last executing test programs:

3.398395866s ago: executing program 2 (id=4516):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x4, &(0x7f0000000180)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x6, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kfree\x00', r0, 0x0, 0x3}, 0x18)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_tcp_buf(r1, 0x6, 0xd, 0x0, &(0x7f00000013c0)) (fail_nth: 10)

3.12091286s ago: executing program 2 (id=4518):
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kmem_cache_free\x00', r0, 0x0, 0x4}, 0x18)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$tipc(r2, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
recvmsg(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/60, 0x3c}], 0x1}, 0x0)

2.250018555s ago: executing program 2 (id=4532):
r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000040)={[0x1]}, 0x8, 0xc0000)
fspick(r0, &(0x7f0000000080)='./file0\x00', 0x1)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f000004ca80)=""/102386, 0x18ff2}], 0x1, 0x2, 0x3)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@newtaction={0x2d0, 0x30, 0x100, 0x70bd2b, 0x25dfdbff, {}, [{0x2bc, 0x1, [@m_tunnel_key={0x198, 0x20, 0x0, 0x0, {{0xf}, {0x84, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_KEY_ID={0x8, 0x7, 0x12e}, @TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x13f, 0x9e, 0x3, 0xfdd}, 0x2}}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @loopback}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @private1={0xfc, 0x1, '\x00', 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @initdev={0xac, 0x1e, 0x0, 0x0}}, @TCA_TUNNEL_KEY_NO_CSUM={0x5, 0xa, 0x1}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @mcast2}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @mcast1}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @dev={0xac, 0x14, 0x14, 0x3f}}]}, {0xe6, 0x6, "0a9941144b6bfbc758bc13ec7aa76a06fd47a0ac77bed995225d1f8a0aab34aafb17f5ca6b46cd856bf829d648b5a5059bec23c49d15604353c2efff5a3ec4cc33ef25196bc4aca9f13666e6660c24b039169ec0acd5ecc15f8e352eddb2d60e954f6830262e8e3d600abc4169cd9b28ed612b45728ba8237ab552f6b0cf0ad2b05795b8fa40d85494e07c6b4225ec41833eb75eeb5712bd023e1200bafb3219f56b2f4feb128699fe7ddd3078a1e03711b5191d465987aee0895009486aeb97ae57d0ef176bf58f1c5896e3d451cfd183a074b083ee6786991101d9f679457a9ac1"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3, 0x2}}}}, @m_xt={0xe0, 0x11, 0x0, 0x0, {{0x7}, {0xb0, 0x2, 0x0, 0x1, [@TCA_IPT_INDEX={0x8, 0x3, 0x81b8}, @TCA_IPT_INDEX={0x8, 0x3, 0x5}, @TCA_IPT_TABLE={0x24, 0x1, 'filter\x00'}, @TCA_IPT_HOOK={0x8, 0x2, 0x1}, @TCA_IPT_TABLE={0x24, 0x1, 'security\x00'}, @TCA_IPT_INDEX={0x8, 0x3, 0xa82}, @TCA_IPT_HOOK={0x8}, @TCA_IPT_HOOK={0x8, 0x2, 0x1}, @TCA_IPT_INDEX={0x8, 0x3, 0xf6f}, @TCA_IPT_TARG={0x2a, 0x6, {0xde5, 'security\x00', 0xfd, 0x6}}]}, {0x9, 0x6, "51eb4b8bb0"}, {0xc}, {0xc, 0x8, {0x3, 0x3}}}}, @m_sample={0x40, 0x10, 0x0, 0x0, {{0xb}, {0x4}, {0x14, 0x6, "5c284c3a3976241974df53e1d3b1cccf"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x2}}}}]}]}, 0x2d0}}, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendto$inet(r2, &(0x7f00000000c0)="70c55f0ddcd99f39b4138c75e3b52616a57ed4fa7567aad95f63cd4808066af857341b442df2d026d4da32b2e761575ef362c3b08a3b416b35168be19d21d5924ee8393311c6420520ac319b39ba45f96f", 0x51, 0x90, &(0x7f0000000300)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x27}}, 0x10)
sendto(r2, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
recvmmsg(r2, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

2.242479604s ago: executing program 4 (id=4533):
newfstatat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r0=>0x0}, 0x0)
chmod(&(0x7f0000000000)='./file0\x00', 0x2)
setresuid(r0, r0, r0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x214)
syz_mount_image$ext4(&(0x7f0000000240)='ext3\x00', &(0x7f0000000200)='./file0\x00', 0x3204026, &(0x7f0000000e00)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x1000}}, {@init_itable}, {@max_batch_time={'max_batch_time', 0x3d, 0x7f}}, {@init_itable_val={'init_itable', 0x3d, 0x6}}, {@errors_continue}, {@data_journal}, {@quota}, {@orlov}, {@nomblk_io_submit}, {@block_validity}, {@test_dummy_encryption_v1}]}, 0x1, 0x566, &(0x7f0000000280)="$eJzs3c1rXFUbAPDnTpJ+v29TKEVFJNCFldpJk/hRwUVdihYLuq9DchtKJp2SmZQmFmwXduNGiiBiQdzr3mXxH3DvvgsDRUrQhZuRO7mTTJOZZJpOk7Tz+8Ftz7nnTs595txz5tw5M0wAfWsk+6cQ8XJEfJNEHG0pG4y8cGTluOVHNyezLYl6/dO/kkjyfc3jk/z/w3nmpYj47auI04WN9VYXFmdK5XI6l+dHa7PXRqsLi2euzJam0+n06vjExLm3J8bfe/edbcX1/zb73rj4z/ef3P/w3Ncnl7/7ZenY3STOx5G8rDWOp3CrNTMSI/lzMhTn1x041oPK9pKkY0m7lmCvGMj7+VBkY8DRGMh7PfDi+zIi6kCfSvR/6FPNeUDz3r5H98HPjYcfrNwAbYx/cOW9kTjQuDc6tJw8dmeU3e8O96D+rI5f/7x3N9uid+9DAGzp1u2IpYHBwY3jX5KPf9t3totj1tdh/IOdcz+b/7zZbv5TWJ3/RJv5z+E2fXc7tu7/haWOD653XnXoVjb/e7/t/Hd10Wp4IM/9rzHnG0ouXymnZ/OVjVMxtD/Lb7aec275Qb1TWev8L9uy+ptzwfw8lgb3P/6YqVKt9DQxt3p4O+KVtvPfZLX9kzbtnz0fF7us40R677VOZVvH/2zVf4p4vW37r11byebrk6ON62G0eVVs9PedE793qn+348/a/9CG+P9ojX84aV2vrT55HT8e+DftVLbd639f8lkjvS/fd6NUq82NRexLPt64f3ztsc188/gs/lMnNx//2l3/ByPi8y7jv3P851fXcrefMP5nK4t/avPrf137P3niwUdf/NCp/u7a/61G6lS+p5vxr9sTfJrnDgAAAAAAAPaaQkQciaRQXE0XCsXiyuc7jsehQrlSrZ2+XJm/OhWN78oOx1ChudJ9tOXzEGP552Gb+fF1+YmIOBYR3w4cbOSLk5Xy1G4HDwAAAAAAAAAAAAAAAAAAAHvE4Q7f/1/3U9bAi8pPfkP/2rL/9+KXnoA9yes/9C/9H/qX/g/9S/+H/qX/Q//aov8nO3UewM7z+g/9S/8HAAAAAAAAAAAAAAAAAAAAAAAAAACAnrp44UK21Zcf3ZzM8lPXF+ZnKtfPTKXVmeLs/GRxsjJ3rThdqUyX0+JkZXarv1euVK6Njcf8jdFaWq2NVhcWL81W5q/WLl2ZLU2nl9KhHYkKAAAAAAAAAAAAAAAAAAAAni/VhcWZUrmczklIbCsxuDdOQ6LHid0emQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgzX8BAAD//6tQO2M=")
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000bc0)={0x5, 0x15, &(0x7f0000000800)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, {}, {}, [@tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @func={0x85, 0x0, 0x1, 0x0, 0x1}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x951b6df1cd5e3f29}}}, &(0x7f00000001c0)='GPL\x00', 0x195, 0xbe, &(0x7f0000000a40)=""/190, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000008c0)={0x7, 0x1}, 0x8, 0x10, &(0x7f0000000900)={0x1, 0xe, 0x4, 0x1000}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000b00)=[0x1, 0x1], &(0x7f0000000b40)=[{0x1, 0x3, 0x6, 0x5}, {0x0, 0x3, 0x1, 0x4}, {0x3, 0x2, 0xa, 0x9}, {0x3, 0x1, 0x4, 0x5}, {0x5, 0x2, 0x2, 0x5}, {0x3, 0x5, 0xa, 0x6}, {0x0, 0x4, 0xc, 0xc}], 0x10, 0x5, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, 0x0, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x3e, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0xb, 0xd, 0x200cc, 0x6, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200), &(0x7f0000000240), 0x4b2, r3}, 0x38)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
close(r5)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r6, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r7=>0x0]}, &(0x7f0000000240)=0x8)
sendmsg$inet_sctp(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000640)="be", 0x1}], 0x1, &(0x7f00000000c0)=[@sndinfo={0x20, 0x84, 0x2, {0x6, 0x4, 0x28, 0x200000b, r7}}], 0x20, 0x6044}, 0x6)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000d80)={r7, 0x84, &(0x7f0000000cc0)=[@in={0x2, 0x4e23, @rand_addr=0x64010102}, @in={0x2, 0x4e21, @private=0xa010100}, @in6={0xa, 0x4e21, 0x3ff, @private0, 0x1}, @in={0x2, 0x4e23, @multicast1}, @in6={0xa, 0x4e20, 0x7, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x5}, @in6={0xa, 0x4e24, 0x81, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}, 0x8001}]}, &(0x7f0000000dc0)=0x10)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000001c0)={&(0x7f00000000c0), 0x0, 0x0, 0x0, 0x401, r3}, 0x38)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000c80)={&(0x7f0000000180)='svcsock_tcp_state\x00', r2, 0x0, 0xfffffffffffffffd}, 0x18)
quotactl$Q_GETNEXTQUOTA(0xffffffff80000902, &(0x7f0000000040)=@filename='./file0\x00', r0, &(0x7f0000000080))

2.148700406s ago: executing program 2 (id=4534):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x4, &(0x7f0000000340)=ANY=[@ANYBLOB="1808000000000000000000000040000095000000000000009500000000000000f25837f3fc98954cd9c6648e9fccaff0ef63893ceef50c197d5e7df0443203783e44140e0ac5a9e5c9cdab7c4a6001b2fa3e9b69601bae48bd0aa3ecbfbbe3408c4b8384737d37034dcac17a8954bd941f1a34e781da3770157f13823d6fd27db123f4a5dfff167cb32205ca1aed5a8f17e403c55a1ecfc3ddd701410635dc5d8d4ee182f51785f3173083b779faf24223a9ea4fe67455b9ec9531e12a94202a78f1af13191b6f84a65581417d157139c1a860c4489721c184f6"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

2.147980066s ago: executing program 2 (id=4535):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000280)={'pim6reg1\x00', 0x2})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)}, 0x20)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r2=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x1, 0xb, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', r2, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000200)={&(0x7f0000000100)=@delchain={0x2c, 0x65, 0x100, 0x70bd27, 0x25dfdbff, {0x0, 0x0, 0x0, r2, {0x8, 0xe}, {0x6, 0x10}, {0xf, 0xffe0}}, [@TCA_CHAIN={0x8, 0xb, 0x10}]}, 0x2c}, 0x1, 0x0, 0x0, 0xc4}, 0x40800)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
getsockopt$bt_BT_FLUSHABLE(r4, 0x112, 0x8, 0x0, 0xfffffffffffffffd)
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRESOCT=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0a00000004000000040000000a"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001840)={{r5}, &(0x7f00000017c0), &(0x7f0000001800)='%-010d \x00'}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r6}, 0x10)

2.060701617s ago: executing program 2 (id=4538):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYRESHEX=0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000b80)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000100001ff00000000000000000000000a2c000000050a01020000000000000000020000000900030073797a32000000000900010073797a300000000014000000020a031747d21400000000000000000014000000110001"], 0x68}, 0x1, 0x0, 0x0, 0x4006000}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000100001000b000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f08000340000000045c0000000c0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00008028000180230001"], 0xe8}}, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYRES16=r0, @ANYRESDEC, @ANYBLOB], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r5 = gettid()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$int_in(r6, 0x5452, &(0x7f0000b28000)=0x3)
fcntl$setsig(r6, 0xa, 0x16)
poll(&(0x7f0000b2c000)=[{r7}], 0x2c, 0xffffffffffbffff8)
write$P9_RGETLOCK(0xffffffffffffffff, 0x0, 0x25)
write$eventfd(0xffffffffffffffff, &(0x7f0000000000)=0x5, 0x8)
dup2(r6, r7)
fcntl$setown(r6, 0x8, r5)
r8 = syz_open_dev$tty20(0xc, 0x4, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e0000000400000008"], 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r10, 0x0, 0xffffffffffffffff}, 0x18)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00'})
ioctl$VT_RESIZE(r8, 0x5609, &(0x7f0000000300)={0x9, 0x0, 0x978})
tkill(r5, 0x13)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

2.057575318s ago: executing program 4 (id=4539):
unshare(0x20040600)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1700000000000000008400000100000000000000", @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000300"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x3, 0x801, 0x0, &(0x7f0000000040), 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180044c9784b08336fd3", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
bpf$MAP_CREATE(0x700000000000000, &(0x7f0000000040)=@base={0x1d, 0x4, 0x2, 0x0, 0x201, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x5, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0xa031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0, <r4=>0xffffffffffffffff}, 0x0, &(0x7f0000000040)}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r4, 0x0, 0x0}, 0x20)

1.047504254s ago: executing program 4 (id=4551):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x18, 0x7, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000e50003000000000085100000fcffffff250000001000000007000000faffffff95"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x25, 0xa, 0x0, 0x0, 0x3ff, 0x61, 0x11, 0x70, 0x4}, [@initr0]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94)

1.010627074s ago: executing program 4 (id=4552):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000140)={0x1, &(0x7f00000011c0)=[{0x6}]})
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x2}, 0x18)
r2 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x2)
write$binfmt_script(r2, &(0x7f0000000300)={'#! ', './file0'}, 0xb)
execveat(r2, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

902.115726ms ago: executing program 0 (id=4553):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'team0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000280)=ANY=[@ANYBLOB="3c000000100005ff00000000000000000000004a", @ANYBLOB="0000000000000000140012800b0001006261746164760000040002800800", @ANYRES32=r2], 0x3c}}, 0x0)

901.418436ms ago: executing program 0 (id=4554):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000000)=0x8, 0x4)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x31, &(0x7f0000000200)=0x9, 0x4)
listen(r1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffdfc, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="5400000010003b1500"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002c00128008000100736974002000028008000100", @ANYRES32, @ANYBLOB="14000b000001000000000100000000"], 0x54}}, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000080)={0x0, 0x5}, 0x4)

783.238378ms ago: executing program 0 (id=4556):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000080000000b"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000000400000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
symlink(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='./file1\x00')
symlink(&(0x7f0000004500)='./file1/file0\x00', &(0x7f0000004540)='./file0\x00')
execveat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0, 0x0, 0x0)

758.506678ms ago: executing program 0 (id=4557):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x4, &(0x7f0000000340)=ANY=[@ANYBLOB="1808000000000000000000000040000095000000000000009500000000000000f25837f3fc98954cd9c6648e9fccaff0ef63893ceef50c197d5e7df0443203783e44140e0ac5a9e5c9cdab7c4a6001b2fa3e9b69601bae48bd0aa3ecbfbbe3408c4b8384737d37034dcac17a8954bd941f1a34e781da3770157f13823d6fd27db123f4a5dfff167cb32205ca1aed5a8f17e403c55a1ecfc3ddd701410635dc5d8d4ee182f51785f3173083b779faf24223a9ea4fe67455b9ec9531e12a94202a78f1af13191b6f84a65581417d157139c1a860c4489721c184f6"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

749.582268ms ago: executing program 3 (id=4558):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
ioctl$USBDEVFS_REAPURB(0xffffffffffffffff, 0x4004550c, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
linkat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1000)

740.598158ms ago: executing program 0 (id=4559):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x51, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000080000000000000004850000006d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
r3 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0xa, r3, &(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000100)='e\'.\x00')
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000180)='kfree\x00', r5, 0x0, 0xfffffffffffffff7}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=f'])
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0a000000020000000900000008"], 0x48)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil)

685.639079ms ago: executing program 3 (id=4560):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x800000f, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x180, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x80, 0x9, 0x0, 0x0, 0x3}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_io_uring_setup(0x88f, 0x0, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000600)={'ip6gre0\x00', 0x0})
io_uring_setup(0x9da, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000340)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x71, 0x2000, @fd_index=0xa, 0xb3, 0x0, 0x0, 0x1, 0x0, {0x2}})
r5 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r6)
r8 = openat$dir(0xffffffffffffff9c, 0x0, 0x101000, 0xa0)
fspick(r8, &(0x7f00000002c0)='./file0\x00', 0x1)
sendmsg$NFC_CMD_DEV_UP(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x1c, r7, 0x1, 0x70bd26, 0x23c, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x1c}}, 0x0)
write$nci(r5, &(0x7f0000000600)=ANY=[@ANYBLOB="6006032234182eae"], 0x8)
io_uring_enter(r2, 0x47f6, 0x0, 0x0, 0x0, 0x0)

682.758909ms ago: executing program 0 (id=4561):
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kmem_cache_free\x00', r0, 0x0, 0x4}, 0x18)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$tipc(r2, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
recvmsg(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/60, 0x3c}], 0x1}, 0x0)

660.41208ms ago: executing program 3 (id=4562):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = accept$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000080)=0x14)
getsockname$packet(r2, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000001c0)=0x14)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000005c0)='sched_switch\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x18)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x14, 0x0, 0x6a98047402e98331}, 0x14}, 0x1, 0x0, 0x0, 0x8040}, 0x4886)
socket$can_bcm(0x1d, 0x2, 0x2)
socket$rds(0x15, 0x5, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/address_bits', 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
inotify_init1(0x0)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r5, 0xc020f509, &(0x7f0000000080)={r5, 0xffffffffffffffff, 0x5, 0x2})
writev(r5, &(0x7f00000000c0)=[{&(0x7f0000000080), 0xfffffebe}], 0x1)

639.45719ms ago: executing program 3 (id=4563):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfc, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x8000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rss_stat\x00', r2}, 0x10)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x200c0d2, &(0x7f0000000140)={[{@user_xattr}]}, 0x21, 0x549, &(0x7f0000001800)="$eJzs3c9vI1cdAPDvTH65222zCz1ABewChQWt1t5421XVS8sFhKpKiIoD4rANiTcKseMQO6UJkUj/BpBA4gR/AgckDkg9ceDGEYkDQpQDUoEItEHiYDRjJ+smNmtqx+7Gn480O/Pmzcz3PWdn3vNz4hfA1LoeEQcRMR8Rb0TEYmd/0lnilfaSHffgcH/l6HB/JYlW6/W/J3l+ti+6zsk82blmISK+/pWIbydn4zZ29zaWq9XKdiddata2So3dvVvrteW1ylpls1y+u3T39ot3XiiPrK7Xar9478vrr37j17/65Lu/O/ji97NiXe7kdddjlNpVnzuJk5mNiFfPI9gEzHTW8xMuBx9MGhEfiYjP5Pf/Yszk/zsBgIus1VqM1mJ3GgC46NJ8DCxJixGRpp1OQLE9hvdMXEqr9Ubz5v36zuZqe6zsSsyl99erldtXF/7w3fzguSRLL+V5eX6eLp9K34mIqxHxo4Un8nRxpV5dnUyXBwCm3pPd7X9E/GshTYvFgU7t8akeAPDYKEy6AADA2Gn/AWD6aP8BYPoM0P53Puw/OPeyAADj4f0/AEwf7T8ATB/tPwBMla+99lq2tI4633+9+ubuzkb9zVurlcZGsbazUlypb28V1+r1tfw7e2qPul61Xt9aej523io1K41mqbG7d69W39ls3su/1/teZW4stQIA/per1975fRIRBy89kS/RNZeDthoutnSERwGPl5lhTtZBgMea2b5geg3UhOedhN+ee1mAyej5Zd6Fnpvv95P/I4jfM4IPlRsfH3z83xzPcLEY2Yfp9cHG/18eeTmA8TP+D9Or1UpOz/k/f5IFAFxIQ/wKX+sHo+qEABP1qMm8R/L5PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwwlyPiO5GkxXwu8DT7Ny0WI56KiCsxl9xfr1ZuR8TTcS0i5hay9NKkCw0ADCn9a9KZ/+vG4nOXT+fOJ/9eyNcR8b2fvv7jt5abze2lbP8/TvYvHE8fVn543hDzCgIAg/vzIAfl7Xe5s+56I//gcH/leDnHMp7x3pdOJh9dOTrcz5d2zmy0Wq1WRCHvS1z6ZxKznXMKEfFsRMyMIP7B2xHxsV71T/KxkSudmU+740cn9lNjjZ++L36a57XX2cv30RGUBabNO9nz55Ve918a1/N17/u/kD+hhpc//woRx8++o674s51IMz3iZ/f89UFjPP+br57Z2Vps570d8exsr/jJSfykT/znBoz/x0986ocv98lr/SziRvSO3x2r1KxtlRq7e7fWa8trlbXKZrl8d+nu7RfvvFAu5WPUpeOR6rP+9tLNp/uVLav/pT7xCz3rP39y7ucGrP/P//PGtz79MLlwOv4XPtv75/9Mz/htWZv4+QHjL1/6Zd/pu7P4q33q/6if/80B47/7l73VAQ8FAMagsbu3sVytVraH2sjehY7iOmc2siIOdvBxd3G4oH+KfGNEL0ufjawzNsjBc+f1qp77xuxJX3G0V/5mdsUxVycdeS2G2ngwrliTeyYB4/Hwpp90SQAAAAAAAAAAAAAAgH7G8adLk64jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF9d/AwAA//8+JMPM")

538.671901ms ago: executing program 3 (id=4564):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x3, 0x0, 0x0, 0x0, 0x42, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x0, @perf_bp={&(0x7f0000000b80)}, 0x1100, 0x5dd8, 0x3a65, 0x5, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x0, 0xfffffffd, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x4}}, 0x0, 0x0, 0x43, 0x0, "0aaa8ff5a212a1bd3bbda613efd9c8b4965dca66db42f66a86e5781cf86717055a7c1d13e6507e5a774ef95f2fc1b947e03d5c8379123f2f1d34b0882e83d41b67cb9ff147c6d33a097d2269351b3ed3"}, 0xd8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000800)={'ip6_vti0\x00', &(0x7f0000000980)={'ip6tnl0\x00', 0x0, 0x2f, 0x1, 0xd, 0x3, 0x14, @private0={0xfc, 0x0, '\x00', 0x1}, @mcast2, 0x8000, 0x8, 0x7, 0x80}})
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000640)='./bus\x00', 0x2, &(0x7f0000000440)=ANY=[], 0x1, 0x1268, &(0x7f0000002500)="$eJzs3U9rI2UcB/Bf2vTv2qbquroL4oNeFCFue/DkpcguiAWl2gUVhFmbamialCYUIuLWkyfBlyHq0ZsgvoFevHgWBJFePO5BHGmT1aZJu7ptU5HP5zIPzzzfeWYyzMCE+TF7L32+sb7WLK9lrRgpFKK4ORbFuylSjMRodOzEc7d+/OnJN956+9XFpaUbyyndXHxz/sWU0uxT373z0ddPf9+6dOub2W8nYnfu3b3fFn7evbJ7de+Pr6LaTNVmqjdaKUu3G41WdrtWSavV5no5pddrlaxZSdV6s7LVs36t1tjcbKesvjozvblVaTZTVm+n9Uo7tQqptdVO2ftZtZ7K5XKamQ5OY+XLu3meR+T5WIxHnuf5VEzHpXgoZmI2SjEXD8cj8WhcjsfiSjweT8TVg1EXvd8AAAAAAAAAAAAAAAAAAADw/3Kf+v+C+n8AAAAAAAAAAAAAAAAAAAA4f0fr/4sRvv8PAAAAAAAAAAAAAAAAAAAAQ3af7/8fqf9/Xv0/AAAAAAAAAAAAAAAAAAAAnIfJzmI5pcmIjU+3V7ZXOstO/+JaVKMWlbgepfg9Dqr/Ozrtm68s3bieDszFCxt3uvk72yujvfn5sVLMFQbm5zv51JufiOnD+YUoxeXB8y8MzE/Gs8/s5z/p5MtRih/ei0bUYjWi0D36g/zH8ym9/NrSVG/+2v64Y42e82kBAACAs1ROf+l/ft/pDhq4vrOq+3yeuiMLJ/w/cOT5vBjXihd11NzTbH+4ntVqla0HbIwfv53x0225r1GIiCwO98xO/7K8P/mZTfGgjdGhTjp28phTnNMo/gd+zDNo/PrFoZ7JGO7sI91LIqvt3z//WSp28vxcd2zgxThxUur4e0ZhCPclhuPvk37RewIAAAAAAAAAAMC/MfDtv6mI6Hsf8IO+nnuvh/fG+7d8/OyfDeEIAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/mQHjgUAAAAAhPlbp9GxAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFcBAAD///ME0UM=")
r1 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x0, 0x0)
getpid()
r2 = socket(0x2, 0x80805, 0x0)
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f0000000040)={0x84, @rand_addr=0x64010101, 0x4e20, 0x3, 'wrr\x00', 0x1, 0x80005, 0x6f}, 0x2c)
setsockopt$IP_VS_SO_SET_ADDDEST(r2, 0x0, 0x487, &(0x7f0000000000)={{0x84, @loopback, 0x4e21, 0x3, 'lc\x00', 0x4, 0x8, 0x77}, {@rand_addr=0x64010102, 0x4e23, 0x2, 0xcd, 0x12d5f, 0x4000003}}, 0xfffffffffffffff8)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(r4, 0x0, 0x487, &(0x7f0000000580)={{0x84, @multicast2, 0x4e23, 0x3, 'lc\x00', 0x2, 0x3, 0x181a}, {@private=0xa010102, 0x4e20, 0x2, 0xa, 0x80012d58, 0x12d5c}}, 0x44)
setsockopt$IP_VS_SO_SET_FLUSH(r4, 0x0, 0x485, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffc000)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000002200)=[{{&(0x7f0000000280)=@pptp={0x18, 0x2, {0x0, @empty}}, 0x80, &(0x7f0000000b00)=[{&(0x7f0000000680)=""/190, 0xbe}, {&(0x7f0000000840)=""/198, 0xc6}, {&(0x7f00000000c0)}, {&(0x7f0000000740)=""/162, 0xa2}, {&(0x7f0000000a00)=""/245, 0xf5}, {&(0x7f00000022c0)=""/100, 0x64}, {&(0x7f0000002340)=""/237, 0xed}, {&(0x7f0000003780)=""/198, 0xc6}], 0x8, &(0x7f0000000c00)=""/225, 0xe1}, 0x3}, {{&(0x7f0000000d00)=@un=@abs, 0x80, &(0x7f0000001dc0)=[{&(0x7f0000000200)=""/15, 0xf}, {&(0x7f0000000400)=""/53, 0x35}, {&(0x7f0000000940)=""/23, 0x17}, {&(0x7f0000000d80)=""/10, 0xa}, {&(0x7f0000000dc0)=""/4096, 0x1000}], 0x5, &(0x7f0000001e40)=""/114, 0x72}, 0x9}, {{&(0x7f0000001ec0), 0x80, &(0x7f00000021c0)=[{&(0x7f00000000c0)=""/21, 0x15}, {&(0x7f0000001f80)=""/12, 0xc}, {&(0x7f0000001fc0)=""/200, 0xc8}, {&(0x7f0000003880)=""/243, 0xf3}], 0x4}, 0xfffffffe}], 0x3, 0x100a1, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r5}, 0x18)
fallocate(r1, 0x0, 0x0, 0x1000f4)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x40141, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNGETSNDBUF(r6, 0x800454d3, &(0x7f0000000540))
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18f4ff0000000100010000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

208.886437ms ago: executing program 1 (id=4567):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000080000000b"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
symlink(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='./file1\x00')
symlink(&(0x7f0000004500)='./file1/file0\x00', &(0x7f0000004540)='./file0\x00')
execveat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0, 0x0, 0x0)

191.389407ms ago: executing program 1 (id=4568):
r0 = memfd_create(&(0x7f0000000500)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85l\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~7\x16\x02\x00(v\xe6`\"6\xfcgC\xb5\xf0\x13.zj\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x82\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F', 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000005000000020000000200000005"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r2}, 0x10)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000940))
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x10)
write$binfmt_misc(r0, &(0x7f0000000180)="e502", 0x2)
execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

148.739138ms ago: executing program 1 (id=4569):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
unshare(0x24060400)
syz_clone(0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0)

147.602558ms ago: executing program 3 (id=4570):
r0 = socket$netlink(0x10, 0x3, 0xa)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000001c0)={'erspan0\x00', &(0x7f0000000080)={'ip_vti0\x00', <r2=>0x0, 0x40, 0x20, 0x1d3f, 0x0, {{0x41, 0x4, 0x3, 0x4, 0x104, 0x66, 0x0, 0x5, 0x4, 0x0, @remote, @rand_addr=0x64010102, {[@timestamp_addr={0x44, 0x44, 0x29, 0x1, 0x1, [{@multicast1, 0xd040}, {@broadcast}, {@multicast1, 0x2}, {@loopback, 0x6}, {@dev={0xac, 0x14, 0x14, 0x44}, 0x3}, {@loopback, 0xffffff7f}, {@remote, 0x7}, {@private=0xa010100, 0x4}]}, @cipso={0x86, 0x16, 0x3, [{0x7, 0xa, "f8f9cd9e26b2f8af"}, {0x1, 0x6, "b3ccfd17"}]}, @rr={0x7, 0x2b, 0xaf, [@loopback, @local, @multicast2, @multicast2, @remote, @private=0xa010100, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, @multicast2, @multicast2]}, @ra={0x94, 0x4}, @lsrr={0x83, 0x1f, 0x1e, [@broadcast, @initdev={0xac, 0x1e, 0x1, 0x0}, @rand_addr=0x64010101, @multicast2, @local, @multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}]}, @timestamp_addr={0x44, 0x2c, 0xef, 0x1, 0x6, [{@empty, 0x2228}, {@local, 0x4}, {@dev={0xac, 0x14, 0x14, 0x35}, 0x83}, {@dev={0xac, 0x14, 0x14, 0x1c}, 0x5ff}, {@dev={0xac, 0x14, 0x14, 0x29}, 0x4}]}, @rr={0x7, 0xb, 0x6e, [@private=0xa010102, @rand_addr=0x64010102]}, @ssrr={0x89, 0xb, 0x81, [@initdev={0xac, 0x1e, 0x0, 0x0}, @loopback]}, @generic={0x83, 0x4, "b4a6"}]}}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000280)={'ip_vti0\x00', &(0x7f0000000200)={'syztnl0\x00', <r3=>0x0, 0x1, 0x708, 0x8, 0x0, {{0x14, 0x4, 0x0, 0x12, 0x50, 0x67, 0x0, 0x8, 0x29, 0x0, @local, @multicast2, {[@end, @ssrr={0x89, 0x13, 0xf, [@local, @broadcast, @broadcast, @loopback]}, @lsrr={0x83, 0x7, 0x3d, [@dev={0xac, 0x14, 0x14, 0x34}]}, @timestamp={0x44, 0x8, 0xf7, 0x0, 0x9, [0x8]}, @noop, @timestamp={0x44, 0x18, 0x89, 0x0, 0x2, [0xd8, 0x9, 0x2, 0x80, 0x81]}]}}}}})
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000380)={'erspan0\x00', &(0x7f00000002c0)={'sit0\x00', <r4=>0x0, 0x8000, 0x71e, 0xfffffeff, 0x5ac, {{0x24, 0x4, 0x0, 0x2d, 0x90, 0x64, 0x0, 0x64, 0x4, 0x0, @empty, @multicast2, {[@timestamp={0x44, 0x1c, 0x81, 0x0, 0x3, [0x7, 0x6, 0x4, 0xffffffff, 0x2, 0x1]}, @lsrr={0x83, 0x27, 0x52, [@empty, @remote, @empty, @rand_addr=0x64010100, @dev={0xac, 0x14, 0x14, 0x1c}, @loopback, @rand_addr=0x64010101, @broadcast, @dev={0xac, 0x14, 0x14, 0x21}]}, @ra={0x94, 0x4, 0x1}, @timestamp_addr={0x44, 0x24, 0x40, 0x1, 0x9, [{@initdev={0xac, 0x1e, 0x0, 0x0}, 0x8}, {@empty, 0x90f}, {@private=0xa010101, 0x4}, {@dev={0xac, 0x14, 0x14, 0xb}, 0x6}]}, @end, @noop, @generic={0x86, 0xf, "67af80f47059dd15e1460d370a"}]}}}}})
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000440)={'tunl0\x00', &(0x7f00000003c0)={'syztnl1\x00', <r5=>0x0, 0x8000, 0x8000, 0x1, 0x2, {{0xc, 0x4, 0x3, 0x29, 0x30, 0x68, 0x0, 0x8, 0x2f, 0x0, @local, @initdev={0xac, 0x1e, 0x1, 0x0}, {[@timestamp_addr={0x44, 0x1c, 0x9d, 0x1, 0x4, [{@rand_addr=0x64010101, 0x80000000}, {@broadcast, 0xa17}, {@empty, 0x95}]}]}}}}})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000500)={'ip6tnl0\x00', &(0x7f0000000480)={'ip6_vti0\x00', <r6=>0x0, 0x0, 0x7, 0x2, 0x0, 0x0, @mcast2, @ipv4={'\x00', '\xff\xff', @local}, 0x10, 0x700, 0xfffffffe, 0xe2}})
sendmsg$ETHTOOL_MSG_DEBUG_GET(r0, &(0x7f00000006c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000680)={&(0x7f0000000540)={0x120, r1, 0x8, 0x70bd29, 0x25dfdbff, {}, [@HEADER={0x70, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_virt_wifi\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netpci0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'nicvf0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x5c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'rose0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gretap0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg\x00'}]}]}, 0x120}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r7 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
setsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000700)={r3, @dev={0xac, 0x14, 0x14, 0x38}, @multicast2}, 0xc)
r8 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000740), 0x2502, 0x0)
ioctl$IMADDTIMER(r8, 0x80044940, &(0x7f0000000780)=0xf4240)
ioperm(0x8, 0x1, 0x7)
r9 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000800), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000840)={'wpan4\x00', <r10=>0x0})
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000880)={'wpan4\x00', <r11=>0x0})
sendmsg$NL802154_CMD_SET_MAX_FRAME_RETRIES(0xffffffffffffffff, &(0x7f0000000940)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x68080106}, 0xc, &(0x7f0000000900)={&(0x7f00000008c0)={0x40, r9, 0x300, 0x70bd2c, 0x25dfdbfd, {}, [@NL802154_ATTR_MAX_FRAME_RETRIES={0x5, 0xf, 0x5}, @NL802154_ATTR_MAX_FRAME_RETRIES={0x5, 0xf, 0x4}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r10}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r11}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000004}, 0x20040)
r12 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_GET_SE(r12, &(0x7f0000000a40)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000a00)={&(0x7f00000009c0)={0x14, 0x0, 0xf08, 0x70bd2a, 0x25dfdbfb, {}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20000080}, 0x12)
lsetxattr$security_capability(&(0x7f0000000a80)='./file0\x00', &(0x7f0000000ac0), &(0x7f0000000b00)=@v2={0x2000000, [{0x3f0, 0x5}, {0x6, 0x800}]}, 0x14, 0x0)
sendmsg(r0, &(0x7f0000000f40)={&(0x7f0000000b40)=@ethernet={0x1, @random="d6ccfaabcdac"}, 0x80, &(0x7f0000000d80)=[{&(0x7f0000000bc0)="07ac384943d3a52bddac2255748799a8349c37e1461cb675114bc4795e47905de80745652fc7e7c78a12a6d7a3f09a01f2d2fbee012a31521b36a0aa9ceac1521973c18b151b42ef2846d9db10242d27fd86556b5a3eaea1962075d04ed51df75d440671213386c94ab61748b74cb3c7a9e7e752e7475112ed0eb09457fb4671c6279500f25ece07fd84235d522fdc9a13d19b1d7bed978f1c08a9eb36c7475f3198", 0xa2}, {&(0x7f0000000c80)="0821b92a1c43f7303412031471b0cc129105b2da8b29c2326c42fbfb2f10f8683f8987a2000d794ffd6e81f611519da5c223481c96", 0x35}, {&(0x7f0000000cc0)="fdc7d476a39c53ed8bb1c4a185425df24e3b2e099b8be7af3ef0bfd3a5a7da16a139c03bcf846eee31ee248da45c6ca2b97e88f37299354e99ad56", 0x3b}, {&(0x7f0000000d00)="2102cd2b7e1aea56f7212982f20dab52980107c6e927f9bb796860c008af31be0c408d4f35ef947ef408a505fd4333b8b3432c122a58d83498284e68fa376863d184fdd73c7f50bd4e3d4e61a12600c8f4f58f69bedaf466af518069b44dae06976f98a3721d9d54d8e6777f353cdd2250263c48c46def5e8bf354fb9220", 0x7e}], 0x4, &(0x7f0000000dc0)=[{0x28, 0x118, 0x4, "5fd401611e4b0efd1bb1bc21d7076274013e"}, {0x60, 0x6, 0x5, "29ea83c88031d76a9b54f3ca0bd2f2e64536e02ffb2c3ead0e8376c1681c782c312a14dcf8dc934d5c5989f0f89523b24081f87cfc1f3ef90a286703e31c55b1613f508805484e3e3c45f6a3b4f7"}, {0x70, 0x115, 0xfffffffc, "84f371b2773c7bfaa206be713f93137fca8b81dbdc2d16199d32d637f91a518b058cb26a0635e6a8cc20da93ca5e57f51d3d54cbd49fb1cbefa79a0b59ce19d69121776bcd7a45a75abdd7581ea50cd9b631036af3c473ecea7a273c"}, {0x58, 0x29, 0x2, "f3c6f386aa87099a9545188c550218ca9a6bdc87bf3ae88e62382e7b74a6364324d9fa05b409125004d4289c62500cb4f6f576316d212cf479f5c393f93be93e4bf5e1b09a3fcd"}], 0x150}, 0x1010)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001080)={&(0x7f0000000f80)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000001040)={&(0x7f0000000fc0)={0x50, 0x2, 0x6, 0x101, 0x0, 0x0, {0x5, 0x0, 0x7}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}]}, 0x50}, 0x1, 0x0, 0x0, 0x80}, 0x40001)
ioperm(0x0, 0x0, 0x3)
r13 = syz_genetlink_get_family_id$tipc2(&(0x7f0000001100), r0)
sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f00000014c0)={&(0x7f00000010c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000001480)={&(0x7f0000001140)={0x310, r13, 0xc00, 0x70bd2c, 0x25dfdbfb, {}, [@TIPC_NLA_LINK={0x40, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}]}, @TIPC_NLA_NODE={0x170, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4b, 0x4, {'gcm(aes)\x00', 0x23, "8c3ccb8ab1e14ed0549176d9b0b2addaf6be6b27fc8aeace6d5c73e579a49d8bfafc79"}}, @TIPC_NLA_NODE_ID={0xbf, 0x3, "0540b3b755e976e87f2aa4160c8b0f8df0bd493a246cf91a0e4e785c6625998288bcff040ed4adf653262448bff1f8e6bd22df34fa5919b4b177931326d9a4ccc24a57a1b337f819c05382b4ccb2df9f61174931d624c48fe05218b79b0cdbb6f66e8ab5ac02f0832708aa1f4f857164400c160e303fe25094d8f744626c334c541ad159460b2748dcd7ac7eca0bc6de1d1d40243cb90ecf90874c9590f73e4580e179e74e941e0df8e4edff39971c8a82b1892f5a03ff6f5115ba"}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x1}, @TIPC_NLA_NODE_KEY={0x44, 0x4, {'gcm(aes)\x00', 0x1c, "90962f35a76718d86999b9e1fd75bf9b25b967e9785ce431703d54d8"}}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_SOCK={0x100, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x54, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x888}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x9}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8001}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x9}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x8}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x38000000}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1186}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xb26}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xc}]}, @TIPC_NLA_SOCK_CON={0x34, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0xca2}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8001}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x9}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7}]}, @TIPC_NLA_SOCK_CON={0x4c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0xfe}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xffff6b26}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xfffffffb}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x10}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xc5}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x6}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x9}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xffffffff}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x3}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x8}, @TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x9}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x6}]}, @TIPC_NLA_BEARER={0x30, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e21, @remote}}, {0x14, 0x2, @in={0x2, 0x4e24, @multicast1}}}}]}, @TIPC_NLA_PUBL={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x4}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xa55f}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x4}]}]}, 0x310}, 0x1, 0x0, 0x0, 0x24000000}, 0x11)
sendmsg$IPSET_CMD_GET_BYNAME(r0, 0xfffffffffffffffc, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000001500)={{0x1, 0x1, 0x18, <r14=>r7, {0x7}}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r14, 0xc0189378, &(0x7f0000001540)={{0x1, 0x1, 0x18, r7, {r0}}, './file0\x00'})
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000001580), r14)

146.922878ms ago: executing program 4 (id=4571):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a"], 0x7c}}, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x8)

126.123768ms ago: executing program 4 (id=4572):
signalfd(0xffffffffffffffff, &(0x7f0000000180), 0x8)
timer_create(0x7, &(0x7f0000000780)={0x0, 0x3f, 0x0, @thr={0x0, 0x0}}, &(0x7f00000007c0)=<r0=>0x0)
clock_gettime(0x0, &(0x7f0000000800)={<r1=>0x0, <r2=>0x0})
socket$nl_generic(0x10, 0x3, 0x10)
pselect6(0x40, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x800}, 0x0, &(0x7f0000000240)={0x1f, 0x0, 0x381, 0x5, 0x0, 0xd, 0x0, 0xc596}, 0x0, 0x0)
timer_settime(r0, 0x1, &(0x7f0000000840)={{r1, r2+10000000}, {0x0, 0x989680}}, 0x0)
rt_sigaction(0x3f, &(0x7f0000000940)={&(0x7f00000008c0)="c46279340cdbc4c261ad9a0c000000c4c2d503f264430fae54bcc0660f638d9b540000c482c5ac2c566742d0430366f30fbae70040d9fa90", 0x40000001, 0x0, {[0x40]}}, 0x0, 0x8, &(0x7f0000000a80))
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
setsockopt(0xffffffffffffffff, 0x800000010d, 0x2, 0x0, 0x0)
getsockopt$inet_int(0xffffffffffffffff, 0x10d, 0x2, 0x0, &(0x7f0000000280))
socket$nl_rdma(0x10, 0x3, 0x14)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}, 0x1, 0x0, 0x0, 0x4844}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000004700)={'team0\x00', <r6=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r4, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f0000000180)={0x64, r5, 0x405, 0x70bd24, 0x25dfdbfe, {}, [{{0x8, 0x1, r6}, {0x48, 0x2, 0x0, 0x1, [{0x44, 0x1, @name={{0x24}, {0x5}, {0x11, 0x4, 'activebackup\x00'}}}]}}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000401}, 0x44084)
bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)

123.247738ms ago: executing program 1 (id=4573):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x800000f, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x180, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x80, 0x9, 0x0, 0x0, 0x3}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_io_uring_setup(0x88f, 0x0, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000600)={'ip6gre0\x00', 0x0})
io_uring_setup(0x9da, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000340)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x71, 0x2000, @fd_index=0xa, 0xb3, 0x0, 0x0, 0x1, 0x0, {0x2}})
r5 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r6)
r8 = openat$dir(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x101000, 0xa0)
fspick(r8, 0x0, 0x1)
sendmsg$NFC_CMD_DEV_UP(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x1c, r7, 0x1, 0x70bd26, 0x23c, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x1c}}, 0x0)
write$nci(r5, &(0x7f0000000600)=ANY=[@ANYBLOB="6006032234182eae"], 0x8)
io_uring_enter(r2, 0x47f6, 0x0, 0x0, 0x0, 0x0)

76.690719ms ago: executing program 1 (id=4574):
r0 = io_uring_setup(0x423c, &(0x7f0000000300)={0x0, 0x7929, 0x0, 0x0, 0x20})
r1 = syz_io_uring_setup(0x61a, &(0x7f0000000100)={0x0, 0xddc7, 0x2000, 0x101000, 0x45cc, 0x0, r0}, &(0x7f0000000280), &(0x7f0000000080))
prctl$PR_SET_NAME(0xf, &(0x7f00000001c0)='w\xde\xa3\x05\xff\a\x00\x00\x00\x00\x00\x00\x8f\xc0\x9b\x86\xef\\\xc0\x89\av\x9f\xd6\xd1\x98<\xc8\x18E/\x8c\x1a\xe3\xbd')
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='memory.events\x00', 0x275a, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r2, 0x0)
ioctl$sock_inet_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, &(0x7f0000000000)={'ipvlan1\x00', {0x2, 0x0, @broadcast=0xac141436}})
close_range(0xffffffffffffffff, r2, 0x0)
ioctl$F2FS_IOC_RESIZE_FS(r1, 0x4008f510, &(0x7f00000000c0)=0xfffffffffffeffff)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x1e, 0x12, r3, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r4)
sendmsg$NFC_CMD_FW_DOWNLOAD(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)={0x28, r5, 0x1, 0xf0bd28, 0x10000000, {}, [@NFC_ATTR_FIRMWARE_NAME={0xb, 0x14, 'cram\x00\x00\x00'}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x2000805}, 0x10)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x82, 0x8, 0x8405, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x3200, 0x10001, 0x6, 0x5, 0x0, 0x1fffffff, 0x0, 0x0, 0xff}, 0x0, 0x1, 0xffffffffffffffff, 0x0)

0s ago: executing program 1 (id=4575):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='tlb_flush\x00', r0}, 0x10)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x4c831, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000004180)=ANY=[@ANYBLOB="020000000400000007000000020000000010"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000008000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a80000000160a0103000000000000000002000000540003804000038014000100626f6e645f736c6176655f300000000014000100736974300000000000000000000000001400010073697430000000000000000000000000080002400000000008000140000000000900020073797a31000000000900010073797a30"], 0xa8}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x10)
r5 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r5, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r5, &(0x7f0000002d00)=[{{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f00000011c0)="93bffce623851797a8dc79018d7716840ffc6941c667f6d345b18bc896d8f016f5f206bb2b0eb2fe32d2f0048678cd35ef833c35225ff95a94770a6845b091e69f243dea0d601c54e9c93ee3568b89a3427c84262ff67b679ccac305b5cea1dcd151d7bb5754603b6b0e362d8041bdc61529260e6c4046d55927c96dcce1609b9c4f8424b9da760270a470f95b99ebb6", 0x90}, {&(0x7f0000000400)="029993440c7a0c95d3bb8cf353fd63c588ffa39f0ff0fced20927ea4b2a247d082247558bef6", 0x26}, {&(0x7f0000000f00)="397d5f2e855cb2b0b1e61d3fe47dc3", 0xf}], 0x3}}, {{0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000a00)="b1f56ee29c433328d3b2a83bd97e37007087acae7568edff43ed556d76770122635aea1dc48755381c71590cd542e796cc2669e2af442a03760c5cdfc691b3da35ad6a8d2ef9c2baa53a8dec36a2e434d46e643a1277b1dd932f3ef2cf46c257d6a19523b8b789ef34b46e461725b5", 0x6f}], 0x1}}, {{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000440)="faef5f66d64761a0baefceade86d0d3eab77b50cd32e72707a4286fdd686dc3cdb08d1e8be4f15facbfb", 0x2a}, {&(0x7f0000001340)="7875c0e7cc37eebefdaeeed5df360e5574b613e47f9506ad76b9d5df8677cea7849b311370bc45f7253ab0d91b2f90d18edd57bf9d7e7ba7d6c73c36a39ee111d2820fd5876dd3e63723fe85585f580de9fad1aff82012dd93942287a93f65ef408c95b5b9acd9a849466236557cb49acb03cc9a5b4ff32d3f664d9ab5d027f1d65d252ec457eef8155ec534ddd4d052d55e56f0014bf1002f9f7b0eed8bfafa0a3bd96d73d00a79455d2f44eeed7d74a7fa8b280d7dcfec0020b372e824f25396217bb0445cb250ce4de2e4040f7bc14c6acd654eb6f38eeafeedeb02498e8ac16c30e45fb09b1c636499ef790ff29bef8e3460f3da7e5c75371f27", 0xfc}], 0x2}}, {{0x0, 0x0, &(0x7f0000002f00)=[{&(0x7f0000000880)="b3bd51b2b6e833d10d7107f1390fad62f30754e9e2ad7002520b32fc5d9317a69c78a5b8ef5993040276445e8370d7a7af7ece2391240f0ccae2118da3392a97f91af61a2af2b4bd7a4eecb38ab0236115a40ba58d3c58e526b0088ea58f01d37a009433f5293ba19f90ecc03645c1f02affce77b72043329fba630586e0a6696ad9dd1dec462440c20874719145b057877d5b693277fd4ad6d9dd142e0c68f91cf13b1a8df2f43569a9b06f6b2f014162f70bdc4c58dbed65846ac675870aa6beba4cb7", 0xc4}, {&(0x7f0000000200)="1856dca047fb00f13e3d7439b9bc3413d7b170fc0629bf25208d90b144d477ef5166ab5e5e41b8afad14aca9a575676e7b27fe2427c0b1c4a468e92bcac529f2b4123e92bda6e604e2ce", 0x4a}], 0x2}}], 0x4, 0xc0)
syz_clone3(&(0x7f0000001880)={0x100000200, 0x0, 0x0, 0x0, {0x39}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='tlb_flush\x00', r0}, 0x10) (async)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x4c831, 0xffffffffffffffff, 0x0) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000004180)=ANY=[@ANYBLOB="020000000400000007000000020000000010"], 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000008000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async)
sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a80000000160a0103000000000000000002000000540003804000038014000100626f6e645f736c6176655f300000000014000100736974300000000000000000000000001400010073697430000000000000000000000000080002400000000008000140000000000900020073797a31000000000900010073797a30"], 0xa8}, 0x1, 0x0, 0x0, 0x8000}, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x10) (async)
socket$inet(0x2, 0x4000000000000001, 0x0) (async)
setsockopt$inet_tcp_int(r5, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) (async)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) (async)
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) (async)
sendto$inet(r5, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) (async)
setsockopt$inet_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) (async)
sendmmsg$inet(r5, &(0x7f0000002d00)=[{{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f00000011c0)="93bffce623851797a8dc79018d7716840ffc6941c667f6d345b18bc896d8f016f5f206bb2b0eb2fe32d2f0048678cd35ef833c35225ff95a94770a6845b091e69f243dea0d601c54e9c93ee3568b89a3427c84262ff67b679ccac305b5cea1dcd151d7bb5754603b6b0e362d8041bdc61529260e6c4046d55927c96dcce1609b9c4f8424b9da760270a470f95b99ebb6", 0x90}, {&(0x7f0000000400)="029993440c7a0c95d3bb8cf353fd63c588ffa39f0ff0fced20927ea4b2a247d082247558bef6", 0x26}, {&(0x7f0000000f00)="397d5f2e855cb2b0b1e61d3fe47dc3", 0xf}], 0x3}}, {{0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000a00)="b1f56ee29c433328d3b2a83bd97e37007087acae7568edff43ed556d76770122635aea1dc48755381c71590cd542e796cc2669e2af442a03760c5cdfc691b3da35ad6a8d2ef9c2baa53a8dec36a2e434d46e643a1277b1dd932f3ef2cf46c257d6a19523b8b789ef34b46e461725b5", 0x6f}], 0x1}}, {{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000440)="faef5f66d64761a0baefceade86d0d3eab77b50cd32e72707a4286fdd686dc3cdb08d1e8be4f15facbfb", 0x2a}, {&(0x7f0000001340)="7875c0e7cc37eebefdaeeed5df360e5574b613e47f9506ad76b9d5df8677cea7849b311370bc45f7253ab0d91b2f90d18edd57bf9d7e7ba7d6c73c36a39ee111d2820fd5876dd3e63723fe85585f580de9fad1aff82012dd93942287a93f65ef408c95b5b9acd9a849466236557cb49acb03cc9a5b4ff32d3f664d9ab5d027f1d65d252ec457eef8155ec534ddd4d052d55e56f0014bf1002f9f7b0eed8bfafa0a3bd96d73d00a79455d2f44eeed7d74a7fa8b280d7dcfec0020b372e824f25396217bb0445cb250ce4de2e4040f7bc14c6acd654eb6f38eeafeedeb02498e8ac16c30e45fb09b1c636499ef790ff29bef8e3460f3da7e5c75371f27", 0xfc}], 0x2}}, {{0x0, 0x0, &(0x7f0000002f00)=[{&(0x7f0000000880)="b3bd51b2b6e833d10d7107f1390fad62f30754e9e2ad7002520b32fc5d9317a69c78a5b8ef5993040276445e8370d7a7af7ece2391240f0ccae2118da3392a97f91af61a2af2b4bd7a4eecb38ab0236115a40ba58d3c58e526b0088ea58f01d37a009433f5293ba19f90ecc03645c1f02affce77b72043329fba630586e0a6696ad9dd1dec462440c20874719145b057877d5b693277fd4ad6d9dd142e0c68f91cf13b1a8df2f43569a9b06f6b2f014162f70bdc4c58dbed65846ac675870aa6beba4cb7", 0xc4}, {&(0x7f0000000200)="1856dca047fb00f13e3d7439b9bc3413d7b170fc0629bf25208d90b144d477ef5166ab5e5e41b8afad14aca9a575676e7b27fe2427c0b1c4a468e92bcac529f2b4123e92bda6e604e2ce", 0x4a}], 0x2}}], 0x4, 0xc0) (async)
syz_clone3(&(0x7f0000001880)={0x100000200, 0x0, 0x0, 0x0, {0x39}, 0x0, 0x0, 0x0, 0x0}, 0x58) (async)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) (async)

kernel console output (not intermixed with test programs):

slave_0: entered promiscuous mode
[  197.845383][T26778] bridge0: port 2(bridge_slave_1) entered blocking state
[  197.852549][T26778] bridge0: port 2(bridge_slave_1) entered disabled state
[  198.044806][T26778] bridge_slave_1: entered allmulticast mode
[  198.058272][T26778] bridge_slave_1: entered promiscuous mode
[  198.116977][T26778] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  198.145451][T26778] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  198.157005][T26835] syz.3.3142 (26835) used greatest stack depth: 9952 bytes left
[  198.212361][T26778] team0: Port device team_slave_0 added
[  198.219586][T26778] team0: Port device team_slave_1 added
[  198.253410][T26855] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  198.270741][T26338] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.280064][T26855] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  198.313100][T26778] batman_adv: batadv0: Adding interface: batadv_slave_0
[  198.320122][T26778] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  198.346214][T26778] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  198.366458][T26855] loop0: detected capacity change from 0 to 1024
[  198.373820][T26778] batman_adv: batadv0: Adding interface: batadv_slave_1
[  198.380835][T26778] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  198.406818][T26778] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  198.437628][T26855] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.3144: Failed to acquire dquot type 0
[  198.461647][T26778] hsr_slave_0: entered promiscuous mode
[  198.467891][T26778] hsr_slave_1: entered promiscuous mode
[  198.475213][T26855] EXT4-fs (loop0): 1 truncate cleaned up
[  198.489859][T26778] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  198.498708][T26778] Cannot create hsr debugfs directory
[  198.513556][T26855] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  198.538828][T26855] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  198.548496][T26855] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  198.551709][   T29] kauditd_printk_skb: 747 callbacks suppressed
[  198.551725][   T29] audit: type=1400 audit(1743645158.832:25753): avc:  denied  { create } for  pid=26871 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  198.609202][T26009] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.619801][T26881] validate_nla: 2 callbacks suppressed
[  198.619816][T26881] netlink: 'syz.3.3149': attribute type 21 has an invalid length.
[  198.665692][T26881] netlink: 'syz.3.3149': attribute type 1 has an invalid length.
[  198.673538][T26881] __nla_validate_parse: 5 callbacks suppressed
[  198.673553][T26881] netlink: 144 bytes leftover after parsing attributes in process `syz.3.3149'.
[  198.676155][   T29] audit: type=1400 audit(1743645158.872:25754): avc:  denied  { write } for  pid=26871 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  198.741564][T26873] infiniband syz!: set active
[  198.746289][T26873] infiniband syz!: added team_slave_0
[  198.758771][   T29] audit: type=1326 audit(1743645159.012:25755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26880 comm="syz.3.3149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9edaeed169 code=0x7ffc0000
[  198.782479][   T29] audit: type=1326 audit(1743645159.012:25756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26880 comm="syz.3.3149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f9edaeed169 code=0x7ffc0000
[  198.805996][   T29] audit: type=1326 audit(1743645159.012:25757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26880 comm="syz.3.3149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9edaeed169 code=0x7ffc0000
[  198.829739][   T29] audit: type=1326 audit(1743645159.012:25758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26880 comm="syz.3.3149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9edaeebad0 code=0x7ffc0000
[  198.853601][   T29] audit: type=1326 audit(1743645159.012:25759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26880 comm="syz.3.3149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9edaeed169 code=0x7ffc0000
[  198.877248][   T29] audit: type=1326 audit(1743645159.012:25760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26880 comm="syz.3.3149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f9edaeed169 code=0x7ffc0000
[  198.901084][   T29] audit: type=1326 audit(1743645159.012:25761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26880 comm="syz.3.3149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9edaeed169 code=0x7ffc0000
[  198.924975][   T29] audit: type=1326 audit(1743645159.012:25762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26880 comm="syz.3.3149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9edaeed169 code=0x7ffc0000
[  198.954943][T26873] RDS/IB: syz!: added
[  198.959042][T26873] smc: adding ib device syz! with port count 1
[  198.986509][T26873] smc:    ib device syz! port 1 has pnetid 
[  199.032453][T26778] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  199.042857][T26778] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  199.179994][T26778] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  199.190470][T26778] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  199.274990][T26778] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  199.285425][T26778] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  199.361500][T26778] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  199.371973][T26778] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  199.423548][T26930] x_tables: ip6_tables: CLASSIFY target: used from hooks PREROUTING, but only usable from FORWARD/OUTPUT/POSTROUTING
[  199.451330][T26778] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  199.471300][T26778] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  199.499259][T26778] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  199.517623][T26778] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  199.584349][T26930] netlink: 'syz.2.3154': attribute type 64 has an invalid length.
[  199.588283][T26778] 8021q: adding VLAN 0 to HW filter on device bond0
[  199.592317][T26930] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3154'.
[  199.611252][T26778] 8021q: adding VLAN 0 to HW filter on device team0
[  199.625297][   T51] bridge0: port 1(bridge_slave_0) entered blocking state
[  199.632415][   T51] bridge0: port 1(bridge_slave_0) entered forwarding state
[  199.645996][  T158] bridge0: port 2(bridge_slave_1) entered blocking state
[  199.653215][  T158] bridge0: port 2(bridge_slave_1) entered forwarding state
[  199.737277][T26778] 8021q: adding VLAN 0 to HW filter on device batadv0
[  199.888649][T26778] veth0_vlan: entered promiscuous mode
[  199.899989][T26778] veth1_vlan: entered promiscuous mode
[  199.919679][T26778] veth0_macvtap: entered promiscuous mode
[  199.938081][T26778] veth1_macvtap: entered promiscuous mode
[  199.968883][T26778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  199.979453][T26778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  199.989305][T26778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  199.999836][T26778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.010050][T26778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  200.020562][T26778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.030428][T26778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  200.040882][T26778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.050907][T26778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  200.061540][T26778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.071377][T26778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  200.081918][T26778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.091900][T26778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  200.102432][T26778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.112276][T26778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  200.122784][T26778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.152044][T26994] FAULT_INJECTION: forcing a failure.
[  200.152044][T26994] name failslab, interval 1, probability 0, space 0, times 0
[  200.156315][T26778] batman_adv: batadv0: Interface activated: batadv_slave_0
[  200.164845][T26994] CPU: 1 UID: 0 PID: 26994 Comm: syz.0.3157 Not tainted 6.14.0-syzkaller-12508-g92b71befc349 #0 PREEMPT(voluntary) 
[  200.164882][T26994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  200.164898][T26994] Call Trace:
[  200.164905][T26994]  <TASK>
[  200.164916][T26994]  dump_stack_lvl+0xf6/0x150
[  200.164948][T26994]  dump_stack+0x15/0x1a
[  200.164978][T26994]  should_fail_ex+0x261/0x270
[  200.165012][T26994]  should_failslab+0x8f/0xb0
[  200.165051][T26994]  kmem_cache_alloc_noprof+0x59/0x340
[  200.165072][T26994]  ? audit_log_start+0x37f/0x6e0
[  200.165170][T26994]  audit_log_start+0x37f/0x6e0
[  200.165200][T26994]  ? kstrtouint+0x7b/0xc0
[  200.165232][T26994]  audit_seccomp+0x4b/0x130
[  200.165257][T26994]  __seccomp_filter+0x694/0x10e0
[  200.165333][T26994]  ? vfs_write+0x669/0x950
[  200.165368][T26994]  ? putname+0xe1/0x100
[  200.165398][T26994]  __secure_computing+0x7e/0x160
[  200.165436][T26994]  syscall_trace_enter+0xcf/0x1f0
[  200.165474][T26994]  ? fpregs_assert_state_consistent+0x83/0xa0
[  200.165565][T26994]  do_syscall_64+0xaa/0x1c0
[  200.165598][T26994]  ? clear_bhb_loop+0x25/0x80
[  200.165627][T26994]  ? clear_bhb_loop+0x25/0x80
[  200.165653][T26994]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  200.165744][T26994] RIP: 0033:0x7f9c8a81d169
[  200.165763][T26994] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  200.165786][T26994] RSP: 002b:00007f9c88e87038 EFLAGS: 00000246 ORIG_RAX: 00000000000000dd
[  200.165809][T26994] RAX: ffffffffffffffda RBX: 00007f9c8aa35fa0 RCX: 00007f9c8a81d169
[  200.165853][T26994] RDX: 0000000000000001 RSI: ffffffffffffffff RDI: ffffffffffffffff
[  200.165884][T26994] RBP: 00007f9c88e87090 R08: 0000000000000000 R09: 0000000000000000
[  200.165899][T26994] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000001
[  200.165914][T26994] R13: 0000000000000000 R14: 00007f9c8aa35fa0 R15: 00007ffc186a9eb8
[  200.165939][T26994]  </TASK>
[  200.371112][T26778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  200.381728][T26778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.391554][T27046] netlink: 56 bytes leftover after parsing attributes in process `syz.0.3160'.
[  200.400525][T26778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  200.411162][T26778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.420992][T26778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  200.431547][T26778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.441384][T26778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  200.451833][T26778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.461692][T26778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  200.472242][T26778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.482121][T26778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  200.492722][T26778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.502609][T26778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  200.513072][T26778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.522909][T26778] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  200.533358][T26778] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.557487][T27213] 9pnet_fd: Insufficient options for proto=fd
[  200.579403][T26778] batman_adv: batadv0: Interface activated: batadv_slave_1
[  200.605770][T26778] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  200.614564][T26778] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  200.623533][T26778] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  200.632345][T26778] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  200.785124][T27281] 9pnet_fd: Insufficient options for proto=fd
[  200.829784][T27288] ip6t_srh: unknown srh invflags 92A7
[  201.011484][T27296] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3169'.
[  201.155752][T27310] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3174'.
[  201.164804][T27310] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3174'.
[  201.351509][T27322] Falling back ldisc for ttyS3.
[  201.481170][T27757] loop3: detected capacity change from 0 to 512
[  201.818471][T27757] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  201.850428][T27757] ext4 filesystem being mounted at /19/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  202.071991][T31952] FAULT_INJECTION: forcing a failure.
[  202.071991][T31952] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  202.085472][T31952] CPU: 0 UID: 0 PID: 31952 Comm: syz.4.3181 Not tainted 6.14.0-syzkaller-12508-g92b71befc349 #0 PREEMPT(voluntary) 
[  202.085513][T31952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  202.085529][T31952] Call Trace:
[  202.085536][T31952]  <TASK>
[  202.085544][T31952]  dump_stack_lvl+0xf6/0x150
[  202.085573][T31952]  dump_stack+0x15/0x1a
[  202.085676][T31952]  should_fail_ex+0x261/0x270
[  202.085709][T31952]  should_fail+0xb/0x10
[  202.085739][T31952]  should_fail_usercopy+0x1a/0x20
[  202.085927][T31952]  _copy_from_user+0x1c/0xa0
[  202.086000][T31952]  copy_msghdr_from_user+0x54/0x2b0
[  202.086042][T31952]  ? __fget_files+0x186/0x1c0
[  202.086069][T31952]  __sys_sendmsg+0x141/0x240
[  202.086161][T31952]  __x64_sys_sendmsg+0x46/0x50
[  202.086192][T31952]  x64_sys_call+0x26f3/0x2e10
[  202.086269][T31952]  do_syscall_64+0xc9/0x1c0
[  202.086297][T31952]  ? clear_bhb_loop+0x25/0x80
[  202.086361][T31952]  ? clear_bhb_loop+0x25/0x80
[  202.086385][T31952]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.086411][T31952] RIP: 0033:0x7f9ece27d169
[  202.086429][T31952] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  202.086450][T31952] RSP: 002b:00007f9ecc8df038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  202.086473][T31952] RAX: ffffffffffffffda RBX: 00007f9ece495fa0 RCX: 00007f9ece27d169
[  202.086549][T31952] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000004
[  202.086569][T31952] RBP: 00007f9ecc8df090 R08: 0000000000000000 R09: 0000000000000000
[  202.086581][T31952] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  202.086595][T31952] R13: 0000000000000000 R14: 00007f9ece495fa0 R15: 00007ffcf3690f78
[  202.086619][T31952]  </TASK>
[  202.568373][T27662] syz.3.3178 (27662) used greatest stack depth: 9576 bytes left
[  202.592914][T32719] netlink: 56 bytes leftover after parsing attributes in process `syz.4.3193'.
[  202.608102][T26338] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.611900][T32721] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3194'.
[  202.695567][T32725] loop4: detected capacity change from 0 to 1024
[  202.756455][T32725] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  202.793502][T32725] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  202.833572][T32725] EXT4-fs (loop4): Delayed block allocation failed for inode 16 at logical offset 51 with max blocks 1 with error 28
[  202.845951][T32725] EXT4-fs (loop4): This should not happen!! Data will be lost
[  202.845951][T32725] 
[  202.855674][T32725] EXT4-fs (loop4): Total free blocks count 0
[  202.861788][T32725] EXT4-fs (loop4): Free/Dirty block details
[  202.867714][T32725] EXT4-fs (loop4): free_blocks=68451041280
[  202.873558][T32725] EXT4-fs (loop4): dirty_blocks=16
[  202.878722][T32725] EXT4-fs (loop4): Block reservation details
[  202.884717][T32725] EXT4-fs (loop4): i_reserved_data_blocks=1
[  202.894557][T32725] IPv4: Oversized IP packet from 127.202.26.0
[  202.980401][T26778] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  203.374954][  T382] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3207'.
[  203.444244][  T417] netlink: 'syz.3.3209': attribute type 21 has an invalid length.
[  203.461750][  T417] netlink: 'syz.3.3209': attribute type 1 has an invalid length.
[  203.469562][  T417] netlink: 144 bytes leftover after parsing attributes in process `syz.3.3209'.
[  203.512476][  T375] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=514 sclass=netlink_route_socket pid=375 comm=syz.1.3205
[  203.561796][   T29] kauditd_printk_skb: 655 callbacks suppressed
[  203.561903][   T29] audit: type=1326 audit(1743645163.842:26417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=516 comm="syz.2.3210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f17f4dbd169 code=0x7ffc0000
[  203.591670][   T29] audit: type=1326 audit(1743645163.842:26418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=516 comm="syz.2.3210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17f4dbd169 code=0x7ffc0000
[  203.615233][   T29] audit: type=1326 audit(1743645163.842:26419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=516 comm="syz.2.3210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17f4dbd169 code=0x7ffc0000
[  203.643200][   T29] audit: type=1326 audit(1743645163.912:26420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=516 comm="syz.2.3210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f17f4dbd169 code=0x7ffc0000
[  203.666764][   T29] audit: type=1326 audit(1743645163.912:26421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=516 comm="syz.2.3210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17f4dbd169 code=0x7ffc0000
[  203.690370][   T29] audit: type=1326 audit(1743645163.912:26422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=516 comm="syz.2.3210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f17f4dbd169 code=0x7ffc0000
[  203.713856][   T29] audit: type=1326 audit(1743645163.912:26423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=516 comm="syz.2.3210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17f4dbd169 code=0x7ffc0000
[  203.737366][   T29] audit: type=1326 audit(1743645163.912:26424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=516 comm="syz.2.3210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f17f4dbd169 code=0x7ffc0000
[  203.760813][   T29] audit: type=1326 audit(1743645163.912:26425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=516 comm="syz.2.3210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17f4dbd169 code=0x7ffc0000
[  203.784365][   T29] audit: type=1326 audit(1743645163.912:26426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=516 comm="syz.2.3210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f17f4dbd169 code=0x7ffc0000
[  203.984261][  T614] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3220'.
[  204.079964][  T627] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  204.118257][  T629] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3226'.
[  204.224539][  T639] netlink: 56 bytes leftover after parsing attributes in process `syz.0.3241'.
[  204.257981][  T646] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3233'.
[  204.297664][  T648] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3234'.
[  204.340501][  T648] 8021q: adding VLAN 0 to HW filter on device batadv1
[  204.368109][  T648] team0: Port device batadv1 added
[  204.517927][  T665] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3251'.
[  204.549092][  T669] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3243'.
[  204.571523][  T665] 8021q: adding VLAN 0 to HW filter on device batadv2
[  204.586272][  T665] team0: Port device batadv2 added
[  204.626892][  T675] netlink: 56 bytes leftover after parsing attributes in process `syz.1.3246'.
[  204.657290][  T677] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3248'.
[  204.721270][  T680] loop4: detected capacity change from 0 to 512
[  204.747139][  T680] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  204.768242][  T689] netlink: 'syz.3.3254': attribute type 21 has an invalid length.
[  204.802428][  T680] ext4 filesystem being mounted at /27/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  204.831553][  T689] netlink: 'syz.3.3254': attribute type 1 has an invalid length.
[  204.839394][  T689] netlink: 144 bytes leftover after parsing attributes in process `syz.3.3254'.
[  204.983968][T26778] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  205.036972][  T709] 8021q: adding VLAN 0 to HW filter on device batadv1
[  205.045316][  T709] team0: Port device batadv1 added
[  205.187424][  T724] netlink: 'syz.0.3268': attribute type 21 has an invalid length.
[  205.208189][  T724] netlink: 'syz.0.3268': attribute type 1 has an invalid length.
[  205.273586][  T730] netlink: 'syz.4.3270': attribute type 21 has an invalid length.
[  205.285540][  T730] netlink: 'syz.4.3270': attribute type 1 has an invalid length.
[  205.999259][  T752] 8021q: adding VLAN 0 to HW filter on device batadv3
[  206.057214][  T752] team0: Port device batadv3 added
[  206.539930][  T774] netlink: 'syz.2.3289': attribute type 21 has an invalid length.
[  206.571003][  T774] netlink: 'syz.2.3289': attribute type 1 has an invalid length.
[  207.060986][  T854] netlink: 'syz.0.3302': attribute type 21 has an invalid length.
[  207.084848][  T854] netlink: 'syz.0.3302': attribute type 1 has an invalid length.
[  207.741971][  T886] 8021q: adding VLAN 0 to HW filter on device batadv1
[  207.759778][  T886] team0: Port device batadv1 added
[  208.569308][   T29] kauditd_printk_skb: 1185 callbacks suppressed
[  208.569327][   T29] audit: type=1326 audit(1743645168.852:27611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=913 comm="syz.0.3325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c8a81d169 code=0x7ffc0000
[  208.667387][   T29] audit: type=1326 audit(1743645168.852:27612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=913 comm="syz.0.3325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c8a81d169 code=0x7ffc0000
[  208.690892][   T29] audit: type=1326 audit(1743645168.852:27613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=913 comm="syz.0.3325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9c8a81d169 code=0x7ffc0000
[  208.714618][   T29] audit: type=1326 audit(1743645168.852:27614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=913 comm="syz.0.3325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c8a81d169 code=0x7ffc0000
[  208.738202][   T29] audit: type=1326 audit(1743645168.852:27615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=913 comm="syz.0.3325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c8a81d169 code=0x7ffc0000
[  208.761966][   T29] audit: type=1326 audit(1743645168.852:27616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=913 comm="syz.0.3325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9c8a81d169 code=0x7ffc0000
[  208.785396][   T29] audit: type=1326 audit(1743645168.852:27617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=913 comm="syz.0.3325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c8a81d169 code=0x7ffc0000
[  208.808927][   T29] audit: type=1326 audit(1743645168.852:27618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=913 comm="syz.0.3325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9c8a81d169 code=0x7ffc0000
[  208.832352][   T29] audit: type=1326 audit(1743645168.852:27619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=913 comm="syz.0.3325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c8a81d169 code=0x7ffc0000
[  208.855889][   T29] audit: type=1326 audit(1743645168.852:27620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=913 comm="syz.0.3325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9c8a81d169 code=0x7ffc0000
[  208.998308][  T925] __nla_validate_parse: 27 callbacks suppressed
[  208.998329][  T925] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3329'.
[  209.078099][  T933] 8021q: adding VLAN 0 to HW filter on device batadv2
[  209.100573][  T933] team0: Port device batadv2 added
[  209.149492][  T939] netlink: 96 bytes leftover after parsing attributes in process `syz.3.3336'.
[  209.164172][  T939] netlink: 96 bytes leftover after parsing attributes in process `syz.3.3336'.
[  209.265954][  T949] netlink: 144 bytes leftover after parsing attributes in process `syz.0.3340'.
[  209.279855][  T952] netlink: 144 bytes leftover after parsing attributes in process `syz.1.3342'.
[  209.306632][  T954] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3343'.
[  209.388104][  T956] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3344'.
[  209.477304][  T961] netlink: 56 bytes leftover after parsing attributes in process `syz.1.3345'.
[  209.564720][  T969] 8021q: adding VLAN 0 to HW filter on device batadv4
[  209.574590][  T969] team0: Port device batadv4 added
[  209.671953][  T979] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3354'.
[  209.683082][  T977] netlink: 96 bytes leftover after parsing attributes in process `syz.4.3353'.
[  210.390238][ T1026] validate_nla: 6 callbacks suppressed
[  210.390252][ T1026] netlink: 'syz.4.3372': attribute type 21 has an invalid length.
[  210.413843][ T1026] netlink: 'syz.4.3372': attribute type 1 has an invalid length.
[  211.462660][ T1109] loop4: detected capacity change from 0 to 128
[  211.475019][ T1109] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  211.487690][ T1109] ext4 filesystem being mounted at /49/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  211.573093][T26778] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  211.738189][ T1129] netlink: 'syz.4.3411': attribute type 21 has an invalid length.
[  211.754521][ T1129] netlink: 'syz.4.3411': attribute type 1 has an invalid length.
[  213.303765][ T1225] SELinux:  Context #! ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  213.426194][ T1238] 8021q: adding VLAN 0 to HW filter on device batadv5
[  213.526576][ T1238] team0: Port device batadv5 added
[  213.606954][   T29] kauditd_printk_skb: 1022 callbacks suppressed
[  213.606972][   T29] audit: type=1326 audit(1743645173.882:28643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1241 comm="syz.4.3458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ece27d169 code=0x7ffc0000
[  213.608059][ T1243] netlink: 'syz.4.3458': attribute type 21 has an invalid length.
[  213.613437][   T29] audit: type=1326 audit(1743645173.882:28644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1241 comm="syz.4.3458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9ece27d169 code=0x7ffc0000
[  213.699144][ T1243] netlink: 'syz.4.3458': attribute type 1 has an invalid length.
[  213.708838][   T29] audit: type=1326 audit(1743645173.882:28645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1241 comm="syz.4.3458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ece27d169 code=0x7ffc0000
[  213.732426][   T29] audit: type=1326 audit(1743645173.882:28646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1241 comm="syz.4.3458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9ece27d169 code=0x7ffc0000
[  213.755991][   T29] audit: type=1326 audit(1743645173.882:28647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1241 comm="syz.4.3458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ece27d169 code=0x7ffc0000
[  213.779607][   T29] audit: type=1326 audit(1743645173.882:28648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1241 comm="syz.4.3458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9ece27d169 code=0x7ffc0000
[  213.803213][   T29] audit: type=1326 audit(1743645173.882:28649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1241 comm="syz.4.3458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ece27d169 code=0x7ffc0000
[  213.826791][   T29] audit: type=1326 audit(1743645173.882:28650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1241 comm="syz.4.3458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f9ece27d169 code=0x7ffc0000
[  213.850536][   T29] audit: type=1326 audit(1743645173.952:28651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1241 comm="syz.4.3458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ece27d169 code=0x7ffc0000
[  213.874135][   T29] audit: type=1326 audit(1743645173.952:28652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1241 comm="syz.4.3458" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f9ece27d169 code=0x7ffc0000
[  214.140179][ T1284] __nla_validate_parse: 27 callbacks suppressed
[  214.140195][ T1284] netlink: 56 bytes leftover after parsing attributes in process `syz.1.3472'.
[  214.187988][ T1281] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3471'.
[  214.304277][ T1298] netlink: 56 bytes leftover after parsing attributes in process `syz.1.3477'.
[  214.561255][ T1315] netlink: 56 bytes leftover after parsing attributes in process `syz.4.3484'.
[  214.635853][ T1321] netlink: 'syz.3.3486': attribute type 21 has an invalid length.
[  214.644302][ T1321] netlink: 'syz.3.3486': attribute type 1 has an invalid length.
[  214.652306][ T1321] netlink: 144 bytes leftover after parsing attributes in process `syz.3.3486'.
[  214.837019][ T1328] loop4: detected capacity change from 0 to 512
[  214.952306][ T1328] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  215.177214][T26778] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.236980][ T1347] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3495'.
[  215.251614][ T1346] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3497'.
[  215.446726][ T1363] netlink: 72 bytes leftover after parsing attributes in process `syz.4.3503'.
[  215.457840][ T1363] netlink: 72 bytes leftover after parsing attributes in process `syz.4.3503'.
[  215.461077][ T1365] netlink: 'syz.0.3504': attribute type 21 has an invalid length.
[  215.471898][ T1363] netlink: 72 bytes leftover after parsing attributes in process `syz.4.3503'.
[  215.492750][ T1365] netlink: 'syz.0.3504': attribute type 1 has an invalid length.
[  215.624798][ T1378] FAULT_INJECTION: forcing a failure.
[  215.624798][ T1378] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  215.637946][ T1378] CPU: 1 UID: 0 PID: 1378 Comm: syz.0.3510 Not tainted 6.14.0-syzkaller-12508-g92b71befc349 #0 PREEMPT(voluntary) 
[  215.637979][ T1378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  215.638012][ T1378] Call Trace:
[  215.638074][ T1378]  <TASK>
[  215.638083][ T1378]  dump_stack_lvl+0xf6/0x150
[  215.638112][ T1378]  dump_stack+0x15/0x1a
[  215.638133][ T1378]  should_fail_ex+0x261/0x270
[  215.638166][ T1378]  should_fail+0xb/0x10
[  215.638195][ T1378]  should_fail_usercopy+0x1a/0x20
[  215.638230][ T1378]  _copy_from_user+0x1c/0xa0
[  215.638331][ T1378]  copy_msghdr_from_user+0x54/0x2b0
[  215.638440][ T1378]  ? __fget_files+0x186/0x1c0
[  215.638507][ T1378]  __sys_sendmsg+0x141/0x240
[  215.638557][ T1378]  __x64_sys_sendmsg+0x46/0x50
[  215.638588][ T1378]  x64_sys_call+0x26f3/0x2e10
[  215.638615][ T1378]  do_syscall_64+0xc9/0x1c0
[  215.638695][ T1378]  ? clear_bhb_loop+0x25/0x80
[  215.638758][ T1378]  ? clear_bhb_loop+0x25/0x80
[  215.638785][ T1378]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.638808][ T1378] RIP: 0033:0x7f9c8a81d169
[  215.638825][ T1378] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  215.638843][ T1378] RSP: 002b:00007f9c88e87038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  215.638865][ T1378] RAX: ffffffffffffffda RBX: 00007f9c8aa35fa0 RCX: 00007f9c8a81d169
[  215.638880][ T1378] RDX: 00000000040000d0 RSI: 00002000000001c0 RDI: 0000000000000006
[  215.638906][ T1378] RBP: 00007f9c88e87090 R08: 0000000000000000 R09: 0000000000000000
[  215.638921][ T1378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  215.638936][ T1378] R13: 0000000000000000 R14: 00007f9c8aa35fa0 R15: 00007ffc186a9eb8
[  215.638960][ T1378]  </TASK>
[  216.056656][ T1403] sctp: [Deprecated]: syz.2.3517 (pid 1403) Use of struct sctp_assoc_value in delayed_ack socket option.
[  216.056656][ T1403] Use struct sctp_sack_info instead
[  218.498573][ T1776] netlink: 'syz.3.3552': attribute type 21 has an invalid length.
[  218.526996][ T1776] netlink: 'syz.3.3552': attribute type 1 has an invalid length.
[  219.007515][   T29] kauditd_printk_skb: 909 callbacks suppressed
[  219.007531][   T29] audit: type=1326 audit(1743645179.282:29562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1827 comm="syz.1.3557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f954348d169 code=0x7ffc0000
[  219.037478][   T29] audit: type=1326 audit(1743645179.282:29563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1827 comm="syz.1.3557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f954348d169 code=0x7ffc0000
[  219.069931][ T1830] netlink: 'syz.0.3558': attribute type 21 has an invalid length.
[  219.079118][ T1830] netlink: 'syz.0.3558': attribute type 1 has an invalid length.
[  219.123648][   T29] audit: type=1326 audit(1743645179.292:29564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1827 comm="syz.1.3557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f954348d169 code=0x7ffc0000
[  219.147281][   T29] audit: type=1326 audit(1743645179.292:29565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1827 comm="syz.1.3557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f954348d169 code=0x7ffc0000
[  219.170911][   T29] audit: type=1326 audit(1743645179.292:29566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1827 comm="syz.1.3557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f954348b9d7 code=0x7ffc0000
[  219.194455][   T29] audit: type=1326 audit(1743645179.292:29567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1827 comm="syz.1.3557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f954348d169 code=0x7ffc0000
[  219.218397][   T29] audit: type=1326 audit(1743645179.292:29568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1827 comm="syz.1.3557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f954348d169 code=0x7ffc0000
[  219.242031][   T29] audit: type=1326 audit(1743645179.292:29569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1827 comm="syz.1.3557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f954348d169 code=0x7ffc0000
[  219.265536][   T29] audit: type=1326 audit(1743645179.292:29570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1827 comm="syz.1.3557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f954348d169 code=0x7ffc0000
[  219.289118][   T29] audit: type=1326 audit(1743645179.292:29571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1827 comm="syz.1.3557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f954348d169 code=0x7ffc0000
[  219.387646][ T2125] __nla_validate_parse: 11 callbacks suppressed
[  219.387680][ T2125] netlink: 72 bytes leftover after parsing attributes in process `syz.4.3561'.
[  219.405079][ T2125] netlink: 72 bytes leftover after parsing attributes in process `syz.4.3561'.
[  219.419539][ T2125] netlink: 72 bytes leftover after parsing attributes in process `syz.4.3561'.
[  219.467108][ T2110] 9pnet_fd: Insufficient options for proto=fd
[  219.525341][ T2169] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3562'.
[  219.626712][ T2185] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3567'.
[  219.652520][ T2187] netlink: 'syz.1.3570': attribute type 21 has an invalid length.
[  219.673955][ T2187] netlink: 'syz.1.3570': attribute type 1 has an invalid length.
[  219.681829][ T2187] netlink: 144 bytes leftover after parsing attributes in process `syz.1.3570'.
[  219.740819][ T2194] netlink: 72 bytes leftover after parsing attributes in process `syz.3.3573'.
[  219.754166][ T2194] netlink: 72 bytes leftover after parsing attributes in process `syz.3.3573'.
[  219.764367][ T2194] netlink: 72 bytes leftover after parsing attributes in process `syz.3.3573'.
[  219.790745][ T2197] netlink: 56 bytes leftover after parsing attributes in process `syz.0.3574'.
[  220.324155][ T2242] 0ªX¹¦À: renamed from caif0
[  220.348271][ T2242] 0ªX¹¦À: entered allmulticast mode
[  220.353567][ T2242] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  220.877496][ T2265] hub 9-0:1.0: USB hub found
[  220.887140][ T2265] hub 9-0:1.0: 8 ports detected
[  220.902783][ T2266] 9pnet_fd: Insufficient options for proto=fd
[  221.306660][ T2276] loop4: detected capacity change from 0 to 512
[  221.391815][ T2276] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  221.409412][ T2276] ext4 filesystem being mounted at /90/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  221.529667][ T2293] FAULT_INJECTION: forcing a failure.
[  221.529667][ T2293] name failslab, interval 1, probability 0, space 0, times 0
[  221.542386][ T2293] CPU: 0 UID: 0 PID: 2293 Comm: syz.0.3611 Not tainted 6.14.0-syzkaller-12508-g92b71befc349 #0 PREEMPT(voluntary) 
[  221.542414][ T2293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  221.542427][ T2293] Call Trace:
[  221.542434][ T2293]  <TASK>
[  221.542443][ T2293]  dump_stack_lvl+0xf6/0x150
[  221.542497][ T2293]  dump_stack+0x15/0x1a
[  221.542517][ T2293]  should_fail_ex+0x261/0x270
[  221.542550][ T2293]  should_failslab+0x8f/0xb0
[  221.542586][ T2293]  __kmalloc_node_track_caller_noprof+0xaa/0x410
[  221.542690][ T2293]  ? sidtab_sid2str_get+0xb8/0x140
[  221.542717][ T2293]  ? vsnprintf+0x84d/0x8a0
[  221.542758][ T2293]  kmemdup_noprof+0x2b/0x70
[  221.542838][ T2293]  sidtab_sid2str_get+0xb8/0x140
[  221.542908][ T2293]  security_sid_to_context_core+0x1eb/0x2f0
[  221.542938][ T2293]  security_sid_to_context+0x27/0x30
[  221.543033][ T2293]  selinux_lsmprop_to_secctx+0x6c/0xf0
[  221.543063][ T2293]  security_lsmprop_to_secctx+0x40/0x80
[  221.543100][ T2293]  audit_log_task_context+0x7a/0x180
[  221.543205][ T2293]  audit_log_task+0xfb/0x250
[  221.543227][ T2293]  audit_seccomp+0x68/0x130
[  221.543360][ T2293]  __seccomp_filter+0x694/0x10e0
[  221.543391][ T2293]  ? vfs_write+0x669/0x950
[  221.543431][ T2293]  __secure_computing+0x7e/0x160
[  221.543467][ T2293]  syscall_trace_enter+0xcf/0x1f0
[  221.543549][ T2293]  do_syscall_64+0xaa/0x1c0
[  221.543581][ T2293]  ? clear_bhb_loop+0x25/0x80
[  221.543607][ T2293]  ? clear_bhb_loop+0x25/0x80
[  221.543652][ T2293]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  221.543676][ T2293] RIP: 0033:0x7f9c8a81d169
[  221.543693][ T2293] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  221.543714][ T2293] RSP: 002b:00007f9c88e87038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c5
[  221.543733][ T2293] RAX: ffffffffffffffda RBX: 00007f9c8aa35fa0 RCX: 00007f9c8a81d169
[  221.543820][ T2293] RDX: 0000000000000000 RSI: 00002000000004c0 RDI: 00002000000003c0
[  221.543835][ T2293] RBP: 00007f9c88e87090 R08: 0000000000000000 R09: 0000000000000000
[  221.543848][ T2293] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  221.543862][ T2293] R13: 0000000000000000 R14: 00007f9c8aa35fa0 R15: 00007ffc186a9eb8
[  221.543891][ T2293]  </TASK>
[  221.809213][T26778] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.174598][ T2319] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=16414 sclass=netlink_route_socket pid=2319 comm=syz.3.3622
[  222.930527][ T2366] loop4: detected capacity change from 0 to 512
[  222.958193][ T2366] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  223.023636][ T2376] 9pnet_fd: Insufficient options for proto=fd
[  223.115214][T26778] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.673574][ T2424] netlink: 'syz.2.3661': attribute type 21 has an invalid length.
[  223.681746][ T2424] netlink: 'syz.2.3661': attribute type 1 has an invalid length.
[  224.229232][   T29] kauditd_printk_skb: 1207 callbacks suppressed
[  224.229247][   T29] audit: type=1326 audit(1743645181.509:30778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2436 comm="syz.1.3667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f954348d169 code=0x7ffc0000
[  224.290895][   T29] audit: type=1326 audit(1743645181.539:30779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2436 comm="syz.1.3667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f954348d169 code=0x7ffc0000
[  224.314668][   T29] audit: type=1326 audit(1743645181.539:30780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2436 comm="syz.1.3667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f954348d169 code=0x7ffc0000
[  224.338693][   T29] audit: type=1326 audit(1743645181.539:30781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2436 comm="syz.1.3667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f954348d169 code=0x7ffc0000
[  224.362432][   T29] audit: type=1326 audit(1743645181.539:30782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2436 comm="syz.1.3667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f954348d169 code=0x7ffc0000
[  224.386341][   T29] audit: type=1326 audit(1743645181.539:30783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2436 comm="syz.1.3667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f954348d169 code=0x7ffc0000
[  224.409899][   T29] audit: type=1326 audit(1743645181.539:30784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2436 comm="syz.1.3667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f954348d169 code=0x7ffc0000
[  224.433678][   T29] audit: type=1326 audit(1743645181.539:30785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2436 comm="syz.1.3667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f954348d169 code=0x7ffc0000
[  224.457274][   T29] audit: type=1326 audit(1743645181.549:30786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2436 comm="syz.1.3667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f954348d169 code=0x7ffc0000
[  224.480857][   T29] audit: type=1326 audit(1743645181.549:30787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2436 comm="syz.1.3667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f954348d169 code=0x7ffc0000
[  224.619479][ T2442] 9pnet_fd: Insufficient options for proto=fd
[  224.641588][ T2446] __nla_validate_parse: 27 callbacks suppressed
[  224.641606][ T2446] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3672'.
[  224.652362][ T2448] netlink: 72 bytes leftover after parsing attributes in process `syz.3.3671'.
[  224.667295][ T2448] netlink: 72 bytes leftover after parsing attributes in process `syz.3.3671'.
[  224.677364][ T2448] netlink: 72 bytes leftover after parsing attributes in process `syz.3.3671'.
[  224.733484][ T2451] 9pnet_fd: Insufficient options for proto=fd
[  224.904398][ T2464] netlink: 'syz.3.3677': attribute type 21 has an invalid length.
[  224.918136][ T2464] netlink: 'syz.3.3677': attribute type 1 has an invalid length.
[  224.925983][ T2464] netlink: 144 bytes leftover after parsing attributes in process `syz.3.3677'.
[  225.273181][ T2531] netlink: 56 bytes leftover after parsing attributes in process `syz.2.3684'.
[  225.438105][ T2534] netlink: 72 bytes leftover after parsing attributes in process `syz.3.3685'.
[  225.448057][ T2534] netlink: 72 bytes leftover after parsing attributes in process `syz.3.3685'.
[  225.458098][ T2534] netlink: 72 bytes leftover after parsing attributes in process `syz.3.3685'.
[  225.644929][ T2564] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3689'.
[  225.692005][ T2575] netlink: 'syz.2.3690': attribute type 21 has an invalid length.
[  225.704983][ T2575] netlink: 'syz.2.3690': attribute type 1 has an invalid length.
[  225.858072][ T2689] 9pnet_fd: Insufficient options for proto=fd
[  225.909873][ T2693] 9pnet_fd: Insufficient options for proto=fd
[  226.155445][ T2711] netlink: 'syz.2.3704': attribute type 21 has an invalid length.
[  226.165108][ T2711] netlink: 'syz.2.3704': attribute type 1 has an invalid length.
[  226.337811][ T2723] 9pnet_fd: Insufficient options for proto=fd
[  226.865546][ T2746] netlink: 'syz.1.3716': attribute type 21 has an invalid length.
[  226.878252][ T2746] netlink: 'syz.1.3716': attribute type 1 has an invalid length.
[  226.907250][ T2750] 9pnet_fd: Insufficient options for proto=fd
[  226.958444][ T2756] 9pnet_fd: Insufficient options for proto=fd
[  227.322255][ T2783] 9pnet_fd: Insufficient options for proto=fd
[  227.587392][ T2803] FAULT_INJECTION: forcing a failure.
[  227.587392][ T2803] name failslab, interval 1, probability 0, space 0, times 0
[  227.600236][ T2803] CPU: 1 UID: 0 PID: 2803 Comm: syz.3.3729 Not tainted 6.14.0-syzkaller-12508-g92b71befc349 #0 PREEMPT(voluntary) 
[  227.600267][ T2803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  227.600282][ T2803] Call Trace:
[  227.600291][ T2803]  <TASK>
[  227.600299][ T2803]  dump_stack_lvl+0xf6/0x150
[  227.600325][ T2803]  dump_stack+0x15/0x1a
[  227.600342][ T2803]  should_fail_ex+0x261/0x270
[  227.600375][ T2803]  should_failslab+0x8f/0xb0
[  227.600412][ T2803]  kmem_cache_alloc_noprof+0x59/0x340
[  227.600438][ T2803]  ? mas_alloc_nodes+0x1f4/0x4a0
[  227.600469][ T2803]  mas_alloc_nodes+0x1f4/0x4a0
[  227.600498][ T2803]  mas_preallocate+0x48d/0x6b0
[  227.600532][ T2803]  __split_vma+0x23e/0x630
[  227.600559][ T2803]  vms_gather_munmap_vmas+0x2a5/0x790
[  227.600598][ T2803]  do_vmi_align_munmap+0x1a5/0x3c0
[  227.600644][ T2803]  do_vmi_munmap+0x1eb/0x230
[  227.600685][ T2803]  __vm_munmap+0x196/0x270
[  227.600715][ T2803]  __x64_sys_munmap+0x36/0x40
[  227.600751][ T2803]  x64_sys_call+0xe1b/0x2e10
[  227.600777][ T2803]  do_syscall_64+0xc9/0x1c0
[  227.600802][ T2803]  ? clear_bhb_loop+0x25/0x80
[  227.600828][ T2803]  ? clear_bhb_loop+0x25/0x80
[  227.600853][ T2803]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  227.600878][ T2803] RIP: 0033:0x7f9edaeed169
[  227.600895][ T2803] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  227.600916][ T2803] RSP: 002b:00007f9ed9515038 EFLAGS: 00000246 ORIG_RAX: 000000000000000b
[  227.600935][ T2803] RAX: ffffffffffffffda RBX: 00007f9edb106160 RCX: 00007f9edaeed169
[  227.600947][ T2803] RDX: 0000000000000000 RSI: 0000000000003000 RDI: 0000200000001000
[  227.600958][ T2803] RBP: 00007f9ed9515090 R08: 0000000000000000 R09: 0000000000000000
[  227.600969][ T2803] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  227.600980][ T2803] R13: 0000000000000000 R14: 00007f9edb106160 R15: 00007ffc636b8228
[  227.601000][ T2803]  </TASK>
[  228.050024][ T2823] FAULT_INJECTION: forcing a failure.
[  228.050024][ T2823] name failslab, interval 1, probability 0, space 0, times 0
[  228.062781][ T2823] CPU: 1 UID: 0 PID: 2823 Comm: syz.0.3741 Not tainted 6.14.0-syzkaller-12508-g92b71befc349 #0 PREEMPT(voluntary) 
[  228.062857][ T2823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  228.062872][ T2823] Call Trace:
[  228.062879][ T2823]  <TASK>
[  228.062888][ T2823]  dump_stack_lvl+0xf6/0x150
[  228.062913][ T2823]  dump_stack+0x15/0x1a
[  228.062930][ T2823]  should_fail_ex+0x261/0x270
[  228.063023][ T2823]  should_failslab+0x8f/0xb0
[  228.063092][ T2823]  __kmalloc_noprof+0xad/0x410
[  228.063118][ T2823]  ? sock_kmalloc+0x83/0xc0
[  228.063250][ T2823]  sock_kmalloc+0x83/0xc0
[  228.063281][ T2823]  ipv6_renew_options+0x1ed/0x5c0
[  228.063325][ T2823]  ? _raw_spin_unlock_bh+0x36/0x40
[  228.063428][ T2823]  ipv6_set_opt_hdr+0x1c8/0x540
[  228.063496][ T2823]  do_ipv6_setsockopt+0x128d/0x2240
[  228.063521][ T2823]  ? kstrtouint+0x7b/0xc0
[  228.063542][ T2823]  ? __rcu_read_unlock+0x4e/0x70
[  228.063575][ T2823]  ? avc_has_perm_noaudit+0x1cc/0x210
[  228.063675][ T2823]  ? selinux_netlbl_socket_setsockopt+0xea/0x2d0
[  228.063714][ T2823]  ? avc_has_perm+0xd6/0x150
[  228.063749][ T2823]  ipv6_setsockopt+0x57/0x130
[  228.063846][ T2823]  udpv6_setsockopt+0x95/0xb0
[  228.063870][ T2823]  sock_common_setsockopt+0x64/0x80
[  228.063925][ T2823]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  228.063967][ T2823]  __sys_setsockopt+0x187/0x200
[  228.063997][ T2823]  __x64_sys_setsockopt+0x66/0x80
[  228.064096][ T2823]  x64_sys_call+0x2a09/0x2e10
[  228.064121][ T2823]  do_syscall_64+0xc9/0x1c0
[  228.064146][ T2823]  ? clear_bhb_loop+0x25/0x80
[  228.064171][ T2823]  ? clear_bhb_loop+0x25/0x80
[  228.064226][ T2823]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.064251][ T2823] RIP: 0033:0x7f9c8a81d169
[  228.064268][ T2823] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  228.064292][ T2823] RSP: 002b:00007f9c88e87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  228.064313][ T2823] RAX: ffffffffffffffda RBX: 00007f9c8aa35fa0 RCX: 00007f9c8a81d169
[  228.064324][ T2823] RDX: 0000000000000039 RSI: 0000000000000029 RDI: 0000000000000006
[  228.064336][ T2823] RBP: 00007f9c88e87090 R08: 0000000000000000 R09: 0000000000000000
[  228.064350][ T2823] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  228.064362][ T2823] R13: 0000000000000000 R14: 00007f9c8aa35fa0 R15: 00007ffc186a9eb8
[  228.064426][ T2823]  </TASK>
[  229.299928][   T29] kauditd_printk_skb: 1004 callbacks suppressed
[  229.299951][   T29] audit: type=1326 audit(1743645186.579:31792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3066 comm="syz.0.3767" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9c8a81d169 code=0x0
[  229.403334][   T29] audit: type=1326 audit(1743645186.579:31793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3068 comm="syz.3.3766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9edaeed169 code=0x7ffc0000
[  229.427003][   T29] audit: type=1326 audit(1743645186.579:31794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3068 comm="syz.3.3766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9edaeed169 code=0x7ffc0000
[  229.450840][   T29] audit: type=1326 audit(1743645186.619:31795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3068 comm="syz.3.3766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9edaeed169 code=0x7ffc0000
[  229.474675][   T29] audit: type=1326 audit(1743645186.619:31796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3068 comm="syz.3.3766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9edaeed169 code=0x7ffc0000
[  229.498232][   T29] audit: type=1326 audit(1743645186.619:31797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3068 comm="syz.3.3766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9edaeed169 code=0x7ffc0000
[  229.521896][   T29] audit: type=1326 audit(1743645186.649:31798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3068 comm="syz.3.3766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9edaeed169 code=0x7ffc0000
[  229.545440][   T29] audit: type=1326 audit(1743645186.649:31799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3068 comm="syz.3.3766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9edaeed169 code=0x7ffc0000
[  229.569018][   T29] audit: type=1326 audit(1743645186.649:31800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3068 comm="syz.3.3766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9edaeed169 code=0x7ffc0000
[  229.592593][   T29] audit: type=1326 audit(1743645186.649:31801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3068 comm="syz.3.3766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9edaeed169 code=0x7ffc0000
[  229.707720][ T3077] 9pnet_fd: Insufficient options for proto=fd
[  230.229997][ T3187] __nla_validate_parse: 16 callbacks suppressed
[  230.230019][ T3187] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3773'.
[  230.316473][ T3216] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3777'.
[  230.325468][ T3216] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3777'.
[  230.475194][ T3277] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=3277 comm=syz.0.3775
[  230.696800][ T3334] 9pnet_fd: Insufficient options for proto=fd
[  230.818032][ T3344] 9pnet_fd: Insufficient options for proto=fd
[  231.193689][ T3388] program syz.3.3796 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  231.306481][ T3394] 9pnet_fd: Insufficient options for proto=fd
[  231.348272][ T3396] validate_nla: 4 callbacks suppressed
[  231.348287][ T3396] netlink: 'syz.1.3801': attribute type 21 has an invalid length.
[  231.369820][ T3396] netlink: 'syz.1.3801': attribute type 1 has an invalid length.
[  231.377688][ T3396] netlink: 144 bytes leftover after parsing attributes in process `syz.1.3801'.
[  231.674913][ T3452] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3812'.
[  231.937080][ T3564] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3825'.
[  232.002863][ T3581] 9pnet_fd: Insufficient options for proto=fd
[  232.220431][ T3605] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3837'.
[  232.485878][ T3627] FAULT_INJECTION: forcing a failure.
[  232.485878][ T3627] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  232.499237][ T3627] CPU: 0 UID: 0 PID: 3627 Comm: syz.2.3846 Not tainted 6.14.0-syzkaller-12508-g92b71befc349 #0 PREEMPT(voluntary) 
[  232.499264][ T3627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  232.499276][ T3627] Call Trace:
[  232.499282][ T3627]  <TASK>
[  232.499292][ T3627]  dump_stack_lvl+0xf6/0x150
[  232.499345][ T3627]  dump_stack+0x15/0x1a
[  232.499361][ T3627]  should_fail_ex+0x261/0x270
[  232.499392][ T3627]  should_fail_alloc_page+0xfd/0x110
[  232.499431][ T3627]  __alloc_frozen_pages_noprof+0x11d/0x360
[  232.499476][ T3627]  alloc_pages_mpol+0xb6/0x260
[  232.499506][ T3627]  alloc_pages_noprof+0xe8/0x130
[  232.499586][ T3627]  __pmd_alloc+0x4d/0x440
[  232.499647][ T3627]  handle_mm_fault+0x188d/0x2e80
[  232.499695][ T3627]  exc_page_fault+0x296/0x6a0
[  232.499747][ T3627]  asm_exc_page_fault+0x26/0x30
[  232.499767][ T3627] RIP: 0010:rep_movs_alternative+0x4a/0x70
[  232.499972][ T3627] Code: cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 c3 cc cc cc cc 48 89 c8 48 c1 e9 03 83 e0 07 f3 48 a5 89 c1
[  232.499994][ T3627] RSP: 0018:ffffc9000176fd18 EFLAGS: 00050202
[  232.500082][ T3627] RAX: ffff888113bd1b18 RBX: 0000200000000186 RCX: 0000000000000186
[  232.500097][ T3627] RDX: 0000000000000000 RSI: ffffc9000176fd50 RDI: 0000200000000000
[  232.500112][ T3627] RBP: ffffc9000176ff48 R08: 0000000080000000 R09: 0000000000000000
[  232.500126][ T3627] R10: 0001c9000176fd50 R11: 0001c9000176fed5 R12: 0000000000000186
[  232.500178][ T3627] R13: 00007ffffffff000 R14: 0000200000000000 R15: ffffc9000176fd50
[  232.500270][ T3627]  _copy_to_user+0x7c/0xa0
[  232.500306][ T3627]  __se_sys_newuname+0x8c/0x180
[  232.500351][ T3627]  __x64_sys_newuname+0x1f/0x30
[  232.500417][ T3627]  x64_sys_call+0x630/0x2e10
[  232.500444][ T3627]  do_syscall_64+0xc9/0x1c0
[  232.500473][ T3627]  ? clear_bhb_loop+0x25/0x80
[  232.500638][ T3627]  ? clear_bhb_loop+0x25/0x80
[  232.500665][ T3627]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  232.500690][ T3627] RIP: 0033:0x7f17f4dbd169
[  232.500706][ T3627] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  232.500724][ T3627] RSP: 002b:00007f17f3427038 EFLAGS: 00000246 ORIG_RAX: 000000000000003f
[  232.500746][ T3627] RAX: ffffffffffffffda RBX: 00007f17f4fd5fa0 RCX: 00007f17f4dbd169
[  232.500758][ T3627] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000
[  232.500770][ T3627] RBP: 00007f17f3427090 R08: 0000000000000000 R09: 0000000000000000
[  232.500858][ T3627] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  232.500870][ T3627] R13: 0000000000000000 R14: 00007f17f4fd5fa0 R15: 00007ffd6bc3dda8
[  232.500890][ T3627]  </TASK>
[  232.824229][ T3642] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3849'.
[  232.894307][ T3649] 9pnet_fd: Insufficient options for proto=fd
[  233.151082][ T3774] netlink: 'syz.0.3855': attribute type 21 has an invalid length.
[  233.200399][ T3774] netlink: 'syz.0.3855': attribute type 1 has an invalid length.
[  233.208200][ T3774] netlink: 144 bytes leftover after parsing attributes in process `syz.0.3855'.
[  233.255471][ T3785] netlink: 56 bytes leftover after parsing attributes in process `syz.4.3858'.
[  233.650377][ T3821] netlink: 'syz.2.3871': attribute type 21 has an invalid length.
[  233.669558][ T3821] netlink: 'syz.2.3871': attribute type 1 has an invalid length.
[  233.988385][ T3921] program syz.4.3883 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  234.316631][   T29] kauditd_printk_skb: 1135 callbacks suppressed
[  234.316649][   T29] audit: type=1326 audit(1743645191.589:32937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4016 comm="syz.3.3895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9edaeed169 code=0x7ffc0000
[  234.361124][   T29] audit: type=1326 audit(1743645191.589:32938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4016 comm="syz.3.3895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9edaeed169 code=0x7ffc0000
[  234.384809][   T29] audit: type=1326 audit(1743645191.639:32939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4016 comm="syz.3.3895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9edaeed169 code=0x7ffc0000
[  234.409349][   T29] audit: type=1326 audit(1743645191.639:32940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4016 comm="syz.3.3895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9edaeed169 code=0x7ffc0000
[  234.432960][   T29] audit: type=1326 audit(1743645191.639:32941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4016 comm="syz.3.3895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9edaeed169 code=0x7ffc0000
[  234.471828][   T29] audit: type=1326 audit(1743645191.709:32942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4016 comm="syz.3.3895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9edaeed169 code=0x7ffc0000
[  234.495465][   T29] audit: type=1326 audit(1743645191.709:32943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4016 comm="syz.3.3895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9edaeed169 code=0x7ffc0000
[  234.519029][   T29] audit: type=1326 audit(1743645191.709:32944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4016 comm="syz.3.3895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9edaeed169 code=0x7ffc0000
[  234.562732][   T29] audit: type=1326 audit(1743645191.779:32945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4044 comm="syz.3.3899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9edaeed169 code=0x7ffc0000
[  234.586649][   T29] audit: type=1326 audit(1743645191.779:32946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4044 comm="syz.3.3899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9edaeed169 code=0x7ffc0000
[  234.642460][ T4058] 9pnet_fd: Insufficient options for proto=fd
[  234.647806][ T4053] 9pnet_fd: Insufficient options for proto=fd
[  235.151688][ T4285] 9pnet_fd: Insufficient options for proto=fd
[  235.531806][ T4587] netlink: 'syz.3.3921': attribute type 21 has an invalid length.
[  235.544873][ T4587] netlink: 'syz.3.3921': attribute type 1 has an invalid length.
[  235.552686][ T4587] __nla_validate_parse: 13 callbacks suppressed
[  235.552702][ T4587] netlink: 144 bytes leftover after parsing attributes in process `syz.3.3921'.
[  235.627419][ T4655] 9pnet_fd: Insufficient options for proto=fd
[  235.639608][ T4646] 9pnet_fd: Insufficient options for proto=fd
[  235.685793][ T4664] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3923'.
[  235.812746][ T4765] FAULT_INJECTION: forcing a failure.
[  235.812746][ T4765] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  235.826037][ T4765] CPU: 0 UID: 0 PID: 4765 Comm: syz.0.3929 Not tainted 6.14.0-syzkaller-12508-g92b71befc349 #0 PREEMPT(voluntary) 
[  235.826067][ T4765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  235.826082][ T4765] Call Trace:
[  235.826089][ T4765]  <TASK>
[  235.826098][ T4765]  dump_stack_lvl+0xf6/0x150
[  235.826127][ T4765]  dump_stack+0x15/0x1a
[  235.826174][ T4765]  should_fail_ex+0x261/0x270
[  235.826268][ T4765]  should_fail+0xb/0x10
[  235.826334][ T4765]  should_fail_usercopy+0x1a/0x20
[  235.826439][ T4765]  _copy_to_user+0x20/0xa0
[  235.826471][ T4765]  simple_read_from_buffer+0xb2/0x130
[  235.826527][ T4765]  proc_fail_nth_read+0x103/0x140
[  235.826570][ T4765]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  235.826628][ T4765]  vfs_read+0x1b2/0x710
[  235.826662][ T4765]  ? __rcu_read_unlock+0x4e/0x70
[  235.826742][ T4765]  ? __fget_files+0x186/0x1c0
[  235.826764][ T4765]  ksys_read+0xeb/0x1b0
[  235.826795][ T4765]  __x64_sys_read+0x42/0x50
[  235.826827][ T4765]  x64_sys_call+0x2a3b/0x2e10
[  235.826854][ T4765]  do_syscall_64+0xc9/0x1c0
[  235.826901][ T4765]  ? clear_bhb_loop+0x25/0x80
[  235.826927][ T4765]  ? clear_bhb_loop+0x25/0x80
[  235.826951][ T4765]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  235.827047][ T4765] RIP: 0033:0x7f9c8a81bb7c
[  235.827064][ T4765] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  235.827086][ T4765] RSP: 002b:00007f9c88e87030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  235.827105][ T4765] RAX: ffffffffffffffda RBX: 00007f9c8aa35fa0 RCX: 00007f9c8a81bb7c
[  235.827117][ T4765] RDX: 000000000000000f RSI: 00007f9c88e870a0 RDI: 0000000000000005
[  235.827128][ T4765] RBP: 00007f9c88e87090 R08: 0000000000000000 R09: 0000000000000000
[  235.827139][ T4765] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  235.827200][ T4765] R13: 0000000000000000 R14: 00007f9c8aa35fa0 R15: 00007ffc186a9eb8
[  235.827219][ T4765]  </TASK>
[  236.057107][ T4769] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3932'.
[  236.070762][ T4769] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  236.074167][ T4772] netlink: 'syz.2.3933': attribute type 21 has an invalid length.
[  236.079677][ T4769] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  236.096379][ T4769] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  236.105233][ T4769] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  236.115326][ T4769] geneve2: entered promiscuous mode
[  236.120677][ T4769] geneve2: entered allmulticast mode
[  236.137173][ T4772] netlink: 'syz.2.3933': attribute type 1 has an invalid length.
[  236.144992][ T4772] netlink: 144 bytes leftover after parsing attributes in process `syz.2.3933'.
[  236.213447][ T4782] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3936'.
[  236.342874][ T4805] 9pnet_fd: Insufficient options for proto=fd
[  236.400897][ T4810] netlink: 'syz.2.3947': attribute type 21 has an invalid length.
[  236.568856][ T4810] netlink: 'syz.2.3947': attribute type 1 has an invalid length.
[  236.576703][ T4810] netlink: 144 bytes leftover after parsing attributes in process `syz.2.3947'.
[  236.730185][ T4816] netlink: 'syz.2.3949': attribute type 16 has an invalid length.
[  236.780159][ T4818] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3950'.
[  236.980388][ T4835] IPv6: NLM_F_CREATE should be specified when creating new route
[  237.075606][ T4836] 9pnet: Could not find request transport: fd0x000000000000000b
[  237.099298][ T4847] netlink: 'syz.1.3963': attribute type 16 has an invalid length.
[  237.195228][ T4856] netlink: 56 bytes leftover after parsing attributes in process `syz.0.3967'.
[  238.028188][ T4908] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3988'.
[  238.359170][ T4925] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3996'.
[  238.381038][ T4928] 9pnet: Could not find request transport: fd0x000000000000000b
[  239.242242][ T4982] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  239.367618][   T29] kauditd_printk_skb: 1102 callbacks suppressed
[  239.367634][   T29] audit: type=1326 audit(1743645196.639:34047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4995 comm="syz.2.4022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17f4dbd169 code=0x7ffc0000
[  239.397625][   T29] audit: type=1326 audit(1743645196.639:34048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4995 comm="syz.2.4022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17f4dbd169 code=0x7ffc0000
[  239.427244][ T5001] 9pnet_fd: Insufficient options for proto=fd
[  239.433831][   T29] audit: type=1326 audit(1743645196.639:34049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4995 comm="syz.2.4022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f17f4dbd169 code=0x7ffc0000
[  239.457529][   T29] audit: type=1326 audit(1743645196.639:34050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4995 comm="syz.2.4022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17f4dbd169 code=0x7ffc0000
[  239.481095][   T29] audit: type=1326 audit(1743645196.639:34051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4995 comm="syz.2.4022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f17f4dbb9d7 code=0x7ffc0000
[  239.504620][   T29] audit: type=1326 audit(1743645196.639:34052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4995 comm="syz.2.4022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17f4dbd169 code=0x7ffc0000
[  239.528602][   T29] audit: type=1326 audit(1743645196.639:34053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4995 comm="syz.2.4022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f17f4dbd169 code=0x7ffc0000
[  239.552229][   T29] audit: type=1326 audit(1743645196.639:34054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4995 comm="syz.2.4022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17f4dbd169 code=0x7ffc0000
[  239.575783][   T29] audit: type=1326 audit(1743645196.639:34055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4995 comm="syz.2.4022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f17f4dbd169 code=0x7ffc0000
[  239.599316][   T29] audit: type=1326 audit(1743645196.639:34056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4995 comm="syz.2.4022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17f4dbd169 code=0x7ffc0000
[  239.632525][ T5005] 9pnet: Could not find request transport: fd0x000000000000000a
[  240.538349][ T5298] 9pnet_fd: Insufficient options for proto=fd
[  240.849022][ T5322] 9pnet_fd: Insufficient options for proto=fd
[  241.104262][ T5358] __nla_validate_parse: 3 callbacks suppressed
[  241.104280][ T5358] netlink: 56 bytes leftover after parsing attributes in process `syz.2.4063'.
[  241.994258][ T5487] netlink: 'syz.3.4078': attribute type 21 has an invalid length.
[  242.003332][ T5487] netlink: 'syz.3.4078': attribute type 1 has an invalid length.
[  242.011258][ T5487] netlink: 144 bytes leftover after parsing attributes in process `syz.3.4078'.
[  242.192662][ T5497] 9pnet_fd: Insufficient options for proto=fd
[  242.962359][ T5530] 9pnet_fd: Insufficient options for proto=fd
[  243.064307][ T3384] IPVS: starting estimator thread 0...
[  243.100157][ T5537] 9pnet_fd: Insufficient options for proto=fd
[  243.117450][ T5542] netlink: 56 bytes leftover after parsing attributes in process `syz.1.4100'.
[  243.168740][ T5540] IPVS: using max 2352 ests per chain, 117600 per kthread
[  243.417180][ T5571] netlink: 56 bytes leftover after parsing attributes in process `syz.1.4112'.
[  243.521292][ T5581] 9pnet_fd: Insufficient options for proto=fd
[  243.620432][ T5592] 9pnet_fd: Insufficient options for proto=fd
[  243.922378][ T5674] 9pnet: Could not find request transport: fd0x000000000000000b
[  244.136033][ T5732] 9pnet_fd: Insufficient options for proto=fd
[  244.155406][ T5764] 9pnet_fd: Insufficient options for proto=fd
[  244.484777][   T29] kauditd_printk_skb: 1449 callbacks suppressed
[  244.484791][   T29] audit: type=1326 audit(1743645201.759:35506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5850 comm="syz.3.4142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9edaeed169 code=0x7ffc0000
[  244.563874][   T29] audit: type=1326 audit(1743645201.799:35507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5850 comm="syz.3.4142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9edaeed169 code=0x7ffc0000
[  244.587720][   T29] audit: type=1326 audit(1743645201.799:35508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5850 comm="syz.3.4142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9edaeed169 code=0x7ffc0000
[  244.611351][   T29] audit: type=1326 audit(1743645201.799:35509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5850 comm="syz.3.4142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9edaeed169 code=0x7ffc0000
[  244.635179][   T29] audit: type=1326 audit(1743645201.799:35510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5850 comm="syz.3.4142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9edaeed169 code=0x7ffc0000
[  244.658937][   T29] audit: type=1326 audit(1743645201.799:35511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5850 comm="syz.3.4142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9edaeed169 code=0x7ffc0000
[  244.682462][   T29] audit: type=1326 audit(1743645201.799:35512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5850 comm="syz.3.4142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9edaeed169 code=0x7ffc0000
[  244.706115][   T29] audit: type=1326 audit(1743645201.799:35513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5850 comm="syz.3.4142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f9edaeed169 code=0x7ffc0000
[  244.729711][   T29] audit: type=1326 audit(1743645201.799:35514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5850 comm="syz.3.4142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9edaeed169 code=0x7ffc0000
[  244.753300][   T29] audit: type=1326 audit(1743645201.799:35515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5850 comm="syz.3.4142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=198 compat=0 ip=0x7f9edaeed169 code=0x7ffc0000
[  244.774339][ T5870] 9pnet_fd: Insufficient options for proto=fd
[  244.787069][ T5868] 9pnet: Could not find request transport: fd0x000000000000000a
[  244.959673][ T5874] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4149'.
[  244.971376][ T5874] vcan0: entered allmulticast mode
[  244.976828][ T5874] vcan0: left allmulticast mode
[  244.992515][ T5881] netlink: 56 bytes leftover after parsing attributes in process `syz.0.4152'.
[  245.402555][ T5910] 9pnet: Could not find request transport: fd0x000000000000000b
[  245.471131][ T5919] 9pnet_virtio: no channels available for device /dev/sg0
[  246.348897][ T5949] 9pnet_fd: Insufficient options for proto=fd
[  246.577336][ T5955] 9pnet_fd: Insufficient options for proto=fd
[  246.797543][ T5964] FAULT_INJECTION: forcing a failure.
[  246.797543][ T5964] name failslab, interval 1, probability 0, space 0, times 0
[  246.810327][ T5964] CPU: 1 UID: 0 PID: 5964 Comm: syz.0.4184 Not tainted 6.14.0-syzkaller-12508-g92b71befc349 #0 PREEMPT(voluntary) 
[  246.810358][ T5964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  246.810370][ T5964] Call Trace:
[  246.810377][ T5964]  <TASK>
[  246.810442][ T5964]  dump_stack_lvl+0xf6/0x150
[  246.810468][ T5964]  dump_stack+0x15/0x1a
[  246.810552][ T5964]  should_fail_ex+0x261/0x270
[  246.810637][ T5964]  should_failslab+0x8f/0xb0
[  246.810696][ T5964]  kmem_cache_alloc_node_noprof+0x5c/0x340
[  246.810719][ T5964]  ? __alloc_skb+0x10d/0x320
[  246.810809][ T5964]  __alloc_skb+0x10d/0x320
[  246.810828][ T5964]  ? audit_log_start+0x37f/0x6e0
[  246.810852][ T5964]  audit_log_start+0x39a/0x6e0
[  246.810880][ T5964]  ? kstrtouint+0x7b/0xc0
[  246.810911][ T5964]  audit_seccomp+0x4b/0x130
[  246.810942][ T5964]  __seccomp_filter+0x694/0x10e0
[  246.811041][ T5964]  ? vfs_write+0x669/0x950
[  246.811081][ T5964]  __secure_computing+0x7e/0x160
[  246.811164][ T5964]  syscall_trace_enter+0xcf/0x1f0
[  246.811195][ T5964]  do_syscall_64+0xaa/0x1c0
[  246.811327][ T5964]  ? clear_bhb_loop+0x25/0x80
[  246.811353][ T5964]  ? clear_bhb_loop+0x25/0x80
[  246.811380][ T5964]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.811411][ T5964] RIP: 0033:0x7f9c8a81d169
[  246.811429][ T5964] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  246.811450][ T5964] RSP: 002b:00007f9c88e87038 EFLAGS: 00000246 ORIG_RAX: 00000000000001cd
[  246.811473][ T5964] RAX: ffffffffffffffda RBX: 00007f9c8aa35fa0 RCX: 00007f9c8a81d169
[  246.811486][ T5964] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000200000000500
[  246.811498][ T5964] RBP: 00007f9c88e87090 R08: 0000000000000000 R09: 0000000000000000
[  246.811515][ T5964] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  246.811539][ T5964] R13: 0000000000000000 R14: 00007f9c8aa35fa0 R15: 00007ffc186a9eb8
[  246.811561][ T5964]  </TASK>
[  247.021231][ T5968] netlink: 56 bytes leftover after parsing attributes in process `syz.3.4185'.
[  247.184339][ T5972] wg2: entered promiscuous mode
[  247.189299][ T5972] wg2: entered allmulticast mode
[  247.202609][ T5982] 9pnet_fd: Insufficient options for proto=fd
[  247.546449][ T6010] 9pnet_fd: Insufficient options for proto=fd
[  247.721169][ T6018] FAULT_INJECTION: forcing a failure.
[  247.721169][ T6018] name failslab, interval 1, probability 0, space 0, times 0
[  247.733911][ T6018] CPU: 0 UID: 0 PID: 6018 Comm: syz.2.4206 Not tainted 6.14.0-syzkaller-12508-g92b71befc349 #0 PREEMPT(voluntary) 
[  247.733943][ T6018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  247.733958][ T6018] Call Trace:
[  247.733965][ T6018]  <TASK>
[  247.733972][ T6018]  dump_stack_lvl+0xf6/0x150
[  247.733997][ T6018]  dump_stack+0x15/0x1a
[  247.734066][ T6018]  should_fail_ex+0x261/0x270
[  247.734176][ T6018]  should_failslab+0x8f/0xb0
[  247.734207][ T6018]  kmem_cache_alloc_noprof+0x59/0x340
[  247.734233][ T6018]  ? audit_log_start+0x37f/0x6e0
[  247.734258][ T6018]  ? __perf_event_task_sched_out+0x13c/0xf00
[  247.734328][ T6018]  audit_log_start+0x37f/0x6e0
[  247.734355][ T6018]  ? finish_task_switch+0xb5/0x2b0
[  247.734396][ T6018]  ? mod_objcg_state+0x3f9/0x530
[  247.734424][ T6018]  audit_seccomp+0x4b/0x130
[  247.734443][ T6018]  __seccomp_filter+0x694/0x10e0
[  247.734477][ T6018]  ? __perf_event_task_sched_out+0x13c/0xf00
[  247.734560][ T6018]  ? switch_ldt+0x7f/0x140
[  247.734586][ T6018]  ? _raw_spin_unlock+0x26/0x50
[  247.734630][ T6018]  __secure_computing+0x7e/0x160
[  247.734665][ T6018]  syscall_trace_enter+0xcf/0x1f0
[  247.734754][ T6018]  do_syscall_64+0xaa/0x1c0
[  247.734781][ T6018]  ? clear_bhb_loop+0x25/0x80
[  247.734843][ T6018]  ? clear_bhb_loop+0x25/0x80
[  247.734864][ T6018]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  247.734885][ T6018] RIP: 0033:0x7f17f4dbbb7c
[  247.734902][ T6018] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  247.734943][ T6018] RSP: 002b:00007f17f3427030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  247.734966][ T6018] RAX: ffffffffffffffda RBX: 00007f17f4fd5fa0 RCX: 00007f17f4dbbb7c
[  247.734981][ T6018] RDX: 000000000000000f RSI: 00007f17f34270a0 RDI: 0000000000000003
[  247.735041][ T6018] RBP: 00007f17f3427090 R08: 0000000000000000 R09: 0000000000000000
[  247.735055][ T6018] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  247.735083][ T6018] R13: 0000000000000000 R14: 00007f17f4fd5fa0 R15: 00007ffd6bc3dda8
[  247.735106][ T6018]  </TASK>
[  248.301371][ T6029] 9pnet_fd: Insufficient options for proto=fd
[  248.618040][ T6047] netlink: 56 bytes leftover after parsing attributes in process `syz.4.4220'.
[  248.724594][ T6050] xt_CT: You must specify a L4 protocol and not use inversions on it
[  248.999819][ T6061] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4224'.
[  249.140256][ T6065] 9pnet_fd: Insufficient options for proto=fd
[  249.264708][ T6067] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4227'.
[  249.560563][ T6077] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4231'.
[  249.598063][   T29] kauditd_printk_skb: 1318 callbacks suppressed
[  249.598079][   T29] audit: type=1326 audit(1743645206.869:36830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6080 comm="syz.1.4232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f954348d169 code=0x7ffc0000
[  249.718120][   T29] audit: type=1326 audit(1743645206.909:36831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6080 comm="syz.1.4232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f954348d169 code=0x7ffc0000
[  249.741699][   T29] audit: type=1326 audit(1743645206.909:36832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6080 comm="syz.1.4232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f954348d169 code=0x7ffc0000
[  249.765249][   T29] audit: type=1326 audit(1743645206.909:36833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6080 comm="syz.1.4232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f954348d169 code=0x7ffc0000
[  249.788836][   T29] audit: type=1326 audit(1743645206.909:36834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6080 comm="syz.1.4232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f954348b9d7 code=0x7ffc0000
[  249.812387][   T29] audit: type=1326 audit(1743645206.909:36835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6080 comm="syz.1.4232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f954348d169 code=0x7ffc0000
[  249.836033][   T29] audit: type=1326 audit(1743645206.909:36836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6080 comm="syz.1.4232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f954348d169 code=0x7ffc0000
[  249.859647][   T29] audit: type=1326 audit(1743645206.909:36837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6080 comm="syz.1.4232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f954348d169 code=0x7ffc0000
[  249.883415][   T29] audit: type=1326 audit(1743645206.909:36838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6080 comm="syz.1.4232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f954348d169 code=0x7ffc0000
[  249.906997][   T29] audit: type=1326 audit(1743645206.909:36839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6080 comm="syz.1.4232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f954348d169 code=0x7ffc0000
[  249.962771][ T6096] FAULT_INJECTION: forcing a failure.
[  249.962771][ T6096] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  249.975994][ T6096] CPU: 1 UID: 0 PID: 6096 Comm: syz.4.4238 Not tainted 6.14.0-syzkaller-12508-g92b71befc349 #0 PREEMPT(voluntary) 
[  249.976027][ T6096] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  249.976042][ T6096] Call Trace:
[  249.976050][ T6096]  <TASK>
[  249.976083][ T6096]  dump_stack_lvl+0xf6/0x150
[  249.976151][ T6096]  dump_stack+0x15/0x1a
[  249.976172][ T6096]  should_fail_ex+0x261/0x270
[  249.976203][ T6096]  should_fail+0xb/0x10
[  249.976226][ T6096]  should_fail_usercopy+0x1a/0x20
[  249.976316][ T6096]  strncpy_from_user+0x25/0x230
[  249.976341][ T6096]  ? kstrtouint_from_user+0xbf/0x100
[  249.976372][ T6096]  path_setxattrat+0xef/0x320
[  249.976446][ T6096]  __x64_sys_fsetxattr+0x6d/0x80
[  249.976470][ T6096]  x64_sys_call+0x2bad/0x2e10
[  249.976496][ T6096]  do_syscall_64+0xc9/0x1c0
[  249.976526][ T6096]  ? clear_bhb_loop+0x25/0x80
[  249.976600][ T6096]  ? clear_bhb_loop+0x25/0x80
[  249.976626][ T6096]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  249.976648][ T6096] RIP: 0033:0x7f9ece27d169
[  249.976727][ T6096] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  249.976748][ T6096] RSP: 002b:00007f9ecc8df038 EFLAGS: 00000246 ORIG_RAX: 00000000000000be
[  249.976770][ T6096] RAX: ffffffffffffffda RBX: 00007f9ece495fa0 RCX: 00007f9ece27d169
[  249.976784][ T6096] RDX: 0000200000000040 RSI: 00002000000000c0 RDI: 0000000000000007
[  249.976797][ T6096] RBP: 00007f9ecc8df090 R08: 0000000000000000 R09: 0000000000000000
[  249.976808][ T6096] R10: 000000000000001e R11: 0000000000000246 R12: 0000000000000001
[  249.976820][ T6096] R13: 0000000000000000 R14: 00007f9ece495fa0 R15: 00007ffcf3690f78
[  249.976840][ T6096]  </TASK>
[  250.177936][ T6102] netlink: 56 bytes leftover after parsing attributes in process `syz.4.4241'.
[  250.280657][ T6109] bridge_slave_0: left allmulticast mode
[  250.286414][ T6109] bridge_slave_0: left promiscuous mode
[  250.292314][ T6109] bridge0: port 1(bridge_slave_0) entered disabled state
[  250.317039][ T6109] bridge_slave_1: left allmulticast mode
[  250.322908][ T6109] bridge_slave_1: left promiscuous mode
[  250.328770][ T6109] bridge0: port 2(bridge_slave_1) entered disabled state
[  250.347855][ T6109] bond0: (slave bond_slave_0): Releasing backup interface
[  250.370221][ T6109] bond0: (slave bond_slave_1): Releasing backup interface
[  250.382453][ T6109] team0: Port device team_slave_0 removed
[  250.397938][ T6109] team0: Port device team_slave_1 removed
[  250.405061][ T6109] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  250.412832][ T6109] batman_adv: batadv0: Removing interface: batadv_slave_0
[  250.430319][ T6109] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  250.437815][ T6109] batman_adv: batadv0: Removing interface: batadv_slave_1
[  250.479229][ T6109] team0: Port device batadv1 removed
[  250.487444][ T6109] team0: Port device batadv2 removed
[  250.496069][ T6109] team0: Port device batadv3 removed
[  250.515200][ T6109] team0: Port device batadv4 removed
[  250.526569][ T6109] team0: Port device batadv5 removed
[  250.536558][ T6115] team0: Mode changed to "activebackup"
[  251.858109][ T6505] 9pnet: Could not find request transport: fd0x000000000000000b
[  252.697151][ T6641] netlink: 56 bytes leftover after parsing attributes in process `syz.3.4290'.
[  252.760618][ T6644] bridge_slave_0: left allmulticast mode
[  252.766342][ T6644] bridge_slave_0: left promiscuous mode
[  252.772229][ T6644] bridge0: port 1(bridge_slave_0) entered disabled state
[  252.785193][ T6644] bridge_slave_1: left allmulticast mode
[  252.790977][ T6644] bridge_slave_1: left promiscuous mode
[  252.797034][ T6644] bridge0: port 2(bridge_slave_1) entered disabled state
[  252.811113][ T6644] bond0: (slave bond_slave_0): Releasing backup interface
[  252.831069][ T6644] bond0: (slave bond_slave_1): Releasing backup interface
[  252.851304][ T6644] team0: Port device team_slave_0 removed
[  252.871002][ T6644] team0: Port device team_slave_1 removed
[  252.878010][ T6644] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  252.885496][ T6644] batman_adv: batadv0: Removing interface: batadv_slave_0
[  252.903027][ T6644] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  252.910544][ T6644] batman_adv: batadv0: Removing interface: batadv_slave_1
[  252.941906][ T6649] team0: Mode changed to "activebackup"
[  253.027675][ T6668] vlan0: entered allmulticast mode
[  253.033237][ T6668] bond0: entered allmulticast mode
[  253.051987][ T6675] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6675 comm=syz.3.4303
[  253.078261][ T6681] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4302'.
[  253.087205][ T6681] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4302'.
[  253.158701][ T6681] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4302'.
[  253.181469][ T6681] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4302'.
[  253.190545][ T6681] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4302'.
[  253.209368][ T6691] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4307'.
[  253.238808][ T6681] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4302'.
[  253.276423][ T6681] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4302'.
[  253.285381][ T6681] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4302'.
[  253.492047][ T6733] 9pnet_fd: Insufficient options for proto=fd
[  253.579651][ T6741] FAULT_INJECTION: forcing a failure.
[  253.579651][ T6741] name failslab, interval 1, probability 0, space 0, times 0
[  253.592432][ T6741] CPU: 1 UID: 0 PID: 6741 Comm: syz.2.4327 Not tainted 6.14.0-syzkaller-12508-g92b71befc349 #0 PREEMPT(voluntary) 
[  253.592463][ T6741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  253.592478][ T6741] Call Trace:
[  253.592486][ T6741]  <TASK>
[  253.592495][ T6741]  dump_stack_lvl+0xf6/0x150
[  253.592524][ T6741]  dump_stack+0x15/0x1a
[  253.592584][ T6741]  should_fail_ex+0x261/0x270
[  253.592696][ T6741]  should_failslab+0x8f/0xb0
[  253.592730][ T6741]  __kmalloc_cache_noprof+0x55/0x320
[  253.592790][ T6741]  ? io_ring_ctx_alloc+0x38/0x690
[  253.592863][ T6741]  io_ring_ctx_alloc+0x38/0x690
[  253.592895][ T6741]  ? avc_has_perm+0xd6/0x150
[  253.592927][ T6741]  io_uring_create+0x10a/0x670
[  253.592977][ T6741]  __se_sys_io_uring_setup+0x1f7/0x210
[  253.593013][ T6741]  __x64_sys_io_uring_setup+0x31/0x40
[  253.593045][ T6741]  x64_sys_call+0x1741/0x2e10
[  253.593130][ T6741]  do_syscall_64+0xc9/0x1c0
[  253.593169][ T6741]  ? clear_bhb_loop+0x25/0x80
[  253.593196][ T6741]  ? clear_bhb_loop+0x25/0x80
[  253.593253][ T6741]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.593277][ T6741] RIP: 0033:0x7f17f4dbd169
[  253.593295][ T6741] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  253.593317][ T6741] RSP: 002b:00007f17f3427038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9
[  253.593340][ T6741] RAX: ffffffffffffffda RBX: 00007f17f4fd5fa0 RCX: 00007f17f4dbd169
[  253.593423][ T6741] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000001de0
[  253.593448][ T6741] RBP: 00007f17f3427090 R08: 0000000000000000 R09: 0000000000000000
[  253.593464][ T6741] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  253.593479][ T6741] R13: 0000000000000000 R14: 00007f17f4fd5fa0 R15: 00007ffd6bc3dda8
[  253.593504][ T6741]  </TASK>
[  254.689600][ T6801] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=6801 comm=syz.0.4346
[  254.790093][ T6809] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=6809 comm=syz.0.4349
[  254.814405][   T29] kauditd_printk_skb: 942 callbacks suppressed
[  254.814423][   T29] audit: type=1326 audit(1743645212.079:37782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6810 comm="syz.1.4350" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f954348d169 code=0x0
[  254.903554][   T29] audit: type=1400 audit(1743645212.179:37783): avc:  denied  { search } for  pid=3047 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  254.946318][   T29] audit: type=1400 audit(1743645212.179:37784): avc:  denied  { read } for  pid=3047 comm="dhcpcd" name="n46" dev="tmpfs" ino=1869 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  254.968226][   T29] audit: type=1400 audit(1743645212.179:37785): avc:  denied  { open } for  pid=3047 comm="dhcpcd" path="/run/udev/data/n46" dev="tmpfs" ino=1869 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  254.991611][   T29] audit: type=1400 audit(1743645212.179:37786): avc:  denied  { getattr } for  pid=3047 comm="dhcpcd" path="/run/udev/data/n46" dev="tmpfs" ino=1869 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  255.031563][   T29] audit: type=1400 audit(1743645212.299:37787): avc:  denied  { read } for  pid=6823 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=416 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  255.055130][   T29] audit: type=1400 audit(1743645212.299:37788): avc:  denied  { open } for  pid=6823 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=416 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  255.080417][   T29] audit: type=1400 audit(1743645212.299:37789): avc:  denied  { getattr } for  pid=6823 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=416 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  255.178963][   T29] audit: type=1326 audit(1743645212.429:37790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6833 comm="syz.3.4357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9edaeed169 code=0x7ffc0000
[  255.202550][   T29] audit: type=1326 audit(1743645212.429:37791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6833 comm="syz.3.4357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9edaeed169 code=0x7ffc0000
[  255.822663][ T6938] xt_hashlimit: max too large, truncated to 1048576
[  256.127149][ T7024] 9pnet_fd: Insufficient options for proto=fd
[  256.546780][ T7156] team0: Unable to change to the same mode the team is in
[  256.951674][ T7167] sg_write: data in/out 2786/14 bytes for SCSI command 0x0-- guessing data in;
[  256.951674][ T7167]    program syz.2.4396 not setting count and/or reply_len properly
[  257.002899][ T7169] program syz.2.4397 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  258.074548][ T7432] bridge_slave_0: left promiscuous mode
[  258.080499][ T7432] bridge0: port 1(bridge_slave_0) entered disabled state
[  258.091702][ T7432] bridge_slave_1: left allmulticast mode
[  258.097384][ T7432] bridge_slave_1: left promiscuous mode
[  258.103333][ T7432] bridge0: port 2(bridge_slave_1) entered disabled state
[  258.114692][ T7432] bond0: (slave bond_slave_0): Releasing backup interface
[  258.125534][ T7432] bond0: (slave bond_slave_1): Releasing backup interface
[  258.138517][ T7432] team0: Port device team_slave_0 removed
[  258.147980][ T7432] team0: Port device team_slave_1 removed
[  258.154806][ T7432] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  258.162395][ T7432] batman_adv: batadv0: Removing interface: batadv_slave_0
[  258.173932][ T7432] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  258.181563][ T7432] batman_adv: batadv0: Removing interface: batadv_slave_1
[  258.215028][ T7432] team0: Port device batadv1 removed
[  258.225940][ T7432] team0: Port device batadv2 removed
[  258.237826][ T7435] team0: Mode changed to "activebackup"
[  258.238577][ T7441] 9pnet_fd: Insufficient options for proto=fd
[  258.277360][ T7436] bridge_slave_0: left allmulticast mode
[  258.283179][ T7436] bridge_slave_0: left promiscuous mode
[  258.288952][ T7436] bridge0: port 1(bridge_slave_0) entered disabled state
[  258.298443][ T7436] bridge_slave_1: left allmulticast mode
[  258.304278][ T7436] bridge_slave_1: left promiscuous mode
[  258.310153][ T7436] bridge0: port 2(bridge_slave_1) entered disabled state
[  258.323070][ T7436] bond0: (slave bond_slave_0): Releasing backup interface
[  258.333394][ T7436] bond0: (slave bond_slave_1): Releasing backup interface
[  258.346204][ T7436] team0: Port device team_slave_0 removed
[  258.355384][ T7436] team0: Port device team_slave_1 removed
[  258.363107][ T7436] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  258.370736][ T7436] batman_adv: batadv0: Removing interface: batadv_slave_0
[  258.380026][ T7436] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  258.387474][ T7436] batman_adv: batadv0: Removing interface: batadv_slave_1
[  258.411810][ T7436] team0: Port device batadv1 removed
[  258.428239][ T2972] syz!: Port: 1 Link DOWN
[  259.170294][ T7495] __nla_validate_parse: 8 callbacks suppressed
[  259.170314][ T7495] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4440'.
[  259.185810][ T7495] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4440'.
[  259.306092][ T7510] syz_tun: entered allmulticast mode
[  259.307007][ T7508] 9pnet_fd: Insufficient options for proto=fd
[  259.352901][ T7509] syz_tun: left allmulticast mode
[  259.376944][ T7511] team0: Unable to change to the same mode the team is in
[  259.910006][ T7520] Invalid ELF header magic: != ELF
[  259.937663][ T7522] FAULT_INJECTION: forcing a failure.
[  259.937663][ T7522] name failslab, interval 1, probability 0, space 0, times 0
[  259.950402][ T7522] CPU: 1 UID: 0 PID: 7522 Comm: syz.3.4451 Not tainted 6.14.0-syzkaller-12508-g92b71befc349 #0 PREEMPT(voluntary) 
[  259.950433][ T7522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  259.950448][ T7522] Call Trace:
[  259.950455][ T7522]  <TASK>
[  259.950462][ T7522]  dump_stack_lvl+0xf6/0x150
[  259.950487][ T7522]  dump_stack+0x15/0x1a
[  259.950504][ T7522]  should_fail_ex+0x261/0x270
[  259.950576][ T7522]  should_failslab+0x8f/0xb0
[  259.950607][ T7522]  kmem_cache_alloc_node_noprof+0x5c/0x340
[  259.950630][ T7522]  ? __alloc_skb+0x10d/0x320
[  259.950703][ T7522]  __alloc_skb+0x10d/0x320
[  259.950726][ T7522]  netlink_alloc_large_skb+0xad/0xe0
[  259.950857][ T7522]  netlink_sendmsg+0x3da/0x720
[  259.950884][ T7522]  ? __pfx_netlink_sendmsg+0x10/0x10
[  259.950906][ T7522]  __sock_sendmsg+0x140/0x180
[  259.950939][ T7522]  ____sys_sendmsg+0x350/0x4e0
[  259.950998][ T7522]  __sys_sendmsg+0x1a0/0x240
[  259.951039][ T7522]  __x64_sys_sendmsg+0x46/0x50
[  259.951065][ T7522]  x64_sys_call+0x26f3/0x2e10
[  259.951087][ T7522]  do_syscall_64+0xc9/0x1c0
[  259.951164][ T7522]  ? clear_bhb_loop+0x25/0x80
[  259.951185][ T7522]  ? clear_bhb_loop+0x25/0x80
[  259.951207][ T7522]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.951282][ T7522] RIP: 0033:0x7f9edaeed169
[  259.951333][ T7522] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  259.951351][ T7522] RSP: 002b:00007f9ed9557038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  259.951369][ T7522] RAX: ffffffffffffffda RBX: 00007f9edb105fa0 RCX: 00007f9edaeed169
[  259.951381][ T7522] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000006
[  259.951393][ T7522] RBP: 00007f9ed9557090 R08: 0000000000000000 R09: 0000000000000000
[  259.951404][ T7522] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  259.951416][ T7522] R13: 0000000000000000 R14: 00007f9edb105fa0 R15: 00007ffc636b8228
[  259.951435][ T7522]  </TASK>
[  260.190025][   T29] kauditd_printk_skb: 953 callbacks suppressed
[  260.190043][   T29] audit: type=1326 audit(1743645217.469:38745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7525 comm="syz.2.4453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17f4dbd169 code=0x7ffc0000
[  260.229305][   T29] audit: type=1326 audit(1743645217.469:38746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7525 comm="syz.2.4453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f17f4dbd169 code=0x7ffc0000
[  260.252902][   T29] audit: type=1326 audit(1743645217.469:38747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7525 comm="syz.2.4453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17f4dbd169 code=0x7ffc0000
[  260.276436][   T29] audit: type=1326 audit(1743645217.469:38748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7525 comm="syz.2.4453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17f4dbd169 code=0x7ffc0000
[  260.300020][   T29] audit: type=1326 audit(1743645217.469:38749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7525 comm="syz.2.4453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f17f4dbd169 code=0x7ffc0000
[  260.323622][   T29] audit: type=1326 audit(1743645217.469:38750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7525 comm="syz.2.4453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17f4dbd169 code=0x7ffc0000
[  260.347178][   T29] audit: type=1326 audit(1743645217.469:38751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7525 comm="syz.2.4453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17f4dbd169 code=0x7ffc0000
[  260.347263][   T29] audit: type=1326 audit(1743645217.469:38752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7525 comm="syz.2.4453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f17f4dbd169 code=0x7ffc0000
[  260.347292][   T29] audit: type=1326 audit(1743645217.469:38753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7525 comm="syz.2.4453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17f4dbd169 code=0x7ffc0000
[  260.347320][   T29] audit: type=1326 audit(1743645217.469:38754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7525 comm="syz.2.4453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f17f4dbd169 code=0x7ffc0000
[  260.472632][ T7537] team0: Unable to change to the same mode the team is in
[  260.534116][ T7541] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4460'.
[  260.704097][ T7554] netlink: 'syz.4.4465': attribute type 7 has an invalid length.
[  260.712027][ T7554] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4465'.
[  260.736456][ T7556] FAULT_INJECTION: forcing a failure.
[  260.736456][ T7556] name failslab, interval 1, probability 0, space 0, times 0
[  260.749277][ T7556] CPU: 0 UID: 0 PID: 7556 Comm: +}[@ Not tainted 6.14.0-syzkaller-12508-g92b71befc349 #0 PREEMPT(voluntary) 
[  260.749309][ T7556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  260.749381][ T7556] Call Trace:
[  260.749387][ T7556]  <TASK>
[  260.749394][ T7556]  dump_stack_lvl+0xf6/0x150
[  260.749459][ T7556]  dump_stack+0x15/0x1a
[  260.749480][ T7556]  should_fail_ex+0x261/0x270
[  260.749519][ T7556]  should_failslab+0x8f/0xb0
[  260.749574][ T7556]  kmem_cache_alloc_node_noprof+0x5c/0x340
[  260.749618][ T7556]  ? __alloc_skb+0x10d/0x320
[  260.749659][ T7556]  __alloc_skb+0x10d/0x320
[  260.749679][ T7556]  ? audit_log_start+0x37f/0x6e0
[  260.749707][ T7556]  audit_log_start+0x39a/0x6e0
[  260.749729][ T7556]  ? kstrtouint+0x7b/0xc0
[  260.749754][ T7556]  audit_seccomp+0x4b/0x130
[  260.749822][ T7556]  __seccomp_filter+0x694/0x10e0
[  260.749859][ T7556]  ? vfs_write+0x669/0x950
[  260.750031][ T7556]  __secure_computing+0x7e/0x160
[  260.750065][ T7556]  syscall_trace_enter+0xcf/0x1f0
[  260.750170][ T7556]  do_syscall_64+0xaa/0x1c0
[  260.750201][ T7556]  ? clear_bhb_loop+0x25/0x80
[  260.750278][ T7556]  ? clear_bhb_loop+0x25/0x80
[  260.750300][ T7556]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  260.750326][ T7556] RIP: 0033:0x7f17f4dbd169
[  260.750343][ T7556] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  260.750361][ T7556] RSP: 002b:00007f17f3427038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  260.750384][ T7556] RAX: ffffffffffffffda RBX: 00007f17f4fd5fa0 RCX: 00007f17f4dbd169
[  260.750396][ T7556] RDX: 0000000004000000 RSI: 0000200000000280 RDI: 0000000000000004
[  260.750410][ T7556] RBP: 00007f17f3427090 R08: 0000000000000000 R09: 0000000000000000
[  260.750424][ T7556] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  260.750435][ T7556] R13: 0000000000000000 R14: 00007f17f4fd5fa0 R15: 00007ffd6bc3dda8
[  260.750473][ T7556]  </TASK>
[  260.758779][ T7556] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  260.796460][ T7559] bridge0: entered promiscuous mode
[  261.106288][ T7559] macvlan2: entered promiscuous mode
[  261.151587][ T7559] bridge0: port 3(macvlan2) entered blocking state
[  261.158198][ T7559] bridge0: port 3(macvlan2) entered disabled state
[  261.245166][ T7559] macvlan2: entered allmulticast mode
[  261.250643][ T7559] bridge0: entered allmulticast mode
[  261.343042][ T7559] macvlan2: left allmulticast mode
[  261.348309][ T7559] bridge0: left allmulticast mode
[  261.413007][ T7559] bridge0: left promiscuous mode
[  261.549401][ T7571] netlink: 56 bytes leftover after parsing attributes in process `syz.2.4470'.
[  261.615894][ T7573] bridge0: port 1(team0) entered blocking state
[  261.622284][ T7573] bridge0: port 1(team0) entered disabled state
[  261.635091][ T7573] team0: entered allmulticast mode
[  261.661757][ T7573] team0: entered promiscuous mode
[  261.719098][ T7580] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4474'.
[  261.781199][ T7586] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4478'.
[  261.803409][ T7586] FAULT_INJECTION: forcing a failure.
[  261.803409][ T7586] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  261.816584][ T7586] CPU: 0 UID: 0 PID: 7586 Comm: syz.1.4478 Not tainted 6.14.0-syzkaller-12508-g92b71befc349 #0 PREEMPT(voluntary) 
[  261.816683][ T7586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  261.816696][ T7586] Call Trace:
[  261.816703][ T7586]  <TASK>
[  261.816717][ T7586]  dump_stack_lvl+0xf6/0x150
[  261.816746][ T7586]  dump_stack+0x15/0x1a
[  261.816766][ T7586]  should_fail_ex+0x261/0x270
[  261.816792][ T7586]  should_fail+0xb/0x10
[  261.816853][ T7586]  should_fail_usercopy+0x1a/0x20
[  261.816885][ T7586]  _copy_to_user+0x20/0xa0
[  261.816962][ T7586]  simple_read_from_buffer+0xb2/0x130
[  261.817015][ T7586]  proc_fail_nth_read+0x103/0x140
[  261.817051][ T7586]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  261.817150][ T7586]  vfs_read+0x1b2/0x710
[  261.817177][ T7586]  ? __rcu_read_unlock+0x4e/0x70
[  261.817204][ T7586]  ? __fget_files+0x186/0x1c0
[  261.817228][ T7586]  ksys_read+0xeb/0x1b0
[  261.817308][ T7586]  __x64_sys_read+0x42/0x50
[  261.817340][ T7586]  x64_sys_call+0x2a3b/0x2e10
[  261.817429][ T7586]  do_syscall_64+0xc9/0x1c0
[  261.817459][ T7586]  ? clear_bhb_loop+0x25/0x80
[  261.817485][ T7586]  ? clear_bhb_loop+0x25/0x80
[  261.817512][ T7586]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.817595][ T7586] RIP: 0033:0x7f954348bb7c
[  261.817613][ T7586] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  261.817636][ T7586] RSP: 002b:00007f9541af7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  261.817657][ T7586] RAX: ffffffffffffffda RBX: 00007f95436a5fa0 RCX: 00007f954348bb7c
[  261.817672][ T7586] RDX: 000000000000000f RSI: 00007f9541af70a0 RDI: 0000000000000004
[  261.817686][ T7586] RBP: 00007f9541af7090 R08: 0000000000000000 R09: 0000000000000000
[  261.817698][ T7586] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  261.817712][ T7586] R13: 0000000000000000 R14: 00007f95436a5fa0 R15: 00007ffddfa33b18
[  261.817734][ T7586]  </TASK>
[  262.054994][ T7588] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=31 sclass=netlink_route_socket pid=7588 comm=syz.3.4477
[  262.067627][ T7588] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=63 sclass=netlink_route_socket pid=7588 comm=syz.3.4477
[  262.080153][ T7588] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=129 sclass=netlink_route_socket pid=7588 comm=syz.3.4477
[  262.092889][ T7588] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=64 sclass=netlink_route_socket pid=7588 comm=syz.3.4477
[  262.105644][ T7588] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=61 sclass=netlink_route_socket pid=7588 comm=syz.3.4477
[  262.118196][ T7588] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65 sclass=netlink_route_socket pid=7588 comm=syz.3.4477
[  262.130891][ T7588] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65 sclass=netlink_route_socket pid=7588 comm=syz.3.4477
[  262.601107][ T7617] netlink: 56 bytes leftover after parsing attributes in process `syz.4.4491'.
[  262.663322][ T7625] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4489'.
[  262.751403][ T7632] 9pnet_fd: Insufficient options for proto=fd
[  262.845750][ T7641] sch_tbf: burst 3092 is lower than device lo mtu (65550) !
[  262.897562][ T7672] FAULT_INJECTION: forcing a failure.
[  262.897562][ T7672] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  262.910883][ T7672] CPU: 0 UID: 0 PID: 7672 Comm: syz.0.4503 Not tainted 6.14.0-syzkaller-12508-g92b71befc349 #0 PREEMPT(voluntary) 
[  262.910931][ T7672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  262.910943][ T7672] Call Trace:
[  262.910950][ T7672]  <TASK>
[  262.910959][ T7672]  dump_stack_lvl+0xf6/0x150
[  262.910989][ T7672]  dump_stack+0x15/0x1a
[  262.911008][ T7672]  should_fail_ex+0x261/0x270
[  262.911042][ T7672]  should_fail+0xb/0x10
[  262.911146][ T7672]  should_fail_usercopy+0x1a/0x20
[  262.911202][ T7672]  _copy_from_iter+0xd8/0xd10
[  262.911262][ T7672]  ? down_read+0x173/0x4c0
[  262.911287][ T7672]  ? __ptrace_may_access+0x2cb/0x350
[  262.911316][ T7672]  copy_page_from_iter+0x14f/0x280
[  262.911374][ T7672]  process_vm_rw+0x5a2/0x8a0
[  262.911423][ T7672]  ? ksys_write+0x180/0x1b0
[  262.911494][ T7672]  __x64_sys_process_vm_writev+0x7a/0x90
[  262.911524][ T7672]  x64_sys_call+0xaf3/0x2e10
[  262.911551][ T7672]  do_syscall_64+0xc9/0x1c0
[  262.911581][ T7672]  ? clear_bhb_loop+0x25/0x80
[  262.911658][ T7672]  ? clear_bhb_loop+0x25/0x80
[  262.911685][ T7672]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.911710][ T7672] RIP: 0033:0x7f9c8a81d169
[  262.911727][ T7672] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  262.911749][ T7672] RSP: 002b:00007f9c88e87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000137
[  262.911836][ T7672] RAX: ffffffffffffffda RBX: 00007f9c8aa35fa0 RCX: 00007f9c8a81d169
[  262.911851][ T7672] RDX: 0000000000000001 RSI: 0000200000000e80 RDI: 0000000000001a81
[  262.911863][ T7672] RBP: 00007f9c88e87090 R08: 0000000000000002 R09: 0000000000000000
[  262.911874][ T7672] R10: 0000200000002280 R11: 0000000000000246 R12: 0000000000000001
[  262.911885][ T7672] R13: 0000000000000000 R14: 00007f9c8aa35fa0 R15: 00007ffc186a9eb8
[  262.911904][ T7672]  </TASK>
[  263.483328][ T7716] FAULT_INJECTION: forcing a failure.
[  263.483328][ T7716] name failslab, interval 1, probability 0, space 0, times 0
[  263.496083][ T7717] usb usb1: usbfs: process 7717 (syz.1.4515) did not claim interface 0 before use
[  263.496095][ T7716] CPU: 0 UID: 0 PID: 7716 Comm: syz.2.4516 Not tainted 6.14.0-syzkaller-12508-g92b71befc349 #0 PREEMPT(voluntary) 
[  263.496194][ T7716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  263.496211][ T7716] Call Trace:
[  263.496219][ T7716]  <TASK>
[  263.496229][ T7716]  dump_stack_lvl+0xf6/0x150
[  263.496261][ T7716]  dump_stack+0x15/0x1a
[  263.496283][ T7716]  should_fail_ex+0x261/0x270
[  263.496348][ T7716]  should_failslab+0x8f/0xb0
[  263.496388][ T7716]  __kmalloc_cache_noprof+0x55/0x320
[  263.496417][ T7716]  ? subflow_ulp_init+0x9a/0x2d0
[  263.496505][ T7716]  subflow_ulp_init+0x9a/0x2d0
[  263.496547][ T7716]  tcp_set_ulp+0x1d9/0x230
[  263.496636][ T7716]  mptcp_subflow_create_socket+0x2e4/0x640
[  263.496675][ T7716]  ? avc_has_perm+0xd6/0x150
[  263.496712][ T7716]  __mptcp_nmpc_sk+0xb9/0x3d0
[  263.496794][ T7716]  mptcp_getsockopt+0xacc/0x1400
[  263.496854][ T7716]  ? mntput_no_expire+0x73/0x3e0
[  263.496892][ T7716]  ? mntput+0x49/0x70
[  263.496922][ T7716]  ? terminate_walk+0x271/0x290
[  263.496949][ T7716]  ? path_openat+0x1ab2/0x2000
[  263.496981][ T7716]  ? _parse_integer_limit+0x167/0x180
[  263.497073][ T7716]  ? _parse_integer+0x27/0x30
[  263.497148][ T7716]  ? kstrtoull+0x115/0x140
[  263.497174][ T7716]  ? __rcu_read_unlock+0x4e/0x70
[  263.497247][ T7716]  ? avc_has_perm_noaudit+0x1cc/0x210
[  263.497290][ T7716]  ? avc_has_perm+0xd6/0x150
[  263.497370][ T7716]  ? selinux_socket_getsockopt+0x18a/0x1c0
[  263.497465][ T7716]  sock_common_getsockopt+0x5b/0x70
[  263.497509][ T7716]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  263.497553][ T7716]  do_sock_getsockopt+0x1fc/0x290
[  263.497628][ T7716]  __x64_sys_getsockopt+0x191/0x210
[  263.497666][ T7716]  x64_sys_call+0x128f/0x2e10
[  263.497694][ T7716]  do_syscall_64+0xc9/0x1c0
[  263.497728][ T7716]  ? clear_bhb_loop+0x25/0x80
[  263.497817][ T7716]  ? clear_bhb_loop+0x25/0x80
[  263.497845][ T7716]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  263.497873][ T7716] RIP: 0033:0x7f17f4dbd169
[  263.497891][ T7716] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  263.497914][ T7716] RSP: 002b:00007f17f3427038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  263.497940][ T7716] RAX: ffffffffffffffda RBX: 00007f17f4fd5fa0 RCX: 00007f17f4dbd169
[  263.497956][ T7716] RDX: 000000000000000d RSI: 0000000000000006 RDI: 0000000000000003
[  263.497971][ T7716] RBP: 00007f17f3427090 R08: 00002000000013c0 R09: 0000000000000000
[  263.497987][ T7716] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  263.498002][ T7716] R13: 0000000000000000 R14: 00007f17f4fd5fa0 R15: 00007ffd6bc3dda8
[  263.498027][ T7716]  </TASK>
[  263.908026][ T7730] FAULT_INJECTION: forcing a failure.
[  263.908026][ T7730] name failslab, interval 1, probability 0, space 0, times 0
[  263.920732][ T7730] CPU: 0 UID: 0 PID: 7730 Comm: syz.3.4522 Not tainted 6.14.0-syzkaller-12508-g92b71befc349 #0 PREEMPT(voluntary) 
[  263.920819][ T7730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  263.920831][ T7730] Call Trace:
[  263.920838][ T7730]  <TASK>
[  263.920846][ T7730]  dump_stack_lvl+0xf6/0x150
[  263.920875][ T7730]  dump_stack+0x15/0x1a
[  263.920896][ T7730]  should_fail_ex+0x261/0x270
[  263.920928][ T7730]  should_failslab+0x8f/0xb0
[  263.920982][ T7730]  __kmalloc_noprof+0xad/0x410
[  263.921049][ T7730]  ? copy_splice_read+0xb8/0x5d0
[  263.921082][ T7730]  copy_splice_read+0xb8/0x5d0
[  263.921110][ T7730]  ? __kmalloc_noprof+0x370/0x410
[  263.921135][ T7730]  ? alloc_pipe_info+0x1cb/0x360
[  263.921186][ T7730]  ? __pfx_copy_splice_read+0x10/0x10
[  263.921265][ T7730]  splice_direct_to_actor+0x26c/0x680
[  263.921298][ T7730]  ? __pfx_direct_splice_actor+0x10/0x10
[  263.921355][ T7730]  do_splice_direct+0xd9/0x150
[  263.921382][ T7730]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  263.921419][ T7730]  do_sendfile+0x40a/0x690
[  263.921484][ T7730]  __x64_sys_sendfile64+0x113/0x160
[  263.921508][ T7730]  x64_sys_call+0xfc3/0x2e10
[  263.921551][ T7730]  do_syscall_64+0xc9/0x1c0
[  263.921582][ T7730]  ? clear_bhb_loop+0x25/0x80
[  263.921606][ T7730]  ? clear_bhb_loop+0x25/0x80
[  263.921627][ T7730]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  263.921732][ T7730] RIP: 0033:0x7f9edaeed169
[  263.921748][ T7730] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  263.921812][ T7730] RSP: 002b:00007f9ed9557038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  263.921834][ T7730] RAX: ffffffffffffffda RBX: 00007f9edb105fa0 RCX: 00007f9edaeed169
[  263.921848][ T7730] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  263.921859][ T7730] RBP: 00007f9ed9557090 R08: 0000000000000000 R09: 0000000000000000
[  263.921871][ T7730] R10: 0000020000023896 R11: 0000000000000246 R12: 0000000000000001
[  263.921882][ T7730] R13: 0000000000000000 R14: 00007f9edb105fa0 R15: 00007ffc636b8228
[  263.921904][ T7730]  </TASK>
[  264.476891][ T7752] netlink: 'syz.4.4528': attribute type 16 has an invalid length.
[  264.484948][ T7752] __nla_validate_parse: 2 callbacks suppressed
[  264.484969][ T7752] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4528'.
[  264.858949][ T7779] netlink: 'syz.1.4541': attribute type 16 has an invalid length.
[  264.866935][ T7779] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4541'.
[  265.096159][ T7793] FAULT_INJECTION: forcing a failure.
[  265.096159][ T7793] name failslab, interval 1, probability 0, space 0, times 0
[  265.108905][ T7793] CPU: 0 UID: 0 PID: 7793 Comm: syz.0.4545 Not tainted 6.14.0-syzkaller-12508-g92b71befc349 #0 PREEMPT(voluntary) 
[  265.109006][ T7793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  265.109018][ T7793] Call Trace:
[  265.109025][ T7793]  <TASK>
[  265.109032][ T7793]  dump_stack_lvl+0xf6/0x150
[  265.109056][ T7793]  dump_stack+0x15/0x1a
[  265.109084][ T7793]  should_fail_ex+0x261/0x270
[  265.109175][ T7793]  should_failslab+0x8f/0xb0
[  265.109283][ T7793]  __kmalloc_noprof+0xad/0x410
[  265.109411][ T7793]  ? alloc_pipe_info+0x1cb/0x360
[  265.109446][ T7793]  alloc_pipe_info+0x1cb/0x360
[  265.109494][ T7793]  splice_direct_to_actor+0x621/0x680
[  265.109603][ T7793]  ? __pfx_direct_splice_actor+0x10/0x10
[  265.109632][ T7793]  ? __rcu_read_unlock+0x4e/0x70
[  265.109662][ T7793]  ? avc_policy_seqno+0x15/0x20
[  265.109694][ T7793]  ? selinux_file_permission+0x22d/0x360
[  265.109841][ T7793]  do_splice_direct+0xd9/0x150
[  265.109879][ T7793]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  265.109915][ T7793]  do_sendfile+0x40a/0x690
[  265.109941][ T7793]  __x64_sys_sendfile64+0x113/0x160
[  265.109992][ T7793]  x64_sys_call+0xfc3/0x2e10
[  265.110024][ T7793]  do_syscall_64+0xc9/0x1c0
[  265.110050][ T7793]  ? clear_bhb_loop+0x25/0x80
[  265.110071][ T7793]  ? clear_bhb_loop+0x25/0x80
[  265.110093][ T7793]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  265.110121][ T7793] RIP: 0033:0x7f9c8a81d169
[  265.110157][ T7793] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  265.110178][ T7793] RSP: 002b:00007f9c88e87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  265.110233][ T7793] RAX: ffffffffffffffda RBX: 00007f9c8aa35fa0 RCX: 00007f9c8a81d169
[  265.110248][ T7793] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  265.110262][ T7793] RBP: 00007f9c88e87090 R08: 0000000000000000 R09: 0000000000000000
[  265.110288][ T7793] R10: 0000020000023896 R11: 0000000000000246 R12: 0000000000000001
[  265.110301][ T7793] R13: 0000000000000000 R14: 00007f9c8aa35fa0 R15: 00007ffc186a9eb8
[  265.110324][ T7793]  </TASK>
[  265.363086][   T29] kauditd_printk_skb: 779 callbacks suppressed
[  265.363104][   T29] audit: type=1326 audit(1743645222.639:39532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7796 comm="syz.1.4547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f954348d169 code=0x7ffc0000
[  265.403168][   T29] audit: type=1326 audit(1743645222.639:39533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7796 comm="syz.1.4547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f954348d169 code=0x7ffc0000
[  265.426919][   T29] audit: type=1326 audit(1743645222.669:39534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7796 comm="syz.1.4547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f954348d169 code=0x7ffc0000
[  265.450517][   T29] audit: type=1326 audit(1743645222.669:39535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7796 comm="syz.1.4547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f954348d169 code=0x7ffc0000
[  265.474094][   T29] audit: type=1326 audit(1743645222.669:39536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7796 comm="syz.1.4547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f954348d169 code=0x7ffc0000
[  265.497659][   T29] audit: type=1326 audit(1743645222.669:39537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7796 comm="syz.1.4547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f954348b9d7 code=0x7ffc0000
[  265.521362][   T29] audit: type=1326 audit(1743645222.669:39538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7796 comm="syz.1.4547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f954348d169 code=0x7ffc0000
[  265.545249][   T29] audit: type=1326 audit(1743645222.669:39539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7796 comm="syz.1.4547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f954348d169 code=0x7ffc0000
[  265.568858][   T29] audit: type=1326 audit(1743645222.669:39540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7796 comm="syz.1.4547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f954348d169 code=0x7ffc0000
[  265.592411][   T29] audit: type=1326 audit(1743645222.669:39541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7796 comm="syz.1.4547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f954348d169 code=0x7ffc0000
[  265.924314][ T7817] netlink: 'syz.0.4553': attribute type 16 has an invalid length.
[  265.932338][ T7817] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4553'.
[  265.959118][ T7819] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4554'.
[  266.133335][ T7831] 9pnet: Could not find request transport: f
[  266.366577][ T7847] netlink: 56 bytes leftover after parsing attributes in process `syz.1.4565'.
[  266.515256][ T7850] netlink: 56 bytes leftover after parsing attributes in process `syz.1.4566'.
[  266.827010][ T7871] team0: Unable to change to the same mode the team is in
[  266.862766][ T7874] ==================================================================
[  266.870903][ T7874] BUG: KCSAN: data-race in call_rcu / mtree_range_walk
[  266.877774][ T7874] 
[  266.880098][ T7874] write to 0xffff888104cfd108 of 8 bytes by task 7872 on cpu 1:
[  266.887742][ T7874]  call_rcu+0x49/0x430
[  266.891836][ T7874]  mas_wmb_replace+0xcea/0x1510
[  266.896876][ T7874]  mas_wr_store_entry+0x158c/0x2460
[  266.902090][ T7874]  mas_store_prealloc+0x6d5/0x960
[  266.907150][ T7874]  vma_iter_store_new+0x1d3/0x210
[  266.912211][ T7874]  vma_complete+0x12b/0x570
[  266.916741][ T7874]  __split_vma+0x56c/0x630
[  266.921164][ T7874]  vma_modify+0x105/0x200
[  266.925519][ T7874]  vma_modify_flags+0x10a/0x140
[  266.930379][ T7874]  mprotect_fixup+0x30f/0x5d0
[  266.935071][ T7874]  do_mprotect_pkey+0x6ce/0x9a0
[  266.939931][ T7874]  __x64_sys_mprotect+0x48/0x60
[  266.944797][ T7874]  x64_sys_call+0x272f/0x2e10
[  266.949484][ T7874]  do_syscall_64+0xc9/0x1c0
[  266.954002][ T7874]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.959901][ T7874] 
[  266.962227][ T7874] read to 0xffff888104cfd108 of 8 bytes by task 7874 on cpu 0:
[  266.969781][ T7874]  mtree_range_walk+0x143/0x460
[  266.974645][ T7874]  mas_walk+0x16e/0x320
[  266.978809][ T7874]  lock_vma_under_rcu+0xa7/0x340
[  266.983776][ T7874]  exc_page_fault+0x150/0x6a0
[  266.988455][ T7874]  asm_exc_page_fault+0x26/0x30
[  266.993310][ T7874] 
[  266.995644][ T7874] value changed: 0x000055556398afff -> 0xffff888104cfd708
[  267.002758][ T7874] 
[  267.005084][ T7874] Reported by Kernel Concurrency Sanitizer on:
[  267.011239][ T7874] CPU: 0 UID: 0 PID: 7874 Comm: syz.1.4575 Not tainted 6.14.0-syzkaller-12508-g92b71befc349 #0 PREEMPT(voluntary) 
[  267.023312][ T7874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  267.033369][ T7874] ==================================================================