generic 0006:0000:0000.0005: unknown main item tag 0x0
[  861.754309][ T8557] hid-generic 0006:0000:0000.0005: unknown main item tag 0x0
[  861.761778][ T8557] hid-generic 0006:0000:0000.0005: unknown main item tag 0x0
[  861.769287][ T8557] hid-generic 0006:0000:0000.0005: item fetching failed at offset 8/29
[  861.787403][ T8557] hid-generic 0006:0000:0000.0005: probe with driver hid-generic failed with error -22
[  862.012286][T13199] lo speed is unknown, defaulting to 1000
[  862.141149][T13104] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  862.154619][T13104] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  862.166256][T13208] SELinux: security policydb version 18 (MLS) not backwards compatible
[  862.179702][T13104] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  862.186671][T13208] SELinux: failed to load policy
[  862.195160][T13104] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  862.307501][T13104] 8021q: adding VLAN 0 to HW filter on device bond0
[  862.349253][T13104] 8021q: adding VLAN 0 to HW filter on device team0
[  862.357685][T13232] netlink: 'syz.1.16259': attribute type 39 has an invalid length.
[  862.443965][T13235] netlink: 16 bytes leftover after parsing attributes in process `syz.1.16259'.
[  862.476625][T13104] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  862.487150][T13104] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  862.502926][T26829] bridge0: port 1(bridge_slave_0) entered blocking state
[  862.510053][T26829] bridge0: port 1(bridge_slave_0) entered forwarding state
[  862.631783][T13240] siw: device registration error -23
[  862.933387][T26829] bridge0: port 2(bridge_slave_1) entered blocking state
[  862.940517][T26829] bridge0: port 2(bridge_slave_1) entered forwarding state
[  863.064759][T13104] 8021q: adding VLAN 0 to HW filter on device batadv0
[  863.178216][   T29] kauditd_printk_skb: 182 callbacks suppressed
[  863.178235][   T29] audit: type=1326 audit(2000000405.571:59094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13228 comm="syz.2.16257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4ffabe929 code=0x7ffc0000
[  863.266196][T13267] siw: device registration error -23
[  863.275029][T13275] netlink: 'syz.2.16272': attribute type 39 has an invalid length.
[  863.324410][   T29] audit: type=1326 audit(2000000405.721:59095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13280 comm="syz.4.16274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4fb32e929 code=0x7ffc0000
[  863.348219][   T29] audit: type=1326 audit(2000000405.721:59096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13280 comm="syz.4.16274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb4fb32e929 code=0x7ffc0000
[  863.377422][T13275] netlink: 16 bytes leftover after parsing attributes in process `syz.2.16272'.
[  863.395680][T13104] veth0_vlan: entered promiscuous mode
[  863.436665][T13104] veth1_vlan: entered promiscuous mode
[  863.466256][T13104] veth0_macvtap: entered promiscuous mode
[  863.479011][   T29] audit: type=1326 audit(2000000405.721:59097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13280 comm="syz.4.16274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4fb32e929 code=0x7ffc0000
[  863.502801][   T29] audit: type=1326 audit(2000000405.721:59098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13280 comm="syz.4.16274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb4fb32e929 code=0x7ffc0000
[  863.526632][   T29] audit: type=1326 audit(2000000405.721:59099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13280 comm="syz.4.16274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4fb32e929 code=0x7ffc0000
[  863.550492][   T29] audit: type=1326 audit(2000000405.721:59100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13280 comm="syz.4.16274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=36 compat=0 ip=0x7fb4fb32e929 code=0x7ffc0000
[  863.574169][   T29] audit: type=1326 audit(2000000405.721:59101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13280 comm="syz.4.16274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4fb32e929 code=0x7ffc0000
[  863.598040][   T29] audit: type=1326 audit(2000000405.741:59102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13280 comm="syz.4.16274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4fb32e929 code=0x7ffc0000
[  863.629316][T13104] veth1_macvtap: entered promiscuous mode
[  863.645209][T13104] batman_adv: batadv0: Interface activated: batadv_slave_0
[  863.661490][T13104] batman_adv: batadv0: Interface activated: batadv_slave_1
[  863.675536][T13104] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  863.684365][T13104] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  863.693296][T13104] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  863.702105][T13104] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  863.717934][   T29] audit: type=1326 audit(2000000406.111:59103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13295 comm="syz.0.16281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3261c9e929 code=0x7ffc0000
[  863.775667][T13298] netlink: 33912 bytes leftover after parsing attributes in process `syz.0.16281'.
[  863.781651][T13305] netlink: 'syz.1.16284': attribute type 39 has an invalid length.
[  863.802655][T13305] netlink: 16 bytes leftover after parsing attributes in process `syz.1.16284'.
[  863.840039][T13312] siw: device registration error -23
[  863.894526][T13320] netlink: 'syz.2.16290': attribute type 10 has an invalid length.
[  863.902589][T13320] netlink: 40 bytes leftover after parsing attributes in process `syz.2.16290'.
[  863.937137][T13320] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  863.998148][T13314] siw: device registration error -23
[  864.060246][T13343] netlink: 16 bytes leftover after parsing attributes in process `syz.2.16301'.
[  864.063869][T13340] netlink: 'syz.1.16299': attribute type 39 has an invalid length.
[  864.086938][T13343] netlink: 8 bytes leftover after parsing attributes in process `syz.2.16301'.
[  864.100756][T13336] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=16404 sclass=netlink_route_socket pid=13336 comm=syz.3.16297
[  864.128015][T13340] netlink: 16 bytes leftover after parsing attributes in process `syz.1.16299'.
[  864.184141][T13355] SELinux: security policydb version 18 (MLS) not backwards compatible
[  864.199495][T13355] SELinux: failed to load policy
[  864.226320][T13358] netlink: 'syz.1.16307': attribute type 10 has an invalid length.
[  864.274081][T13366] SELinux: security policydb version 18 (MLS) not backwards compatible
[  864.296317][T13366] SELinux: failed to load policy
[  864.306499][T13368] siw: device registration error -23
[  864.365854][T13379] netlink: 'syz.4.16317': attribute type 39 has an invalid length.
[  864.480240][T13388] netlink: 'syz.2.16321': attribute type 10 has an invalid length.
[  864.505611][T13388] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  864.575242][T13399] futex_wake_op: syz.0.16323 tries to shift op by -1; fix this program
[  864.646836][T13408] netlink: 'syz.1.16331': attribute type 39 has an invalid length.
[  865.317382][T13441] futex_wake_op: syz.2.16341 tries to shift op by -1; fix this program
[  865.455708][T13451] netlink: 'syz.2.16346': attribute type 39 has an invalid length.
[  865.555416][T13460] siw: device registration error -23
[  865.630218][T13470] futex_wake_op: syz.0.16354 tries to shift op by -1; fix this program
[  865.703731][T13476] futex_wake_op: syz.2.16357 tries to shift op by -1; fix this program
[  865.733149][T13481] netlink: 'syz.4.16360': attribute type 39 has an invalid length.
[  865.871978][T13491] siw: device registration error -23
[  866.016498][T13510] futex_wake_op: syz.4.16369 tries to shift op by -1; fix this program
[  866.188183][T13514] lo speed is unknown, defaulting to 1000
[  866.206335][T13519] siw: device registration error -23
[  866.778420][T13555] __nla_validate_parse: 15 callbacks suppressed
[  866.778434][T13555] netlink: 33912 bytes leftover after parsing attributes in process `syz.1.16385'.
[  866.865706][T13560] netlink: 40 bytes leftover after parsing attributes in process `syz.1.16386'.
[  867.151546][T13591] netlink: 40 bytes leftover after parsing attributes in process `syz.3.16400'.
[  867.175386][T13591] team0: Port device geneve1 added
[  867.267898][T13601] netlink: 4 bytes leftover after parsing attributes in process `syz.3.16405'.
[  867.279769][T13601] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  867.287478][T13601] batman_adv: batadv0: Removing interface: batadv_slave_0
[  867.297388][T13601] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  867.305058][T13601] batman_adv: batadv0: Removing interface: batadv_slave_1
[  868.180798][   T29] kauditd_printk_skb: 302 callbacks suppressed
[  868.180816][   T29] audit: type=1326 audit(2000000410.551:59406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13634 comm="syz.4.16418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4fb32e929 code=0x7ffc0000
[  868.210987][   T29] audit: type=1326 audit(2000000410.551:59407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13634 comm="syz.4.16418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb4fb32e929 code=0x7ffc0000
[  868.234865][   T29] audit: type=1326 audit(2000000410.561:59408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13634 comm="syz.4.16418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4fb32e929 code=0x7ffc0000
[  868.258671][   T29] audit: type=1326 audit(2000000410.561:59409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13634 comm="syz.4.16418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4fb32e929 code=0x7ffc0000
[  868.282535][   T29] audit: type=1326 audit(2000000410.561:59410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13634 comm="syz.4.16418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7fb4fb32e929 code=0x7ffc0000
[  868.306477][   T29] audit: type=1326 audit(2000000410.561:59411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13634 comm="syz.4.16418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4fb32e929 code=0x7ffc0000
[  868.330261][   T29] audit: type=1326 audit(2000000410.561:59412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13634 comm="syz.4.16418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4fb32e929 code=0x7ffc0000
[  868.354190][   T29] audit: type=1326 audit(2000000410.561:59413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13634 comm="syz.4.16418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7fb4fb32e929 code=0x7ffc0000
[  868.377986][   T29] audit: type=1326 audit(2000000410.561:59414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13634 comm="syz.4.16418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4fb32e929 code=0x7ffc0000
[  868.401772][   T29] audit: type=1326 audit(2000000410.561:59415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13634 comm="syz.4.16418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4fb32e929 code=0x7ffc0000
[  868.743243][T13662] SELinux: security policydb version 18 (MLS) not backwards compatible
[  868.767717][T13662] SELinux: failed to load policy
[  868.843266][T13671] validate_nla: 5 callbacks suppressed
[  868.843286][T13671] netlink: 'syz.4.16432': attribute type 39 has an invalid length.
[  868.883015][T13671] netlink: 16 bytes leftover after parsing attributes in process `syz.4.16432'.
[  868.971984][T13693] siw: device registration error -23
[  868.976735][T13697] SELinux: security policydb version 18 (MLS) not backwards compatible
[  868.989810][T13689] 9pnet: Could not find request transport: f	
[  869.002123][T13697] SELinux: failed to load policy
[  869.066700][T13706] netlink: 4 bytes leftover after parsing attributes in process `syz.1.16445'.
[  869.257153][T13716] netlink: 4 bytes leftover after parsing attributes in process `syz.4.16447'.
[  869.709259][T13723] netlink: 4 bytes leftover after parsing attributes in process `syz.0.16449'.
[  870.118879][T13733] netlink: 'syz.1.16453': attribute type 10 has an invalid length.
[  870.126890][T13733] netlink: 40 bytes leftover after parsing attributes in process `syz.1.16453'.
[  870.164727][T13737] SELinux: security policydb version 18 (MLS) not backwards compatible
[  870.187187][T13737] SELinux: failed to load policy
[  870.211820][T13735] siw: device registration error -23
[  870.299342][T13750] netlink: 4 bytes leftover after parsing attributes in process `syz.2.16460'.
[  870.455666][T13758] futex_wake_op: syz.4.16461 tries to shift op by -1; fix this program
[  870.579603][T13761] siw: device registration error -23
[  870.679411][T13771] SELinux: security policydb version 18 (MLS) not backwards compatible
[  870.698898][T13771] SELinux: failed to load policy
[  870.752868][T13764] FAULT_INJECTION: forcing a failure.
[  870.752868][T13764] name failslab, interval 1, probability 0, space 0, times 0
[  870.765670][T13764] CPU: 1 UID: 0 PID: 13764 Comm: syz.4.16464 Not tainted 6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(voluntary) 
[  870.765706][T13764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  870.765721][T13764] Call Trace:
[  870.765729][T13764]  <TASK>
[  870.765737][T13764]  __dump_stack+0x1d/0x30
[  870.765759][T13764]  dump_stack_lvl+0xe8/0x140
[  870.765783][T13764]  dump_stack+0x15/0x1b
[  870.765803][T13764]  should_fail_ex+0x265/0x280
[  870.765840][T13764]  should_failslab+0x8c/0xb0
[  870.765862][T13764]  kmem_cache_alloc_noprof+0x50/0x310
[  870.765894][T13764]  ? mpol_set_shared_policy+0x70/0x860
[  870.765933][T13764]  mpol_set_shared_policy+0x70/0x860
[  870.765971][T13764]  ? kmem_cache_alloc_noprof+0x186/0x310
[  870.766003][T13764]  ? __rcu_read_unlock+0x4f/0x70
[  870.766033][T13764]  shmem_set_policy+0x3d/0x50
[  870.766073][T13764]  mbind_range+0x23d/0x440
[  870.766089][T13764]  ? mas_find+0x4ea/0x610
[  870.766110][T13764]  __se_sys_mbind+0x648/0xac0
[  870.766144][T13764]  __x64_sys_mbind+0x78/0x90
[  870.766177][T13764]  x64_sys_call+0x14af/0x2fb0
[  870.766222][T13764]  do_syscall_64+0xd2/0x200
[  870.766248][T13764]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  870.766276][T13764]  ? clear_bhb_loop+0x40/0x90
[  870.766296][T13764]  ? clear_bhb_loop+0x40/0x90
[  870.766321][T13764]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  870.766348][T13764] RIP: 0033:0x7fb4fb32e929
[  870.766367][T13764] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  870.766390][T13764] RSP: 002b:00007fb4f9997038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[  870.766413][T13764] RAX: ffffffffffffffda RBX: 00007fb4fb555fa0 RCX: 00007fb4fb32e929
[  870.766426][T13764] RDX: 0000000000000002 RSI: 0000000000600000 RDI: 0000200000000000
[  870.766438][T13764] RBP: 00007fb4f9997090 R08: 0000000000000008 R09: 0000000000000000
[  870.766451][T13764] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  870.766467][T13764] R13: 0000000000000000 R14: 00007fb4fb555fa0 R15: 00007ffdd7bc96a8
[  870.766493][T13764]  </TASK>
[  871.004208][T13767] wireguard0: entered promiscuous mode
[  871.009762][T13767] wireguard0: entered allmulticast mode
[  871.037274][T13782] veth1_to_bridge: entered promiscuous mode
[  871.043296][T13782] veth1_to_bridge: entered allmulticast mode
[  871.172665][T13803] siw: device registration error -23
[  871.250400][T13812] netlink: 'syz.2.16481': attribute type 10 has an invalid length.
[  871.260802][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  871.270312][T13808] futex_wake_op: syz.3.16479 tries to shift op by -1; fix this program
[  871.279993][T13812] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  871.564879][T13836] siw: device registration error -23
[  871.773310][T13865] SELinux: security policydb version 18 (MLS) not backwards compatible
[  871.790983][T13865] SELinux: failed to load policy
[  871.921782][T13880] futex_wake_op: syz.1.16511 tries to shift op by -1; fix this program
[  872.227490][T13919] __nla_validate_parse: 2 callbacks suppressed
[  872.227506][T13919] netlink: 4 bytes leftover after parsing attributes in process `syz.3.16529'.
[  873.843852][T14024] siw: device registration error -23
[  874.095452][T14034] netlink: 33912 bytes leftover after parsing attributes in process `syz.1.16561'.
[  874.167775][T14039] siw: device registration error -23
[  874.238094][T14044] netlink: 'syz.3.16565': attribute type 39 has an invalid length.
[  874.269517][T14046] netlink: 33912 bytes leftover after parsing attributes in process `syz.1.16566'.
[  874.303808][T14048] netlink: 16 bytes leftover after parsing attributes in process `syz.3.16565'.
[  874.361450][   T29] kauditd_printk_skb: 238 callbacks suppressed
[  874.361467][   T29] audit: type=1326 audit(2000000416.661:59654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14045 comm="syz.1.16566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd7b95e929 code=0x7ffc0000
[  874.392182][   T29] audit: type=1326 audit(2000000416.661:59655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14045 comm="syz.1.16566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7efd7b95e929 code=0x7ffc0000
[  874.415953][   T29] audit: type=1326 audit(2000000416.661:59656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14045 comm="syz.1.16566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd7b95e929 code=0x7ffc0000
[  874.440453][   T29] audit: type=1326 audit(2000000416.661:59657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14045 comm="syz.1.16566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efd7b95e929 code=0x7ffc0000
[  874.465157][   T29] audit: type=1326 audit(2000000416.661:59658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14045 comm="syz.1.16566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd7b95e929 code=0x7ffc0000
[  874.488948][   T29] audit: type=1326 audit(2000000416.661:59659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14045 comm="syz.1.16566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efd7b95e929 code=0x7ffc0000
[  874.513481][   T29] audit: type=1326 audit(2000000416.661:59660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14045 comm="syz.1.16566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd7b95e929 code=0x7ffc0000
[  874.537253][   T29] audit: type=1326 audit(2000000416.661:59661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14045 comm="syz.1.16566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efd7b95e929 code=0x7ffc0000
[  874.561596][   T29] audit: type=1326 audit(2000000416.661:59662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14045 comm="syz.1.16566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd7b95e929 code=0x7ffc0000
[  874.585396][   T29] audit: type=1326 audit(2000000416.661:59663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14045 comm="syz.1.16566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efd7b95e929 code=0x7ffc0000
[  874.842366][T14064] siw: device registration error -23
[  874.926029][T14075] siw: device registration error -23
[  875.350000][T14100] netlink: 'syz.3.16588': attribute type 39 has an invalid length.
[  875.394923][T14100] netlink: 16 bytes leftover after parsing attributes in process `syz.3.16588'.
[  876.091575][T14118] netlink: 'syz.0.16596': attribute type 39 has an invalid length.
[  876.185208][T14120] netlink: 12 bytes leftover after parsing attributes in process `syz.3.16597'.
[  876.216424][T14125] netlink: 'syz.4.16599': attribute type 39 has an invalid length.
[  876.241420][T14120] 8021q: adding VLAN 0 to HW filter on device bond1
[  876.272310][T14125] netlink: 16 bytes leftover after parsing attributes in process `syz.4.16599'.
[  876.610975][T14148] netlink: 33912 bytes leftover after parsing attributes in process `syz.0.16609'.
[  876.645716][T14150] netlink: 33912 bytes leftover after parsing attributes in process `syz.3.16610'.
[  876.719156][T14158] netlink: 'syz.4.16611': attribute type 39 has an invalid length.
[  876.807097][T14161] netlink: 16 bytes leftover after parsing attributes in process `syz.4.16611'.
[  876.937881][T14160] netlink: 'syz.3.16613': attribute type 4 has an invalid length.
[  876.975420][T14160] FAULT_INJECTION: forcing a failure.
[  876.975420][T14160] name failslab, interval 1, probability 0, space 0, times 0
[  876.988243][T14160] CPU: 0 UID: 0 PID: 14160 Comm: syz.3.16613 Not tainted 6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(voluntary) 
[  876.988323][T14160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  876.988409][T14160] Call Trace:
[  876.988417][T14160]  <TASK>
[  876.988426][T14160]  __dump_stack+0x1d/0x30
[  876.988451][T14160]  dump_stack_lvl+0xe8/0x140
[  876.988474][T14160]  dump_stack+0x15/0x1b
[  876.988492][T14160]  should_fail_ex+0x265/0x280
[  876.988533][T14160]  should_failslab+0x8c/0xb0
[  876.988573][T14160]  kmem_cache_alloc_node_noprof+0x57/0x320
[  876.988605][T14160]  ? __alloc_skb+0x101/0x320
[  876.988658][T14160]  __alloc_skb+0x101/0x320
[  876.988738][T14160]  rtmsg_ifinfo_build_skb+0x5f/0x1b0
[  876.988763][T14160]  ? __rcu_read_unlock+0x4f/0x70
[  876.988789][T14160]  ? __pfx_rtnetlink_event+0x10/0x10
[  876.988818][T14160]  rtnetlink_event+0x18c/0x200
[  876.988932][T14160]  raw_notifier_call_chain+0x6c/0x1b0
[  876.988964][T14160]  ? call_netdevice_notifiers_info+0x9c/0x100
[  876.988998][T14160]  call_netdevice_notifiers_info+0xae/0x100
[  876.989098][T14160]  netif_set_mtu_ext+0x296/0x370
[  876.989136][T14160]  do_setlink+0x751/0x2810
[  876.989164][T14160]  ? save_fpregs_to_fpstate+0x100/0x160
[  876.989192][T14160]  ? _raw_spin_unlock+0x26/0x50
[  876.989244][T14160]  ? finish_task_switch+0xad/0x2b0
[  876.989269][T14160]  ? __schedule+0x6a8/0xb30
[  876.989304][T14160]  rtnl_setlink+0x311/0x420
[  876.989405][T14160]  ? security_capable+0x83/0x90
[  876.989438][T14160]  ? ns_capable+0x7d/0xb0
[  876.989479][T14160]  ? __pfx_rtnl_setlink+0x10/0x10
[  876.989504][T14160]  rtnetlink_rcv_msg+0x5fb/0x6d0
[  876.989580][T14160]  netlink_rcv_skb+0x123/0x220
[  876.989603][T14160]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  876.989719][T14160]  rtnetlink_rcv+0x1c/0x30
[  876.989763][T14160]  netlink_unicast+0x5a1/0x670
[  876.989810][T14160]  netlink_sendmsg+0x58b/0x6b0
[  876.989855][T14160]  ? __pfx_netlink_sendmsg+0x10/0x10
[  876.989876][T14160]  __sock_sendmsg+0x145/0x180
[  876.989903][T14160]  sock_write_iter+0x165/0x1b0
[  876.989942][T14160]  do_iter_readv_writev+0x41e/0x4c0
[  876.990074][T14160]  vfs_writev+0x2df/0x8b0
[  876.990110][T14160]  do_writev+0xe7/0x210
[  876.990141][T14160]  __x64_sys_writev+0x45/0x50
[  876.990233][T14160]  x64_sys_call+0x2006/0x2fb0
[  876.990257][T14160]  do_syscall_64+0xd2/0x200
[  876.990281][T14160]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  876.990366][T14160]  ? clear_bhb_loop+0x40/0x90
[  876.990387][T14160]  ? clear_bhb_loop+0x40/0x90
[  876.990411][T14160]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  876.990436][T14160] RIP: 0033:0x7fa9b223e929
[  876.990517][T14160] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  876.990537][T14160] RSP: 002b:00007fa9b08a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  876.990579][T14160] RAX: ffffffffffffffda RBX: 00007fa9b2465fa0 RCX: 00007fa9b223e929
[  876.990664][T14160] RDX: 0000000000000001 RSI: 00002000000003c0 RDI: 0000000000000006
[  876.990680][T14160] RBP: 00007fa9b08a7090 R08: 0000000000000000 R09: 0000000000000000
[  876.990694][T14160] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  876.990710][T14160] R13: 0000000000000000 R14: 00007fa9b2465fa0 R15: 00007ffc39b644e8
[  876.990733][T14160]  </TASK>
[  877.460078][T14183] netlink: 4 bytes leftover after parsing attributes in process `syz.0.16623'.
[  877.475421][T14179] siw: device registration error -23
[  877.825940][T14194] Invalid ELF header magic: != ELF
[  877.849358][T14194] Cannot find add_set index 0 as target
[  877.947644][T14199] sd 0:0:1:0: device reset
[  878.423330][T14210] siw: device registration error -23
[  878.512869][T14214] SELinux: security policydb version 18 (MLS) not backwards compatible
[  878.554079][T14214] SELinux: failed to load policy
[  878.793860][T14227] netlink: 4 bytes leftover after parsing attributes in process `syz.0.16638'.
[  879.290937][T14252] netlink: 33912 bytes leftover after parsing attributes in process `syz.4.16647'.
[  879.413146][T14259] netlink: 'syz.4.16648': attribute type 39 has an invalid length.
[  879.478532][T14259] netlink: 16 bytes leftover after parsing attributes in process `syz.4.16648'.
[  879.577508][   T29] kauditd_printk_skb: 238 callbacks suppressed
[  879.577526][   T29] audit: type=1326 audit(2000000421.971:59902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14263 comm="syz.3.16651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9b223e929 code=0x7ffc0000
[  879.650379][ T8163] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  879.661505][ T8163] CPU: 1 UID: 0 PID: 8163 Comm: syz-executor Not tainted 6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(voluntary) 
[  879.661610][ T8163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  879.661625][ T8163] Call Trace:
[  879.661632][ T8163]  <TASK>
[  879.661642][ T8163]  __dump_stack+0x1d/0x30
[  879.661663][ T8163]  dump_stack_lvl+0xe8/0x140
[  879.661693][ T8163]  dump_stack+0x15/0x1b
[  879.661713][ T8163]  dump_header+0x81/0x220
[  879.661753][ T8163]  oom_kill_process+0x334/0x3f0
[  879.661788][ T8163]  out_of_memory+0x979/0xb80
[  879.661887][ T8163]  try_charge_memcg+0x5e6/0x9e0
[  879.661920][ T8163]  charge_memcg+0x51/0xc0
[  879.661995][ T8163]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  879.662033][ T8163]  __read_swap_cache_async+0x1df/0x350
[  879.662065][ T8163]  swap_cluster_readahead+0x277/0x3e0
[  879.662120][ T8163]  swapin_readahead+0xde/0x6f0
[  879.662148][ T8163]  ? __filemap_get_folio+0x49f/0x650
[  879.662178][ T8163]  ? bpf_prog_e95a4a16f042d2d7+0x2a/0x32
[  879.662316][ T8163]  ? swap_cache_get_folio+0x77/0x200
[  879.662352][ T8163]  do_swap_page+0x301/0x2430
[  879.662404][ T8163]  ? finish_task_switch+0xad/0x2b0
[  879.662533][ T8163]  ? __pfx_default_wake_function+0x10/0x10
[  879.662626][ T8163]  handle_mm_fault+0x9a5/0x2be0
[  879.662688][ T8163]  ? mas_walk+0xf2/0x120
[  879.662718][ T8163]  do_user_addr_fault+0x636/0x1090
[  879.662759][ T8163]  ? fpregs_restore_userregs+0xe2/0x1d0
[  879.662788][ T8163]  ? switch_fpu_return+0xe/0x20
[  879.662814][ T8163]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  879.662860][ T8163]  exc_page_fault+0x62/0xa0
[  879.662897][ T8163]  asm_exc_page_fault+0x26/0x30
[  879.662919][ T8163] RIP: 0033:0x7fb4fb3611a5
[  879.662937][ T8163] Code: 00 00 00 00 00 83 ff 03 74 7b 83 ff 02 b8 fa ff ff ff 49 89 ca 0f 44 f8 80 3d 9e 43 1c 00 00 74 14 b8 e6 00 00 00 0f 05 f7 d8 <c3> 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec 28 48 89 54 24 10 89 74
[  879.662955][ T8163] RSP: 002b:00007ffdd7bc99e8 EFLAGS: 00010246
[  879.662986][ T8163] RAX: 0000000000000000 RBX: 00000000000004e7 RCX: 00007fb4fb3611a3
[  879.663001][ T8163] RDX: 00007ffdd7bc9a00 RSI: 0000000000000000 RDI: 0000000000000000
[  879.663013][ T8163] RBP: 00007ffdd7bc9a6c R08: 000000002c979956 R09: 0000000000000000
[  879.663024][ T8163] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000001388
[  879.663036][ T8163] R13: 00000000000927c0 R14: 00000000000d6c1f R15: 00007ffdd7bc9ac0
[  879.663059][ T8163]  </TASK>
[  879.663068][ T8163] memory: usage 307200kB, limit 307200kB, failcnt 3959
[  879.908761][ T8163] memory+swap: usage 307400kB, limit 9007199254740988kB, failcnt 0
[  879.917568][ T8163] kmem: usage 306972kB, limit 9007199254740988kB, failcnt 0
[  879.924895][ T8163] Memory cgroup stats for /syz4:
[  879.964423][ T8163] cache 8192
[  879.973393][ T8163] rss 8192
[  879.976541][ T8163] shmem 0
[  879.979502][ T8163] mapped_file 8192
[  879.983263][ T8163] dirty 4096
[  879.986484][ T8163] writeback 4096
[  879.990041][ T8163] workingset_refault_anon 1410
[  879.994918][ T8163] workingset_refault_file 6317
[  879.999707][ T8163] swap 196608
[  880.003796][ T8163] swapcached 4096
[  880.007447][ T8163] pgpgin 1087351
[  880.011037][ T8163] pgpgout 1087344
[  880.014676][ T8163] pgfault 1185323
[  880.018323][ T8163] pgmajfault 473
[  880.021922][ T8163] inactive_anon 4096
[  880.025829][ T8163] active_anon 4096
[  880.029567][ T8163] inactive_file 16384
[  880.034368][ T8163] active_file 0
[  880.037851][ T8163] unevictable 0
[  880.041783][ T8163] hierarchical_memory_limit 314572800
[  880.047186][ T8163] hierarchical_memsw_limit 9223372036854771712
[  880.053573][ T8163] total_cache 8192
[  880.057303][ T8163] total_rss 8192
[  880.061670][ T8163] total_shmem 0
[  880.065143][ T8163] total_mapped_file 8192
[  880.069390][ T8163] total_dirty 4096
[  880.073194][ T8163] total_writeback 4096
[  880.077299][ T8163] total_workingset_refault_anon 1410
[  880.082672][ T8163] total_workingset_refault_file 6317
[  880.088011][ T8163] total_swap 196608
[  880.092516][ T8163] total_swapcached 4096
[  880.096703][ T8163] total_pgpgin 1087351
[  880.100868][ T8163] total_pgpgout 1087344
[  880.105031][ T8163] total_pgfault 1185323
[  880.109187][ T8163] total_pgmajfault 473
[  880.113369][ T8163] total_inactive_anon 4096
[  880.117815][ T8163] total_active_anon 4096
[  880.122781][ T8163] total_inactive_file 16384
[  880.127406][ T8163] total_active_file 0
[  880.131439][ T8163] total_unevictable 0
[  880.135428][ T8163] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.16648,pid=14255,uid=0
[  880.150255][ T8163] Memory cgroup out of memory: Killed process 14255 (syz.4.16648) total-vm:93752kB, anon-rss:1064kB, file-rss:22440kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  880.263372][   T29] audit: type=1326 audit(2000000422.011:59903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14263 comm="syz.3.16651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa9b223e929 code=0x7ffc0000
[  880.288406][   T29] audit: type=1326 audit(2000000422.011:59904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14263 comm="syz.3.16651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9b223e929 code=0x7ffc0000
[  880.313674][   T29] audit: type=1326 audit(2000000422.011:59905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14263 comm="syz.3.16651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9b223e929 code=0x7ffc0000
[  880.337556][   T29] audit: type=1326 audit(2000000422.011:59906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14263 comm="syz.3.16651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa9b223e929 code=0x7ffc0000
[  880.361944][   T29] audit: type=1326 audit(2000000422.011:59907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14263 comm="syz.3.16651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9b223e929 code=0x7ffc0000
[  880.386509][   T29] audit: type=1326 audit(2000000422.011:59908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14263 comm="syz.3.16651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9b223e929 code=0x7ffc0000
[  880.410996][   T29] audit: type=1326 audit(2000000422.011:59909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14263 comm="syz.3.16651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=198 compat=0 ip=0x7fa9b223e929 code=0x7ffc0000
[  880.434744][   T29] audit: type=1326 audit(2000000422.011:59910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14263 comm="syz.3.16651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9b223e929 code=0x7ffc0000
[  880.459309][   T29] audit: type=1326 audit(2000000422.011:59911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14263 comm="syz.3.16651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9b223e929 code=0x7ffc0000
[  880.859707][T14297] netlink: 'syz.4.16664': attribute type 39 has an invalid length.
[  880.966650][ T8163] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  880.978075][ T8163] CPU: 1 UID: 0 PID: 8163 Comm: syz-executor Not tainted 6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(voluntary) 
[  880.978108][ T8163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  880.978124][ T8163] Call Trace:
[  880.978132][ T8163]  <TASK>
[  880.978154][ T8163]  __dump_stack+0x1d/0x30
[  880.978175][ T8163]  dump_stack_lvl+0xe8/0x140
[  880.978194][ T8163]  dump_stack+0x15/0x1b
[  880.978212][ T8163]  dump_header+0x81/0x220
[  880.978266][ T8163]  oom_kill_process+0x334/0x3f0
[  880.978303][ T8163]  out_of_memory+0x979/0xb80
[  880.978334][ T8163]  try_charge_memcg+0x5e6/0x9e0
[  880.978503][ T8163]  charge_memcg+0x51/0xc0
[  880.978536][ T8163]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  880.978634][ T8163]  __read_swap_cache_async+0x1df/0x350
[  880.978701][ T8163]  swap_cluster_readahead+0x277/0x3e0
[  880.978743][ T8163]  swapin_readahead+0xde/0x6f0
[  880.978773][ T8163]  ? __filemap_get_folio+0x49f/0x650
[  880.978809][ T8163]  ? swap_cache_get_folio+0x77/0x200
[  880.978842][ T8163]  do_swap_page+0x301/0x2430
[  880.978906][ T8163]  ? finish_task_switch+0xad/0x2b0
[  880.978932][ T8163]  ? __pfx_default_wake_function+0x10/0x10
[  880.978987][ T8163]  handle_mm_fault+0x9a5/0x2be0
[  880.979010][ T8163]  ? mas_walk+0xf2/0x120
[  880.979037][ T8163]  do_user_addr_fault+0x636/0x1090
[  880.979070][ T8163]  ? fpregs_restore_userregs+0xe2/0x1d0
[  880.979111][ T8163]  ? switch_fpu_return+0xe/0x20
[  880.979146][ T8163]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  880.979198][ T8163]  exc_page_fault+0x62/0xa0
[  880.979237][ T8163]  asm_exc_page_fault+0x26/0x30
[  880.979262][ T8163] RIP: 0033:0x7fb4fb3611a5
[  880.979279][ T8163] Code: 00 00 00 00 00 83 ff 03 74 7b 83 ff 02 b8 fa ff ff ff 49 89 ca 0f 44 f8 80 3d 9e 43 1c 00 00 74 14 b8 e6 00 00 00 0f 05 f7 d8 <c3> 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec 28 48 89 54 24 10 89 74
[  880.979297][ T8163] RSP: 002b:00007ffdd7bc99e8 EFLAGS: 00010246
[  880.979346][ T8163] RAX: 0000000000000000 RBX: 00000000000004f0 RCX: 00007fb4fb3611a3
[  880.979362][ T8163] RDX: 00007ffdd7bc9a00 RSI: 0000000000000000 RDI: 0000000000000000
[  880.979379][ T8163] RBP: 00007ffdd7bc9a6c R08: 00000000015a8423 R09: 0000000000000000
[  880.979396][ T8163] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000001388
[  880.979412][ T8163] R13: 00000000000927c0 R14: 00000000000d715f R15: 00007ffdd7bc9ac0
[  880.979436][ T8163]  </TASK>
[  880.979445][ T8163] memory: usage 307200kB, limit 307200kB, failcnt 4128
[  881.220021][ T8163] memory+swap: usage 307396kB, limit 9007199254740988kB, failcnt 0
[  881.227957][ T8163] kmem: usage 306984kB, limit 9007199254740988kB, failcnt 0
[  881.236020][ T8163] Memory cgroup stats for /syz4:
[  881.290507][ T8163] cache 0
[  881.299142][ T8163] rss 8192
[  881.302313][ T8163] shmem 0
[  881.305322][ T8163] mapped_file 0
[  881.308837][ T8163] dirty 0
[  881.311825][ T8163] writeback 0
[  881.315626][ T8163] workingset_refault_anon 1428
[  881.320472][ T8163] workingset_refault_file 6317
[  881.325916][ T8163] swap 184320
[  881.329294][ T8163] swapcached 8192
[  881.333017][ T8163] pgpgin 1088154
[  881.336571][ T8163] pgpgout 1088148
[  881.340228][ T8163] pgfault 1186313
[  881.343914][ T8163] pgmajfault 484
[  881.347504][ T8163] inactive_anon 0
[  881.351838][ T8163] active_anon 12288
[  881.355670][ T8163] inactive_file 8192
[  881.359570][ T8163] active_file 0
[  881.363097][ T8163] unevictable 0
[  881.366576][ T8163] hierarchical_memory_limit 314572800
[  881.372005][ T8163] hierarchical_memsw_limit 9223372036854771712
[  881.378279][ T8163] total_cache 0
[  881.382462][ T8163] total_rss 8192
[  881.386043][ T8163] total_shmem 0
[  881.389596][ T8163] total_mapped_file 0
[  881.393614][ T8163] total_dirty 0
[  881.397097][ T8163] total_writeback 0
[  881.400930][ T8163] total_workingset_refault_anon 1428
[  881.406231][ T8163] total_workingset_refault_file 6317
[  881.412270][ T8163] total_swap 184320
[  881.416137][ T8163] total_swapcached 8192
[  881.420298][ T8163] total_pgpgin 1088154
[  881.424401][ T8163] total_pgpgout 1088148
[  881.428731][ T8163] total_pgfault 1186313
[  881.432976][ T8163] total_pgmajfault 484
[  881.437072][ T8163] total_inactive_anon 0
[  881.442056][ T8163] total_active_anon 12288
[  881.446503][ T8163] total_inactive_file 8192
[  881.450961][ T8163] total_active_file 0
[  881.455041][ T8163] total_unevictable 0
[  881.459090][ T8163] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.16664,pid=14292,uid=0
[  881.474714][ T8163] Memory cgroup out of memory: Killed process 14292 (syz.4.16664) total-vm:93752kB, anon-rss:1060kB, file-rss:22056kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  881.518386][T14303] siw: device registration error -23
[  881.529990][T14301] SELinux: security policydb version 18 (MLS) not backwards compatible
[  881.539173][T14301] SELinux: failed to load policy
[  881.584161][T14319] siw: device registration error -23
[  881.692772][T14275] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  881.774601][T14275] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  881.856671][T14275] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  881.895786][T14347] netlink: 33912 bytes leftover after parsing attributes in process `syz.4.16677'.
[  881.933656][T14352] netlink: 4 bytes leftover after parsing attributes in process `syz.4.16679'.
[  881.933670][T14275] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  881.999352][T14275] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  882.015517][T14275] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  882.033209][T14363] netlink: 'syz.1.16683': attribute type 39 has an invalid length.
[  882.045844][T14275] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  882.060208][T14363] netlink: 16 bytes leftover after parsing attributes in process `syz.1.16683'.
[  882.075823][T14275] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  882.134248][T14374] siw: device registration error -23
[  882.217647][T14377] FAULT_INJECTION: forcing a failure.
[  882.217647][T14377] name failslab, interval 1, probability 0, space 0, times 0
[  882.231230][T14377] CPU: 1 UID: 0 PID: 14377 Comm: syz.0.16689 Not tainted 6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(voluntary) 
[  882.231259][T14377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  882.231272][T14377] Call Trace:
[  882.231279][T14377]  <TASK>
[  882.231287][T14377]  __dump_stack+0x1d/0x30
[  882.231312][T14377]  dump_stack_lvl+0xe8/0x140
[  882.231376][T14377]  dump_stack+0x15/0x1b
[  882.231397][T14377]  should_fail_ex+0x265/0x280
[  882.231497][T14377]  should_failslab+0x8c/0xb0
[  882.231527][T14377]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  882.231575][T14377]  ? __d_alloc+0x3d/0x350
[  882.231642][T14377]  __d_alloc+0x3d/0x350
[  882.231666][T14377]  ? mpol_shared_policy_init+0xbd/0x4c0
[  882.231725][T14377]  d_alloc_pseudo+0x1e/0x80
[  882.231756][T14377]  alloc_file_pseudo+0x71/0x160
[  882.231821][T14377]  ? __se_sys_memfd_create+0x1cc/0x590
[  882.231866][T14377]  __shmem_file_setup+0x1de/0x210
[  882.231915][T14377]  shmem_file_setup+0x3b/0x50
[  882.232013][T14377]  __se_sys_memfd_create+0x2c3/0x590
[  882.232046][T14377]  __x64_sys_memfd_create+0x31/0x40
[  882.232138][T14377]  x64_sys_call+0x122f/0x2fb0
[  882.232164][T14377]  do_syscall_64+0xd2/0x200
[  882.232189][T14377]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  882.232222][T14377]  ? clear_bhb_loop+0x40/0x90
[  882.232245][T14377]  ? clear_bhb_loop+0x40/0x90
[  882.232293][T14377]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  882.232319][T14377] RIP: 0033:0x7f3261c9e929
[  882.232338][T14377] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  882.232360][T14377] RSP: 002b:00007f3260306e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  882.232391][T14377] RAX: ffffffffffffffda RBX: 00000000000005ad RCX: 00007f3261c9e929
[  882.232420][T14377] RDX: 00007f3260306ef0 RSI: 0000000000000000 RDI: 00007f3261d214cc
[  882.232433][T14377] RBP: 0000200000000180 R08: 00007f3260306bb7 R09: 00007f3260306e40
[  882.232445][T14377] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000040
[  882.232456][T14377] R13: 00007f3260306ef0 R14: 00007f3260306eb0 R15: 0000200000000940
[  882.232475][T14377]  </TASK>
[  882.564165][T14396] netlink: 4 bytes leftover after parsing attributes in process `syz.1.16697'.
[  882.578762][T14400] netlink: 'syz.0.16696': attribute type 39 has an invalid length.
[  882.590366][T14400] netlink: 16 bytes leftover after parsing attributes in process `syz.0.16696'.
[  882.677801][T14412] netlink: 12 bytes leftover after parsing attributes in process `syz.0.16703'.
[  882.870562][T14429] SELinux: security policydb version 18 (MLS) not backwards compatible
[  882.892524][T14429] SELinux: failed to load policy
[  882.962919][T14437] IPv6: Can't replace route, no match found
[  883.101290][T14461] FAULT_INJECTION: forcing a failure.
[  883.101290][T14461] name failslab, interval 1, probability 0, space 0, times 0
[  883.114763][T14461] CPU: 1 UID: 0 PID: 14461 Comm: syz.0.16705 Not tainted 6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(voluntary) 
[  883.114818][T14461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  883.114848][T14461] Call Trace:
[  883.114856][T14461]  <TASK>
[  883.114866][T14461]  __dump_stack+0x1d/0x30
[  883.114891][T14461]  dump_stack_lvl+0xe8/0x140
[  883.114915][T14461]  dump_stack+0x15/0x1b
[  883.115056][T14461]  should_fail_ex+0x265/0x280
[  883.115230][T14461]  ? alloc_pipe_info+0xae/0x350
[  883.115257][T14461]  should_failslab+0x8c/0xb0
[  883.115353][T14461]  __kmalloc_cache_noprof+0x4c/0x320
[  883.115393][T14461]  alloc_pipe_info+0xae/0x350
[  883.115421][T14461]  splice_direct_to_actor+0x592/0x680
[  883.115528][T14461]  ? kstrtouint_from_user+0x9f/0xf0
[  883.115571][T14461]  ? __pfx_direct_splice_actor+0x10/0x10
[  883.115623][T14461]  ? __rcu_read_unlock+0x4f/0x70
[  883.115725][T14461]  ? get_pid_task+0x96/0xd0
[  883.115821][T14461]  ? avc_policy_seqno+0x15/0x30
[  883.115858][T14461]  ? selinux_file_permission+0x1e4/0x320
[  883.115950][T14461]  do_splice_direct+0xda/0x150
[  883.115990][T14461]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  883.116020][T14461]  do_sendfile+0x380/0x650
[  883.116056][T14461]  __x64_sys_sendfile64+0x105/0x150
[  883.116127][T14461]  x64_sys_call+0xb39/0x2fb0
[  883.116152][T14461]  do_syscall_64+0xd2/0x200
[  883.116173][T14461]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  883.116203][T14461]  ? clear_bhb_loop+0x40/0x90
[  883.116250][T14461]  ? clear_bhb_loop+0x40/0x90
[  883.116272][T14461]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  883.116294][T14461] RIP: 0033:0x7f3261c9e929
[  883.116329][T14461] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  883.116352][T14461] RSP: 002b:00007f32602c5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  883.116374][T14461] RAX: ffffffffffffffda RBX: 00007f3261ec6160 RCX: 00007f3261c9e929
[  883.116450][T14461] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003
[  883.116465][T14461] RBP: 00007f32602c5090 R08: 0000000000000000 R09: 0000000000000000
[  883.116480][T14461] R10: 0000000800000009 R11: 0000000000000246 R12: 0000000000000001
[  883.116525][T14461] R13: 0000000000000001 R14: 00007f3261ec6160 R15: 00007ffd1fad2da8
[  883.116547][T14461]  </TASK>
[  884.671263][   T29] kauditd_printk_skb: 190 callbacks suppressed
[  884.671281][   T29] audit: type=1326 audit(2000000427.071:60102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14499 comm="syz.0.16738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3261c9e929 code=0x7ffc0000
[  884.757893][   T29] audit: type=1326 audit(2000000427.101:60103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14499 comm="syz.0.16738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3261c9e929 code=0x7ffc0000
[  884.781952][   T29] audit: type=1326 audit(2000000427.101:60104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14499 comm="syz.0.16738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3261c9e929 code=0x7ffc0000
[  884.805834][   T29] audit: type=1326 audit(2000000427.101:60105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14499 comm="syz.0.16738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3261c9e929 code=0x7ffc0000
[  884.829637][   T29] audit: type=1326 audit(2000000427.101:60106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14499 comm="syz.0.16738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3261c9e929 code=0x7ffc0000
[  884.853523][   T29] audit: type=1326 audit(2000000427.101:60107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14499 comm="syz.0.16738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3261c9e929 code=0x7ffc0000
[  884.877457][   T29] audit: type=1326 audit(2000000427.101:60108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14499 comm="syz.0.16738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3261c9e929 code=0x7ffc0000
[  884.901320][   T29] audit: type=1326 audit(2000000427.101:60109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14499 comm="syz.0.16738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=198 compat=0 ip=0x7f3261c9e929 code=0x7ffc0000
[  884.925715][   T29] audit: type=1326 audit(2000000427.101:60110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14499 comm="syz.0.16738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3261c9e929 code=0x7ffc0000
[  884.950152][   T29] audit: type=1326 audit(2000000427.101:60111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14499 comm="syz.0.16738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3261c9e929 code=0x7ffc0000
[  885.029520][T14504] FAULT_INJECTION: forcing a failure.
[  885.029520][T14504] name failslab, interval 1, probability 0, space 0, times 0
[  885.042325][T14504] CPU: 0 UID: 0 PID: 14504 Comm: syz.4.16740 Not tainted 6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(voluntary) 
[  885.042358][T14504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  885.042433][T14504] Call Trace:
[  885.042441][T14504]  <TASK>
[  885.042522][T14504]  __dump_stack+0x1d/0x30
[  885.042544][T14504]  dump_stack_lvl+0xe8/0x140
[  885.042568][T14504]  dump_stack+0x15/0x1b
[  885.042583][T14504]  should_fail_ex+0x265/0x280
[  885.042678][T14504]  should_failslab+0x8c/0xb0
[  885.042701][T14504]  __kmalloc_cache_node_noprof+0x54/0x320
[  885.042730][T14504]  ? __get_vm_area_node+0x106/0x1d0
[  885.042790][T14504]  __get_vm_area_node+0x106/0x1d0
[  885.042829][T14504]  __vmalloc_node_range_noprof+0x273/0xe00
[  885.042877][T14504]  ? sel_write_load+0x158/0x380
[  885.042917][T14504]  ? __rcu_read_unlock+0x4f/0x70
[  885.042963][T14504]  ? sel_write_load+0x158/0x380
[  885.042997][T14504]  vmalloc_noprof+0x82/0xc0
[  885.043108][T14504]  ? sel_write_load+0x158/0x380
[  885.043216][T14504]  sel_write_load+0x158/0x380
[  885.043254][T14504]  ? __pfx_sel_write_load+0x10/0x10
[  885.043289][T14504]  vfs_write+0x269/0x8e0
[  885.043313][T14504]  ? __rcu_read_unlock+0x4f/0x70
[  885.043379][T14504]  ? __fget_files+0x184/0x1c0
[  885.043476][T14504]  ksys_write+0xda/0x1a0
[  885.043498][T14504]  __x64_sys_write+0x40/0x50
[  885.043523][T14504]  x64_sys_call+0x2cdd/0x2fb0
[  885.043551][T14504]  do_syscall_64+0xd2/0x200
[  885.043577][T14504]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  885.043658][T14504]  ? clear_bhb_loop+0x40/0x90
[  885.043683][T14504]  ? clear_bhb_loop+0x40/0x90
[  885.043711][T14504]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  885.043746][T14504] RIP: 0033:0x7fb4fb32e929
[  885.043765][T14504] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  885.043791][T14504] RSP: 002b:00007fb4f9997038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  885.043816][T14504] RAX: ffffffffffffffda RBX: 00007fb4fb555fa0 RCX: 00007fb4fb32e929
[  885.043833][T14504] RDX: 0000000000002000 RSI: 0000200000000000 RDI: 0000000000000007
[  885.043911][T14504] RBP: 00007fb4f9997090 R08: 0000000000000000 R09: 0000000000000000
[  885.043923][T14504] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  885.043938][T14504] R13: 0000000000000000 R14: 00007fb4fb555fa0 R15: 00007ffdd7bc96a8
[  885.043963][T14504]  </TASK>
[  885.043973][T14504] syz.4.16740: vmalloc error: size 8192, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0
[  885.296706][T14504] CPU: 0 UID: 0 PID: 14504 Comm: syz.4.16740 Not tainted 6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(voluntary) 
[  885.296744][T14504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  885.296769][T14504] Call Trace:
[  885.296777][T14504]  <TASK>
[  885.296786][T14504]  __dump_stack+0x1d/0x30
[  885.296808][T14504]  dump_stack_lvl+0xe8/0x140
[  885.296889][T14504]  dump_stack+0x15/0x1b
[  885.296906][T14504]  warn_alloc+0x12b/0x1a0
[  885.296951][T14504]  __vmalloc_node_range_noprof+0x297/0xe00
[  885.296994][T14504]  ? __rcu_read_unlock+0x4f/0x70
[  885.297095][T14504]  ? sel_write_load+0x158/0x380
[  885.297171][T14504]  vmalloc_noprof+0x82/0xc0
[  885.297224][T14504]  ? sel_write_load+0x158/0x380
[  885.297256][T14504]  sel_write_load+0x158/0x380
[  885.297292][T14504]  ? __pfx_sel_write_load+0x10/0x10
[  885.297358][T14504]  vfs_write+0x269/0x8e0
[  885.297380][T14504]  ? __rcu_read_unlock+0x4f/0x70
[  885.297423][T14504]  ? __fget_files+0x184/0x1c0
[  885.297451][T14504]  ksys_write+0xda/0x1a0
[  885.297550][T14504]  __x64_sys_write+0x40/0x50
[  885.297582][T14504]  x64_sys_call+0x2cdd/0x2fb0
[  885.297606][T14504]  do_syscall_64+0xd2/0x200
[  885.297632][T14504]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  885.297665][T14504]  ? clear_bhb_loop+0x40/0x90
[  885.297771][T14504]  ? clear_bhb_loop+0x40/0x90
[  885.297811][T14504]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  885.297906][T14504] RIP: 0033:0x7fb4fb32e929
[  885.297920][T14504] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  885.297939][T14504] RSP: 002b:00007fb4f9997038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  885.297960][T14504] RAX: ffffffffffffffda RBX: 00007fb4fb555fa0 RCX: 00007fb4fb32e929
[  885.297974][T14504] RDX: 0000000000002000 RSI: 0000200000000000 RDI: 0000000000000007
[  885.297986][T14504] RBP: 00007fb4f9997090 R08: 0000000000000000 R09: 0000000000000000
[  885.298020][T14504] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  885.298031][T14504] R13: 0000000000000000 R14: 00007fb4fb555fa0 R15: 00007ffdd7bc96a8
[  885.298050][T14504]  </TASK>
[  885.298056][T14504] Mem-Info:
[  885.514092][T14504] active_anon:20089 inactive_anon:2 isolated_anon:0
[  885.514092][T14504]  active_file:13094 inactive_file:11080 isolated_file:0
[  885.514092][T14504]  unevictable:0 dirty:167 writeback:0
[  885.514092][T14504]  slab_reclaimable:3441 slab_unreclaimable:89228
[  885.514092][T14504]  mapped:30325 shmem:16513 pagetables:1442
[  885.514092][T14504]  sec_pagetables:0 bounce:0
[  885.514092][T14504]  kernel_misc_reclaimable:0
[  885.514092][T14504]  free:1770211 free_pcp:27753 free_cma:0
[  885.559507][T14504] Node 0 active_anon:84996kB inactive_anon:8kB active_file:52376kB inactive_file:44320kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:121300kB dirty:668kB writeback:0kB shmem:66052kB writeback_tmp:0kB kernel_stack:5072kB pagetables:5768kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  885.588642][T14504] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  885.617266][T14504] lowmem_reserve[]: 0 2882 7861 7861
[  885.622666][T14504] Node 0 DMA32 free:2947936kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2951464kB mlocked:0kB bounce:0kB free_pcp:3528kB local_pcp:3528kB free_cma:0kB
[  885.653153][T14504] lowmem_reserve[]: 0 0 4978 4978
[  885.658237][T14504] Node 0 Normal free:4117548kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:93116kB inactive_anon:8kB active_file:52376kB inactive_file:44320kB unevictable:0kB writepending:668kB present:5242880kB managed:5098232kB mlocked:0kB bounce:0kB free_pcp:94680kB local_pcp:24596kB free_cma:0kB
[  885.690277][T14504] lowmem_reserve[]: 0 0 0 0
[  885.694991][T14504] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  885.708076][T14504] Node 0 DMA32: 4*4kB (M) 4*8kB (M) 3*16kB (M) 4*32kB (M) 2*64kB (M) 2*128kB (M) 3*256kB (M) 3*512kB (M) 4*1024kB (M) 2*2048kB (M) 717*4096kB (M) = 2947936kB
[  885.724493][T14504] Node 0 Normal: 3598*4kB (UME) 1704*8kB (UME) 684*16kB (UE) 243*32kB (UE) 84*64kB (UE) 448*128kB (U) 402*256kB (UM) 207*512kB (UM) 227*1024kB (UM) 86*2048kB (UME) 828*4096kB (UME) = 4118424kB
[  885.743686][T14504] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  885.753085][T14504] 40650 total pagecache pages
[  885.757789][T14504] 7 pages in swap cache
[  885.761985][T14504] Free swap  = 124476kB
[  885.766175][T14504] Total swap = 124996kB
[  885.770513][T14504] 2097051 pages RAM
[  885.774334][T14504] 0 pages HighMem/MovableOnly
[  885.779005][T14504] 80787 pages reserved
[  885.846756][T14539] netlink: 33912 bytes leftover after parsing attributes in process `syz.4.16751'.
[  885.967221][T14558] netlink: 33912 bytes leftover after parsing attributes in process `syz.3.16758'.
[  886.139625][T14583] futex_wake_op: syz.0.16769 tries to shift op by -1; fix this program
[  886.185302][T14592] netlink: 33912 bytes leftover after parsing attributes in process `syz.0.16772'.
[  886.237713][T14601] FAULT_INJECTION: forcing a failure.
[  886.237713][T14601] name failslab, interval 1, probability 0, space 0, times 0
[  886.250442][T14601] CPU: 1 UID: 0 PID: 14601 Comm: syz.3.16774 Not tainted 6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(voluntary) 
[  886.250520][T14601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  886.250535][T14601] Call Trace:
[  886.250543][T14601]  <TASK>
[  886.250665][T14601]  __dump_stack+0x1d/0x30
[  886.250709][T14601]  dump_stack_lvl+0xe8/0x140
[  886.250733][T14601]  dump_stack+0x15/0x1b
[  886.250786][T14601]  should_fail_ex+0x265/0x280
[  886.250827][T14601]  should_failslab+0x8c/0xb0
[  886.250857][T14601]  kmem_cache_alloc_noprof+0x50/0x310
[  886.250891][T14601]  ? skb_clone+0x151/0x1f0
[  886.250979][T14601]  skb_clone+0x151/0x1f0
[  886.251006][T14601]  __netlink_deliver_tap+0x2c9/0x500
[  886.251084][T14601]  netlink_unicast+0x64c/0x670
[  886.251123][T14601]  netlink_sendmsg+0x58b/0x6b0
[  886.251147][T14601]  ? __pfx_netlink_sendmsg+0x10/0x10
[  886.251171][T14601]  __sock_sendmsg+0x145/0x180
[  886.251279][T14601]  ____sys_sendmsg+0x31e/0x4e0
[  886.251307][T14601]  ___sys_sendmsg+0x17b/0x1d0
[  886.251350][T14601]  __x64_sys_sendmsg+0xd4/0x160
[  886.251510][T14601]  x64_sys_call+0x2999/0x2fb0
[  886.251538][T14601]  do_syscall_64+0xd2/0x200
[  886.251605][T14601]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  886.251644][T14601]  ? clear_bhb_loop+0x40/0x90
[  886.251672][T14601]  ? clear_bhb_loop+0x40/0x90
[  886.251826][T14601]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  886.251924][T14601] RIP: 0033:0x7fa9b223e929
[  886.251944][T14601] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  886.251967][T14601] RSP: 002b:00007fa9b08a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  886.251987][T14601] RAX: ffffffffffffffda RBX: 00007fa9b2465fa0 RCX: 00007fa9b223e929
[  886.251999][T14601] RDX: 0000000000000004 RSI: 00002000000004c0 RDI: 0000000000000006
[  886.252010][T14601] RBP: 00007fa9b08a7090 R08: 0000000000000000 R09: 0000000000000000
[  886.252056][T14601] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  886.252071][T14601] R13: 0000000000000000 R14: 00007fa9b2465fa0 R15: 00007ffc39b644e8
[  886.252093][T14601]  </TASK>
[  886.469020][T14601] IPv6: Can't replace route, no match found
[  886.609610][T14622] macvlan1: entered promiscuous mode
[  886.619333][T14622] ipvlan0: entered promiscuous mode
[  886.625846][T14622] ipvlan0: left promiscuous mode
[  886.634032][T14622] macvlan1: left promiscuous mode
[  886.659071][T14629] netlink: 4 bytes leftover after parsing attributes in process `syz.0.16788'.
[  886.698173][T14631] siw: device registration error -23
[  886.829230][T14643] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(12)
[  886.835989][T14643] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  886.843821][T14643] vhci_hcd vhci_hcd.0: Device attached
[  886.857467][T14644] usbip_core: unknown command
[  886.862330][T14644] vhci_hcd: unknown pdu 589269955
[  886.867489][T14644] usbip_core: unknown command
[  886.874965][T14648] SELinux: security policydb version 18 (MLS) not backwards compatible
[  886.883338][T26829] vhci_hcd: stop threads
[  886.883610][T14648] SELinux: failed to load policy
[  886.887609][T26829] vhci_hcd: release socket
[  886.897283][T26829] vhci_hcd: disconnect device
[  887.628091][T14678] siw: device registration error -23
[  887.881352][T14707] siw: device registration error -23
[  887.931437][T14711] siw: device registration error -23
[  888.010560][T14721] hub 1-0:1.0: USB hub found
[  888.015323][T14721] hub 1-0:1.0: 8 ports detected
[  888.178663][T14734] netlink: 33912 bytes leftover after parsing attributes in process `syz.1.16827'.
[  888.217167][T14737] netlink: 33912 bytes leftover after parsing attributes in process `syz.1.16828'.
[  888.306717][T14741] futex_wake_op: syz.1.16829 tries to shift op by -1; fix this program
[  888.356171][T14743] siw: device registration error -23
[  889.429274][T14768] netlink: 33912 bytes leftover after parsing attributes in process `syz.2.16838'.
[  889.479962][T14774] SELinux: security policydb version 18 (MLS) not backwards compatible
[  889.496612][T14774] SELinux: failed to load policy
[  889.627378][T14787] netlink: 4 bytes leftover after parsing attributes in process `syz.2.16848'.
[  890.221332][   T29] kauditd_printk_skb: 499 callbacks suppressed
[  890.221349][   T29] audit: type=1326 audit(2000000432.621:60611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14795 comm="syz.1.16850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd7b95e929 code=0x7ffc0000
[  890.352373][   T29] audit: type=1326 audit(2000000432.651:60612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14795 comm="syz.1.16850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd7b95e929 code=0x7ffc0000
[  890.376240][   T29] audit: type=1326 audit(2000000432.651:60613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14795 comm="syz.1.16850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7efd7b95e929 code=0x7ffc0000
[  890.400051][   T29] audit: type=1326 audit(2000000432.651:60614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14795 comm="syz.1.16850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd7b95e929 code=0x7ffc0000
[  890.423747][   T29] audit: type=1326 audit(2000000432.651:60615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14795 comm="syz.1.16850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd7b95e929 code=0x7ffc0000
[  890.447626][   T29] audit: type=1326 audit(2000000432.661:60616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14795 comm="syz.1.16850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7efd7b95e929 code=0x7ffc0000
[  890.471523][   T29] audit: type=1326 audit(2000000432.661:60617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14795 comm="syz.1.16850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd7b95e929 code=0x7ffc0000
[  890.495275][   T29] audit: type=1326 audit(2000000432.661:60618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14795 comm="syz.1.16850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd7b95e929 code=0x7ffc0000
[  890.519079][   T29] audit: type=1326 audit(2000000432.661:60619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14795 comm="syz.1.16850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efd7b95e929 code=0x7ffc0000
[  890.542880][   T29] audit: type=1326 audit(2000000432.661:60620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14795 comm="syz.1.16850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd7b95e929 code=0x7ffc0000
[  890.911608][T14802] netlink: 33912 bytes leftover after parsing attributes in process `syz.4.16852'.
[  891.762405][T14843] SELinux: security policydb version 18 (MLS) not backwards compatible
[  891.771086][T14843] SELinux: failed to load policy
[  893.944671][T14944] netlink: 'syz.1.16901': attribute type 39 has an invalid length.
[  893.971628][T14946] siw: device registration error -23
[  894.118677][T14952] netlink: 4 bytes leftover after parsing attributes in process `syz.4.16905'.
[  894.137275][T14952] bridge_slave_1: left allmulticast mode
[  894.143747][T14952] bridge_slave_1: left promiscuous mode
[  894.149434][T14952] bridge0: port 2(bridge_slave_1) entered disabled state
[  894.156859][T14960] SELinux: security policydb version 18 (MLS) not backwards compatible
[  894.171444][T14960] SELinux: failed to load policy
[  894.181152][T14952] bridge_slave_0: left allmulticast mode
[  894.187130][T14952] bridge_slave_0: left promiscuous mode
[  894.193311][T14952] bridge0: port 1(bridge_slave_0) entered disabled state
[  894.690275][T14973] lo speed is unknown, defaulting to 1000
[  894.725347][ T6323] team0: Port device geneve1 removed
[  894.735062][ T6323] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  894.744814][ T6323] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  895.091276][ T6323] bond0 (unregistering): (slave team0): Releasing backup interface
[  895.102777][ T6323] bond0 (unregistering): Released all slaves
[  895.158343][T14991] siw: device registration error -23
[  895.238775][ T6323] hsr_slave_0: left promiscuous mode
[  895.247590][ T6323] hsr_slave_1: left promiscuous mode
[  895.253530][ T6323] batman_adv: batadv0: Removing interface: batadv_slave_0
[  895.264345][ T6323] batman_adv: batadv0: Removing interface: batadv_slave_1
[  895.334925][ T6323] team0 (unregistering): Port device team_slave_1 removed
[  895.361035][ T6323] team0 (unregistering): Port device team_slave_0 removed
[  895.457301][T14973] chnl_net:caif_netlink_parms(): no params data found
[  895.490849][ T8554] lo speed is unknown, defaulting to 1000
[  895.496691][ T8554] infiniband syz0: ib_query_port failed (-19)
[  895.580082][T14973] bridge0: port 1(bridge_slave_0) entered blocking state
[  895.587328][T14973] bridge0: port 1(bridge_slave_0) entered disabled state
[  895.609052][T15025] netlink: 4 bytes leftover after parsing attributes in process `syz.1.16933'.
[  895.611496][T14973] bridge_slave_0: entered allmulticast mode
[  895.618181][T15023] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(11)
[  895.630607][T15023] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  895.639087][T15023] vhci_hcd vhci_hcd.0: Device attached
[  895.641681][T14973] bridge_slave_0: entered promiscuous mode
[  895.655678][T14973] bridge0: port 2(bridge_slave_1) entered blocking state
[  895.662927][T14973] bridge0: port 2(bridge_slave_1) entered disabled state
[  895.670314][T14973] bridge_slave_1: entered allmulticast mode
[  895.677182][T14973] bridge_slave_1: entered promiscuous mode
[  895.692508][T15030] SELinux: security policydb version 18 (MLS) not backwards compatible
[  895.701223][T15030] SELinux: failed to load policy
[  895.703817][T14973] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  895.732021][T14973] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  895.778613][T14973] team0: Port device team_slave_0 added
[  895.797581][T14973] team0: Port device team_slave_1 added
[  895.820709][ T8556] vhci_hcd: vhci_device speed not set
[  895.845163][T14973] batman_adv: batadv0: Adding interface: batadv_slave_0
[  895.852283][T14973] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  895.879315][T14973] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  895.895224][T14973] batman_adv: batadv0: Adding interface: batadv_slave_1
[  895.902396][T14973] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  895.911972][   T29] kauditd_printk_skb: 206 callbacks suppressed
[  895.911992][   T29] audit: type=1326 audit(2000000438.291:60827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15039 comm="syz.3.16937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9b223e929 code=0x7ffc0000
[  895.928602][T14973] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  895.935467][   T29] audit: type=1326 audit(2000000438.291:60828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15039 comm="syz.3.16937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9b223e929 code=0x7ffc0000
[  895.993647][   T29] audit: type=1326 audit(2000000438.291:60829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15039 comm="syz.3.16937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa9b223e929 code=0x7ffc0000
[  896.018011][   T29] audit: type=1326 audit(2000000438.291:60830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15039 comm="syz.3.16937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9b223e929 code=0x7ffc0000
[  896.022199][T15040] netlink: 33912 bytes leftover after parsing attributes in process `syz.3.16937'.
[  896.042732][   T29] audit: type=1326 audit(2000000438.291:60831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15039 comm="syz.3.16937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa9b223e929 code=0x7ffc0000
[  896.075942][   T29] audit: type=1326 audit(2000000438.291:60832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15039 comm="syz.3.16937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9b223e929 code=0x7ffc0000
[  896.099893][   T29] audit: type=1326 audit(2000000438.291:60833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15039 comm="syz.3.16937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa9b223e929 code=0x7ffc0000
[  896.124271][   T29] audit: type=1326 audit(2000000438.291:60834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15039 comm="syz.3.16937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9b223e929 code=0x7ffc0000
[  896.148027][   T29] audit: type=1326 audit(2000000438.291:60835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15039 comm="syz.3.16937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa9b223e929 code=0x7ffc0000
[  896.172497][   T29] audit: type=1326 audit(2000000438.291:60836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15039 comm="syz.3.16937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa9b223e929 code=0x7ffc0000
[  896.197035][ T8556] usb 5-1: new full-speed USB device number 2 using vhci_hcd
[  896.220414][T14973] hsr_slave_0: entered promiscuous mode
[  896.227321][T14973] hsr_slave_1: entered promiscuous mode
[  896.234331][T14973] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  896.245217][T14973] Cannot create hsr debugfs directory
[  896.368442][T15051] siw: device registration error -23
[  896.482242][T15062] SELinux: security policydb version 18 (MLS) not backwards compatible
[  896.490554][T15062] SELinux: failed to load policy
[  896.816814][T15074] netlink: 4 bytes leftover after parsing attributes in process `syz.3.16947'.
[  896.869121][T14973] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  896.893077][T14973] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  896.901083][T15027] vhci_hcd: connection reset by peer
[  896.907753][ T6323] vhci_hcd: stop threads
[  896.912122][ T6323] vhci_hcd: release socket
[  896.912261][T14973] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  896.916543][ T6323] vhci_hcd: disconnect device
[  896.935689][T14973] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  897.030048][T15087] netlink: 20 bytes leftover after parsing attributes in process `syz.2.16949'.
[  897.059507][T14973] 8021q: adding VLAN 0 to HW filter on device bond0
[  897.091045][T14973] 8021q: adding VLAN 0 to HW filter on device team0
[  897.105158][T26835] bridge0: port 1(bridge_slave_0) entered blocking state
[  897.112299][T26835] bridge0: port 1(bridge_slave_0) entered forwarding state
[  897.130884][T26835] bridge0: port 2(bridge_slave_1) entered blocking state
[  897.138043][T26835] bridge0: port 2(bridge_slave_1) entered forwarding state
[  897.259323][T14973] 8021q: adding VLAN 0 to HW filter on device batadv0
[  897.426499][T14973] veth0_vlan: entered promiscuous mode
[  897.439767][T15118] futex_wake_op: syz.2.16954 tries to shift op by -1; fix this program
[  897.447013][T14973] veth1_vlan: entered promiscuous mode
[  897.469261][T15120] siw: device registration error -23
[  897.477406][T14973] veth0_macvtap: entered promiscuous mode
[  897.487067][T14973] veth1_macvtap: entered promiscuous mode
[  897.504734][T14973] batman_adv: batadv0: Interface activated: batadv_slave_0
[  897.519587][T14973] batman_adv: batadv0: Interface activated: batadv_slave_1
[  897.543047][T14973] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  897.552023][T14973] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  897.560989][T14973] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  897.569818][T14973] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  897.798760][T15146] siw: device registration error -23
[  897.824661][T15156] netlink: 24 bytes leftover after parsing attributes in process `syz.4.16968'.
[  897.882773][T15163] netlink: 8 bytes leftover after parsing attributes in process `syz.3.16971'.
[  898.032622][T15174] lo speed is unknown, defaulting to 1000
[  898.038572][T15174] lo speed is unknown, defaulting to 1000
[  898.045848][T15174] lo speed is unknown, defaulting to 1000
[  898.054889][T15174] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  898.069309][T15174] lo speed is unknown, defaulting to 1000
[  898.076887][T15174] lo speed is unknown, defaulting to 1000
[  898.084498][T15174] lo speed is unknown, defaulting to 1000
[  898.092443][T15174] lo speed is unknown, defaulting to 1000
[  898.099227][T15174] lo speed is unknown, defaulting to 1000
[  898.106492][T15174] lo speed is unknown, defaulting to 1000
[  898.112774][T15174] lo speed is unknown, defaulting to 1000
[  898.118972][T15174] lo speed is unknown, defaulting to 1000
[  898.125478][T15174] lo speed is unknown, defaulting to 1000
[  898.132798][T15174] lo speed is unknown, defaulting to 1000
[  898.139033][T15174] lo speed is unknown, defaulting to 1000
[  898.186216][T15188] siw: device registration error -23
[  898.269537][T15199] netlink: 4 bytes leftover after parsing attributes in process `syz.1.16984'.
[  898.726146][T15222] siw: device registration error -23
[  898.791068][T15230] netlink: 'syz.0.16998': attribute type 39 has an invalid length.
[  898.805072][T15230] netlink: 16 bytes leftover after parsing attributes in process `syz.0.16998'.
[  899.349235][T15268] netlink: 4 bytes leftover after parsing attributes in process `syz.3.17013'.
[  899.768431][T15296] netlink: 24 bytes leftover after parsing attributes in process `syz.2.17022'.
[  899.845719][T15307] netlink: 33912 bytes leftover after parsing attributes in process `syz.0.17026'.
[  899.930294][T15321] netlink: 'syz.2.17031': attribute type 39 has an invalid length.
[  899.950421][T15321] netlink: 16 bytes leftover after parsing attributes in process `syz.2.17031'.
[  899.980992][T15327] FAULT_INJECTION: forcing a failure.
[  899.980992][T15327] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  899.994199][T15327] CPU: 0 UID: 0 PID: 15327 Comm: syz.0.17034 Not tainted 6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(voluntary) 
[  899.994229][T15327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  899.994245][T15327] Call Trace:
[  899.994253][T15327]  <TASK>
[  899.994263][T15327]  __dump_stack+0x1d/0x30
[  899.994286][T15327]  dump_stack_lvl+0xe8/0x140
[  899.994351][T15327]  dump_stack+0x15/0x1b
[  899.994367][T15327]  should_fail_ex+0x265/0x280
[  899.994402][T15327]  should_fail+0xb/0x20
[  899.994492][T15327]  should_fail_usercopy+0x1a/0x20
[  899.994519][T15327]  _copy_from_iter+0xcf/0xe40
[  899.994547][T15327]  ? rep_movs_alternative+0x4a/0x90
[  899.994595][T15327]  ? _copy_from_iter+0x16d/0xe40
[  899.994626][T15327]  copy_page_from_iter+0x178/0x2a0
[  899.994652][T15327]  skb_copy_datagram_from_iter+0x232/0x490
[  899.994680][T15327]  unix_stream_sendmsg+0x45e/0x8e0
[  899.994766][T15327]  ? __pfx_unix_stream_sendmsg+0x10/0x10
[  899.994803][T15327]  __sock_sendmsg+0x145/0x180
[  899.994845][T15327]  ____sys_sendmsg+0x31e/0x4e0
[  899.994875][T15327]  ___sys_sendmsg+0x17b/0x1d0
[  899.994918][T15327]  __x64_sys_sendmsg+0xd4/0x160
[  899.994944][T15327]  x64_sys_call+0x2999/0x2fb0
[  899.995009][T15327]  do_syscall_64+0xd2/0x200
[  899.995030][T15327]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  899.995056][T15327]  ? clear_bhb_loop+0x40/0x90
[  899.995079][T15327]  ? clear_bhb_loop+0x40/0x90
[  899.995120][T15327]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  899.995148][T15327] RIP: 0033:0x7f3261c9e929
[  899.995175][T15327] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  899.995195][T15327] RSP: 002b:00007f3260307038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  899.995217][T15327] RAX: ffffffffffffffda RBX: 00007f3261ec5fa0 RCX: 00007f3261c9e929
[  899.995233][T15327] RDX: 0000000000000003 RSI: 0000200000000980 RDI: 0000000000000003
[  899.995250][T15327] RBP: 00007f3260307090 R08: 0000000000000000 R09: 0000000000000000
[  899.995273][T15327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  899.995288][T15327] R13: 0000000000000000 R14: 00007f3261ec5fa0 R15: 00007ffd1fad2da8
[  899.995312][T15327]  </TASK>
[  900.462788][T15352] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  900.469371][T15352] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  900.477276][T15352] vhci_hcd vhci_hcd.0: Device attached
[  900.518472][T15353] vhci_hcd: connection closed
[  900.518703][ T3433] vhci_hcd: stop threads
[  900.527738][ T3433] vhci_hcd: release socket
[  900.532244][ T3433] vhci_hcd: disconnect device
[  900.580357][T15361] ==================================================================
[  900.588495][T15361] BUG: KCSAN: data-race in _copy_from_iter / _copy_from_iter
[  900.595898][T15361] 
[  900.598242][T15361] write to 0xffff888148260000 of 4096 bytes by task 15362 on cpu 1:
[  900.606253][T15361]  _copy_from_iter+0x130/0xe40
[  900.611039][T15361]  copy_page_from_iter+0x178/0x2a0
[  900.616168][T15361]  process_vm_rw+0x659/0x950
[  900.620787][T15361]  __x64_sys_process_vm_writev+0x78/0x90
[  900.626446][T15361]  x64_sys_call+0xe80/0x2fb0
[  900.631063][T15361]  do_syscall_64+0xd2/0x200
[  900.635597][T15361]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  900.641521][T15361] 
[  900.643852][T15361] write to 0xffff888148260000 of 4096 bytes by task 15361 on cpu 0:
[  900.651840][T15361]  _copy_from_iter+0x130/0xe40
[  900.656619][T15361]  copy_page_from_iter+0x178/0x2a0
[  900.661748][T15361]  process_vm_rw+0x659/0x950
[  900.666359][T15361]  __x64_sys_process_vm_writev+0x78/0x90
[  900.672017][T15361]  x64_sys_call+0xe80/0x2fb0
[  900.676630][T15361]  do_syscall_64+0xd2/0x200
[  900.681154][T15361]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  900.687077][T15361] 
[  900.689413][T15361] Reported by Kernel Concurrency Sanitizer on:
[  900.695575][T15361] CPU: 0 UID: 0 PID: 15361 Comm: syz.3.17048 Not tainted 6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(voluntary) 
[  900.708264][T15361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  900.718332][T15361] ==================================================================
[  900.751018][T15368] netlink: 4 bytes leftover after parsing attributes in process `syz.2.17050'.
[  900.787325][T15367] netlink: 72 bytes leftover after parsing attributes in process `syz.4.17051'.
[  901.250805][ T8556] usb 5-1: enqueue for inactive port 0
[  901.256413][ T8556] usb 5-1: enqueue for inactive port 0
[  901.330844][ T8556] vhci_hcd: vhci_device speed not set